docs(reference): import Dune: Awakening server-manager references

Phase 2 references for the host-agent Dune adapter, moved out of volatile /tmp into docs/reference-repos/ (per Commander). Three upstream projects, .git + node_modules + compiled binaries stripped (16MB source). Nested AI-instruction files (.claude/, CLAUDE.md) removed so they don't pollute Corrosion sessions. - icehunter/ dune-admin (Go+React) — 4 control planes; SETUP_DOCKER.md is the closest analog to our agent's Dune docker control plane (compose lifecycle, docker logs, RabbitMQ-via-exec, dune Postgres schema) - adainrivers/ Rust/Tauri desktop — SSH+k8s BattleGroup control, maintenance daemon, in-game admin console (Rust idiom reference) - the4rchangel/ Node web UI replacing battlegroup.bat — matches the Commander's Hyper-V self-host path + game-config schema See docs/reference-repos/README.md for the full index + how we use each. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 21:08:05 -04:00
parent 0715492ddf
commit 651a35d4be
1334 changed files with 238971 additions and 0 deletions
--- a/docs/reference-repos/icehunter/.githooks/pre-commit
+++ b/docs/reference-repos/icehunter/.githooks/pre-commit
@@ -0,0 +1,145 @@
+#!/bin/bash
+# Pre-commit hook: auto-fix formatting and fast checks
+# Skip with: git commit --no-verify
+#
+# This hook is contextual - it only runs checks for file types that are staged.
+
+set -e
+
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+BOLD='\033[1m'
+NC='\033[0m' # No Color
+
+# Detect which file types are staged
+STAGED_FILES=$(git diff --cached --name-only --diff-filter=ACMR)
+HAS_GO_FILES=$(echo "$STAGED_FILES" | grep -E '\.go$' || true)
+HAS_MD_FILES=$(echo "$STAGED_FILES" | grep -E '\.md$' || true)
+HAS_TS_FILES=$(echo "$STAGED_FILES" | grep -E '\.(ts|tsx)$' || true)
+
+# Exit early if no relevant files are staged
+if [ -z "$HAS_GO_FILES" ] && [ -z "$HAS_MD_FILES" ] && [ -z "$HAS_TS_FILES" ]; then
+    echo -e "${GREEN}✓${NC} No Go, Markdown, or TypeScript files staged, skipping checks"
+    exit 0
+fi
+
+# Header
+echo ""
+echo -e "${BLUE}╔═══════════════════════════════════════════════════╗${NC}"
+echo -e "${BLUE}║${NC}  ${BOLD}PRE-COMMIT CHECKS${NC}                                ${BLUE}║${NC}"
+echo -e "${BLUE}╚═══════════════════════════════════════════════════╝${NC}"
+echo ""
+
+# Show what's being checked
+if [ -n "$HAS_GO_FILES" ]; then
+    echo -e "${YELLOW}Go files staged:${NC} $(echo "$HAS_GO_FILES" | wc -l | tr -d ' ') file(s)"
+fi
+if [ -n "$HAS_MD_FILES" ]; then
+    echo -e "${YELLOW}Markdown files staged:${NC} $(echo "$HAS_MD_FILES" | wc -l | tr -d ' ') file(s)"
+fi
+if [ -n "$HAS_TS_FILES" ]; then
+    echo -e "${YELLOW}TypeScript files staged:${NC} $(echo "$HAS_TS_FILES" | wc -l | tr -d ' ') file(s)"
+fi
+echo ""
+
+# Track if any check fails
+FAILED=0
+
+# Go checks (only if .go files are staged)
+if [ -n "$HAS_GO_FILES" ]; then
+    # 1. Auto-format Go code
+    echo -e "${YELLOW}▶${NC} Auto-formatting Go code..."
+    if make fmt > /tmp/hook-output.txt 2>&1; then
+        # Check if any files were modified
+        if git diff --name-only | grep -q "\.go$"; then
+            echo -e "${GREEN}✓${NC} Go code formatted (changes staged)"
+            git add -u  # Stage modified tracked files
+        else
+            echo -e "${GREEN}✓${NC} Go code already formatted"
+        fi
+    else
+        echo -e "${RED}✗${NC} Go formatting failed"
+        cat /tmp/hook-output.txt
+        FAILED=1
+    fi
+
+    # 2. Run go vet
+    echo -e "${YELLOW}▶${NC} Running go vet (static analysis)..."
+    if make vet > /tmp/hook-output.txt 2>&1; then
+        echo -e "${GREEN}✓${NC} go vet passed"
+    else
+        echo -e "${RED}✗${NC} go vet failed"
+        cat /tmp/hook-output.txt
+        FAILED=1
+    fi
+
+    # 3. Run golangci-lint
+    echo -e "${YELLOW}▶${NC} Running golangci-lint..."
