mirror of
https://github.com/techforces-ai/Cial.git
synced 2026-05-15 21:14:12 +00:00
d4a39d425a
Per-tenant container now boots all five processes behind a single exposed port (:8080), with the Core/Platform boundary enforced at the filesystem level (two Linux users, mode 0700 on cial-core). - @cial/edge: http-proxy edge (HTTP+WS) + node supervisor (PID 1 under tini, spawns each service via gosu as the right user) - Routes: /.cial/api/* -> back (prefix stripped), /.cial/* -> core front (basePath kept), /* -> platform front. Platform Back is internal-only for v1. - Dockerfile: multi-stage (builder + runtime). Builds protocol/sdk/ back/edge/front/platform-back/platform-front. Runtime installs tini+gosu, creates cial:1000 / agent:1001, locks down cial-core to 0700. - Placeholder pages now render TENANT_ID at request time so the smoke can verify per-tenant env propagation end-to-end. - scripts/smoke-tenant.mjs: docker-driven L0 acceptance — boots the image, polls healthz, probes the four route classes, and asserts the agent user cannot read /opt/cial-monorepo/cial-core. - PLAN-LOCAL.md: phased local-mode roadmap (L0..L6). Verify on a host with docker: docker build -f cial-core/docker/Dockerfile -t cial-tenant:dev . pnpm smoke:tenant Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
11 lines
248 B
JSON
11 lines
248 B
JSON
{
|
|
"extends": "../../tsconfig.base.json",
|
|
"compilerOptions": {
|
|
"outDir": "dist",
|
|
"rootDir": "src",
|
|
"composite": true,
|
|
"tsBuildInfoFile": "dist/.tsbuildinfo"
|
|
},
|
|
"include": ["src/**/*"],
|
|
"exclude": ["node_modules", "dist"]
|
|
}
|