feat(docker-git): make controller limits configurable

[konard]

Summary

Updates the controller resource cap implementation after PR feedback that the default should be 90% of available limits while remaining configurable above or below that value.

• Resolve controller CPU/RAM defaults to 90% of host resources before invoking Docker Compose; direct compose fallback remains bounded at 0.9 CPU / 921m RAM.
• Add host CLI flags: --controller-cpu, --controller-ram, --controller-pids for docker-git, plus ./ctl up --cpu/--ram/--pids aliases.
• Keep resource parsing in a pure core module and isolate host resource detection/env mutation in the shell module.
• Force local controller recreation when CLI or env resource intent is supplied, so an already-running matching controller does not ignore new caps.
• Extend README, help text, changeset, and regression tests.

Mathematical Guarantees

• Default theorem: for host h, default controller CPU is 0.9 * h.cpuCount and default RAM is floor(0.9 * h.totalMemoryMiB)m.
• Compose invariant: Docker Compose receives concrete cpus, mem_limit, memswap_limit, and pids_limit values, never percentage RAM.
• Override invariant: any controller CLI/env resource intent implies controller recreate before reuse.
• Safety invariant: direct compose startup remains bounded even without the host resolver (0.9 CPU, 921m RAM/swap, 4096 PIDs).

Test Plan

• bun install
• bun run lint
• bun run check
• bun run lint:effect
• bun x vitest run tests/docker-git/controller-resource-limits.test.ts (10 passed)
• ./ctl --help
• DOCKER_GIT_CONTROLLER_CPUS=75% DOCKER_GIT_CONTROLLER_MEMORY=8g DOCKER_GIT_CONTROLLER_PIDS=8192 bun --cwd packages/app scripts/print-controller-resource-env.ts (4.5, 8g, 8192 on this 6-CPU host)
• bun run test (session-sync 16 passed, app 321 passed, lib 183 passed)

Closes #260

[konard]

Working session summary

PR is ready and out of draft.

Summary

The issue (Russian: "Make a limit on the consumption of the whole system's resources") was already partially addressed for per-project containers (default 30% CPU/RAM via PR #136). The remaining gap: the privileged docker-git-api controller had no caps and could itself consume the entire host.

Changes:

• docker-compose.yml and docker-compose.api.yml: added cpus, mem_limit, memswap_limit, pids_limit to the api service, parameterized via DOCKER_GIT_CONTROLLER_CPUS (default 2.0), DOCKER_GIT_CONTROLLER_MEMORY (default 4g), DOCKER_GIT_CONTROLLER_PIDS (default 4096).
• README.md: documented the two-layer resource-limit story.
• packages/app/tests/docker-git/controller-resource-limits.test.ts: regression test that asserts both compose files contain all four caps.
• .changeset/cap-controller-resources.md: triggers a patch release.

Verification: 6/6 new tests pass, 275/275 app tests pass, 166/166 lib tests pass, typecheck clean, lint:tests clean.

PR: #263

---

This summary was automatically extracted from the AI working session output.

[konard]

🤖 Solution Draft Log

This log file contains the complete execution trace of the AI solution draft process.

💰 Cost: $4.840903

📊 Context and tokens usage:

Claude Opus 4.7:

• 100.6K / 1M (10%) input tokens, 20.6K / 128K (16%) output tokens

Total: (114 new + 104.1K cache writes + 7.2M cache reads) input tokens, 20.6K output tokens, $4.743435 cost

Claude Haiku 4.5:

• 36.0K / 200K (18%) input tokens, 2.8K / 64K (4%) output tokens

Total: (61 new + 36.0K cache writes + 386.5K cache reads) input tokens, 2.8K output tokens, $0.097468 cost

🤖 Models used:

• Tool: Anthropic Claude Code
• Requested: opus
• Main model: Claude Opus 4.7 (claude-opus-4-7)
• Additional models:
  • Claude Haiku 4.5 (claude-haiku-4-5-20251001)

📎 Log file uploaded as Gist (2582KB)

• View complete solution draft log

---

Now working session is ended, feel free to review and add any feedback on the solution draft.

[konard]

🔄 Auto-restart triggered (iteration 1)

Reason: CI failures detected

Starting new session to address the issues.

---

Auto-restart-until-mergeable mode is active. This run will stop after 5 restart iterations.

[konard]

Working session summary

All 15 CI checks pass (Build, Dist deps prune, all E2E suites, Lint, Lint Effect-TS, Snapshot, Test, Types).

Summary

The "Lint Effect-TS" CI check on PR #263 was failing because the new test file packages/app/tests/docker-git/controller-resource-limits.test.ts violated the strict Effect-TS lint profile in 6 places:

• node:fs, node:path, node:url direct imports (forbidden — must use @effect/platform services)
• A type cast (as const) outside src/core/axioms.ts

Fix (commit 1e651a3): Rewrote the test to read compose files via FileSystem.FileSystem and Path.Path services with a NodeContext.layer, used it.effect, and replaced the as const array with a typed ReadonlyArray<string>. All 6 tests still pass and the rest of the suite (275 tests) is unaffected.