+    if make lint-go > /tmp/hook-output.txt 2>&1; then
+        echo -e "${GREEN}✓${NC} golangci-lint passed"
+    else
+        echo -e "${RED}✗${NC} golangci-lint failed"
+        cat /tmp/hook-output.txt
+        FAILED=1
+    fi
+
+    # 4. Run gosec (high-severity security scan) — sprung here so findings
+    #    surface at commit time, not only at pre-push.
+    echo -e "${YELLOW}▶${NC} Running gosec (security scan)..."
+    if make gosec > /tmp/hook-output.txt 2>&1; then
+        echo -e "${GREEN}✓${NC} gosec passed"
+    else
+        echo -e "${RED}✗${NC} gosec failed"
+        cat /tmp/hook-output.txt
+        FAILED=1
+    fi
+fi
+
+# Markdown checks (only if .md files are staged)
+if [ -n "$HAS_MD_FILES" ]; then
+    echo -e "${YELLOW}▶${NC} Running markdownlint..."
+    if make lint-md > /tmp/hook-output.txt 2>&1; then
+        echo -e "${GREEN}✓${NC} markdownlint passed"
+    else
+        echo -e "${RED}✗${NC} markdownlint failed"
+        cat /tmp/hook-output.txt
+        FAILED=1
+    fi
+fi
+
+# TypeScript checks (only if .ts/.tsx files are staged)
+if [ -n "$HAS_TS_FILES" ]; then
+    echo -e "${YELLOW}▶${NC} Running ESLint (TypeScript)..."
+    if (cd web && pnpm lint) > /tmp/hook-output.txt 2>&1; then
+        echo -e "${GREEN}✓${NC} ESLint passed"
+    else
+        echo -e "${RED}✗${NC} ESLint failed"
+        cat /tmp/hook-output.txt
+        FAILED=1
+    fi
+
+    echo -e "${YELLOW}▶${NC} Running TypeScript type check (tsc --noEmit)..."
+    if make tsc > /tmp/hook-output.txt 2>&1; then
+        echo -e "${GREEN}✓${NC} TypeScript type check passed"
+    else
+        echo -e "${RED}✗${NC} TypeScript type check failed"
+        cat /tmp/hook-output.txt
+        FAILED=1
+    fi
+fi
+
+echo ""
+echo -e "${BLUE}╔═══════════════════════════════════════════════════╗${NC}"
+if [ $FAILED -eq 0 ]; then
+    echo -e "${BLUE}║${NC}  ${GREEN}${BOLD}✓ ALL CHECKS PASSED!${NC}                             ${BLUE}║${NC}"
+    echo -e "${BLUE}╚═══════════════════════════════════════════════════╝${NC}"
+    exit 0
+else
+    echo -e "${BLUE}║${NC}  ${RED}${BOLD}✗ CHECKS FAILED${NC}                                  ${BLUE}║${NC}"
+    echo -e "${BLUE}╚═══════════════════════════════════════════════════╝${NC}"
+    echo -e "${YELLOW}Fix the issues above or use --no-verify to skip${NC}"
+    exit 1
+fi
--- a/docs/reference-repos/icehunter/.githooks/pre-push
+++ b/docs/reference-repos/icehunter/.githooks/pre-push
@@ -0,0 +1,206 @@
+#!/bin/bash
+# Pre-push hook: full verification including security checks
+# Skip with: git push --no-verify
+#
+# This hook is contextual - it only runs checks for file types in the commits being pushed.
