From 4e2a39a5c0d73741380ba9348acb9af68e747d2c Mon Sep 17 00:00:00 2001
From: ZhenYi <434836402@qq.com>
Date: Sun, 10 May 2026 21:56:08 +0800
Subject: [PATCH] fix(workspace): resolve all cargo check warnings across
 workspace

Remove unused imports and add #[allow(dead_code)] annotations to
intentionally retained fields/methods. Also add deploy/.server.yaml
to .gitignore to prevent accidental credential exposure.
---
 .gitignore                                       | 3 ++-
 apps/gingress/src/controller/reconciler.rs       | 1 +
 libs/api/build.rs                                | 2 --
 libs/api/lib.rs                                  | 1 +
 libs/gingress-proxy/src/filters/header_inject.rs | 1 -
 libs/gingress-proxy/src/filters/mod.rs           | 1 -
 libs/gingress-proxy/src/filters/real_ip.rs       | 1 +
 libs/gingress-proxy/src/health_checker.rs        | 2 ++
 libs/gingress-proxy/src/hot_reload.rs            | 2 --
 libs/gingress-proxy/src/tls.rs                   | 4 ----
 10 files changed, 7 insertions(+), 11 deletions(-)

diff --git a/.gitignore b/.gitignore
index ee1f7eb..b506cd6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -25,4 +25,5 @@ package-lock.json
 yarn.lock
 .gemini
 .omg
-/.sqry
\ No newline at end of file
+/.sqry
+deploy/.server.yaml
\ No newline at end of file
diff --git a/apps/gingress/src/controller/reconciler.rs b/apps/gingress/src/controller/reconciler.rs
index 9ca9d63..e4c9460 100644
--- a/apps/gingress/src/controller/reconciler.rs
+++ b/apps/gingress/src/controller/reconciler.rs
@@ -111,6 +111,7 @@ impl Reconciler {
     /// The Secret watcher stores the cert at key `tls:<secretName>`.
     /// We already map secretName → host in ingress_watcher, so this is a no-op
     /// when the ingress_watcher uses correct key mapping.
+    #[allow(dead_code)]
     pub fn cross_reference_tls(&self) -> HashMap<String, TlsCert> {
         let mut host_certs: HashMap<String, TlsCert> = HashMap::new();
 
diff --git a/libs/api/build.rs b/libs/api/build.rs
index e85d47f..ef59c21 100644
--- a/libs/api/build.rs
+++ b/libs/api/build.rs
@@ -43,7 +43,6 @@ fn compute_etag(data: &[u8]) -> String {
 // ── Asset collection ─────────────────────────────────────────────────────
 
 struct Asset {
-    path: String,
     data: Vec<u8>,
     etag: String,
     brotli: Option<Vec<u8>>,
@@ -71,7 +70,6 @@ fn collect_assets(dist_dir: &Path) -> BTreeMap<String, Asset> {
         assets.insert(
             path_str.clone(),
             Asset {
-                path: path_str,
                 data,
                 etag,
                 brotli: brotli_data,
diff --git a/libs/api/lib.rs b/libs/api/lib.rs
index a647dbf..1c0c972 100644
--- a/libs/api/lib.rs
+++ b/libs/api/lib.rs
@@ -17,6 +17,7 @@ pub mod skill;
 pub mod user;
 
 // Auto-generated frontend module (from build.rs) serving embedded dist/ assets
+#[allow(dead_code)]
 mod frontend;
 
 pub use error::{api_success, ApiError, ApiResponse};
diff --git a/libs/gingress-proxy/src/filters/header_inject.rs b/libs/gingress-proxy/src/filters/header_inject.rs
index 45dd8aa..e9be030 100644
--- a/libs/gingress-proxy/src/filters/header_inject.rs
+++ b/libs/gingress-proxy/src/filters/header_inject.rs
@@ -7,7 +7,6 @@
 use super::{FilterContext, PostFilter, PreFilter};
 use crate::config::{ConfigStore, HeaderOp};
 use pingora::proxy::Session;
-use std::sync::Arc;
 
 pub struct HeaderInjectFilter {
     store: ConfigStore,
diff --git a/libs/gingress-proxy/src/filters/mod.rs b/libs/gingress-proxy/src/filters/mod.rs
index cf7f57e..53f12e4 100644
--- a/libs/gingress-proxy/src/filters/mod.rs
+++ b/libs/gingress-proxy/src/filters/mod.rs
@@ -9,7 +9,6 @@ pub mod real_ip;
 pub mod session_sticky;
 pub mod ws_upgrade;
 
-use http::HeaderMap;
 use pingora::proxy::Session;
 
 /// Context passed through the filter chain for a single request.
diff --git a/libs/gingress-proxy/src/filters/real_ip.rs b/libs/gingress-proxy/src/filters/real_ip.rs
index be8d9e4..95a5c7f 100644
--- a/libs/gingress-proxy/src/filters/real_ip.rs
+++ b/libs/gingress-proxy/src/filters/real_ip.rs
@@ -8,6 +8,7 @@ use pingora::proxy::Session;
 
 pub struct RealIpFilter {
     /// Whether to trust Proxy Protocol headers (TCP-level).
+    #[allow(dead_code)]
     trust_proxy_protocol: bool,
     /// Maximum number of trusted proxy hops.
     trusted_hops: usize,
diff --git a/libs/gingress-proxy/src/health_checker.rs b/libs/gingress-proxy/src/health_checker.rs
index 2e3f496..3a366e6 100644
--- a/libs/gingress-proxy/src/health_checker.rs
+++ b/libs/gingress-proxy/src/health_checker.rs
@@ -14,8 +14,10 @@ pub struct HealthChecker {
     #[allow(dead_code)]
     interval: std::time::Duration,
     /// Failure threshold for passive health checks.
+    #[allow(dead_code)]
     passive_fail_threshold: u32,
     /// Success threshold for recovery.
+    #[allow(dead_code)]
     passive_success_threshold: u32,
 }
 
diff --git a/libs/gingress-proxy/src/hot_reload.rs b/libs/gingress-proxy/src/hot_reload.rs
index af2e724..a05d278 100644
--- a/libs/gingress-proxy/src/hot_reload.rs
+++ b/libs/gingress-proxy/src/hot_reload.rs
@@ -4,8 +4,6 @@
 //! configuration changes without dropping active connections.
 
 use crate::config::ConfigStore;
-use std::sync::Arc;
-use tokio::sync::watch;
 
 /// Hot-reload watcher that listens for config changes.
 pub struct HotReloadWatcher {
diff --git a/libs/gingress-proxy/src/tls.rs b/libs/gingress-proxy/src/tls.rs
index 20026e9..2e7f01a 100644
--- a/libs/gingress-proxy/src/tls.rs
+++ b/libs/gingress-proxy/src/tls.rs
@@ -5,12 +5,8 @@
 
 use crate::config::ConfigStore;
 use anyhow::Context;
-use rustls::pki_types::CertificateDer;
-use rustls::pki_types::PrivateKeyDer;
-use rustls::pki_types::PrivatePkcs8KeyDer;
 use rustls::server::ResolvesServerCert;
 use rustls::sign::CertifiedKey;
-use rustls::sign::SigningKey;
 use rustls::ServerConfig;
 use std::collections::HashMap;
 use std::fmt;