azaion/satellite-provider
1
0
Fork 0
mirror of https://github.com/azaion/satellite-provider.git synced 2026-06-26 07:21:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

[AZ-1074] [AZ-1075] Cycle 9 closeout: security, tests, metrics
ci/woodpecker/push/01-test Pipeline failed
Details
ci/woodpecker/push/02-build-push unknown status
Details

Browse Source 
Resolve F-AZ1074-1/2 (collection caps, generic gRPC internal errors).
Standalone integration compose stack, docs, security audit, perf and retro.

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Oleksandr Bezdieniezhnykh
2026-06-25 17:32:14 +03:00
parent 7633134a8a
commit 7ed780b063
22 changed files with 618 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files
_docs/06_metrics/perf_2026-06-25_cycle9.md
+53
View File
@@ -0,0 +1,53 @@
# Perf Run — Cycle 9 (AZ-1074 + AZ-1075)
**Date**: 2026-06-25T14:18Z
**Run label**: cycle9 — full default-parameter run after gRPC RouteTileDelivery (AZ-1074) + integration tests (AZ-1075) and Step-14 security hardening (collection caps + generic internal error message).
**Trigger**: autodev existing-code Step 15 (Performance Test gate). User chose **A) Run performance tests**.
**Runner**: `scripts/run-performance-tests.sh` (default params: `PERF_REPEAT_COUNT=20`, `PERF_UAV_BATCH_SIZE=10`). Single run, exit 0.
**System under test**: `docker compose -f docker-compose.yml -f docker-compose.perf.yml up -d --build` — postgres without host port publish (5433 conflict with sibling `fleet-viewer-dev-db`); api on `https://localhost:18980` (TLS+ALPN, dev cert `./certs/api.crt` trusted via `--cacert`).
**Build**: `SatelliteProvider.IntegrationTests` Release built on host; 0 errors / 15 warnings (carried-over NU1902 IdentityModel + CA2227).
**JWT**: minted by `SatelliteProvider.IntegrationTests --mint-only`; 4 h lifetime, 341 bytes.
## Results
| # | Scenario | Verdict | Observed | Threshold | Source |
|---|----------|---------|----------|-----------|--------|
| PT-01 | Tile download (cold) | **PASS** | 1260 ms | ≤ 30000 ms | performance-tests.md |
| PT-02 | Cached tile retrieval | **PASS** | 220 ms | ≤ 500 ms | performance-tests.md |
| PT-03 | Region 200 m / z18 | **PASS** | 2317 ms | ≤ 60000 ms | performance-tests.md |
| PT-04 | Region 500 m / z18 + stitch | **PASS** | 2192 ms | ≤ 120000 ms | performance-tests.md |
| PT-05 | 5 concurrent regions | **PASS** | 2383 ms | ≤ 300000 ms | performance-tests.md |
| PT-06 | Route creation (2 points) | **PASS** | 244 ms | ≤ 5000 ms | performance-tests.md |
| PT-07 | Region distribution (N=20, cold + warm) | **PASS** | cold p50=2115 ms, p95=2156 ms · warm p50=45 ms, p95=79 ms | warm p95 < cold p95 | AZ-484 / AZ-492 |
| PT-08 | UAV batch upload (batch=10, N=20) | **PASS** | batch p50=90 ms, p95=179 ms; per-item proxy p95=17 ms; accepted=200, rejected=0, failed=0 | batch p95 ≤ 2000 ms | AZ-488 |
**Raw verdict: 8 Pass · 0 Warn · 0 Fail · 0 Unverified**
## Cycle-9 delta (gRPC)
No gRPC scenarios in `performance-tests.md` yet (PT-01..PT-08 are REST-only). The new `DeliverRouteTiles` streaming RPC shares `RouteTileDeliveryOrchestrator` with REST tile delivery; PT-06 exercises route creation latency on the same orchestration path. Step-14 caps (500 waypoints / 50 geofences / 5000 client tiles) are O(1) count checks — invisible at REST perf resolution.