+
+set -e
+
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+CYAN='\033[0;36m'
+BOLD='\033[1m'
+NC='\033[0m' # No Color
+
+# Get the commits being pushed
+CURRENT_BRANCH=$(git symbolic-ref --short HEAD)
+UPSTREAM=$(git rev-parse --abbrev-ref @{u} 2>/dev/null || echo "")
+
+if [ -z "$UPSTREAM" ]; then
+    # No upstream, compare against main/master
+    BASE_BRANCH=$(git symbolic-ref refs/remotes/origin/HEAD 2>/dev/null | sed 's@^refs/remotes/origin/@@' || echo "main")
+    CHANGED_FILES=$(git diff --name-only "origin/${BASE_BRANCH}...HEAD" 2>/dev/null || git diff --name-only HEAD~10..HEAD 2>/dev/null || echo "")
+else
+    # Compare against upstream
+    CHANGED_FILES=$(git diff --name-only @{u}..HEAD 2>/dev/null || echo "")
+fi
+
+# Detect which file types are in the commits being pushed
+HAS_GO_FILES=$(echo "$CHANGED_FILES" | grep -E '\.go$' || true)
+HAS_MD_FILES=$(echo "$CHANGED_FILES" | grep -E '\.md$' || true)
+HAS_TS_FILES=$(echo "$CHANGED_FILES" | grep -E '\.(ts|tsx)$' || true)
+
+# Exit early if no relevant files in the push
+if [ -z "$HAS_GO_FILES" ] && [ -z "$HAS_MD_FILES" ] && [ -z "$HAS_TS_FILES" ]; then
+    echo -e "${GREEN}✓${NC} No Go, Markdown, or TypeScript files in push, skipping checks"
+    exit 0
+fi
+
+# Header
+echo ""
+echo -e "${BLUE}╔═══════════════════════════════════════════════════╗${NC}"
+echo -e "${BLUE}║${NC}  ${BOLD}PRE-PUSH VERIFICATION${NC}                            ${BLUE}║${NC}"
+echo -e "${BLUE}╚═══════════════════════════════════════════════════╝${NC}"
+echo ""
+
+# Show what's being pushed
+echo -e "${YELLOW}Branch:${NC} ${CURRENT_BRANCH}"
+echo -e "${YELLOW}Commits:${NC}"
+if [ -n "$UPSTREAM" ]; then
+    git log --oneline @{u}.. 2>/dev/null | head -5 | sed 's/^/  /' || echo "  (new branch)"
+else
+    echo "  (new branch)"
+fi
+echo ""
+
+# Show what's being checked
+if [ -n "$HAS_GO_FILES" ]; then
+    GO_COUNT=$(echo "$HAS_GO_FILES" | wc -l | tr -d ' ')
+    echo -e "${YELLOW}Go files changed:${NC} ${GO_COUNT} file(s)"
+fi
+if [ -n "$HAS_MD_FILES" ]; then
+    MD_COUNT=$(echo "$HAS_MD_FILES" | wc -l | tr -d ' ')
+    echo -e "${YELLOW}Markdown files changed:${NC} ${MD_COUNT} file(s)"
+fi
+if [ -n "$HAS_TS_FILES" ]; then
+    TS_COUNT=$(echo "$HAS_TS_FILES" | wc -l | tr -d ' ')
+    echo -e "${YELLOW}TypeScript files changed:${NC} ${TS_COUNT} file(s)"
+fi
+echo ""
+
+# Track if any check fails
+FAILED=0
+START_TIME=$(date +%s)
+
+# Count total checks to run
+TOTAL_CHECKS=0
+if [ -n "$HAS_GO_FILES" ]; then
+    TOTAL_CHECKS=$((TOTAL_CHECKS + 6))  # fmt-check, vet, lint-go, gosec, vulncheck, test-race
+fi
+if [ -n "$HAS_MD_FILES" ]; then
+    TOTAL_CHECKS=$((TOTAL_CHECKS + 1))  # markdownlint
+fi
+if [ -n "$HAS_TS_FILES" ]; then
+    TOTAL_CHECKS=$((TOTAL_CHECKS + 2))  # eslint + tsc
+fi
+CURRENT_CHECK=0
+
+# Helper function to run a check with timing
+run_check() {
+    local name=$1
+    local command=$2
+    local start=$(date +%s)
+    CURRENT_CHECK=$((CURRENT_CHECK + 1))
+
+    echo -e "${CYAN}[${CURRENT_CHECK}/${TOTAL_CHECKS}]${NC} ${YELLOW}▶${NC} ${name}..."
+    if eval "$command" > /tmp/hook-output.txt 2>&1; then
+        local duration=$(($(date +%s) - start))
+        echo -e "       ${GREEN}✓${NC} ${name} passed ${CYAN}(${duration}s)${NC}"
+        return 0
+    else
+        echo -e "       ${RED}✗${NC} ${name} failed"
+        echo ""
+        cat /tmp/hook-output.txt
+        echo ""
+        return 1
+    fi
+}
+
+# Go checks (only if .go files are in the push)
+if [ -n "$HAS_GO_FILES" ]; then
+    # 1. Format check
+    run_check "Checking Go code formatting" "make fmt-check" || FAILED=1
+
+    # 2. Static analysis (go vet)
+    run_check "Running static analysis (go vet)" "make vet" || FAILED=1
+
+    # 3. Go linting
+    run_check "Running golangci-lint" "make lint-go" || FAILED=1
+
+    # 4. Security scan (gosec)
+    echo -e "${CYAN}[$((CURRENT_CHECK + 1))/${TOTAL_CHECKS}]${NC} ${YELLOW}▶${NC} Running security scan (gosec)..."
