azaion/satellite-provider
1
0
Fork 0
mirror of https://github.com/azaion/satellite-provider.git synced 2026-06-21 11:11:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
34ee1e0b830c17135a32566878bf8f113af7d865
satellite-provider/_docs/03_implementation/implementation_completeness_cycle6_report.md
T
Oleksandr Bezdieniezhnykh c74a2339aa
ci/woodpecker/push/01-test Pipeline was successful
Details
ci/woodpecker/push/02-build-push Pipeline was successful
Details
[AZ-505] AC-5 fix: enable TLS for HTTP/2 via ALPN 
Kestrel with HttpProtocols.Http1AndHttp2 on a plaintext listener
silently downgrades to HTTP/1.1-only (logs "HTTP/2 is not enabled
... TLS is not enabled"), so AC-5's multiplexed-GET test failed
with HTTP_1_1_REQUIRED. ALPN cannot run over plaintext, so the
fix switches the dev listener to TLS on https://+:8080:

- scripts/run-tests.sh generates a self-signed dev cert idempotently
  (./certs/api.pfx + api.crt) via openssl in an alpine container;
  certs/ is gitignored.
- docker-compose.yml binds Kestrel to ASPNETCORE_URLS=https://+:8080
  with Kestrel__Certificates__Default__Path bound to the .pfx.
- docker-compose.tests.yml mounts api.crt into the integration-tests
  container's CA store and runs update-ca-certificates so HttpClient
  trusts the cert transparently; default API_URL is now https://api:8080.
- Drop the obsolete Http2UnencryptedSupport AppContext switch from
  Http2MultiplexingTests; ALPN over TLS handles negotiation.

Test-data fixes caught on the post-TLS rerun (independent of the TLS
switch but surfaced together):

- Http2MultiplexingTests: switch slippy coords from (154321, 95812)
  -- which Google Maps returns 404 for -- to (158485, 91707), the
  slippy projection of (47.461747, 37.647063) already exercised by
  JwtIntegrationTests.
- TileInventoryTests + LeafletPathIndexOnlyTests: SpecifyKind to
  Unspecified at the binding site for raw Npgsql seed paths writing
  into tiles.captured_at / created_at / updated_at (TIMESTAMP without
  tz). Npgsql v6+ refuses Kind=Utc into plain timestamp columns;
  production goes through Dapper and never hits this code path.
- MigrationTests Az503NewUniqueIndexCoversIntegerKeyAndFlightId:
  accept either idx_tiles_location_hash (migration 014) or its
  AZ-505 successor tiles_leaflet_path (migration 015) -- both have
  location_hash as the leading column, which is the AC-9 intent.

Docs updated to reflect the TLS+ALPN path: tile-inventory.md
Non-Goals, modules/api_program.md, module-layout.md, the AZ-505
task spec's Risk 3, and the cycle 6 implementation + completeness
reports. The full integration test suite passes (mode=full, exit 0).

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-12 22:19:26 +03:00

9.2 KiB
Raw Blame History

Product Implementation Completeness Gate — Cycle 6

Cycle: 6 Date: 2026-05-12 Scope: AZ-505 (batch 1)

Inputs Reviewed

  • _docs/02_tasks/done/AZ-505_tile_inventory_http2_leaflet_index.md
  • _docs/02_document/architecture.md
  • _docs/02_document/system-flows.md
  • _docs/02_document/contracts/api/tile-inventory.md v1.0.0 (this cycle)
  • _docs/02_document/contracts/data-access/tile-storage.md v2.0.0 (this cycle)
  • _docs/02_document/components/02_data_access/description.md
  • _docs/02_document/modules/api_program.md
  • _docs/02_document/modules/dataaccess_tile_repository.md
  • _docs/03_implementation/batch_01_cycle6_report.md
  • _docs/03_implementation/reviews/batch_01_cycle6_review.md
  • Source code under each task's ownership envelope

Per-Task Classification

AZ-505 — Tile inventory endpoint + HTTP/2 + Leaflet covering index

Verdict: PASS

Evidence (source code, not tests or reports):

