Refactor, add packet drops, API docs, CI

[SRodi]

This pull request introduces significant enhancements to the project’s CI/CD pipeline, API documentation, and packet drop monitoring capabilities. It adds a comprehensive GitHub Actions workflow for testing, linting, and building, integrates Swagger-based API documentation generation and serving, and implements a new eBPF program for tracking packet drops. The server and tests are refactored to support these new features, and several dependencies are updated to enable API documentation and Swagger UI.

CI/CD Pipeline Improvements:

• Adds a .github/workflows/ci.yml file to automate testing (across multiple Go versions), linting, building, and code coverage reporting using GitHub Actions. This ensures code quality and reliability for every push and pull request.

API Documentation and Developer Experience:

• Updates the Makefile with a new docs target to auto-generate Swagger API documentation using swag, and provides instructions for accessing interactive and external docs.
• Integrates Swagger UI into the server (cmd/server/main.go) and serves documentation endpoints (/docs/, /docs/swagger.json, etc.), making API exploration and testing easier for developers. [1] [2] [3]

Packet Drop Monitoring:

• Adds a new eBPF program (bpf/packet_drop.c) to trace packet drop events using both tracepoints and kprobes, and exports these events via a ring buffer for user-space consumption.
• Extends the HTTP API with new endpoints (/api/packet-drop-summary, /api/list-packet-drops) to expose packet drop data, and updates the root endpoint to document these additions. [1] [2]

Server and Test Refactoring:

• Refactors server initialization to use a new system package abstraction, improving modularity and testability. Updates signal handling and shutdown logic for graceful cleanup. [1] [2] [3]
• Updates tests to work with the new system abstraction, improves error handling, and enhances validation for API endpoints. [1] [2] [3] [4]

Dependency Updates:

• Adds and updates dependencies in go.mod to support Swagger documentation generation and serving (e.g., swaggo/swag, swaggo/http-swagger).

These changes collectively improve the project’s observability, developer experience, and maintainability.

[Copilot]

Pull Request Overview

This pull request introduces comprehensive CI/CD improvements, packet drop monitoring capabilities, and API documentation enhancements. The PR refactors the codebase to use a new system abstraction, adds packet drop eBPF program monitoring, implements Swagger API documentation with UI, and establishes GitHub Actions workflows for automated testing and code quality checks.

Key Changes:

• Added GitHub Actions CI/CD pipeline with testing, linting, and build automation
• Implemented new packet drop monitoring eBPF program with dedicated event parsing
• Integrated Swagger API documentation generation and serving with interactive UI
• Refactored server architecture to use a system abstraction for improved modularity and testability

Reviewed Changes

Copilot reviewed 33 out of 36 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
internal/system/system.go	New system orchestrator providing unified interface for eBPF program management
internal/storage/memory.go	In-memory event storage implementation with concurrent access and query capabilities
internal/storage/memory_test.go	Comprehensive test suite for memory storage functionality
internal/programs/packet_drop/	New packet drop monitoring program with binary event parsing and tracepoint attachment
internal/programs/connection/	Connection monitoring program with IPv4/IPv6 support and protocol detection
internal/programs/manager.go	Program manager for orchestrating multiple eBPF programs with unified event streaming
internal/programs/base.go	Base eBPF program implementation with ring buffer reading and backpressure monitoring
internal/events/events.go	Event abstractions with boot time calculation and timestamp conversion
internal/core/types.go	Core interface definitions for the eBPF monitoring system
internal/api/handlers_test.go	Updated API handler tests with system abstraction support

Comments suppressed due to low confidence (2)

internal/storage/memory.go:184

• [nitpick] The error message at line 187-188 contains detailed information that could be useful for debugging but may also expose sensitive system information. Consider whether including PID and event type in the error message is appropriate for production environments.

			if err := s.storage.Store(s.ctx, event); err != nil {

internal/programs/base.go:251

• [nitpick] The error message includes sensitive information (PID and event type) that could be useful for attackers. Consider logging this information at debug level instead of error level, or sanitizing the sensitive details in production environments.

				logger.Errorf("Event stream full for %s, DROPPED EVENT (PID: %d, Type: %s). "+