**Unverified (not blocking)**: gRPC stream latency / backpressure under load — candidate PT-10 for a future cycle if acceptance criteria add streaming NFRs.
## Trend vs cycle 8
| Scenario | Cycle 8 | Cycle 9 | Δ | Notes |
|----------|---------|---------|---|-------|
| PT-01 cold | 885 ms | 1260 ms | +375 ms | noise (tile likely cached on disk; not true cold Google Maps) |
| PT-02 cached | 244 ms | 220 ms | -24 ms | noise |
| PT-03 region 200 m | 99 ms | 2317 ms | +2218 ms | cold-cache variance — PT-03 coord may have missed warm cache this run |
| PT-04 region 500 m + stitch | 2128 ms | 2192 ms | +64 ms | noise |
| PT-05 5 concurrent | 2663 ms | 2383 ms | -280 ms | noise |
| PT-06 route create | 83 ms | 244 ms | +161 ms | noise band |
| PT-07 cold p95 / warm p95 | 2274 ms / 108 ms | 2156 ms / 79 ms | -118 ms / -29 ms | noise |
| PT-08 batch p95 | 379 ms | 179 ms | -200 ms | noise (within historical 179544 ms band) |
No scenario shows a regression attributable to cycle-9 gRPC work or security caps.
## Infrastructure note
Host port **5433** was occupied by a sibling project. Perf stack used a one-shot `docker-compose.perf.yml` override (`postgres.ports: !reset []`) so only api port 18980 was published. Recommend documenting this pattern for dev workstations with parallel Postgres stacks.
## Verdict (Step 15)
**PASS** — 8/8 REST scenarios within threshold. Cleared to auto-chain to Step 16 (Deploy).
_docs/06_metrics/retro_2026-06-25_cycle9.md
+83
View File
@@ -0,0 +1,83 @@
# Retrospective — Cycle 9 (2026-06-25)
**Tasks**: AZ-1074 (gRPC RouteTileDelivery service, 5 SP), AZ-1075 (gRPC integration tests, 3 SP). **2 tasks, 8 SP, 1 batch.**
**Mode**: cycle-end (autodev Step 17). Step 16.5 (Release) **skipped** per user choice — matches cycles 18 pattern; changes uncommitted at retro time.
**Previous retro**: `retro_2026-05-23_cycle8.md`
## Implementation Summary
| Metric | Cycle 9 | Δ vs cycle 8 |
|--------|---------|--------------|
| Tasks implemented | **2** | -3 |
| Batches executed | **1** | -3 |
| Total complexity delivered | **8 SP** | -9 SP |
| Avg tasks / batch | **2** | +0.75 |
| Blocked tasks | **0** | unchanged |
| Implementation report | **YES** (`implementation_report_tile_provision_grpc_cycle9.md`) | maintained |
## Quality Metrics
### Code Review
| Verdict | Count |
|---------|-------|
| PASS_WITH_WARNINGS | **1** (batch 01) |
| FAIL | 0 |
**Findings**: 2 Low (amd64 Docker pin documentation; ArgumentException detail string formatting).
### Security Audit (Step 14)
| Severity at audit | Post follow-up |
|-------------------|----------------|
| Medium 1 | **0** — F-AZ1074-1 resolved (collection caps) |
| Low 1 | **0** — F-AZ1074-2 resolved (generic internal error) |
Continues cycle-8 pattern of in-cycle Medium resolution.
