Add trusted-server-adapter-axum native dev server (PR 16)

[prk-Jr]

Summary

• Adds trusted-server-adapter-axum as a native (non-WASM) dev server so the full trusted-server pipeline can be run and tested locally without Fastly Compute or Viceroy
• Promotes the axum adapter to a first-class workspace member by removing the global target = "wasm32-wasip1" override from .cargo/config.toml; Fastly-specific commands now pass --target wasm32-wasip1 explicitly
• Extends the integration test matrix so WordPress and Next.js scenarios run against both Fastly (Viceroy) and Axum, verifying identical behaviour across platforms

Changes

File	Change
crates/trusted-server-adapter-axum/src/platform.rs	PlatformConfigStore, PlatformSecretStore, PlatformBackend, PlatformGeo, PlatformHttpClient — env-var-backed implementations
crates/trusted-server-adapter-axum/src/middleware.rs	FinalizeResponseMiddleware + AuthMiddleware — mirrors Fastly adapter, always emits X-Geo-Info-Available: false
crates/trusted-server-adapter-axum/src/app.rs	TrustedServerApp implementing Hooks with all 11 routes wired
crates/trusted-server-adapter-axum/src/main.rs + axum.toml	Binary entry point; config drives port (default 8787)
crates/trusted-server-adapter-axum/tests/routes.rs	8 integration tests via EdgeZeroAxumService (no live TCP server)
crates/integration-tests/tests/environments/axum.rs	AxumDevServer runtime environment added to the matrix
crates/integration-tests/tests/environments/mod.rs	Register AxumDevServer alongside FastlyViceroy
crates/integration-tests/tests/integration.rs	test_wordpress_axum + test_nextjs_axum individual test functions
scripts/integration-tests.sh	Also builds the Axum native binary with test-specific env vars
.cargo/config.toml	Remove global target = "wasm32-wasip1"; keep only the viceroy runner
Cargo.toml	Move trusted-server-adapter-axum from [exclude] to [members]
crates/trusted-server-adapter-axum/Cargo.toml	Adopt workspace deps + lints
.github/workflows/test.yml	Add test-axum CI job; test-rust now passes --target wasm32-wasip1 explicitly
CLAUDE.md	Document axum adapter in workspace layout + build commands
.gitignore (root + adapter)	Ignore .edgezero/ (local KV store created by dev server)

Closes

Closes #497

Test plan

• cargo test --workspace (Fastly/WASM crates via Viceroy)
• cargo test -p trusted-server-adapter-axum (8 route + middleware tests)
• cargo clippy --workspace --all-targets --all-features -- -D warnings
• cargo fmt --all -- --check
• JS tests: cd crates/js/lib && npx vitest run (282 tests)
• Integration tests: test_wordpress_fastly, test_nextjs_fastly, test_wordpress_axum, test_nextjs_axum all pass
• Manual testing: cargo run -p trusted-server-adapter-axum starts on port 8787

Checklist

• Changes follow CLAUDE.md conventions
• No unwrap() in production code — use expect("should ...")
• Uses log macros (not println!)
• New code has tests
• No secrets or credentials committed

[aram356]

Summary

Introduces a native Axum dev-server adapter that runs the full trusted-server pipeline locally without Fastly Compute or Viceroy, promotes the crate to a workspace member, and extends the integration-test matrix to cover both runtimes. Requesting changes for a handful of small but concrete issues: unused deps, stale lockfile, doc/code drift, and a middleware bypass on the startup-error path.

Blocking

🔧 wrench

• Unused direct dependencies: serde_json and trusted-server-js declared in crates/trusted-server-adapter-axum/Cargo.toml but never referenced in src/ or tests/. See inline.
• Stale crate-local Cargo.lock: ~100 KB file that cargo now silently ignores (crate is a workspace member). Delete it to avoid lockfile drift.
• CLAUDE.md comment contradicts the PR: says "excluded from workspace" at line 14 while the PR makes it a workspace member. See inline.
• Log text references a non-existent NoopKvStore: the code uses UnavailableKvStore (src/platform.rs:367 vs :379). See inline.
• Startup-error router bypasses middleware: startup_error_router() has no FinalizeResponseMiddleware / AuthMiddleware, breaking the "every response has X-Geo-Info-Available" invariant and bypassing operator headers + basic auth on startup-failure responses. See inline on src/app.rs:134.

Non-blocking

🤔 thinking

• send_async/select diverges from Fastly (eager execution changes error-surface timing and ordering). Trade-off is documented, but consider a breadcrumb log or real tokio::spawn fan-out. See inline.
• Body::Stream outbound body silently truncated to empty on axum. See inline.
• Env-var namespace collisions possible due to -/./ → _ normalization. See inline.
• Fixed port 8787 baked at compile time can TIME_WAIT-flake across sequential integration tests. See inline.

