Merge branch 'main' into copilot/add-meshtastic-support

Author: thewriterben

.dockerignore

@@ -0,0 +1,67 @@
+# Git
+.git
+.gitignore
+.github
+
+# Python
+__pycache__
+*.py[cod]
+*$py.class
+*.so
+.Python
+env/
+venv/
+ENV/
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# Testing
+.pytest_cache
+.coverage
+.coverage.*
+htmlcov/
+.tox/
+.hypothesis/
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# IDEs
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+.DS_Store
+
+# Documentation
+docs/_build/
+*.md
+!README.md
+
+# CI/CD
+.github/
+.pre-commit-config.yaml
+
+# Other
+*.log
+*.zip
+Planning*.zip
+examples/
+tests/
+*.tar
+*.tar.gz

.github/workflows/docker.yml

@@ -0,0 +1,166 @@
+name: Docker Build and Push
+
+on:
+  push:
+    branches: [ main, develop ]
+    tags:
+      - 'v*'
+  pull_request:
+    branches: [ main ]
+  workflow_dispatch:
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build-and-push:
+    name: Build and Push Docker Images
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    
+    strategy:
+      matrix:
+        target: [production, development]
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+    
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+    
+    - name: Log in to Container Registry
+      if: github.event_name != 'pull_request'
+      uses: docker/login-action@v3
+      with:
+        registry: ${{ env.REGISTRY }}
+        username: ${{ github.actor }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+    
+    - name: Extract metadata (tags, labels)
+      id: meta
+      uses: docker/metadata-action@v5
+      with:
+        images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+        tags: |
+          type=ref,event=branch
+          type=ref,event=pr
+          type=semver,pattern={{version}}
+          type=semver,pattern={{major}}.{{minor}}
+          type=semver,pattern={{major}}
+          type=sha
+        flavor: |
+          suffix=-${{ matrix.target }},onlatest=true
+    
+    - name: Build and push Docker image
+      uses: docker/build-push-action@v5
+      with:
+        context: .
+        file: ./deployment/docker/Dockerfile
+        target: ${{ matrix.target }}
+        push: ${{ github.event_name != 'pull_request' }}
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
+        cache-from: type=gha
+        cache-to: type=gha,mode=max
+        platforms: linux/amd64,linux/arm64
+    
+    - name: Test Docker image
+      if: matrix.target == 'production'
+      run: |
+        docker run --rm ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-production accelerapp --version || true
+        docker run --rm ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-production accelerapp info
+
+  build-compose:
+    name: Test Docker Compose
+    runs-on: ubuntu-latest
+    needs: build-and-push
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+    
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+    
+    - name: Build Docker Compose services
+      run: |
+        cd deployment/docker
+        docker-compose build --no-cache
+    
+    - name: Test Docker Compose services
+      run: |
+        cd deployment/docker
+        docker-compose up -d accelerapp
+        sleep 10
+        docker-compose ps
+        docker-compose logs accelerapp
+        docker-compose down
+    
+    - name: Clean up
+      if: always()
+      run: |
+        cd deployment/docker
+        docker-compose down -v
+
+  scan-security:
+    name: Security Scan Docker Images
+    runs-on: ubuntu-latest
+    needs: build-and-push
+    if: github.event_name != 'pull_request'
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+    
+    - name: Run Trivy vulnerability scanner
+      uses: aquasecurity/trivy-action@master
+      with:
+        image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-production
+        format: 'sarif'
+        output: 'trivy-results.sarif'
+    
+    - name: Upload Trivy results to GitHub Security tab
+      uses: github/codeql-action/upload-sarif@v3
+      if: always()
+      with:
+        sarif_file: 'trivy-results.sarif'
+    
+    - name: Run Trivy vulnerability scanner (table format)
+      uses: aquasecurity/trivy-action@master
+      with:
+        image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-production
+        format: 'table'
+        exit-code: '0'
+        ignore-unfixed: true
+        severity: 'CRITICAL,HIGH'
+
+  publish-manifest:
+    name: Create Multi-arch Manifest
+    runs-on: ubuntu-latest
+    needs: build-and-push
+    if: startsWith(github.ref, 'refs/tags/v')
+    
+    steps:
+    - name: Log in to Container Registry
+      uses: docker/login-action@v3
+      with:
+        registry: ${{ env.REGISTRY }}
+        username: ${{ github.actor }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+    
+    - name: Create and push manifest
+      run: |
+        VERSION=${GITHUB_REF#refs/tags/v}
+        docker manifest create \
+          ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${VERSION} \
+          ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${VERSION}-production
+        docker manifest push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${VERSION}
+        
+        docker manifest create \
+          ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest \
+          ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:main-production
+        docker manifest push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest

