mirror of
https://github.com/azaion/gps-denied-onboard.git
synced 2026-06-21 08:51:12 +00:00
Oleksandr Bezdieniezhnykh
a06b107fc3
Wraps HttpTileUploader (AZ-319) with two bounded retry budgets: - In-call (per-batch) — re-invokes inner on PARTIAL outcome up to `max_in_call_retries` times with capped exponential backoff (`min(base ** attempt_number, cap)`). On exhaustion: surfaces an operator hint via `next_retry_at_s = now + backoff_cap_s`. - Per-tile (cross-call) — atomically increments c6's `tiles.upload_attempts` counter for every rejection; once a tile hits `max_per_tile_attempts` it is forward-only transitioned to `voting_status = upload_giveup` (excluded from `pending_uploads`). Each transition emits FDR `kind="c11.upload.giveup"` plus an ERROR log. C6 contract changes (AZ-303 v1.3.0): - VotingStatus.UPLOAD_GIVEUP added (forward-only from PENDING/TRUSTED). - TileMetadataStore.increment_upload_attempts(tile_id) -> int added with NotImplementedError default for backwards-compat. - Migration 0003_c11_upload_attempts: additive column + widened ck_tiles_voting_status (preserves IS NULL clause). C11 wiring: - C11RetryConfig + disable_retry_decorator on C11Config. - build_tile_uploader wraps in decorator by default; bypass flag returns the bare HttpTileUploader. New `clock` keyword. Cross-component isolation honoured (AZ-507): the decorator declares `_RetryMetadataStoreLike` Protocol cut over c6's TileMetadataStore and references `UPLOAD_GIVEUP` via a local string constant — no c6 imports. Tests: 13 decorator + 1 conformance + 2 factory bypass + AC-6 enum update + alembic head bump + AZ-272 schema fixture. 238 passed across c11/c6/fdr suites; pre-existing perf microbenches unrelated. Code review: PASS_WITH_WARNINGS (5 Low/Informational findings, docs-level or downstream-CI-blocked). See _docs/03_implementation/reviews/batch_41_review.md. Co-authored-by: Cursor <cursoragent@cursor.com>
84 lines
2.7 KiB
Python
84 lines
2.7 KiB
Python
"""C11 upload retry — additive ``upload_attempts`` counter on tiles.
|
|
|
|
Per ``_docs/02_tasks/todo/AZ-320_c11_idempotent_retry.md``. The migration:
|
|
|
|
- adds the ``tiles.upload_attempts INTEGER NOT NULL DEFAULT 0`` column
|
|
(per-tile retry budget for the C11 ``IdempotentRetryTileUploader``);
|
|
- widens the ``tiles.voting_status`` CHECK to also accept the new
|
|
``upload_giveup`` enum value (terminal state for a tile that
|
|
exhausted its per-tile retry budget — see ``VotingStatus`` v1.3.0).
|
|
|
|
The migration is strictly additive on ``0002_c6_tile_identity_and_lru``.
|
|
Existing rows default to ``upload_attempts = 0``; existing voting_status
|
|
values (``pending``, ``trusted``, ``rejected``) remain valid. Reverse
|
|
``downgrade()`` drops the column and restores the legacy CHECK to its
|
|
v1.2.0 vocabulary; downgrade is destructive for any rows that hold
|
|
``upload_giveup`` and is documented operator-only.
|
|
|
|
Revision ID: 0003_c11_upload_attempts
|
|
Revises: 0002_c6_tile_identity_and_lru
|
|
Create Date: 2026-05-13
|
|
"""
|
|
|
|
from __future__ import annotations
|
|
|
|
from collections.abc import Sequence
|
|
|
|
import sqlalchemy as sa
|
|
from alembic import op
|
|
|
|
revision: str = "0003_c11_upload_attempts"
|
|
down_revision: str | None = "0002_c6_tile_identity_and_lru"
|
|
branch_labels: str | Sequence[str] | None = None
|
|
depends_on: str | Sequence[str] | None = None
|
|
|
|
|
|
_VOTING_STATUS_LEGACY = (
|
|
"voting_status IS NULL OR voting_status IN ('pending','trusted','rejected')"
|
|
)
|
|
_VOTING_STATUS_UNION = (
|
|
"voting_status IS NULL OR "
|
|
"voting_status IN ('pending','trusted','rejected','upload_giveup')"
|
|
)
|
|
_VOTING_STATUS_CHECK = "ck_tiles_voting_status"
|
|
|
|
|
|
def upgrade() -> None:
|
|
op.add_column(
|
|
"tiles",
|
|
sa.Column(
|
|
"upload_attempts",
|
|
sa.Integer(),
|
|
nullable=False,
|
|
server_default=sa.text("0"),
|
|
),
|
|
)
|
|
op.create_check_constraint(
|
|
"ck_tiles_upload_attempts_nonneg",
|
|
"tiles",
|
|
"upload_attempts >= 0",
|
|
)
|
|
# Voting-status CHECK: drop-and-recreate. AZ-263's 0001 created the
|
|
# constraint under the legacy vocabulary; widening to include
|
|
# 'upload_giveup' keeps the constraint as the SQL-level enforcement
|
|
# of the VotingStatus enum.
|
|
op.execute(f"ALTER TABLE tiles DROP CONSTRAINT IF EXISTS {_VOTING_STATUS_CHECK}")
|
|
op.create_check_constraint(
|
|
_VOTING_STATUS_CHECK,
|
|
"tiles",
|
|
_VOTING_STATUS_UNION,
|
|
)
|
|
|
|
|
|
def downgrade() -> None:
|
|
op.execute(f"ALTER TABLE tiles DROP CONSTRAINT IF EXISTS {_VOTING_STATUS_CHECK}")
|
|
op.create_check_constraint(
|
|
_VOTING_STATUS_CHECK,
|
|
"tiles",
|
|
_VOTING_STATUS_LEGACY,
|
|
)
|
|
op.drop_constraint(
|
|
"ck_tiles_upload_attempts_nonneg", "tiles", type_="check"
|
|
)
|
|
op.drop_column("tiles", "upload_attempts")
|