♻️ refactor

• reqwest::Client rebuilt per request — defeats connection pool. Move to shared Arc<AxumPlatformHttpClient> in AppState. See inline.
• Env-var tests not isolated — use temp-env (already a workspace dep). See inline.
• bytes::Bytes → Vec<u8> round-trip on request/response bodies is wasted allocation. See inline.
• tests/routes.rs uses .unwrap() instead of .expect("should ...") — CLAUDE.md applies to test code. See inline.

🌱 seedling

• No /health endpoint — AxumDevServer::health_check_path() returns /health but the app never registers it; tests work around with wait_for_any_response. See inline.

⛏ nitpick

• Crate-local .gitignore is redundant with the workspace .gitignore. See inline.
• build_per_request_services is a no-op wrapper around build_runtime_services. See inline.

📝 note

• test-axum CI job runs without TRUSTED_SERVER__* env vars — every request goes through the startup-error path. Smoke tests still pass, but not a great signal. See inline.

CI Status

• fmt: PASS (verified locally, cargo fmt --all -- --check)
• clippy (axum crate, host target): PASS with zero warnings
• cargo test -p trusted-server-adapter-axum: 18 tests PASS
• GitHub CI on 75fe0d01: prepare artifacts + integration tests + browser tests all PASS

[ChristianPavilonis]

Summary

Nice addition overall — the Axum adapter is headed in a useful direction. I found a few correctness gaps in the platform shim plus a couple of documentation mismatches around what the Axum runtime can currently support.

[aram356]

Summary

Re-review of the Axum dev-server adapter against main. Most prior feedback (aram356, ChristianPavilonis) has been addressed, and the latest commit even fixed the auction fan-out concern via real tokio::spawn + select_all. Deep verification finds five blocking CI/correctness issues plus several non-blocking refactor and documentation items.

A compounding factor: this PR targets feature/edgezero-pr15-remove-fastly-core, not main. The Run Tests and Run Format workflows only trigger on PRs to main, so no CI run on this PR has actually exercised fmt/clippy/test-fastly/test-axum. Only Integration Tests runs. The fmt/clippy failures below would surface for the first time when this lands on main.

Blocking

🔧 wrench

• cargo fmt --all -- --check fails on crates/trusted-server-adapter-axum/src/app.rs:217-225 (auction handler Ok(...) block). See inline.
• cargo clippy ... -- -D warnings fails on crates/trusted-server-adapter-axum/src/platform.rs:194-196 with clippy::type_complexity. See inline.
• TRUSTED_SERVER__SYNTHETIC__SECRET_KEY is dead — should be TRUSTED_SERVER__EDGE_COOKIE__SECRET_KEY after PR15's rename. Two locations: scripts/integration-tests.sh:63 and .github/actions/setup-integration-test-env/action.yml:97. Effect: Axum CI integration tests run with the placeholder secret. See inline.
• CLAUDE.md self-contradicts — CLAUDE.md lines 67-69 (Build & Test Commands, modified in this PR) say cargo test-fastly / cargo test-axum; the CI Gates section near line 256 (unchanged) still says 3. `cargo test --workspace` , which AGENTS.md (also updated in this PR) explicitly forbids: "Do NOT use bare cargo test --workspace — it will attempt to compile the Fastly adapter for the host target." Update CI Gates item 3 to list both aliases. (Body-level because the affected line wasn't part of this PR's diff.)
• cargo clippy --workspace --all-targets --all-features -- -D warnings will fail post-merge to main. Removing [build] target = "wasm32-wasip1" from .cargo/config.toml means format.yml's clippy step now targets host, where the fastly crate's wasm-only APIs don't compile. The Run Format workflow doesn't trigger on PRs to feature branches, so this is hidden until rebase onto main. Fix options: add --target wasm32-wasip1 to the clippy CI step (excluding axum), or split into clippy-fastly / clippy-axum aliases analogous to the test aliases.

Non-blocking

🤔 thinking

• Fan-out parity isn't actually tested — send_async × 2 + select has no unit coverage. See inline on platform.rs:309.
• Body::Stream is silently buffered into Vec<u8> with no log emission; large-payload divergence vs Fastly will not surface in test output. See inline on platform.rs:247.

♻️ refactor

• startup_error_router's closure-of-closure (make) is convoluted. See inline on app.rs:134.
• rotate_handler / deactivate_handler are aliases for the same closure. See inline on app.rs:211.

🌱 seedling / 📌 out of scope

• health_check_path() returns /health but TrustedServerApp::routes() never registers it. See inline on environments/axum.rs:71.
• Per-request reqwest::Client revert masks a likely keep-alive bug in the empty-body branch (if !body_bytes.is_empty() { builder = builder.body(...) }). Worth a follow-up issue. See inline on platform.rs:456.
• fastly.toml:42-48 adds an [local_server.config_stores.trusted_server_config] config store with edgezero_enabled = "true". That's the EdgeZero gate, not the Axum adapter — likely a merge-resolution remnant from the Merge feature/edgezero-pr15-remove-fastly-core into PR16 commit. Confirm it belongs here or rebase it out.