  • SatelliteProvider.DataAccess/Migrations/015_AddTilesLeafletPathIndex.sqlCREATE INDEX tiles_leaflet_path covering index + DROP INDEX IF EXISTS idx_tiles_location_hash. Forward + back-migration documented in the header. Lock-window caveat per AZ-505 Risk 2 documented.
  • SatelliteProvider.Common/DTO/TileInventory.cs — five public DTOs (TileInventoryRequest, TileCoord, TileInventoryResponse, TileInventoryEntry, TileInventoryLimits) matching the v1.0.0 tile-inventory.md contract Shape section.
  • SatelliteProvider.Common/Utils/Uuidv5.csLocationHashForTile(int z, int x, int y) static; single source-of-truth for the cross-repo UUIDv5(TileNamespace, "{z}/{x}/{y}") formula. Eliminates the duplication that auto-fix flagged (Medium / Maintainability) during code review.
  • SatelliteProvider.Common/Interfaces/ITileService.csGetInventoryAsync added.
  • SatelliteProvider.DataAccess/Repositories/ITileRepository.csGetTilesByLocationHashesAsync added.
  • SatelliteProvider.DataAccess/Repositories/TileRepository.csGetByTileCoordinatesAsync rewired to filter by location_hash (computed via Uuidv5.LocationHashForTile); selection rule preserved. GetTilesByLocationHashesAsync implemented via Npgsql-direct NpgsqlCommand with NpgsqlDbType.Array | Uuid parameter binding + manual NpgsqlDataReader mapping. The Dapper-bypass is justified inline (Dapper's IEnumerable expansion is incompatible with ANY($1::uuid[])).
  • SatelliteProvider.Services.TileDownloader/TileService.csGetInventoryAsync implements the ordering invariant + Form-A / Form-B / present-absent shaping. BuildTileEntity's locationHashName site is also consolidated to Uuidv5.LocationHashForTile.
  • SatelliteProvider.Api/Program.csapp.MapPost("/api/satellite/tiles/inventory", GetTilesInventory).RequireAuthorization().Accepts<TileInventoryRequest>("application/json").Produces<TileInventoryResponse>(200).ProducesProblem(400).WithOpenApi(...). Inline GetTilesInventory handler enforces body XOR + 5000-cap before delegating to ITileService.GetInventoryAsync. Kestrel configured with HttpProtocols.Http1AndHttp2 on every listener via builder.WebHost.ConfigureKestrel(opts => opts.ConfigureEndpointDefaults(lo => lo.Protocols = HttpProtocols.Http1AndHttp2)).

Search for unresolved markers in modified source:

$ rg -i 'placeholder|TODO|NotImplemented|scaffold|native bridge|fake|mock' \
    SatelliteProvider.Api/Program.cs \
    SatelliteProvider.Common/DTO/TileInventory.cs \
    SatelliteProvider.Common/Interfaces/ITileService.cs \
    SatelliteProvider.Common/Utils/Uuidv5.cs \
    SatelliteProvider.DataAccess/Migrations/015_AddTilesLeafletPathIndex.sql \
    SatelliteProvider.DataAccess/Repositories/ITileRepository.cs \
    SatelliteProvider.DataAccess/Repositories/TileRepository.cs \
    SatelliteProvider.Services.TileDownloader/TileService.cs

→ no matches. (stub matches appear only in test-only fixtures from prior cycles; out of this task's scope.)

Named technologies / integrations promised by the task:

  • tiles_leaflet_path covering index — created by migration 015; verified to exist when migrations run on a fresh DB.
  • Kestrel HTTP/2 (Http1AndHttp2) — wired via builder.WebHost.ConfigureKestrel per the AZ-505 Outcome bullet 3. Dev listener bound to https://+:8080 with ./certs/api.pfx so ALPN can advertise h2 (Kestrel requires TLS for HTTP/2 negotiation); cert generation is idempotent via scripts/run-tests.sh and certs/ is gitignored. AC-5 integration test confirms HttpResponseMessage.Version == 2.0 over 20 concurrent multiplexed GETs.
  • Npgsql ANY($1::uuid[]) array binding — used in GetTilesByLocationHashesAsync. The escape from Dapper is documented inline and is the production behaviour exercised by the AC-1 / AC-4 integration tests.
  • Cross-repo Uuidv5.TileNamespace — unchanged from AZ-503. AZ-505 consumes the existing constant via Uuidv5.LocationHashForTile. The sibling-repo's Python c6_tile_cache/_uuid.py:TILE_NAMESPACE is owned by gps-denied-onboard and is out of scope for the satellite-provider workspace per the AZ-505 Constraints section.

