Stellar scafold fargate backend

[CoveMB]

Summary

• Introduces a Rust-based Stellar backend service, adds Dockerized dev/prod setups, and reorganizes the AI API into a dedicated packages/ui/api/ai module.
• Updates CI with Docker build/deploy workflows and a reusable OIDC action.

Key Changes

• Backend: Stellar service (Rust)
  • New crate: packages/ui/api/stellar with routes, controllers, utils, and tests.
  • Endpoints include GET /health and upgrade/scaffold routes (see src/routes /* and src/controllers/*).
  • Docker: Dockerfile.dev, Dockerfile.prod, .dockerignore, README.md, rustfmt.toml, and Cargo.toml/lock.
  • Tests for routes and utilities under packages/ui/api/stellar/tests/*.
• AI API Reorg
  • Moves AI API from packages/ui/api/* to packages/ui/api/ai/*:
    • Function definitions now under packages/ui/api/ai/ai-assistant/*.
    • Types, utils, and services moved 1:1 (paths updated).
    • Deno dev server relocated to packages/ui/api/ai/development-server.ts.
    • Adds packages/ui/api/ai/.env.example and Dockerfile.dev.
  • Adds packages/ui/api/docker-compose.yaml to orchestrate local API componen
    ts.
• CI/CD
  • New GitHub Workflows: .github/workflows/docker-stg.yaml, .github/workflows/docker-prod.yaml.
  • Reusable OIDC action for AWS/GCP auth: .github/actions/oidc/action.yaml.
• Stellar core utilities
  • Minor packages/core/stellar/src/zip-rust.ts update.
  • Adds packages/core/stellar/zip-env-rust.js to package Rust env/scaffold artifacts.
• Cairo/Cairo Alpha updates
  • Bumps/aligns versions and test snapshots for Cairo Alpha (v3.0.0-alpha.1).
  • Small fixes in update-scarb-project.ts, erc20.ts, and assorted test updates.
  • Changelog touch-ups in packages/core/cairo_alpha/CHANGELOG.md.
• UI/Tweaks
  • Minor Svelte app edits across Cairo, Stellar, Stylus pages and shared components.
  • packages/ui/.env.example updated with keys used by the new layout.
  • Minor config updates (.gitignore, .prettierignore, package.json, netlify.toml, .vscode/*, rollup.config.mjs).
• Changesets and locks
  • Refreshes yarn.lock.

Breaking/Structural Changes

• AI API paths moved under packages/ui/api/ai. Any imports or tooling referencing the old packages/ui/api/* paths must be updated to the new location.
• Docker workflows expect OIDC configuration if used for deployment.

How to Run (Local)

• Stellar service (Rust):
  • From packages/ui/api/stellar: cargo run (dev) or build with Docker: doc ker build -f Dockerfile.dev .
  • Health check: GET /health
• AI dev server (Deno):
  • From packages/ui/api/ai: deno task dev (see deno.json and development -server.ts)
• Compose:
  • From packages/ui/api: docker compose up --build
• Configure environment:
  • Copy .env.example to .env in packages/ui, packages/ui/api/ai, and packages/ui/api/stellar as needed.

Security/Infra

• Uses GitHub OIDC for secure, short-lived cloud credentials in CI.
• Dockerfiles refined for dev/prod;
• Rust service adheres to explicit routes and typed errors/utilities.

Testing/Verification

• Stellar service includes route and utils tests under packages/ui/api/stellar/ tests/*.
• Sanity checks:
  • GET /health returns healthy.
  • AI dev server loads and responds with expected mock behavior (when env vars
    set).

Scope/Risk

• Large move set for AI API;
• New infra (Docker, OIDC) adds deployment flexibility but requires env/secret configuration.

[sourcery-ai]

Reviewer's Guide

This PR scaffolds a new Rust-based Stellar backend API deployed via Fargate, integrates it with the existing Svelte UI for scaffold download, reorganizes the AI Deno server and import paths, and updates build/deploy configurations including Docker Compose and GitHub Actions workflows.

Sequence diagram for Svelte UI downloading Stellar scaffold via Fargate backend

sequenceDiagram
    participant User as actor User
    participant SvelteUI as Svelte UI
    participant StellarAPI as Stellar Rust API (Fargate)
    User->>SvelteUI: Click "Download Scaffold"
    SvelteUI->>StellarAPI: POST /stellar/upgrade-scaffold (zip blob)
    StellarAPI->>StellarAPI: Unzip, upgrade, re-zip contract
    StellarAPI-->>SvelteUI: Return scaffold-project.zip
    SvelteUI->>User: Save scaffold-project.zip

Loading

Class diagram for new and updated Rust backend modules

classDiagram
    class ServerConfig {
      +host: String
      +port: u16
      +rate_limit_requests_per_second: u64
      +wizard_origin: String
      +from_environment_variables(): ServerConfig
    }
    class upgrade_scaffold {
      +upgrade_to_scaffold(rust_contract_zip: web::Bytes): Result<Vec<u8>, HttpError>
    }
    class scaffold_upgrade {
      +run_scaffold_upgrade_command(project_dir_path: &Path): Result<(), Error>
    }
    class zip_folder {
      +unzip_in_temporary_folder(zip_data: Vec<u8>, expected_files: &[&str]): Result<TempDir, ZipError>
      +zip_directory(zip_path: &Path): ZipResult<Vec<u8>>
    }
    class errors {
      +to_http_hidden_error<E: Debug>(error: E): HttpError
      +to_io_error<E: Debug>(error: E): IOError
      +to_zip_io_error<E: Debug>(error: E): ZipError
    }
    ServerConfig <|-- upgrade_scaffold
    upgrade_scaffold <|-- scaffold_upgrade
    scaffold_upgrade <|-- zip_folder
    zip_folder <|-- errors