PR: #263

---

This summary was automatically extracted from the AI working session output.

[konard]

🔄 Auto-restart-until-mergeable Log (iteration 1)

This log file contains the complete execution trace of the AI solution draft process.

💰 Cost: $1.611414

📊 Context and tokens usage:

• 65.8K / 1M (7%) input tokens, 9.0K / 128K (7%) output tokens

Total: (56 new + 59.3K cache writes + 2.0M cache reads) input tokens, 9.0K output tokens, $1.611414 cost

🤖 Models used:

• Tool: Anthropic Claude Code
• Requested: opus
• Model: Claude Opus 4.7 (claude-opus-4-7)

📎 Log file uploaded as Gist (3601KB)

• View complete solution draft log

---

Now working session is ended, feel free to review and add any feedback on the solution draft.

[konard]

🔄 Auto-restart triggered (iteration 2)

Reason: Uncommitted changes detected

Starting new session to address the issues.

---

Auto-restart-until-mergeable mode is active. This run will stop after 5 restart iterations.

[konard]

Working session summary

Everything is in order. Final state:

• Working tree: clean (removed transient ci-logs/ debug artifacts).
• PR feat(docker-git): make controller limits configurable #263: open, not a draft, mergeable, 15/15 CI checks pass, mergeStateStatus CLEAN.
• Branch: up-to-date with main (no rebase/merge needed).
• Solution: 5 files address issue Сделать ограничение на потребление всёй системы ресурсов #260 — caps docker-git-api controller CPU/RAM/PIDs in both compose files, with env-tunable defaults, README docs, a regression test, and a changeset.

No further work needed; the PR is ready for review.

---

This summary was automatically extracted from the AI working session output.

[konard]

🔄 Auto-restart-until-mergeable Log (iteration 2)

This log file contains the complete execution trace of the AI solution draft process.

💰 Cost: $0.380035

📊 Context and tokens usage:

• 41.5K / 1M (4%) input tokens, 2.2K / 128K (2%) output tokens

Total: (16 new + 35.0K cache writes + 209.6K cache reads) input tokens, 2.2K output tokens, $0.380036 cost

🤖 Models used:

• Tool: Anthropic Claude Code
• Requested: opus
• Model: Claude Opus 4.7 (claude-opus-4-7)

📎 Log file uploaded as Gist (3905KB)

• View complete solution draft log

---

Now working session is ended, feel free to review and add any feedback on the solution draft.

[konard]

✅ Ready to merge

This pull request is now ready to be merged:

• All CI checks have passed
• No merge conflicts
• No pending changes

---

Monitored by hive-mind with --auto-restart-until-mergeable flag

[skulidropek]

Я думаю по дефолту он должен иметь возможность к 90% лимитов, но можно настраивать и больше и меньше с помощью cli параметров

[konard]

🤖 AI Work Session Started

Starting automated work session at 2026-05-12T09:41:46.224Z

The PR has been converted to draft mode while work is in progress.

This comment marks the beginning of an AI work session. Please wait for the session to finish, and provide your feedback.

[konard]

Working session summary

Completed and pushed to PR #263: #263

Implemented the PR feedback: controller resources now default to 90% of host CPU/RAM, while remaining configurable via docker-git --controller-cpu/--controller-ram/--controller-pids and ./ctl up --cpu/--ram/--pids. The implementation keeps parsing/resolution in pure core code and host/env mutation in shell code.

Verification passed:

• bun run lint
• bun run check
• bun run lint:effect
• focused controller resource tests: 10 passed
• full bun run test: session-sync 16, app 321, lib 183 passed
• GitHub PR checks: all passing
• PR is marked ready, merge state is CLEAN
• Working tree is clean on issue-260-ab5543061ad7

Head commit is 328ea7b33a59ddc37ed4c972774880b6a12821b9.

---

This summary was automatically extracted from the AI working session output.

[konard]

🤖 Solution Draft Log

This log file contains the complete execution trace of the AI solution draft process.

💰 Cost estimation:

• Model: GPT-5.5
• Provider: OpenAI
• Public pricing estimate: $40.751227

📊 Context and tokens usage:

• 610.4K / 1.1M (58%) input tokens, 65.8K / 128K (51%) output tokens

Total: (610.4K + 31.7M cached) input tokens, 65.8K output tokens, $40.751227 cost

🤖 Models used:

• Tool: OpenAI Codex
• Requested: gpt-5.5
• Model: GPT-5.5 (gpt-5.5)

📎 Log file uploaded as Repository (93239KB)

• View complete solution draft log

---

Now working session is ended, feel free to review and add any feedback on the solution draft.

[konard]

✅ Ready to merge

This pull request is now ready to be merged:

• All CI checks have passed
• No merge conflicts
• No pending changes

---

Monitored by hive-mind with --auto-restart-until-mergeable flag