fix: Cross-platform build support (Windows, BSD, NetBSD)

Split resource limit checks into platform-specific files to handle syscall API differences across operating systems. Changes: - Created resources_unix.go (Linux, macOS, FreeBSD, OpenBSD) - Created resources_windows.go (Windows stub implementation) - Created disk_check_netbsd.go (NetBSD stub - syscall.Statfs unavailable) - Modified resources.go to delegate to checkPlatformLimits() - Fixed BSD syscall.Rlimit int64/uint64 type conversions - Made RLIMIT_AS check Linux-only (unavailable on OpenBSD) Build Status: ✅ Linux (amd64, arm64, armv7) ✅ macOS (Intel, Apple Silicon) ✅ Windows (Intel, ARM) ✅ FreeBSD amd64 ✅ OpenBSD amd64 ✅ NetBSD amd64 (disk check returns safe defaults) All 10/10 platforms building successfully.
2025-11-25 22:29:58 +00:00
parent 64f1458e9a
commit fdc772200d
8 changed files with 769 additions and 80 deletions
--- a/internal/security/resources_unix.go
+++ b/internal/security/resources_unix.go
@@ -0,0 +1,42 @@
+// +build !windows
+
+package security
+
+import (
+	"runtime"
+	"syscall"
+)
+
+// checkPlatformLimits checks resource limits on Unix-like systems
+func (rc *ResourceChecker) checkPlatformLimits() (*ResourceLimits, error) {
+	limits := &ResourceLimits{
+		Available: true,
+		Platform:  runtime.GOOS,
+	}
+
+	// Check max open files (RLIMIT_NOFILE)
+	var rLimit syscall.Rlimit
+	if err := syscall.Getrlimit(syscall.RLIMIT_NOFILE, &rLimit); err == nil {
+		limits.MaxOpenFiles = uint64(rLimit.Cur)
+		rc.log.Debug("Resource limit: max open files", "limit", rLimit.Cur, "max", rLimit.Max)
+		
+		if rLimit.Cur < 1024 {
+			rc.log.Warn("⚠️  Low file descriptor limit detected",
+				"current", rLimit.Cur,
+				"recommended", 4096,
+				"hint", "Increase with: ulimit -n 4096")
+		}
+	}
+
+	// Check max processes (RLIMIT_NPROC) - Linux/BSD only
+	if runtime.GOOS == "linux" || runtime.GOOS == "freebsd" || runtime.GOOS == "openbsd" {
+		// RLIMIT_NPROC may not be available on all platforms
+		const RLIMIT_NPROC = 6 // Linux value
+		if err := syscall.Getrlimit(RLIMIT_NPROC, &rLimit); err == nil {
+			limits.MaxProcesses = uint64(rLimit.Cur)
+			rc.log.Debug("Resource limit: max processes", "limit", rLimit.Cur)
+		}
+	}
+
+	return limits, nil
+}