+    CURRENT_CHECK=$((CURRENT_CHECK + 1))
+    START=$(date +%s)
+    if make gosec > /tmp/hook-output.txt 2>&1; then
+        DURATION=$(($(date +%s) - START))
+        ISSUES=$(grep -oE "Issues : [0-9]+" /tmp/hook-output.txt | grep -oE "[0-9]+" || echo "0")
+        NOSEC=$(grep -oE "Nosec  : [0-9]+" /tmp/hook-output.txt | grep -oE "[0-9]+" || echo "0")
+        echo -e "       ${GREEN}✓${NC} Security scan passed - ${ISSUES} issues, ${NOSEC} suppressed ${CYAN}(${DURATION}s)${NC}"
+    else
+        echo -e "       ${RED}✗${NC} Security scan failed"
+        echo ""
+        cat /tmp/hook-output.txt
+        echo ""
+        FAILED=1
+    fi
+
+    # 5. Vulnerability check (govulncheck)
+    echo -e "${CYAN}[$((CURRENT_CHECK + 1))/${TOTAL_CHECKS}]${NC} ${YELLOW}▶${NC} Checking for vulnerabilities (govulncheck)..."
+    CURRENT_CHECK=$((CURRENT_CHECK + 1))
+    START=$(date +%s)
+    if make vulncheck > /tmp/hook-output.txt 2>&1; then
+        DURATION=$(($(date +%s) - START))
+        if grep -q "No vulnerabilities found" /tmp/hook-output.txt; then
+            echo -e "       ${GREEN}✓${NC} No vulnerabilities found ${CYAN}(${DURATION}s)${NC}"
+        else
+            echo -e "       ${GREEN}✓${NC} Vulnerability check completed ${CYAN}(${DURATION}s)${NC}"
+        fi
+    else
+        echo -e "       ${RED}✗${NC} Vulnerability check failed"
+        echo ""
+        cat /tmp/hook-output.txt
+        echo ""
+        FAILED=1
+    fi
+
+    # 6. Tests with race detector and coverage
+    echo -e "${CYAN}[$((CURRENT_CHECK + 1))/${TOTAL_CHECKS}]${NC} ${YELLOW}▶${NC} Running tests with race detector..."
+    CURRENT_CHECK=$((CURRENT_CHECK + 1))
+    START=$(date +%s)
+    if make test-race > /tmp/hook-output.txt 2>&1; then
+        DURATION=$(($(date +%s) - START))
+        PASSED=$(grep -c "^ok" /tmp/hook-output.txt || echo "0")
+        echo -e "       ${GREEN}✓${NC} All tests passed (${PASSED} packages) ${CYAN}(${DURATION}s)${NC}"
+    else
+        echo -e "       ${RED}✗${NC} Tests failed"
+        cat /tmp/hook-output.txt
+        FAILED=1
+    fi
+fi
+
+# Markdown checks (only if .md files are in the push)
+if [ -n "$HAS_MD_FILES" ]; then
+    run_check "Running markdownlint" "make lint-md" || FAILED=1
+fi
+
+# TypeScript checks (only if .ts/.tsx files are in the push)
+if [ -n "$HAS_TS_FILES" ]; then
+    run_check "Running ESLint (TypeScript)" "(cd web && pnpm lint)" || FAILED=1
+    run_check "TypeScript type check (tsc --noEmit)" "make tsc" || FAILED=1
+fi
+
+# Summary
+TOTAL_TIME=$(($(date +%s) - START_TIME))
+echo ""
+echo -e "${BLUE}╔═══════════════════════════════════════════════════╗${NC}"
+if [ $FAILED -eq 0 ]; then
+    echo -e "${BLUE}║${NC}  ${GREEN}${BOLD}✓ ALL CHECKS PASSED!${NC}                             ${BLUE}║${NC}"
+    printf "${BLUE}║${NC}  ${CYAN}Total time: %-37s${NC}${BLUE}║${NC}\n" "${TOTAL_TIME}s"
+    echo -e "${BLUE}╚═══════════════════════════════════════════════════╝${NC}"
+    echo ""
+    echo -e "${GREEN}Ready to push!${NC}"
+    echo ""
+    exit 0
+else
+    echo -e "${BLUE}║${NC}  ${RED}${BOLD}✗ CHECKS FAILED${NC}                                  ${BLUE}║${NC}"
+    printf "${BLUE}║${NC}  ${CYAN}Total time: %-37s${NC}${BLUE}║${NC}\n" "${TOTAL_TIME}s"
+    echo -e "${BLUE}╚═══════════════════════════════════════════════════╝${NC}"
+    echo ""
+    echo -e "${RED}Fix the issues above before pushing.${NC}"
+    echo -e "${YELLOW}Or skip with: ${NC}git push --no-verify"
+    echo ""
+    exit 1
+fi