logs, containers in ui, ports, ws

Author: vsilent

Cargo.toml

@@ -79,6 +79,8 @@ ebpf = []
 # Testing
 tokio-test = "0.4"
 tempfile = "3"
+actix-test = "0.1"
+awc = "3"
 
 # Benchmarking
 criterion = { version = "0.5", features = ["html_reports"] }

docker-compose.yml

@@ -19,7 +19,7 @@ services:
         echo "Starting Stackdog..."
         cargo run --bin stackdog
     ports:
-      - "${APP_PORT:-8080}:${APP_PORT:-8080}"
+      - "${APP_PORT:-5000}:${APP_PORT:-5000}"
     env_file:
       - .env
     environment:

src/api/containers.rs

@@ -83,11 +83,17 @@ fn to_container_response(
     security: &crate::docker::containers::ContainerSecurityStatus,
     stats: Option<&ContainerStats>,
 ) -> ContainerResponse {
+    let effective_status = if security.security_state == "Quarantined" {
+        "Quarantined".to_string()
+    } else {
+        container.status.clone()
+    };
+
     ContainerResponse {
         id: container.id.clone(),
         name: container.name.clone(),
         image: container.image.clone(),
-        status: container.status.clone(),
+        status: effective_status,
         security_status: ApiContainerSecurityStatus {
             state: security.security_state.clone(),
             threats: security.threats,
@@ -261,6 +267,24 @@ mod tests {
         assert_eq!(response.network_activity.blocked_connections, None);
     }
 
+    #[actix_rt::test]
+    async fn test_to_container_response_marks_quarantined_status_from_security_state() {
+        let response = to_container_response(
+            &sample_container(),
+            &crate::docker::containers::ContainerSecurityStatus {
+                container_id: "container-1".into(),
+                risk_score: 88,
+                threats: 3,
+                security_state: "Quarantined".into(),
+            },
+            None,
+        );
+
+        assert_eq!(response.status, "Quarantined");
+        assert_eq!(response.security_status.state, "Quarantined");
+        assert!(response.network_activity.suspicious_activity);
+    }
+
     #[actix_rt::test]
     async fn test_get_containers() {
         let pool = create_pool(":memory:").unwrap();

src/api/logs.rs

@@ -38,7 +38,7 @@ pub async fn list_sources(pool: web::Data<DbPool>) -> impl Responder {
 ///
 /// GET /api/logs/sources/{path}
 pub async fn get_source(pool: web::Data<DbPool>, path: web::Path<String>) -> impl Responder {
-    match log_sources::get_log_source_by_path(&pool, &path) {
+    match log_sources::get_log_source_by_path(&pool, &path.into_inner()) {
         Ok(Some(source)) => HttpResponse::Ok().json(source),
         Ok(None) => HttpResponse::NotFound().json(serde_json::json!({
             "error": "Log source not found"
@@ -77,7 +77,7 @@ pub async fn add_source(
 ///
 /// DELETE /api/logs/sources/{path}
 pub async fn delete_source(pool: web::Data<DbPool>, path: web::Path<String>) -> impl Responder {
-    match log_sources::delete_log_source(&pool, &path) {
+    match log_sources::delete_log_source(&pool, &path.into_inner()) {
         Ok(_) => HttpResponse::NoContent().finish(),
         Err(e) => {
             log::error!("Failed to delete log source: {}", e);
@@ -136,8 +136,8 @@ pub fn configure_routes(cfg: &mut web::ServiceConfig) {
         web::scope("/api/logs")
             .route("/sources", web::get().to(list_sources))
             .route("/sources", web::post().to(add_source))
-            .route("/sources/{path}", web::get().to(get_source))
-            .route("/sources/{path}", web::delete().to(delete_source))
+            .route("/sources/{path:.*}", web::get().to(get_source))
+            .route("/sources/{path:.*}", web::delete().to(delete_source))
             .route("/summaries", web::get().to(list_summaries)),
     );
 }
@@ -236,6 +236,33 @@ mod tests {
         assert_eq!(resp.status(), 404);
     }
 
+    #[actix_rt::test]
+    async fn test_get_source_with_full_filesystem_path() {
+        let pool = setup_pool();
+        let source = LogSource::new(
+            LogSourceType::CustomFile,
+            "/var/log/app.log".into(),
+            "App Log".into(),
+        );
+        log_sources::upsert_log_source(&pool, &source).unwrap();
+
+        let app = test::init_service(
+            App::new()
+                .app_data(web::Data::new(pool))
+                .configure(configure_routes),
+        )
+        .await;
+
+        let req = test::TestRequest::get()
+            .uri("/api/logs/sources//var/log/app.log")
+            .to_request();
+        let resp = test::call_service(&app, req).await;
+        assert_eq!(resp.status(), 200);
+
+        let body: serde_json::Value = test::read_body_json(resp).await;
+        assert_eq!(body["path_or_id"], "/var/log/app.log");
+    }
+
     #[actix_rt::test]
     async fn test_delete_source() {
         let pool = setup_pool();
@@ -262,6 +289,33 @@ mod tests {
         assert_eq!(resp.status(), 204);
     }
 
