master-> dev

.github/workflows/ci.yml

@@ -17,6 +17,8 @@ jobs:
   build-and-test:
     name: Build & Test (features=${{ matrix.features }})
     runs-on: ubuntu-latest
+    env:
+      CONFIG_FIXTURES_TOKEN: ${{ secrets.CONFIG_FIXTURES_TOKEN }}
     strategy:
       fail-fast: false
       matrix:
@@ -25,6 +27,30 @@ jobs:
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
+      - name: Checkout shared pipe fixtures repo
+        id: checkout_shared_fixtures
+        if: ${{ env.CONFIG_FIXTURES_TOKEN != '' }}
+        continue-on-error: true
+        uses: actions/checkout@v4
+        with:
+          repository: trydirect/config
+          ref: main
+          token: ${{ env.CONFIG_FIXTURES_TOKEN }}
+          path: config-fixtures-repo
+          fetch-depth: 1
+          persist-credentials: false
+          sparse-checkout: |
+            shared-fixtures
+      - name: Shared pipe fixtures unavailable
+        if: ${{ env.CONFIG_FIXTURES_TOKEN == '' || steps.checkout_shared_fixtures.outcome != 'success' }}
+        run: |
+          echo "::notice::Shared pipe fixtures are unavailable for this workflow run; shared-fixture tests will be skipped."
+      - name: Link shared pipe fixtures
+        if: ${{ env.CONFIG_FIXTURES_TOKEN != '' && steps.checkout_shared_fixtures.outcome == 'success' }}
+        run: |
+          rm -rf "${GITHUB_WORKSPACE}/../config" "${GITHUB_WORKSPACE}/../shared-fixtures"
+          ln -sfn "${GITHUB_WORKSPACE}/config-fixtures-repo/shared-fixtures" "${GITHUB_WORKSPACE}/../shared-fixtures"
+          test -d "${GITHUB_WORKSPACE}/../shared-fixtures/pipe-contract"
 
       - name: Setup Rust toolchain (${{ matrix.rust }})
         uses: dtolnay/rust-toolchain@stable

.gitignore

@@ -4,4 +4,5 @@ __pycache__
 .DS_Store
 .ai
 target
-.env
+.env
+.claude

CHANGELOG.md

@@ -1,5 +1,13 @@
 # Changelog
 
+## 0.1.8 — 2026-04-21
+### Added
+- `status --version` now includes the git short hash (for example `0.1.8 (abc1234)`) so production builds can be identified instantly.
+
+### Changed
+- Docker builds now include the protobuf build inputs required for gRPC client code generation in musl/release images.
+- Pipe-contract fixtures remain sourced from `trydirect/config`, while fork PRs and unauthorized CI runs now skip only the shared-fixture tests instead of failing the entire workflow.
+
 ## 0.1.7 — 2026-04-10
 ### Security — OWASP Top 10 Hardening
 
@@ -207,4 +215,3 @@ This is a **security release** addressing 6 Critical and 5 High severity finding
 - Planned: align build and runtime images to avoid glibc drift; keep the musl-based build variant as the default container target.
 - Planned: update CI to build and test using the production base image so linker/runtime errors are caught early.
 - Planned: add a container startup smoke check to surface missing runtime dependencies before release.
-

CLAUDE.md

@@ -0,0 +1,70 @@
+# Status Panel
+
+On-server status panel agent. Runs on deployed servers to report health metrics, manage containers, handle self-updates, and provide a WebSocket interface for real-time monitoring.
+
+## Tech Stack
+- **Language**: Rust (2021 edition)
+- **Framework**: Axum 0.8 (with WebSocket support)
+- **Async**: Tokio (full features)
+- **Docker**: Bollard 0.19 (Docker API via Unix socket, optional)
+- **HTTP Client**: reqwest 0.12 (rustls-tls)
+- **System Metrics**: sysinfo 0.30
+- **Security**: HMAC-SHA256, ring 0.17
+- **Daemonization**: daemonize 0.5
+- **Testing**: assert_cmd, tokio-test, mockito, tower
+
+## Project Structure
+```
+src/
+  main.rs              # Binary entry point
+  lib.rs               # Library root (core logic)
+  test_utils.rs        # Shared test utilities
+tests/
+  http_routes.rs       # HTTP route integration tests
+  security_integration.rs  # Security/auth integration tests
+  self_update_integration.rs  # Self-update mechanism tests
+examples/
+  command_execution.rs # Command execution example
+```
+
+## Features
+- `default = ["docker"]` — includes Docker management via Bollard
+- `docker` — Docker container management (Unix socket)
+- `minimal` — builds without Docker support
+
+## Commands
+```bash
+# Build
+cargo build
+
+# Build minimal (without Docker)
+cargo build --no-default-features --features minimal
+
+# Run tests
+cargo test
+
+# Run tests without Docker feature
+cargo test --no-default-features --features minimal
+
+# Format & lint
+cargo fmt
+cargo clippy -- -D warnings
+
+# Run
+cargo run --bin status
+```
+
+## Critical Rules
+- NEVER expose system commands without HMAC authentication
+- NEVER trust incoming WebSocket data without signature verification
+- ALWAYS validate self-update binary integrity before replacing
+- Docker socket access is privileged — validate all container operations
+- System metrics collection must not block the async runtime
+- Test both `docker` and `minimal` feature configurations
+- Test with `cargo test` after every change
+- DO NOT yet add to repo .claude CLAUDE.md .copilot directories and files
+
+## Agents
+- Use `planner` before any feature work
+- Use `tester` after every code change (must run cargo test)
+- Use `code-reviewer` before commits — focus on security and system safety