Merge branch 'main' into antenna-tracking

Author: haoruizhou

.gitattributes

@@ -0,0 +1 @@
+installer/startup-data-loader/data/*.csv binary

.github/workflows/code-quality.yml

@@ -0,0 +1,48 @@
+name: Code Quality Checks
+
+on:
+  push:
+    branches: [ main, deploy ]
+  pull_request:
+    branches: [ main, deploy ]
+
+jobs:
+  lint-docker:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Install Hadolint
+      run: |
+        sudo wget -O /usr/local/bin/hadolint https://github.com/hadolint/hadolint/releases/latest/download/hadolint-Linux-x86_64
+        sudo chmod +x /usr/local/bin/hadolint
+
+    - name: Lint Dockerfiles
+      run: |
+        find . -name "Dockerfile" -exec hadolint {} \;
+
+  check-dependencies:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Check for security vulnerabilities in Python dependencies
+      run: |
+        find . -name "requirements.txt" -exec safety check --file {} \; || true
+
+  validate-shell-scripts:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Install ShellCheck
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y shellcheck
+
+    - name: Check shell scripts
+      run: |
+        find . -name "*.sh" -exec shellcheck {} \;

.github/workflows/deploy.yml

@@ -0,0 +1,35 @@
+name: Deploy to Staging
+
+on:
+  workflow_dispatch:
+    inputs:
+      environment:
+        description: 'Environment to deploy to'
+        required: true
+        default: 'staging'
+        type: choice
+        options:
+        - staging
+        - production
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    environment: ${{ inputs.environment }}
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Deploy to ${{ inputs.environment }}
+      run: |
+        echo "Deploying to ${{ inputs.environment }} environment"
+        # Add your deployment commands here
+        # For example:
+        # - SSH to your server
+        # - Pull latest images
+        # - Run docker compose up
+        # - Run health checks

.github/workflows/docker-build.yml

@@ -0,0 +1,147 @@
+name: Build and Test DAQ System
+
+on:
+  push:
+    branches: [ deploy ]
+  pull_request:
+    branches: [ main, deploy ]
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  validate-compose:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Prepare environment file for CI
+      run: |
+        if [ ! -f server/installer/.env ]; then
+          cp server/installer/.env.example server/installer/.env
+          echo "Created .env file from .env.example"
+        fi
+
+    - name: Validate docker-compose files
+      run: |
+        cd server/installer
+        docker compose config
+        docker compose -f docker-compose.yml config
+
+  build-and-push:
+    runs-on: ubuntu-latest
+    needs: validate-compose
+    permissions:
+      contents: read
+      packages: write
+
+    strategy:
+      matrix:
+        service: [slackbot, lap-detector, file-uploader]
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Convert repository name to lowercase
+      run: |
+        echo "IMAGE_NAME_LOWER=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV
+
+    - name: Log in to Container Registry
+      uses: docker/login-action@v3
+      with:
+        registry: ${{ env.REGISTRY }}
+        username: ${{ github.actor }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Extract metadata
+      id: meta
+      run: |
+        echo "tags<<EOF" >> $GITHUB_OUTPUT
+        echo "${{ env.REGISTRY }}/${IMAGE_NAME_LOWER}/${{ matrix.service }}:latest" >> $GITHUB_OUTPUT
+        echo "${{ env.REGISTRY }}/${IMAGE_NAME_LOWER}/${{ matrix.service }}:${{ github.sha }}" >> $GITHUB_OUTPUT
+        echo "EOF" >> $GITHUB_OUTPUT
+
+    - name: Build and push Docker image
+      uses: docker/build-push-action@v5
+      with:
+        context: ./server/installer/${{ matrix.service }}
+        push: true
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: |
+          org.opencontainers.image.title=${{ github.event.repository.name }}
+          org.opencontainers.image.description=WFR DAQ System - ${{ matrix.service }}
+          org.opencontainers.image.url=${{ github.event.repository.html_url }}
+          org.opencontainers.image.source=${{ github.event.repository.html_url }}
+          org.opencontainers.image.version=${{ github.sha }}
+          org.opencontainers.image.created=${{ steps.meta.outputs.created }}
+          org.opencontainers.image.revision=${{ github.sha }}
+
+  test-compose:
+    runs-on: ubuntu-latest
+    needs: build-and-push
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: Create .env file for testing
+      run: |
+        cd server/installer
+        cp .env.example .env
+        mkdir -p .ci-slicks/src/slicks
+        cat > .ci-slicks/pyproject.toml <<'EOF'
+        [project]
+        name = "slicks"
+        version = "0.0.0"
+        [build-system]
+        requires = ["setuptools>=68"]
+        build-backend = "setuptools.build_meta"
+        [tool.setuptools.packages.find]
+        where = ["src"]
+        EOF
+        touch .ci-slicks/README.md
+        echo '__version__ = "0.0.0"' > .ci-slicks/src/slicks/__init__.py
+        echo "SLICKS_HOST_PATH=${PWD}/.ci-slicks" >> .env
+
+    - name: Pull pre-built images
+      run: |
+        docker pull timescale/timescaledb:latest-pg16
+        docker pull grafana/grafana
+        docker pull telegraf:1.30
+        docker pull nginx:alpine
+
+    - name: Build test images
+      run: |
+        cd server/installer
+        docker compose build --parallel
+
+    - name: Validate compose configuration
+      run: |
+        cd server/installer
+        docker compose config --quiet
+
+    - name: Test container startup (quick smoke test)
+      run: |
+        cd server/installer
+        # Start core monitoring stack to ensure compose wiring is valid
+        timeout 60s docker compose up timescaledb file-uploader grafana frontend || true
+        # Check if containers started (even if they exit quickly)
+        docker compose ps
+
+  cleanup:
+    runs-on: ubuntu-latest
+    needs: [validate-compose, build-and-push, test-compose]
+    if: always()
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Clean up Docker resources
+      run: |
+        docker system prune -f
+        docker image prune -f