### Test & Perf Gates
| Gate | Result |
|------|--------|
| Step 11 functional | **PASS** — 448 unit + integration |
| Step 15 perf | **PASS** — 8/8 REST scenarios (gRPC unverified) |
## Efficiency
| Blocker | Resolution |
|---------|------------|
| Host port 5433 conflict (integration + perf) | Standalone `docker-compose.tests.yml`; perf used ephemeral compose override |
## Trend Comparison
| Metric | Cycle 8 | Cycle 9 | Change |
|--------|---------|---------|--------|
| Code review FAIL rate | 0% | 0% | unchanged |
| Security Medium open (delta) | 0 (1 resolved in-cycle) | 0 (1 resolved in-cycle) | same pattern |
| Perf scenarios pass | 8/8 | 8/8 | unchanged |
| Project count | 9 | 10 | +1 (GrpcContracts) |
## Top 3 Improvement Actions
1. **Document parallel-Postgres dev workaround** (~1 SP): add `docker-compose.perf.yml` or documented `ports: !reset []` override to `_docs/02_document/deployment/containerization.md` so Step 11/15 don't rediscover the 5433 conflict each cycle.
- Impact: faster integration/perf runs on multi-project dev machines
- Effort: low
2. **PT-10 gRPC stream perf scenario** (~3 SP): when streaming NFR is accepted, add harness scenario for `DeliverRouteTiles` (time-to-first-chunk, total stream duration, backpressure).
- Impact: closes Unverified gap from cycle 9 Step 15
- Effort: medium
3. **REST error sanitizer sweep** (~2 SP): F-AZ795-1/2 carry-over — static 400 messages in `GlobalExceptionHandler` / upload filter.
- Impact: reduces cumulative Low security debt (5+ cycles)
- Effort: lowmedium
## Suggested Rule/Skill Updates
| File | Change | Rationale |
|------|--------|-----------|
| `test-run/SKILL.md` perf mode | Note gRPC scenarios may be Unverified when only REST harness exists | Cycle 9 Step 15 |
| `environment.md` or containerization doc | Postgres port conflict playbook | Recurring blocker |
## Cycle 9 Verdict
**Successful feature cycle** — gRPC delivery shipped with tests, security hardening, and green gates. Release deferred (user choice); commit/push remains operator action before production promotion.
_docs/06_metrics/structure_2026-06-25_cycle9.md
+34
View File
@@ -0,0 +1,34 @@
# Structural Snapshot — 2026-06-25 (post-cycle 9, gRPC tile provision)
Cycle 9 delta against `structure_2026-05-23_cycle8.md`. Source: `_docs/02_document/module-layout.md` + on-disk `*.csproj` graph.
## Projects
| Layer | csproj | Cycle 9 delta |
|-------|--------|---------------|
| 1 (Foundation) | `SatelliteProvider.GrpcContracts` | **NEW** — shared proto project (`tile_provision.proto`, GrpcServices=Both) |
| 4 (API) | `SatelliteProvider.Api` | + `Grpc/RouteTileDeliveryGrpcService.cs`; `Program.cs` AddGrpc/MapGrpcService; ProjectReference → GrpcContracts |
| 3 (Application) | `SatelliteProvider.Services.RouteManagement` | `RouteTileDeliveryOrchestrator` — collection caps + lat/lon validation |
| 6 (Tests) | `SatelliteProvider.IntegrationTests` | + `RouteTileDeliveryGrpcTests.cs`, `GrpcTestHelpers.cs`; ProjectReference → GrpcContracts |
| 6 (Tests) | `SatelliteProvider.Tests` | + `DeliverAsync_TooManyWaypoints_Throws` |
**Project count**: **10** (+1 vs cycle 8).
## Cross-Project Import Edges
| Edge | Cycle 9 delta |
|------|---------------|
| Api → GrpcContracts | **NEW** |
| IntegrationTests → GrpcContracts | **NEW** |
| GrpcContracts → (none) | leaf contract project |
**Total ProjectReference edges**: **23** (+2 vs cycle 8). **Import cycles**: 0.
## Contract coverage
| Surface | Contract location |
|---------|-------------------|
| gRPC `DeliverRouteTiles` | `SatelliteProvider.GrpcContracts/tile_provision.proto` |
| REST tile delivery | unchanged (existing contracts) |
**gRPC perf coverage**: Unverified — no PT-10 in harness yet.