Keeps operating essentials (template gate, ports, build/deploy, env, What's New,\nrepo-specific quirks); moves architecture/endpoints/tables/topics to the HiveIQ\nGuide (guide.bcos.dev) which is kept in sync with code. Part of the guide-KB rollout.\n\nCo-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
3.9 KiB
hiveops-aria frontend — CLAUDE.md
⛔ STOP — before writing ANY
.svelte, use the template
- Read
hiveops-template/CLAUDE.md(the design system).- Copy, don't write from scratch — start from
hiveops-template/frontend/src/components/TablePage.svelte(list/table pages) orTemplatePage.svelte(pages with status/severity badges).- Header = text only. Action buttons (Add/Refresh/Compose) go in
.toolbar-right, never in.header. (hook-enforced)- Copy the filter-sidebar + table CSS verbatim — never simplify.
- Scoped
<style>only — neverimport './x.css'. (hook-enforced)
ARIA — ATM threat intelligence & precursor-sequence detection (IOC catalog, threat events,
attack sequences, device posture). Svelte frontend + Spring Boot 3.4 backend.
Package com.hiveops.aria, DB hiveiq_aria.
| Sub-module | Port | Dev | Prod |
|---|---|---|---|
backend/ (repo root) |
8095 | api.bcos.dev/aria/ |
api.bcos.cloud/aria/ |
frontend/ |
5187 | aria.bcos.dev |
aria.bcos.cloud |
📖 Architecture, endpoints, tables, Kafka, gotchas, testing → the Guide
The deep, code-grounded knowledge for this service lives in the HiveIQ Guide — kept in sync with code (unlike hand-written docs, which rot). Query it instead of duplicating here:
TOKEN=$(curl -s https://api.bcos.dev/auth/api/login -H 'Content-Type: application/json' \
-d '{"email":"<you>","password":"<pw>"}' | python3 -c 'import sys,json;print(json.load(sys.stdin)["token"])')
# service overview:
curl -s https://api.bcos.dev/guide/api/v1/guide/modules/technical.aria -H "Authorization: Bearer $TOKEN"
# per-module (Customer / Internal / Architect / Testing / Claude tabs) — read the "Claude" tab to act:
curl -s https://api.bcos.dev/guide/api/v1/guide/modules/aria.threat-events -H "Authorization: Bearer $TOKEN"
Modules: aria.dashboard, aria.threat-events, aria.ioc-management, aria.ioc-feeds,
aria.precursor-alerts, aria.device-posture. Browse: https://guide.bcos.dev (admin login
shows the internal tabs). The Guide is the source of truth for endpoints, DB tables, Kafka topics,
roles, gotchas, and how to test — this file stays thin on purpose. When you change ARIA
behaviour, update the Guide content, not this file.
Before writing ANY new component
Read an existing sibling component first. Mandatory. Use IocManagement.svelte or
DevicePosture.svelte as the reference. Poll the STATUS endpoint only (never trigger a refresh
from setInterval), and always onDestroy(() => clearInterval(interval)).
Dev / build
# backend (repo root)
./mvnw clean package -DskipTests
# frontend
cd frontend && npm install && npm run dev # http://localhost:5187
Build & deploy
# backend image (hiveiq-aria) — root build.sh; frontend image (hiveiq-aria-frontend) built from frontend/Dockerfile
./build.sh --registry registry.bcos.dev --push # dev (:dev tag, bcos.dev / .251)
./build.sh --registry registry.bcos.cloud --push # prod (:latest; CI/CD on merge to main, manual only if CI broken)
# deploy dev: ssh .251 → ~/hiveiq/hiveops-openmetal/hiveops/instances/dev
docker compose pull hiveiq-aria hiveiq-aria-frontend && docker compose up -d hiveiq-aria hiveiq-aria-frontend
# prod: same on 173.231.195.250 with registry.bcos.cloud
CI: .gitea/workflows/cd-develop.yml (push → develop, deploys to bcos.dev), cd-main.yml.
Env vars
# backend — hiveiq_aria on hiveiq-postgres
DB_URL DB_USERNAME DB_PASSWORD # ddl-auto=validate; Flyway owns schema (db/migration)
JWT_SECRET (shared w/ auth) KAFKA_BOOTSTRAP_SERVERS CORS_ALLOWED_ORIGINS
Frontend: VITE_API_URL = https://api.bcos.dev/aria (dev) / https://api.bcos.cloud/aria (prod).
Injected at container runtime into dist/config.js (window.__APP_CONFIG__.apiUrl) via entrypoint.sh.
What's New
Edit hiveops-release/releases.json → ./deploy.sh in that repo.