centra
d2149b6249
- Replace form_urlencoded with RFC 3986 compliant URI encoding - Implement aws_uri_encode() matching AWS SigV4 spec exactly - Unreserved chars (A-Z,a-z,0-9,-,_,.,~) not encoded - All other chars percent-encoded with uppercase hex - Preserve slashes in paths, encode in query params - Normalize empty paths to '/' per AWS spec - Fix test expectations (body hash, HMAC values) - Add comprehensive SigV4 signature determinism test This fixes the canonicalization mismatch that caused signature validation failures in T047. Auth can now be enabled for production. Refs: T058.S1
165 lines
6.4 KiB
YAML
165 lines
6.4 KiB
YAML
id: T042
|
||
name: CreditService - Credit/Quota Management
|
||
goal: Implement PROJECT.md Item 13 - project-based resource usage and billing management
|
||
status: complete
|
||
priority: P1
|
||
owner: peerA (spec), peerB (impl)
|
||
created: 2025-12-11
|
||
depends_on: []
|
||
blocks: []
|
||
|
||
context: |
|
||
**PROJECT.md Item 13: CreditService**
|
||
- プロジェクトごとのリソース使用量と課金を管理する「銀行」のようなサービス
|
||
- 各サービス(PlasmaVMCなど)からのリソース作成リクエストをインターセプトして残高確認(Admission Control)
|
||
- NightLightから使用量メトリクスを収集して定期的に残高を引き落とす(Billing Batch)
|
||
|
||
**Architecture Decision (2025-12-11):**
|
||
- IAMにクオータ管理を持たせず、専用のCreditServiceを新設
|
||
- NightLightを使用量計測のバックエンドとして活用
|
||
|
||
acceptance:
|
||
- Wallet/Balance management per project
|
||
- gRPC Admission Control API for resource creation checks
|
||
- NightLight integration for usage metrics
|
||
- Billing batch process for periodic deductions
|
||
- Multi-tenant isolation (project scoped)
|
||
|
||
steps:
|
||
- step: S1
|
||
name: Research and Specification
|
||
done: spec.md with API design, data model, integration points
|
||
status: complete
|
||
owner: peerA
|
||
priority: P0
|
||
outputs:
|
||
- path: specifications/creditservice/spec.md
|
||
note: Full specification (~400L)
|
||
notes: |
|
||
Completed:
|
||
- IAM Scope model analysis (ProjectScope with org_id)
|
||
- NightLight integration design (PromQL queries)
|
||
- 2-phase commit admission control pattern
|
||
- ChainFire/FlareDB storage options
|
||
|
||
Deliverables:
|
||
- specifications/creditservice/spec.md (complete)
|
||
- gRPC proto design (in spec)
|
||
- Data model: Wallet, Transaction, Reservation, Quota
|
||
|
||
- step: S2
|
||
name: Workspace Scaffold
|
||
done: creditservice workspace with types, proto, api, server crates
|
||
status: complete
|
||
owner: peerB
|
||
priority: P0
|
||
outputs:
|
||
- path: creditservice/crates/creditservice-types/
|
||
note: Core types (Wallet, Transaction, Reservation, Quota, Error)
|
||
- path: creditservice/crates/creditservice-proto/
|
||
note: gRPC proto generation
|
||
- path: creditservice/crates/creditservice-api/
|
||
note: Service implementation stubs
|
||
- path: creditservice/crates/creditservice-server/
|
||
note: Server binary
|
||
- path: creditservice/creditservice-client/
|
||
note: Client library
|
||
notes: |
|
||
**Complete (2025-12-11):**
|
||
- 5 crates created and building (cargo check OK)
|
||
- creditservice-types: ~400L (Wallet, Transaction, Reservation, Quota, Error)
|
||
- creditservice-proto: build.rs + proto generation
|
||
- creditservice-api: CreditServiceImpl with all method stubs
|
||
- creditservice-server: Server binary with health service
|
||
- creditservice-client: Client library with convenience methods
|
||
|
||
- step: S3
|
||
name: Core Wallet Management
|
||
done: Wallet CRUD, balance operations, transaction log
|
||
status: complete
|
||
owner: peerB
