azaion/satellite-provider
1
0
Fork 0
mirror of https://github.com/azaion/satellite-provider.git synced 2026-06-21 12:11:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

[AZ-505] AC-5 fix: enable TLS for HTTP/2 via ALPN
ci/woodpecker/push/01-test Pipeline was successful
Details
ci/woodpecker/push/02-build-push Pipeline was successful
Details

Browse Source 
Kestrel with HttpProtocols.Http1AndHttp2 on a plaintext listener
silently downgrades to HTTP/1.1-only (logs "HTTP/2 is not enabled
... TLS is not enabled"), so AC-5's multiplexed-GET test failed
with HTTP_1_1_REQUIRED. ALPN cannot run over plaintext, so the
fix switches the dev listener to TLS on https://+:8080:

- scripts/run-tests.sh generates a self-signed dev cert idempotently
  (./certs/api.pfx + api.crt) via openssl in an alpine container;
  certs/ is gitignored.
- docker-compose.yml binds Kestrel to ASPNETCORE_URLS=https://+:8080
  with Kestrel__Certificates__Default__Path bound to the .pfx.
- docker-compose.tests.yml mounts api.crt into the integration-tests
  container's CA store and runs update-ca-certificates so HttpClient
  trusts the cert transparently; default API_URL is now https://api:8080.
- Drop the obsolete Http2UnencryptedSupport AppContext switch from
  Http2MultiplexingTests; ALPN over TLS handles negotiation.

Test-data fixes caught on the post-TLS rerun (independent of the TLS
switch but surfaced together):

- Http2MultiplexingTests: switch slippy coords from (154321, 95812)
  -- which Google Maps returns 404 for -- to (158485, 91707), the
  slippy projection of (47.461747, 37.647063) already exercised by
  JwtIntegrationTests.
- TileInventoryTests + LeafletPathIndexOnlyTests: SpecifyKind to
  Unspecified at the binding site for raw Npgsql seed paths writing
  into tiles.captured_at / created_at / updated_at (TIMESTAMP without
  tz). Npgsql v6+ refuses Kind=Utc into plain timestamp columns;
  production goes through Dapper and never hits this code path.
- MigrationTests Az503NewUniqueIndexCoversIntegerKeyAndFlightId:
  accept either idx_tiles_location_hash (migration 014) or its
  AZ-505 successor tiles_leaflet_path (migration 015) -- both have
  location_hash as the leading column, which is the AC-9 intent.

Docs updated to reflect the TLS+ALPN path: tile-inventory.md
Non-Goals, modules/api_program.md, module-layout.md, the AZ-505
task spec's Risk 3, and the cycle 6 implementation + completeness
reports. The full integration test suite passes (mode=full, exit 0).

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Oleksandr Bezdieniezhnykh
2026-05-12 22:19:26 +03:00
parent da40534b49
commit c74a2339aa
17 changed files with 148 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files
_docs/03_implementation/implementation_completeness_cycle6_report.md
+5 -1
View File
@@ -54,7 +54,7 @@ $ rg -i 'placeholder|TODO|NotImplemented|scaffold|native bridge|fake|mock' \
Named technologies / integrations promised by the task:
- **`tiles_leaflet_path` covering index** — created by migration 015; verified to exist when migrations run on a fresh DB.
- **Kestrel HTTP/2 (`Http1AndHttp2`)** — wired via `builder.WebHost.ConfigureKestrel` per the AZ-505 Outcome bullet 3. AC-5 integration test confirms `HttpResponseMessage.Version == 2.0` over 20 concurrent multiplexed GETs.
- **Kestrel HTTP/2 (`Http1AndHttp2`)** — wired via `builder.WebHost.ConfigureKestrel` per the AZ-505 Outcome bullet 3. Dev listener bound to `https://+:8080` with `./certs/api.pfx` so ALPN can advertise `h2` (Kestrel requires TLS for HTTP/2 negotiation); cert generation is idempotent via `scripts/run-tests.sh` and `certs/` is gitignored. AC-5 integration test confirms `HttpResponseMessage.Version == 2.0` over 20 concurrent multiplexed GETs.
- **Npgsql `ANY($1::uuid[])` array binding** — used in `GetTilesByLocationHashesAsync`. The escape from Dapper is documented inline and is the production behaviour exercised by the AC-1 / AC-4 integration tests.
- **Cross-repo `Uuidv5.TileNamespace`** — unchanged from AZ-503. AZ-505 consumes the existing constant via `Uuidv5.LocationHashForTile`. The sibling-repo's Python `c6_tile_cache/_uuid.py:TILE_NAMESPACE` is owned by `gps-denied-onboard` and is **out of scope for the satellite-provider workspace** per the AZ-505 Constraints section.
@@ -103,3 +103,7 @@ Tests (existence + AC mapping verified):
## Required Remediation Tasks: None
Cycle 6 is complete from the implementation perspective. The full integration-test gate is owned by autodev Step 11 (test-run skill) per the handoff in `implementation_report_tile_inventory_cycle6.md`.
## Post-gate correction (Run Tests step, follow-up commit)
The Step 11 (Run Tests) execution surfaced an AC-5 runtime gap that the source-code-only completeness gate could not catch: `HttpProtocols.Http1AndHttp2` on a plaintext listener silently downgrades to HTTP/1.1-only (Kestrel logs `HTTP/2 is not enabled for [::]:8080 ... TLS is not enabled`), so the multiplexed-GET test failed with `HTTP_1_1_REQUIRED`. The corrective commit (`[AZ-505] AC-5 fix: enable TLS for HTTP/2 via ALPN`) switches the dev listener to TLS on `https://+:8080` so ALPN can negotiate `h2`. Details — including the cert-generation script, docker-compose binding, integration-test CA trust setup, and two unrelated test-data fixes also caught on the rerun (Google-Maps-404 coords in `Http2MultiplexingTests`; `DateTime.Kind=Utc` vs `timestamp without time zone` in three raw-Npgsql seed paths; the stale `idx_tiles_location_hash` assertion in `MigrationTests`) — are in `implementation_report_tile_inventory_cycle6.md` → "Post-merge correction". The full integration test suite now passes (mode=full, exit 0). Gate verdict remains **PASS**: every named AZ-505 technology is integrated and exercised by a green AC test.