centra/photoncloud-monorepo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
photoncloud-monorepo/docs/por/T038-code-drift-cleanup/task.yaml
centra d2149b6249 fix(lightningstor): Fix SigV4 canonicalization for AWS S3 auth 
- Replace form_urlencoded with RFC 3986 compliant URI encoding
- Implement aws_uri_encode() matching AWS SigV4 spec exactly
- Unreserved chars (A-Z,a-z,0-9,-,_,.,~) not encoded
- All other chars percent-encoded with uppercase hex
- Preserve slashes in paths, encode in query params
- Normalize empty paths to '/' per AWS spec
- Fix test expectations (body hash, HMAC values)
- Add comprehensive SigV4 signature determinism test

This fixes the canonicalization mismatch that caused signature
validation failures in T047. Auth can now be enabled for production.

Refs: T058.S1
2025-12-12 06:23:46 +09:00

105 lines
3.9 KiB
YAML
Raw Blame History

id: T038
name: Code Drift Cleanup (FlareDB API + Build Environment)
goal: Fix FlareDB API drift from T037 SQL layer changes and ensure nix-shell cargo build environment works correctly to unblock T036.S6 cluster validation.
status: complete
priority: P1
owner: peerB
created: 2025-12-11
completed: 2025-12-11
depends_on: [T037]
blocks: [T036]
context: |
T036.S5 blocked on build failures unrelated to provisioning:
1. FlareDB API drift from T037 SQL layer changes
2. Cargo build environment missing libclang outside nix-shell
These are code maintenance issues, NOT provisioning tooling failures.
T036 validated infrastructure/networking/automation successfully.
acceptance:
- flaredb-server builds successfully in nix-shell
- chainfire-server builds successfully in nix-shell
- iam-server builds successfully in nix-shell
- All 3 binaries deployable to T036 VMs
- nix build .#chainfire-server .#flaredb-server .#iam-server succeeds
- T036.S6 can resume with working binaries
steps:
- step: S1
name: Fix FlareDB API Drift
done: flaredb-server compiles with T037 SQL layer API changes
status: complete
owner: peerB
priority: P0
notes: |
Errors to fix:
- error[E0599]: no method named `rows` found for struct `flaredb_sql::QueryResult`
- error[E0560]: struct `ErrorResult` has no field named `message`
Root cause: T037 changed flaredb_sql API, but flaredb-server wasn't updated
Fix approach:
1. Review T037 SQL layer API changes
2. Update flaredb-server to match new QueryResult API
3. Update ErrorResult struct usage
4. Test compilation in nix-shell
**COMPLETED 2025-12-11:**
- Updated `flaredb-server/src/sql_service.rs`
- Fixed `QueryResult` access (fields instead of methods)
- Fixed `ErrorResult` field (`error` instead of `message`)
- Updated `Value` to `SqlValue` conversion logic
- step: S2
name: Verify Nix Build Environment
done: All 3 services build successfully via nix build
status: complete
owner: peerB
priority: P0
notes: |
Verify:
- nix build .#chainfire-server (in nix-shell)
- nix build .#flaredb-server (after S1 fix)
- nix build .#iam-server (in nix-shell)
Ensure libclang.so and all build dependencies available
**COMPLETED 2025-12-11:**
- Staged sql_service.rs changes for nix flake build
- ✅ nix build .#flaredb-server SUCCESS (result-1/bin/flaredb-server 7.5M)
- ✅ nix build .#chainfire-server SUCCESS (result/bin/chainfire 16M)
- ✅ nix build .#iam-server SUCCESS (result-2/bin/iam-server 8.4M)
- All build dependencies resolved correctly
- step: S3
name: Deploy Binaries to T036 VMs
done: Service binaries deployed to all 3 VMs, ready for validation
status: complete
owner: peerB
priority: P0
notes: |
After S1-S2 succeed:
1. Build binaries: chainfire-server, flaredb-server, iam-server
2. Copy to VMs: /mnt/usr/local/bin/ on nodes 01/02/03
3. Copy configs: /mnt/etc/secrets/cluster-config.json
4. Verify binary executability
5. Unblock T036.S6
**COMPLETED 2025-12-11:**
- Verified all 3 T036 VMs accessible (ports 2201/2202/2203, /mnt mounted)
- Created /mnt/usr/local/bin and /mnt/etc/secrets on all 3 nodes
- Deployed binaries to all VMs: chainfire (15M), flaredb-server (7.2M), iam-server (8.1M)
- All binaries executable (chmod +x verified)
- T036.S6 unblocked: cluster validation ready to resume
evidence: []
notes: |
**Technical Debt Context:**
- T037 (SQL layer) completed without updating flaredb-server consumers
- Demonstrates need for integration testing across workspace crates
- Not a blocker for T032 bare-metal (can deploy without FlareDB initially)
**Success Unblocks:**
- T036.S6: Raft cluster validation with working binaries
- T032: Confidence in full build chain before bare-metal deployment
Reference in a new issue View git blame Copy permalink