+    #[actix_rt::test]
+    async fn test_delete_source_with_full_filesystem_path() {
+        let pool = setup_pool();
+        let source = LogSource::new(
+            LogSourceType::CustomFile,
+            "/var/log/app.log".into(),
+            "App Log".into(),
+        );
+        log_sources::upsert_log_source(&pool, &source).unwrap();
+
+        let app = test::init_service(
+            App::new()
+                .app_data(web::Data::new(pool.clone()))
+                .configure(configure_routes),
+        )
+        .await;
+
+        let req = test::TestRequest::delete()
+            .uri("/api/logs/sources//var/log/app.log")
+            .to_request();
+        let resp = test::call_service(&app, req).await;
+        assert_eq!(resp.status(), 204);
+
+        let stored = log_sources::get_log_source_by_path(&pool, "/var/log/app.log").unwrap();
+        assert!(stored.is_none());
+    }
+
     #[actix_rt::test]
     async fn test_list_summaries_empty() {
         let pool = setup_pool();

tests/api/websocket_test.rs

@@ -1,22 +1,145 @@
 //! WebSocket API tests
 
+use actix::Actor;
+use actix_test::start;
+use actix_web::{web, App};
+use awc::ws::Frame;
+use chrono::Utc;
+use futures_util::StreamExt;
+use serde_json::Value;
+use stackdog::alerting::alert::{AlertSeverity, AlertStatus, AlertType};
+use stackdog::api::websocket::{self, WebSocketHub};
+use stackdog::database::models::Alert;
+use stackdog::database::{create_alert, create_pool, init_database};
+
+async fn read_text_frame<S>(framed: &mut S) -> Value
+where
+    S: futures_util::Stream<Item = Result<Frame, awc::error::WsProtocolError>> + Unpin,
+{
+    loop {
+        match framed
+            .next()
+            .await
+            .expect("expected websocket frame")
+            .expect("valid websocket frame")
+        {
+            Frame::Text(bytes) => {
+                return serde_json::from_slice(&bytes).expect("valid websocket json");
+            }
+            Frame::Ping(_) | Frame::Pong(_) => continue,
+            other => panic!("unexpected websocket frame: {other:?}"),
+        }
+    }
+}
+
+fn sample_alert(id: &str) -> Alert {
+    Alert {
+        id: id.to_string(),
+        alert_type: AlertType::ThreatDetected,
+        severity: AlertSeverity::High,
+        message: format!("alert-{id}"),
+        status: AlertStatus::New,
+        timestamp: Utc::now().to_rfc3339(),
+        metadata: None,
+    }
+}
+
 #[cfg(test)]
 mod tests {
+    use super::*;
+
     #[actix_rt::test]
-    async fn test_websocket_connection() {
-        // TODO: Implement when API is ready
-        assert!(true, "Test placeholder");
+    async fn test_websocket_connection_receives_initial_stats_snapshot() {
+        let pool = create_pool(":memory:").unwrap();
+        init_database(&pool).unwrap();
+        create_alert(&pool, sample_alert("a1")).await.unwrap();
+
+        let hub = WebSocketHub::new().start();
+        let pool_for_app = pool.clone();
+        let hub_for_app = hub.clone();
+        let server = start(move || {
+            App::new()
+                .app_data(web::Data::new(pool_for_app.clone()))
+                .app_data(web::Data::new(hub_for_app.clone()))
+                .configure(websocket::configure_routes)
+        });
+
+        let (_response, mut framed) = awc::Client::new()
+            .ws(server.url("/ws"))
+            .connect()
+            .await
+            .unwrap();
+
+        let message = read_text_frame(&mut framed).await;
+        assert_eq!(message["type"], "stats:updated");
+        assert_eq!(message["payload"]["alerts_new"], 1);
     }
 
