[AZ-640] Bootstrap Rust workspace, CI/Docker, observability scaffold

Lands the first task of the implementation epic AZ-626: a cargo workspace with 14 crates (shared + autopilot binary + 12 component crates), a multi-stage Dockerfile + dev/test compose stacks, a Woodpecker CI pipeline, the on-airframe systemd unit with flight-gate wiring, three environment TOML configs, and the canonical entity catalogue from data_model.md as `shared::models`. Per-AC verification (full detail in _docs/03_implementation/batch_01_cycle1_report.md): - AC-1 cargo check --workspace clean - AC-2 cargo test --workspace passes; per-crate it_compiles() <0.01 s - AC-6 cargo build/test --no-default-features clean; VlmClient default impl returns VlmAssessment::disabled() - AC-9 tracing-subscriber emits JSON logs with ts/level/target/fields - AC-10 runtime::ensure_state_directories creates mapobjects/, audit/, pending_pushes/ under storage.state_dir Deferred to external infra (artifacts written, verification re-runs in CI and in downstream tasks): - AC-3 Woodpecker runner; CI yml in place - AC-4 docker-compose mocks land with AZ-660/AZ-644/AZ-675 - AC-5 SITL conformance lands with AZ-641/AZ-648/AZ-652 - AC-7 aarch64 cross-compile via cargo-zigbuild stage - AC-8 systemd unit (Linux + systemd host) Layering invariants from module-layout.md hold: shared (L1) imports nothing; Layer 2 actor crates import only shared; Layer 3 coordinators (operator_bridge, mission_executor) import only their documented Layer 2 deps; Layer 4 (scan_controller) imports its documented Layer 2 + Layer 3 deps; the autopilot binary (L5) is the only consumer of every component. cargo fmt --all --check + cargo clippy --all-targets -- -D warnings both clean. Jira AZ-640 transitioned to In Progress at the start of this batch; the matching In Testing transition follows this commit. Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-21 08:31:10 +00:00 · 2026-05-19 11:52:40 +03:00
parent bc40ea7300
commit a1ce3a6903
70 changed files with 4997 additions and 12 deletions
@@ -0,0 +1,61 @@
+# autopilot — on-airframe install (Jetson Orin Nano Super)
+
+Native systemd deployment per `_docs/02_document/deployment/containerization.md §3`.
+
+## Prerequisites
+
+- Jetson Orin Nano Super 8 GB with JetPack-bundled Ubuntu 22.04 (pinned).
+- Network access to the suite-internal `missions` and `ground-station` services.
+- `/dev/ttyUSB0` wired to ArduPilot (or `serial:///dev/ttyAMA0` / UDP — adjust `config.toml`).
+- ViewPro A40 reachable via RTSP + UDP control.
+
+## Install steps
+
+1. Copy the aarch64 binary from CI artefacts:
+
+   ```bash
+   sudo install -m 0755 -o root -g root autopilot /usr/local/bin/autopilot
+   ```
+
+2. Create user, state directory, and config tree:
+
+   ```bash
+   sudo groupadd --system autopilot
+   sudo useradd  --system --gid autopilot --shell /usr/sbin/nologin autopilot
+   sudo install -d -o autopilot -g autopilot -m 0750 /var/lib/autopilot
+   sudo install -d -o root      -g root      -m 0755 /etc/azaion/autopilot
+   sudo install -m 0640 autopilot.prod.toml /etc/azaion/autopilot/config.toml
+   sudo install -m 0600 secrets.env         /etc/azaion/autopilot/secrets.env
+   ```
+
+3. Install the systemd unit:
+
+   ```bash
+   sudo install -m 0644 deploy/systemd/autopilot.service /etc/systemd/system/autopilot.service
+   sudo systemctl daemon-reload
+   sudo systemctl enable --now autopilot.service
+   ```
+
+4. Verify:
+
+   ```bash
+   systemctl status autopilot
+   curl -s http://127.0.0.1:8080/health | jq
+   ```
+
+## Flight-gate contract
+
+The unit's `ExecStartPre` creates `/run/azaion/in-flight`; `ExecStopPost` removes it.
+`model-sync.service` (suite-level) honours this marker and defers any model swap
+while the autopilot is running. Do not delete the marker manually mid-flight.
+
+## Rollback
+
+The previous binary is left at `/usr/local/bin/autopilot.bak` by the rollout
+script. To roll back:
+
+```bash
+sudo systemctl stop autopilot
+sudo mv /usr/local/bin/autopilot.bak /usr/local/bin/autopilot
+sudo systemctl start autopilot
+```
@@ -0,0 +1,40 @@
+[Unit]
+Description=AZAION autopilot — onboard mission executor
+Documentation=https://github.com/azaion/autopilot
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+Type=notify
+User=autopilot
+Group=autopilot
+
+ExecStartPre=/bin/sh -c 'mkdir -p /run/azaion && touch /run/azaion/in-flight'
+ExecStart=/usr/local/bin/autopilot
+ExecStopPost=/bin/rm -f /run/azaion/in-flight
+
+EnvironmentFile=-/etc/azaion/autopilot/secrets.env
+Environment=AUTOPILOT_CONFIG=/etc/azaion/autopilot/config.toml
+Environment=RUST_LOG=info
+Environment=AUTOPILOT_HEALTH_BIND=127.0.0.1:8080
+
+# Bounded restart (per containerization.md §3).
+Restart=on-failure
+RestartSec=2s
+StartLimitBurst=5
+
+# Resource limits — on-airframe memory budget leaves room for the Tier-1 YOLO
+# container (~2 GB) and other airframe services on the 8 GB Jetson.
+MemoryMax=6G
+LimitNOFILE=65536
+LimitNPROC=4096
+
+# Hardening
+NoNewPrivileges=true
+ProtectSystem=full
+ProtectHome=true
+PrivateTmp=true
+ReadWritePaths=/var/lib/autopilot /run/azaion
+
+[Install]
+WantedBy=multi-user.target