|
||
priority: P0
|
||
outputs:
|
||
- path: creditservice/crates/creditservice-api/src/storage.rs
|
||
note: CreditStorage trait + InMemoryStorage (~190L)
|
||
- path: creditservice/crates/creditservice-api/src/credit_service.rs
|
||
note: gRPC service with wallet methods (~450L)
|
||
notes: |
|
||
**Complete (2025-12-11):**
|
||
- CreditStorage trait abstraction for wallet/transaction/reservation/quota ops
|
||
- InMemoryStorage implementation with RwLock-based concurrency
|
||
- Implemented gRPC methods: get_wallet, create_wallet, top_up, get_transactions
|
||
- Proto-to-domain type conversions (Wallet, Transaction, WalletStatus)
|
||
- Error mapping (storage errors to gRPC Status codes)
|
||
- 7 unit tests passing (storage + service layer)
|
||
|
||
- step: S4
|
||
name: Admission Control API
|
||
done: gRPC service for resource creation checks
|
||
status: complete
|
||
owner: peerA
|
||
priority: P0
|
||
outputs:
|
||
- path: creditservice/crates/creditservice-api/src/credit_service.rs
|
||
note: Admission Control methods (~250L added)
|
||
notes: |
|
||
**Complete (2025-12-11) by PeerA:**
|
||
- check_quota: Balance + quota validation, returns allowed/denied with reason
|
||
- reserve_credits: 2-phase commit phase 1, creates reservation with TTL
|
||
- commit_reservation: Phase 2, deducts from wallet, logs transaction
|
||
- release_reservation: Releases held credits back to available balance
|
||
- set_quota/get_quota/list_quotas: Quota CRUD operations
|
||
- Proto conversion helpers for Quota, Reservation, ResourceType
|
||
- 7 new tests passing (total 14 tests for creditservice-api)
|
||
|
||
- step: S5
|
||
name: NightLight Integration
|
||
done: Usage metrics collection from NightLight
|
||
status: complete
|
||
owner: peerA
|
||
priority: P1
|
||
outputs:
|
||
- path: creditservice/crates/creditservice-api/src/nightlight.rs
|
||
note: NightLightClient (~420L)
|
||
notes: |
|
||
**Complete (2025-12-11) by PeerA:**
|
||
- NightLightClient implementing UsageMetricsProvider trait
|
||
- PromQL queries for all 10 ResourceTypes
|
||
- list_projects_with_usage() for batch billing discovery
|
||
- Health check endpoint
|
||
- 4 new tests passing
|
||
|
||
- step: S6
|
||
name: Billing Batch
|
||
done: Periodic billing process with configurable intervals
|
||
status: complete
|
||
owner: peerB
|
||
priority: P1
|
||
outputs:
|
||
- path: creditservice/crates/creditservice-api/src/billing.rs
|
||
note: Billing module (~200L)
|
||
- path: creditservice/crates/creditservice-api/src/credit_service.rs
|
||
note: process_billing method + process_project_billing helper
|
||
notes: |
|
||
**Complete (2025-12-11) by PeerB:**
|
||
- UsageMetricsProvider trait for metrics abstraction
|
||
- MockUsageMetricsProvider for testing
|
||
- PricingRules with default pricing per resource type
|
||
- process_billing gRPC method implementation
|
||
- Batch processing with per-project results
|
||
- Wallet suspension on zero/negative balance
|
||
- 3 new tests (21 total for creditservice-api)
|
||
|
||
evidence:
|
||
- cmd: "cargo test"
|
||
result: "21 tests passing (creditservice-api)"
|
||
notes: |
|
||
**T042 COMPLETE (2025-12-11)**
|
||
- Total: ~2,500L across 6 steps
|
||
- All acceptance criteria met:
|
||
- Wallet/Balance management per project ✓
|
||
- gRPC Admission Control API ✓
|
||
- NightLight integration ✓
|
||
- Billing batch process ✓
|
||
- Multi-tenant isolation (project scoped) ✓
|
||
- 21 tests in creditservice-api + 2 in creditservice-types = 23 tests total
|