mirror of
https://github.com/azaion/autopilot.git
synced 2026-06-21 06:51:09 +00:00
Oleksandr Bezdieniezhnykh
740bf37d76
Lands the second batch under epic AZ-626's implementation plan.
mavlink_layer (AZ-641 + AZ-642):
- Hand-rolled MAVLink v2 codec covering the §7.7 surface: HEARTBEAT,
SYS_STATUS, SET_MODE, ATTITUDE, GLOBAL_POSITION_INT, MISSION_* (7),
COMMAND_LONG, COMMAND_ACK, EXTENDED_SYS_STATE, STATUSTEXT (17 total).
- Streaming decoder demuxes arbitrary-sized byte arrivals, drops malformed
frames with typed parse-error counters (crc/truncated/unknown_id/seq_gap),
and surfaces sequence gaps without hard-failing the link.
- Encoder tracks the per-link tx_seq counter and applies the MAVLink v2
trailing-zero payload truncation rule.
- UDP and POSIX-serial transports behind a single async Transport trait;
the run loop owns transport open with bounded exponential backoff
(2 s serial / 5 s UDP cap) and a tokio::select! per-link read+write
loop.
- 1 Hz outbound HEARTBEAT scheduler + inbound-heartbeat watchdog that
fires LinkUp / LinkLost on a broadcast channel and feeds health detail
(connected, last_heartbeat_age_ms, signing_enabled, parse_errors).
mission_client (AZ-644):
- HTTPS GET /missions/{id} over rustls (no OpenSSL on the airframe).
- Bundled JSON Schema (crates/shared/contracts/mission-schema.json,
draft-07, additionalProperties:false) validates every response;
schema-invalid bodies surface as FetchError::SchemaInvalid with a
1 KiB sample of the raw body for offline analysis.
- Transient failures (timeout, 5xx, 429) retry with bounded exponential
backoff up to MissionClientOptions.max_attempts (default 5); permanent
failures (4xx, malformed URL) abort immediately.
- Health surface mirrors AC-1's contract: last_fetch_ts,
fetch_errors_total, schema_version, connection_state.
Caught and fixed before commit (NOT a code-review finding — caught by
the unit test that hand-computed CRC("123456789")): the hand-rolled
X.25 CRC accumulator was operating in u16 throughout. The MAVLink C
reference declares `tmp` as uint8_t, which silently truncates the
shifted-in bits. Round-trip tests passed (encoder and decoder shared
the bug); a real MAVLink peer would have rejected every frame. Fixed
by mirroring the C reference: `let mut tmp: u8 = …; tmp ^= tmp.wrapping_shl(4);`.
Added a regression test asserting CRC("123456789") == 0x6F91 against
pymavlink's reference value (NOT the textbook 0x29B1 — MAVLink uses a
byte-wise variant, not the bit-reflected CCITT).
AC verification (full detail in
_docs/03_implementation/batch_02_cycle1_report.md):
AZ-641: AC-1 + AC-3 + AC-4 verified via UDP loopback integration tests;
AC-2 (serial) requires a socat pty pair and runs in the SITL/CI
tier (test exists as #[ignore]-marked stub).
AZ-642: AC-1 + AC-2 + AC-3 verified via exhaustive codec round-trip and
decoder negative-path tests; AC-4 (SITL round-trip) requires
ArduPilot SITL — the CRC fix above means the codec is now
wire-correct, ready for the sitl-conformance Woodpecker stage.
AZ-644: all four ACs verified via wiremock-driven integration tests.
Workspace gates green:
- cargo check --workspace clean
- cargo check --workspace --no-default-features clean
- cargo fmt --all -- --check clean
- cargo clippy --workspace --all-targets -- -D warnings clean
- cargo test --workspace pass (1 expected ignore)
Layering invariants from module-layout.md hold: mavlink_layer and
mission_client are Layer 2 actors importing only `shared`; no sibling
Layer-2 imports; MavlinkHandle implements shared::contracts::MavlinkSink.
Jira: AZ-641, AZ-642, AZ-644 transitioned To Do → In Progress at batch
start; the matching In Testing transitions follow this commit.
Co-authored-by: Cursor <cursoragent@cursor.com>
autopilot
Onboard mission executor for the AZAION reconnaissance UAV. Single Rust binary; runs on
NVIDIA Jetson Orin Nano Super (aarch64). See _docs/02_document/architecture.md for the
authoritative system design.
Layout
crates/
shared/ # canonical DTOs, config, error, health, observability, clock, contracts
autopilot/ # binary crate — runtime composition root + /health endpoint
mavlink_layer/ # hand-rolled MAVLink v2 transport
mission_client/ # missions API REST client + MapObjects sync
frame_ingest/ # RTSP pull + decode
detection_client/ # bi-directional gRPC to ../detections
movement_detector/ # ego-motion-compensated residual-motion clustering
semantic_analyzer/ # Tier 2 — primitive graph + ROI CNN
vlm_client/ # Tier 3 — optional NanoLLM/VILA local IPC
mapobjects_store/ # H3-indexed on-device map + ignored items
gimbal_controller/ # ViewPro A40 UDP control
scan_controller/ # central typed state machine (ZoomedOut/ZoomedIn/TargetFollow)
operator_bridge/ # POI surface + operator command authentication
mission_executor/ # multirotor + fixed-wing FSMs + geofence + failsafe
telemetry_stream/ # always-on uplink to Ground Station
config/ # TOML config per environment (dev / staging / prod)
deploy/systemd/ # on-airframe native systemd unit (Option A)
fixtures/ # replay clips (RTSP, MAVLink, missions, detections)
tests/e2e/ # workspace-level blackbox scenarios
benches/ # NFR benchmark-gate harness
Build
# Host-arch build + tests
cargo build --workspace
cargo test --workspace --locked
# Optional VLM feature path
cargo build --workspace --features vlm
# No-default-features path (enforces the VLM optionality contract)
cargo build --workspace --no-default-features
cargo test --workspace --no-default-features
# aarch64 cross-build (CI uses cargo-zigbuild; locally `cross` also works)
cargo install --locked cargo-zigbuild
rustup target add aarch64-unknown-linux-gnu
cargo zigbuild --release --target aarch64-unknown-linux-gnu --workspace
Run (dev)
cp .env.example .env
docker compose up -d
# Then inspect:
curl -s http://127.0.0.1:8080/health | jq
Documentation
The full document tree lives under _docs/. Start with:
_docs/00_problem/problem.md— the problem statement_docs/02_document/architecture.md— system architecture_docs/02_document/system-flows.md— sequence diagrams_docs/02_document/components/<name>/description.md— per-component specs_docs/02_document/deployment/{containerization,ci_cd_pipeline,observability}.md
CI
.woodpecker.yml drives the pipeline. Stages: fetch → lint → unit-test → build-arm64 → build-no-vlm → integration-test → sitl-conformance → security-scan → package → sign → publish → benchmark-gate (opt-in).