Loading

File-Level Changes

Change	Details	Files
Introduce Rust Actix-web Stellar API backend	Add main server entrypoint with Actix-web, CORS, rate limiting, and routes configuration Implement controllers, routes (health, upgrade_scaffold), environment logic, and utility modules (glob, path, dir, errors) Include Dockerfiles for dev/prod, docker-compose.yaml for local containers, and Cargo.toml/Cargo.lock Add unit tests for health endpoint, glob matching, and environment utilities	packages/ui/api/stellar/src/main.rs packages/ui/api/stellar/src/config/server.rs packages/ui/api/stellar/src/controllers/upgrade_scaffold.rs packages/ui/api/stellar/src/routes/upgrade_scaffold.rs packages/ui/api/stellar/src/routes/health.rs packages/ui/api/stellar/src/utils/* packages/ui/api/stellar/src/environment/* packages/ui/api/stellar/Dockerfile.dev packages/ui/api/stellar/Dockerfile.prod packages/ui/api/docker-compose.yaml packages/ui/api/stellar/Cargo.toml packages/ui/api/stellar/Cargo.lock packages/ui/api/stellar/tests/**/*
Integrate Fargate scaffold endpoint in Svelte UI	Expose process.env.FARGATE_HOST and inject into rollup build Replace direct zip download with POST to /stellar/upgrade-scaffold and handle blob response Add isDownloadingScaffold and downloadScaffoldError states, plus conditional button text Import zipRustProjectBlob from core and remove legacy zipScaffoldProject usage	packages/ui/src/stellar/App.svelte packages/core/stellar/src/zip-rust.ts packages/core/stellar/zip-env-rust.js packages/ui/rollup.config.mjs
Extend core Stellar zip utility with blob support	Export zipRustProjectBlob that generates a compressed Blob asynchronously Ensure compression and format align with front-end expectations	packages/core/stellar/src/zip-rust.ts
Reorganize AI Deno API structure and update import paths	Move development-server.ts and import utils under packages/ui/api/ai, adjust import paths Relocate AI endpoints into api/ai/paths and update dynamic imports in dev server Refactor all ai-assistant imports to use ../ai/ai-assistant and adjust deno.json importMap Update netlify.toml edge_functions path to new api/ai/paths	packages/ui/api/ai/development-server.ts packages/ui/api/ai/paths/ai.ts packages/ui/api/ai/**/*/function-definitions/**/*.ts packages/ui/api/ai/deno.json netlify.toml
Adjust dev scripts and package.json for API composition	Change type:check:api to point at ./api/ai/deno.json and update dev:api to docker-compose up Add dev:api:build script and update root workspace concurrency for UI/API Update root and packages/ui package.json scripts to streamline build, dev, and type check	packages/ui/package.json package.json
Add GitHub Actions workflows for Docker build & deployment	Create production workflow (docker-prod.yaml) to build, scan, and push ECR images and trigger ECS deployment Create staging workflow (docker-stg.yaml) to build, scan, and push staging images and force ECS redeploy Configure OIDC role chaining, QEMU setup, and Anchore scan SARIF upload	.github/workflows/docker-prod.yaml .github/workflows/docker-stg.yaml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[collins-w]

@CoveMB the release workflows looks ok. I've left some comments. I will also need to provision the required resources to AWS e.g ECS cluster, ALB etc. I will do that work in a different IaC repository.

[collins-w]

Since we don't have Dockerfile at the root, we need to specify a file setting which points to the dockerfile. e.g
file: .//Dockerfile.production

[collins-w]

Please add this action. (the prepare action)

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	node-releases@​2.0.19
	indent-string@​5.0.0
	@​changesets/​should-skip-package@​0.1.2
	@​changesets/​changelog-git@​0.2.1
	@​pkgr/​core@​0.2.9
	@​changesets/​get-version-range-type@​0.4.0
	@​changesets/​changelog-github@​0.5.1
	tr46@​0.0.3
	@​changesets/​errors@​0.2.0
	@​typescript-eslint/​visitor-keys@​8.39.1
	strip-bom@​3.0.0
	better-path-resolve@​1.0.0
	@​typescript-eslint/​parser@​8.39.1
	min-indent@​1.0.1
	is-builtin-module@​5.0.0
	@​typescript-eslint/​project-service@​8.39.1
	typescript-eslint@​8.39.1
	prettier-linter-helpers@​1.0.0
	read-yaml-file@​1.1.0
	is-subdir@​1.2.0
	@​changesets/​read@​0.6.5
	@​changesets/​git@​3.0.4
	@​changesets/​get-dependents-graph@​2.1.3
	json-buffer@​3.0.1
	caniuse-lite@​1.0.30001735
	@​typescript-eslint/​type-utils@​8.39.1
	@​changesets/​types@​6.1.0
	@​changesets/​get-release-plan@​4.0.13
	@​typescript-eslint/​types@​8.39.1
	@​types/​semver@​7.7.1
	builtin-modules@​5.0.0
	@​types/​json-schema@​7.0.15
	@​types/​estree@​1.0.8
See 114 more rows in the dashboard

View full report

[socket-security]

Caution

Review the following alerts detected in dependencies.

According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Block		[email protected] is a AI-detected potential code anomaly. Notes: No definitive malware detected in this fragment. The main security concern is supply-chain risk from dynamically loading plugins from potentially untrusted sources. To mitigate, enforce strict plugin provenance, disable remote plugin loading, verify plugin integrity, and apply least-privilege execution for plugins. Confidence: 1.00 Severity: 0.60 From: package.json → npm/[email protected] ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report