     #[actix_rt::test]
-    async fn test_websocket_subscribe() {
-        // TODO: Implement when API is ready
-        assert!(true, "Test placeholder");
+    async fn test_websocket_receives_broadcast_events() {
+        let pool = create_pool(":memory:").unwrap();
+        init_database(&pool).unwrap();
+
+        let hub = WebSocketHub::new().start();
+        let pool_for_app = pool.clone();
+        let hub_for_app = hub.clone();
+        let server = start(move || {
+            App::new()
+                .app_data(web::Data::new(pool_for_app.clone()))
+                .app_data(web::Data::new(hub_for_app.clone()))
+                .configure(websocket::configure_routes)
+        });
+
+        let (_response, mut framed) = awc::Client::new()
+            .ws(server.url("/ws"))
+            .connect()
+            .await
+            .unwrap();
+
+        let _initial = read_text_frame(&mut framed).await;
+
+        websocket::broadcast_event(
+            &hub,
+            "alert:created",
+            serde_json::json!({ "id": "alert-1" }),
+        )
+        .await;
+
+        let message = read_text_frame(&mut framed).await;
+        assert_eq!(message["type"], "alert:created");
+        assert_eq!(message["payload"]["id"], "alert-1");
     }
 
     #[actix_rt::test]
-    async fn test_websocket_receive_events() {
-        // TODO: Implement when API is ready
-        assert!(true, "Test placeholder");
+    async fn test_websocket_receives_broadcast_stats_updates() {
+        let pool = create_pool(":memory:").unwrap();
+        init_database(&pool).unwrap();
+
+        let hub = WebSocketHub::new().start();
+        let pool_for_app = pool.clone();
+        let hub_for_app = hub.clone();
+        let server = start(move || {
+            App::new()
+                .app_data(web::Data::new(pool_for_app.clone()))
+                .app_data(web::Data::new(hub_for_app.clone()))
+                .configure(websocket::configure_routes)
+        });
+
+        let (_response, mut framed) = awc::Client::new()
+            .ws(server.url("/ws"))
+            .connect()
+            .await
+            .unwrap();
+
+        let initial = read_text_frame(&mut framed).await;
+        assert_eq!(initial["type"], "stats:updated");
+        assert_eq!(initial["payload"]["alerts_new"], 0);
+
+        create_alert(&pool, sample_alert("a2")).await.unwrap();
+        websocket::broadcast_stats(&hub, &pool).await.unwrap();
+
+        let updated = read_text_frame(&mut framed).await;
+        assert_eq!(updated["type"], "stats:updated");
+        assert_eq!(updated["payload"]["alerts_new"], 1);
     }
 }

web/src/components/ContainerList.tsx

@@ -119,9 +119,17 @@ const ContainerList: React.FC = () => {
           <div className="container-items">
             {containers.map((container) => (
               <div key={container.id} className="container-item">
+                {(() => {
+                  const isQuarantined =
+                    container.status === 'Quarantined' || container.securityStatus.state === 'Quarantined';
+
+                  return (
+                    <>
                 <div className="container-header">
                   <h5>{container.name}</h5>
-                  <Badge bg={getStatusBadge(container.status)}>{container.status}</Badge>
+                  <Badge bg={getStatusBadge(isQuarantined ? 'Quarantined' : container.status)}>
+                    {isQuarantined ? 'Quarantined' : container.status}
+                  </Badge>
                 </div>
                 <div className="container-details">
                   <p className="mb-1"><strong>Image:</strong> {container.image}</p>
@@ -159,7 +167,7 @@ const ContainerList: React.FC = () => {
                   >
                     Details
                   </Button>
-                  {container.status === 'Running' && (
+                  {!isQuarantined && container.status === 'Running' && (
                     <Button
                       variant="outline-danger"
                       size="sm"
@@ -171,7 +179,7 @@ const ContainerList: React.FC = () => {
                       Quarantine
                     </Button>
                   )}
-                  {container.status === 'Quarantined' && (
+                  {isQuarantined && (
                     <Button
                       variant="outline-success"
                       size="sm"
@@ -181,6 +189,9 @@ const ContainerList: React.FC = () => {
                     </Button>
                   )}
                 </div>
+                    </>
+                  );
+                })()}
               </div>
             ))}
           </div>

web/src/components/__tests__/ContainerList.test.tsx

@@ -140,6 +140,26 @@ describe('ContainerList Component', () => {
     });
   });
 
+  test('shows release action when security state is quarantined', async () => {
+    const quarantinedBySecurityState = {
+      ...mockContainers[0],
+      status: 'Running' as const,
+      securityStatus: {
+        ...mockContainers[0].securityStatus,
+        state: 'Quarantined' as const,
+      },
+    };
+
+    (apiService.getContainers as jest.Mock).mockResolvedValue([quarantinedBySecurityState]);
+
+    render(<ContainerList />);
+
+    expect(await screen.findByText('web-server')).toBeInTheDocument();
+    expect(screen.getAllByText('Quarantined').length).toBeGreaterThanOrEqual(2);
+    expect(screen.getByText('Release')).toBeInTheDocument();
+    expect(screen.queryByText('Quarantine')).not.toBeInTheDocument();
+  });
+
   test('filters by status', async () => {
     render(<ContainerList />);