📝 note

• test-axum CI job runs with no TRUSTED_SERVER__* env vars; every request flows through startup_error_router. The 8 route tests only assert status != 404 and < 500, both satisfied by 401/501 — pre-existing finding (aram356), deferred. See inline on test.yml:75.

CI Status

• fmt: FAIL (verified locally — diff in app.rs:217)
• clippy: FAIL (verified locally — type_complexity in platform.rs:194)
• cargo test-axum (host target): PASS (18 tests)
• Integration Tests workflow on 9a0d38c: not yet run for the latest commit (last green run was a780034)
• Run Tests / Run Format workflows: not exercised — this PR doesn't target main

[aram356]

Summary

Re-review of the Axum dev-server adapter. The PR head (9a0d38c, 2026-04-29) predates the previous review (2026-04-30), so none of the prior blocking findings have been picked up yet. I verified all five remain present, and added new findings from a deep pass: a CLAUDE.md self-contradiction introduced by this PR's own edits, three sibling agent docs that drifted from the new test aliases, and a few smaller refactor/seedling items.

A compounding factor: this PR targets feature/edgezero-pr15-remove-fastly-core, not main. Both Run Tests and Run Format workflows are PR-to-main only, so fmt / clippy / test-fastly / test-axum have never run on this PR. The fmt and clippy failures below will surface for the first time on retarget.

Blocking

🔧 wrench

• fmt fails on the Ok(...) block in crates/trusted-server-adapter-axum/src/app.rs:217-225 — see inline.

• clippy type_complexity fails on crates/trusted-server-adapter-axum/src/platform.rs:194-196 — see inline.

• TRUSTED_SERVER__SYNTHETIC__SECRET_KEY is dead after PR15's rename — Axum integration-test builds run with the placeholder secret. Two locations: scripts/integration-tests.sh:63 and .github/actions/setup-integration-test-env/action.yml:97. See inline.

• CLAUDE.md self-contradicts: this PR rewrites the "Build & Test Commands" block (lines 58, 66, 67) to use cargo test-fastly / cargo test-axum and adds AGENTS.md:23 saying "Do NOT use bare cargo test --workspace." But CLAUDE.md still has two stale references:

  • line 281 (CI Gates): 3. `cargo test --workspace`
  • line 294 (Standard Workflow): 4. **Test after every change** — `cargo test --workspace`.

  Body-level because the affected lines weren't part of this PR's diff.

• cargo clippy --workspace no longer covers the wasm32-wasip1 target. Removing [build] target = "wasm32-wasip1" from .cargo/config.toml means format.yml:36 and README.md:48 now lint host-target only. On macOS host the fastly crate happens to compile cleanly — so this isn't the hard failure I predicted earlier — but lint coverage for the wasm-only paths is silently dropped. Recommend adding --target wasm32-wasip1 to the Fastly clippy step (excluding axum), or splitting into clippy-fastly / clippy-axum aliases mirroring the test aliases.

Non-blocking

♻️ refactor

• 9 handler closures share the same Arc<AppState> → build_runtime_services → ctx.into_request → handle_X(...) boilerplate in crates/trusted-server-adapter-axum/src/app.rs:169-353. A small make_handler macro or a generic helper would cut ~150 lines. Not required for this PR — worth a follow-up.

📝 note

• .claude/agents/pr-reviewer.md:111, .claude/agents/verify-app.md:28, .claude/agents/pr-creator.md:25 still reference cargo test --workspace. Same root cause as the CLAUDE.md contradiction above. The PR did update issue-creator.md and repo-explorer.md, so the author was aware some agents needed touching; these three were missed.

CI Status (verified locally on macOS)

• fmt: FAIL (verified — diff in app.rs:217)
• clippy: FAIL (verified — type_complexity in platform.rs:194)
• cargo test -p trusted-server-adapter-axum --target $host: PASS (8 routes + middleware/platform unit tests)
• Run Tests / Run Format workflows on PR head: not exercised (workflows trigger only on PRs to main)
• Integration Tests workflow: no checks reported on 9a0d38c

[ChristianPavilonis]

Summary

Thanks for adding the Axum dev-server adapter and target-specific workspace checks. I found one runtime parity issue where the Axum router does not currently accept the same publisher-fallback HTTP methods as the Fastly adapter. The stale clippy command documentation finding could not be attached inline because those unchanged context lines were not accepted by the review API, so I am folding it into the body: CLAUDE.md:73, README.md:48, and AGENTS.md:24 still point contributors at cargo clippy --workspace --all-targets --all-features -- -D warnings; these should point at cargo clippy-fastly && cargo clippy-axum to match CI and avoid drift from the mixed-target setup.

[ChristianPavilonis]

Axum router drops non-GET/POST publisher fallback methods: The Axum route table should mirror Fastly's publisher fallback methods. Right now only GET/POST are registered for fallback paths, so HEAD/OPTIONS/PUT/PATCH/DELETE requests that Fastly forwards to publisher fallback will fail at the Axum router. Please register the same fallback method set for root, wildcard, and non-primary methods on named routes.