Stellar scafold fargate backend

[CoveMB]

Summary

• Introduces a Rust-based Stellar backend service, adds Dockerized dev/prod setups, and reorganizes the AI API into a dedicated packages/ui/api/ai module.
• Updates CI with Docker build/deploy workflows and a reusable OIDC action.

Key Changes

• Backend: Stellar service (Rust)
  • New crate: packages/ui/api/stellar with routes, controllers, utils, and tests.
  • Endpoints include GET /health and upgrade/scaffold routes (see src/routes /* and src/controllers/*).
  • Docker: Dockerfile.dev, Dockerfile.prod, .dockerignore, README.md, rustfmt.toml, and Cargo.toml/lock.
  • Tests for routes and utilities under packages/ui/api/stellar/tests/*.
• AI API Reorg
  • Moves AI API from packages/ui/api/* to packages/ui/api/ai/*:
    • Function definitions now under packages/ui/api/ai/ai-assistant/*.
    • Types, utils, and services moved 1:1 (paths updated).
    • Deno dev server relocated to packages/ui/api/ai/development-server.ts.
    • Adds packages/ui/api/ai/.env.example and Dockerfile.dev.
  • Adds packages/ui/api/docker-compose.yaml to orchestrate local API componen
    ts.
• CI/CD
  • New GitHub Workflows: .github/workflows/docker-stg.yaml, .github/workflows/docker-prod.yaml.
  • Reusable OIDC action for AWS/GCP auth: .github/actions/oidc/action.yaml.
• Stellar core utilities
  • Minor packages/core/stellar/src/zip-rust.ts update.
  • Adds packages/core/stellar/zip-env-rust.js to package Rust env/scaffold artifacts.
• Cairo/Cairo Alpha updates
  • Bumps/aligns versions and test snapshots for Cairo Alpha (v3.0.0-alpha.1).
  • Small fixes in update-scarb-project.ts, erc20.ts, and assorted test updates.
  • Changelog touch-ups in packages/core/cairo_alpha/CHANGELOG.md.
• UI/Tweaks
  • Minor Svelte app edits across Cairo, Stellar, Stylus pages and shared components.
  • packages/ui/.env.example updated with keys used by the new layout.
  • Minor config updates (.gitignore, .prettierignore, package.json, netlify.toml, .vscode/*, rollup.config.mjs).
• Changesets and locks
  • Refreshes yarn.lock.

Breaking/Structural Changes

• AI API paths moved under packages/ui/api/ai. Any imports or tooling referencing the old packages/ui/api/* paths must be updated to the new location.
• Docker workflows expect OIDC configuration if used for deployment.

How to Run (Local)

• Stellar service (Rust):
  • From packages/ui/api/stellar: cargo run (dev) or build with Docker: doc ker build -f Dockerfile.dev .
  • Health check: GET /health
• AI dev server (Deno):
  • From packages/ui/api/ai: deno task dev (see deno.json and development -server.ts)
• Compose:
  • From packages/ui/api: docker compose up --build
• Configure environment:
  • Copy .env.example to .env in packages/ui, packages/ui/api/ai, and packages/ui/api/stellar as needed.

Security/Infra

• Uses GitHub OIDC for secure, short-lived cloud credentials in CI.
• Dockerfiles refined for dev/prod;
• Rust service adheres to explicit routes and typed errors/utilities.

Testing/Verification

• Stellar service includes route and utils tests under packages/ui/api/stellar/ tests/*.
• Sanity checks:
  • GET /health returns healthy.
  • AI dev server loads and responds with expected mock behavior (when env vars
    set).

Scope/Risk

• Large move set for AI API;
• New infra (Docker, OIDC) adds deployment flexibility but requires env/secret configuration.

[sourcery-ai]

Reviewer's Guide

This PR scaffolds a new Rust-based Stellar backend API deployed via Fargate, integrates it with the existing Svelte UI for scaffold download, reorganizes the AI Deno server and import paths, and updates build/deploy configurations including Docker Compose and GitHub Actions workflows.

