# CLAUDE.md This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository. ## Project Cameleer3 Server — observability server that receives, stores, and serves Camel route execution data and route diagrams from Cameleer3 agents. Pushes config and commands to agents via SSE. ## Related Project - **cameleer3** (`https://gitea.siegeln.net/cameleer/cameleer3`) — the Java agent that instruments Camel applications - Protocol defined in `cameleer3-common/PROTOCOL.md` in the agent repo - This server depends on `com.cameleer3:cameleer3-common` (shared models and graph API) ## Modules - `cameleer3-server-core` — domain logic, storage, agent registry - `cameleer3-server-app` — Spring Boot web app, REST controllers, SSE, static resources ## Build Commands ```bash mvn clean compile # Compile all modules mvn clean verify # Full build with tests ``` ## Run ```bash java -jar cameleer3-server-app/target/cameleer3-server-app-1.0-SNAPSHOT.jar ``` ## Key Conventions - Java 17+ required - Spring Boot 3.4.3 parent POM - Depends on `com.cameleer3:cameleer3-common` from Gitea Maven registry - Jackson `JavaTimeModule` for `Instant` deserialization - Communication: receives HTTP POST data from agents (executions, diagrams, metrics, logs), serves SSE event streams for config push/commands (config-update, deep-trace, replay, route-control) - Maintains agent instance registry with states: LIVE → STALE → DEAD - Storage: PostgreSQL (TimescaleDB) for structured data, OpenSearch for full-text search and application log storage - Security: JWT auth with RBAC (AGENT/VIEWER/OPERATOR/ADMIN roles), Ed25519 config signing, bootstrap token for registration - OIDC: Optional external identity provider support (token exchange pattern). Configured via admin API, stored in database (`server_config` table) - User persistence: PostgreSQL `users` table, admin CRUD at `/api/v1/admin/users` ## CI/CD & Deployment - CI workflow: `.gitea/workflows/ci.yml` — build → docker → deploy on push to main or feature branches - Build step skips integration tests (`-DskipITs`) — Testcontainers needs Docker daemon - Docker: multi-stage build (`Dockerfile`), `$BUILDPLATFORM` for native Maven on ARM64 runner, amd64 runtime - `REGISTRY_TOKEN` build arg required for `cameleer3-common` dependency resolution - Registry: `gitea.siegeln.net/cameleer/cameleer3-server` (container images) - K8s manifests in `deploy/` — Kustomize base + overlays (main/feature), shared infra (PostgreSQL, OpenSearch, Authentik) as top-level manifests - Deployment target: k3s at 192.168.50.86, namespace `cameleer` (main), `cam-` (feature branches) - Feature branches: isolated namespace, PG schema, OpenSearch index prefix; Traefik Ingress at `-api.cameleer.siegeln.net` - Secrets managed in CI deploy step (idempotent `--dry-run=client | kubectl apply`): `cameleer-auth`, `postgres-credentials`, `opensearch-credentials` - K8s probes: server uses `/api/v1/health`, PostgreSQL uses `pg_isready`, OpenSearch uses `/_cluster/health` - Docker build uses buildx registry cache + `--provenance=false` for Gitea compatibility ## UI Styling - Always use `@cameleer/design-system` CSS variables for colors (`var(--amber)`, `var(--error)`, `var(--success)`, etc.) — never hardcode hex values. This applies to CSS modules, inline styles, and SVG `fill`/`stroke` attributes. SVG presentation attributes resolve `var()` correctly. ## Disabled Skills - Do NOT use any `gsd:*` skills in this project. This includes all `/gsd:` prefixed commands.