feat: complete iteration 0 AOT contract tier#5
Draft
Blind-Striker wants to merge 22 commits into
Draft
Conversation
- Add the Iteration 0 planning and research baseline: deep-dive code review findings, performance opportunities, roadmap wave mapping, AOT contract-tier design, execution handoff notes, and the initial Slopwatch baseline for pre-existing findings. - Add contract-test infrastructure for local AWS-style execution, including shared Testcontainers setup, deterministic contract fixtures, HTTP client base URL overrides, and normalized override URL handling for WireMock-backed NuGet/GitHub flows. - Expand active HTTP contract coverage across test-result ingestion, HMAC auth failure paths, test badges, redirects, NuGet package badges, GitHub package badges, upstream unauthorized/forbidden/not-found cases, missing GitHub secrets, routing, HEAD, CORS preflight, and response CORS headers. - Make test-result contract data deterministic so repeated local and CI runs do not collide on run identifiers, timestamps, nonces, or stored DynamoDB state. - Add and harden the k6 performance baseline tooling, including environment-driven configuration, Lambda response projection, RIE-safe validation, memory sampling via mstat export, and local smoke baseline capture. - Replace the active RIE-based contract path with Aspire Testing plus APIGatewayEmulator, and move local benchmark execution to the LocalStack ZIP Lambda path with Function URL fallback where LocalStack Community API Gateway v2 support is insufficient. - Record durable baseline evidence for the mock pre-iteration reference, final local LocalStack smoke, live direct API Gateway smoke, and live CloudFront comparison smoke; document that direct API Gateway is the Lambda/API baseline while CloudFront is only an edge-cache comparison. - Update Aspire/agent handover notes so future work starts from the RIE-free contract and benchmark topology, with CloudWatch Lambda REPORT lines as the source of truth for Lambda duration, memory, and cold-start observations.
Squashes the W1.5 file-based tooling migration commits while preserving their intent: - build: add file-based BadgeSmith tool foundation - build: migrate lambda build script to file-based tool - build: migrate test runner helper to file-based tool - build: migrate badge update and ingestion tooling to C# - refactor: complete hosted DI conversion for file-based tool Also syncs the Slopwatch baseline after removing the standalone seeder project.
W1.7 Task 2: bump non-pinned PackageVersion entries to latest stable on NuGet. Aspire / LocalStack.Aspire.Hosting / Aspire.Hosting.AWS pins from Task 1 (4cbc96b) preserved unchanged. Microsoft.Extensions.* and System.Text.Json kept on 10.x stable (10.0.9). No xUnit / BenchmarkDotNet prereleases taken. Version table (old -> new): Amazon.JSII.Analyzers 1.121.0 -> 1.138.0 Meziantou.Analyzer 2.0.264 -> 3.0.122 Microsoft.CodeAnalysis.BannedApiAnalyzers 4.14.0 -> 5.6.0 Microsoft.CodeAnalysis.NetAnalyzers 10.0.101 -> 10.0.301 Microsoft.VisualStudio.Threading.Analyzers 17.14.15 -> 18.7.23 SonarAnalyzer.CSharp 10.17.0.131074 -> 10.28.0.143324 xunit.analyzers 1.26.0 -> 1.27.0 AWSSDK.Core 4.0.100.1 -> 4.0.100.3 AWSSDK.DynamoDBv2 4.0.10.4 -> 4.0.101.1 AWSSDK.SecretsManager 4.0.4.1 -> 4.0.100.3 Amazon.CDK.Lib 2.233.0 -> 2.261.0 Amazon.Lambda.APIGatewayEvents 2.7.3 -> 3.0.0 Amazon.Lambda.Core 2.8.0 -> 3.1.1 Amazon.Lambda.RuntimeSupport 1.14.1 -> 2.1.2 Amazon.Lambda.Serialization.SystemTextJson 2.4.4 -> 3.0.0 Amazon.Lambda.TestUtilities 3.0.1 -> 4.1.0 AWSSDK.Extensions.NETCore.Setup 4.0.3.17 -> 4.0.100.3 Microsoft.Extensions.Hosting 10.0.8 -> 10.0.9 Microsoft.Extensions.Http 10.0.8 -> 10.0.9 Microsoft.Extensions.Caching.Memory 10.0.1 -> 10.0.9 Microsoft.Extensions.Logging.Console 10.0.1 -> 10.0.9 Microsoft.SourceLink.GitHub 8.0.0 -> 10.0.300 System.Text.Json 10.0.1 -> 10.0.9 OpenTelemetry.Api 1.14.0 -> 1.16.0 OpenTelemetry.Instrumentation.AspNetCore 1.14.0 -> 1.16.0 OpenTelemetry.Instrumentation.Runtime 1.15.1 -> 1.16.0 CliWrap 3.6.0 -> 3.10.2 Constructs 10.4.4 -> 10.6.0 NuGet.Versioning 7.0.1 -> 7.6.0 ZLinq 1.5.4 -> 1.5.6 Microsoft.NET.Test.Sdk 18.0.1 -> 18.7.0 Testcontainers 4.12.0 -> 4.13.0 Testcontainers.LocalStack 4.12.0 -> 4.13.0 xunit.v3 3.2.1 -> 3.2.2 xunit.v3.runner.console 3.2.1 -> 3.2.2 Unchanged (Task 1 pins preserved): Aspire.Hosting.AppHost 13.4.6 Aspire.Hosting.AWS 13.3.1 Aspire.Hosting.Testing 13.4.6 LocalStack.Aspire.Hosting 13.4.0 LocalStack.Client 2.0.0 (already latest stable) LocalStack.Client.Extensions 2.0.0 (already latest stable) Roslynator.Analyzers / CodeAnalysis / Formatting 4.15.0 (already latest) SecurityCodeScan.VS2019 5.6.7 (already latest) Spectre.Console.Cli(.Extensions.DependencyInjection|.Testing) 0.55.0 / 0.26.0 (latest) BenchmarkDotNet 0.15.8 (already latest) OneOf / OneOf.SourceGenerator 3.0.271 (already latest) Moq 4.20.72 (already latest) xunit.runner.visualstudio 3.1.5 (already latest) Compile fix: SonarAnalyzer 10.28 promotes S5332 (HTTP usage) to error. The CDK local-performance stack uses 'http://localstack:4566' as the LocalStack container endpoint inside the Docker network (HTTP-only by design). Added a scoped #pragma warning disable/restore S5332 at the call site with an explanatory comment; no behavior change. Verification: dotnet restore + dotnet build BadgeSmith.sln -c Release (0 warn / 0 err); dotnet build tools/badgesmith.cs (ok); dotnet test Category=Unit (315 passed); dotnet test Category=Functional (28 passed, Docker available); slopwatch analyze clean.
Contributor
Author
|
Pipeline validation result:
Failed job: https://github.com/localstack-dotnet/badge-smith/actions/runs/29073897324/job/86302264987 The PR remains draft until this AOT compatibility issue and the listed review follow-ups are resolved. |
- restore Native AOT serializer compatibility - harden HMAC and white-label tooling contracts - secure GitHub Actions and ARM artifact generation - correct Aspire source-navigation guidance
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Validation
dotnet test tests/BadgeSmith.Api.Tests/BadgeSmith.Api.Tests.csproj --configuration ReleasePipeline validation goal
Known review follow-ups
tests ingestargument validationThis PR is intentionally draft until the review follow-ups and approval-gated Native AOT verification are complete.