Sequence diagram for Svelte UI downloading Stellar scaffold via Fargate backend

sequenceDiagram
    participant User as actor User
    participant SvelteUI as Svelte UI
    participant StellarAPI as Stellar Rust API (Fargate)
    User->>SvelteUI: Click "Download Scaffold"
    SvelteUI->>StellarAPI: POST /stellar/upgrade-scaffold (zip blob)
    StellarAPI->>StellarAPI: Unzip, upgrade, re-zip contract
    StellarAPI-->>SvelteUI: Return scaffold-project.zip
    SvelteUI->>User: Save scaffold-project.zip

Loading

Class diagram for new and updated Rust backend modules

classDiagram
    class ServerConfig {
      +host: String
      +port: u16
      +rate_limit_requests_per_second: u64
      +wizard_origin: String
      +from_environment_variables(): ServerConfig
    }
    class upgrade_scaffold {
      +upgrade_to_scaffold(rust_contract_zip: web::Bytes): Result<Vec<u8>, HttpError>
    }
    class scaffold_upgrade {
      +run_scaffold_upgrade_command(project_dir_path: &Path): Result<(), Error>
    }
    class zip_folder {
      +unzip_in_temporary_folder(zip_data: Vec<u8>, expected_files: &[&str]): Result<TempDir, ZipError>
      +zip_directory(zip_path: &Path): ZipResult<Vec<u8>>
    }
    class errors {
      +to_http_hidden_error<E: Debug>(error: E): HttpError
      +to_io_error<E: Debug>(error: E): IOError
      +to_zip_io_error<E: Debug>(error: E): ZipError
    }
    ServerConfig <|-- upgrade_scaffold
    upgrade_scaffold <|-- scaffold_upgrade
    scaffold_upgrade <|-- zip_folder
    zip_folder <|-- errors

Loading

File-Level Changes

Change	Details	Files
Introduce Rust Actix-web Stellar API backend	Add main server entrypoint with Actix-web, CORS, rate limiting, and routes configuration Implement controllers, routes (health, upgrade_scaffold), environment logic, and utility modules (glob, path, dir, errors) Include Dockerfiles for dev/prod, docker-compose.yaml for local containers, and Cargo.toml/Cargo.lock Add unit tests for health endpoint, glob matching, and environment utilities	packages/ui/api/stellar/src/main.rs packages/ui/api/stellar/src/config/server.rs packages/ui/api/stellar/src/controllers/upgrade_scaffold.rs packages/ui/api/stellar/src/routes/upgrade_scaffold.rs packages/ui/api/stellar/src/routes/health.rs packages/ui/api/stellar/src/utils/* packages/ui/api/stellar/src/environment/* packages/ui/api/stellar/Dockerfile.dev packages/ui/api/stellar/Dockerfile.prod packages/ui/api/docker-compose.yaml packages/ui/api/stellar/Cargo.toml packages/ui/api/stellar/Cargo.lock packages/ui/api/stellar/tests/**/*
Integrate Fargate scaffold endpoint in Svelte UI	Expose process.env.FARGATE_HOST and inject into rollup build Replace direct zip download with POST to /stellar/upgrade-scaffold and handle blob response Add isDownloadingScaffold and downloadScaffoldError states, plus conditional button text Import zipRustProjectBlob from core and remove legacy zipScaffoldProject usage	packages/ui/src/stellar/App.svelte packages/core/stellar/src/zip-rust.ts packages/core/stellar/zip-env-rust.js packages/ui/rollup.config.mjs
Extend core Stellar zip utility with blob support	Export zipRustProjectBlob that generates a compressed Blob asynchronously Ensure compression and format align with front-end expectations	packages/core/stellar/src/zip-rust.ts
Reorganize AI Deno API structure and update import paths	Move development-server.ts and import utils under packages/ui/api/ai, adjust import paths Relocate AI endpoints into api/ai/paths and update dynamic imports in dev server Refactor all ai-assistant imports to use ../ai/ai-assistant and adjust deno.json importMap Update netlify.toml edge_functions path to new api/ai/paths	packages/ui/api/ai/development-server.ts packages/ui/api/ai/paths/ai.ts packages/ui/api/ai/**/*/function-definitions/**/*.ts packages/ui/api/ai/deno.json netlify.toml
Adjust dev scripts and package.json for API composition	Change type:check:api to point at ./api/ai/deno.json and update dev:api to docker-compose up Add dev:api:build script and update root workspace concurrency for UI/API Update root and packages/ui package.json scripts to streamline build, dev, and type check	packages/ui/package.json package.json
Add GitHub Actions workflows for Docker build & deployment	Create production workflow (docker-prod.yaml) to build, scan, and push ECR images and trigger ECS deployment Create staging workflow (docker-stg.yaml) to build, scan, and push staging images and force ECS redeploy Configure OIDC role chaining, QEMU setup, and Anchore scan SARIF upload	.github/workflows/docker-prod.yaml .github/workflows/docker-stg.yaml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License

View full report