CHANGELOG.md

@@ -7,6 +7,110 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Added - Phase 6: Optimization – Performance, Cost, and Documentation
+
+#### Performance Optimization (2 new modules)
+- **Performance Profiler**: Comprehensive performance profiling and optimization system
+  - `PerformanceProfiler`: Profile functions with CPU, memory, and I/O tracking
+  - Hotspot identification and bottleneck detection
+  - Baseline comparison and regression detection (>10% slowdown)
+  - Optimization strategy recommendations with impact estimates
+  - Support for multiple profiling types: CPU, MEMORY, IO, FULL
+  - Performance summaries and statistics
+- **Performance Features**:
+  - Function-level execution time measurement (< 50ms overhead)
+  - Memory usage tracking with tracemalloc integration
+  - Automatic hotspot detection (execution >100ms or memory >50MB)
+  - Baseline management and historical comparison
+  - Actionable optimization recommendations (caching, async, batching)
+  - Regression detection with configurable thresholds
+
+#### Cost Optimization (2 new modules)
+- **Cost Monitor**: Complete cost monitoring and optimization framework
+  - `CostMonitor`: Track infrastructure costs across cloud providers
+  - Multi-cloud support: AWS, Azure, GCP, On-Premise
+  - Resource type tracking: Compute, Storage, Database, Network, Container, Serverless
+  - Cost breakdown by provider and resource type
+  - 30-day cost forecasting with confidence intervals
+  - Automated optimization opportunity detection
+- **Cost Features**:
+  - Real-time resource cost tracking
+  - Underutilized resource detection (<30% utilization)
+  - Idle resource identification (>24 hours inactive)
+  - Oversized resource detection (low CPU/memory usage)
+  - Cost report generation with savings opportunities
+  - Automated cost optimization application
+  - Cost estimation with customizable pricing
+
+#### Comprehensive Documentation (4 new guides)
+- **Operations Manual** (`docs/OPERATIONS.md`, 550 lines):
+  - System overview and architecture components
+  - Deployment and configuration (Docker, Kubernetes, cloud)
+  - Monitoring and health checks (Prometheus, Grafana)
+  - Performance management and scaling guidelines
+  - Cost management procedures
+  - Security operations and incident response
+  - Backup and recovery (RTO: 4 hours, RPO: 4 hours)
+  - Maintenance procedures (daily, weekly, monthly)
+  - Troubleshooting guides and quick reference
+  
+- **Performance Tuning Guide** (`docs/PERFORMANCE_TUNING.md`, 500 lines):
+  - Performance baseline establishment (targets and metrics)
+  - Profiling techniques (CPU, memory, I/O)
+  - Application-level optimization (caching, async, lazy loading)
+  - Database optimization (indexing, query tuning, connection pooling)
+  - Multi-level caching strategies (memory, Redis, database)
+  - Network optimization (HTTP/2, CDN, compression)
+  - Resource management (memory, CPU, garbage collection)
+  - Benchmarking best practices and load testing
+  
+- **Cost Optimization Guide** (`docs/COST_OPTIMIZATION.md`, 680 lines):
+  - Cost monitoring and real-time tracking
+  - Cloud provider optimization (AWS, Azure, GCP)
+  - Reserved instances (35-60% savings)
+  - Spot instances (60-90% savings)
+  - Resource right-sizing strategies
+  - Cost-effective auto-scaling configuration
+  - Storage lifecycle policies and archival
+  - Network cost reduction (CDN, compression, regional)
+  - Dev/test environment optimization (70% savings)
+  
+- **Operational Procedures** (`docs/OPERATIONAL_PROCEDURES.md`, 550 lines):
+  - Daily operations checklist and health checks
+  - Incident response procedures (P1-P4 severity levels)
+  - Deployment procedures and rollback
+  - Monitoring and alerting response
+  - Backup and recovery procedures
+  - Security operations (daily, weekly, monthly)
+  - Performance management workflows
+  - Cost management reviews
+  - Team communication protocols
+  - Runbooks for common issues
+
+#### Testing
+- 24 comprehensive tests for Phase 6 (100% passing)
+- Cost monitoring tests: 11 tests
+  - Resource tracking and cost calculation
+  - Optimization opportunity detection (underutilized, idle, oversized)
+  - Cost report generation and forecasting
+  - Cost breakdown and optimization application
+- Performance profiler tests: 11 tests
+  - Function profiling with CPU and memory tracking
+  - Hotspot identification and recommendations
+  - Baseline comparison and regression detection
+  - Performance summaries and optimization strategies
+- Integration tests: 2 tests
+  - Cost and performance integration
+  - Complete optimization workflow
+
+#### Documentation Statistics
+- Total documentation: 2,280+ lines
+- Code examples: 75+ working examples
+- Procedures documented: 25+ operational procedures
+- Runbooks: 5+ troubleshooting runbooks
+- Performance targets defined: 8 key metrics
+- Cost optimization strategies: 15+ documented strategies
+
 ### Added - Zero-Trust Hardware Security Architecture
 
 #### Security Features (5 new modules)