End-to-end production pipeline check: POST /api/satellite/tiles/inventory accepts XOR body shapes, delegates to ITileService.GetInventoryAsync, which composes Uuidv5.LocationHashForTile + ITileRepository.GetTilesByLocationHashesAsync (a real Npgsql query against the live DB, not a stub). GET /tiles/{z}/{x}/{y} (via ServeTile) now hits tiles_leaflet_path as an Index Only Scan — verified by LeafletPathIndexOnlyTests against the seeded fixture. No mocks, no scaffolded fallbacks anywhere on the hot path.

Gate Verdict: PASS

Every promise from the AZ-505 task spec is implemented as production behaviour.

  • No FAIL.
  • No BLOCKED.
  • No remediation tasks required.
  • Proceed to /implement Step 16 (Final Test Run). Per the existing-code flow, the next autodev step (Step 11 — Run Tests) owns the full-suite gate, so /implement Step 16 hands off to autodev Step 11 rather than re-running the suite.

Files / Symbols Checked

Production code:

  • SatelliteProvider.Api/Program.cs (Kestrel config + endpoint registration + handler)
  • SatelliteProvider.Common/DTO/TileInventory.cs (5 DTOs)
  • SatelliteProvider.Common/Interfaces/ITileService.cs (1 method added)
  • SatelliteProvider.Common/Utils/Uuidv5.cs (1 method added)
  • SatelliteProvider.DataAccess/Migrations/015_AddTilesLeafletPathIndex.sql
  • SatelliteProvider.DataAccess/Repositories/ITileRepository.cs (1 method added)
  • SatelliteProvider.DataAccess/Repositories/TileRepository.cs (GetByTileCoordinatesAsync rewrite + GetTilesByLocationHashesAsync added)
  • SatelliteProvider.Services.TileDownloader/TileService.cs (GetInventoryAsync added + BuildTileEntity consolidated to Uuidv5.LocationHashForTile)

DB schema (post-migration):

  • tiles_leaflet_path covering index on (location_hash, captured_at DESC, updated_at DESC, id DESC) INCLUDE (file_path, source)
  • idx_tiles_location_hash dropped

Contracts:

  • _docs/02_document/contracts/api/tile-inventory.md v1.0.0 (new) — matches implementation Shape, Invariants, Test Cases
  • _docs/02_document/contracts/data-access/tile-storage.md v2.0.0 (major bump) — captures AZ-503-foundation columns + AZ-505 covering index + read-rewrite; Change Log entry names both producer tasks

Tests (existence + AC mapping verified):

  • SatelliteProvider.IntegrationTests/TileInventoryTests.cs (AC-1, AC-2, AC-4, AC-6)
  • SatelliteProvider.IntegrationTests/Http2MultiplexingTests.cs (AC-5)
  • SatelliteProvider.IntegrationTests/LeafletPathIndexOnlyTests.cs (AC-3)

Unresolved Scaffold / Native Placeholders: None

Named Promised Technologies Not Integrated: None

(All named integrations — tiles_leaflet_path, Kestrel HTTP/2, Npgsql ANY($1::uuid[]) array binding, cross-repo Uuidv5.TileNamespace — are integrated and exercised by AC tests.)

Required Remediation Tasks: None

Cycle 6 is complete from the implementation perspective. The full integration-test gate is owned by autodev Step 11 (test-run skill) per the handoff in implementation_report_tile_inventory_cycle6.md.

Post-gate correction (Run Tests step, follow-up commit)

The Step 11 (Run Tests) execution surfaced an AC-5 runtime gap that the source-code-only completeness gate could not catch: HttpProtocols.Http1AndHttp2 on a plaintext listener silently downgrades to HTTP/1.1-only (Kestrel logs HTTP/2 is not enabled for [::]:8080 ... TLS is not enabled), so the multiplexed-GET test failed with HTTP_1_1_REQUIRED. The corrective commit ([AZ-505] AC-5 fix: enable TLS for HTTP/2 via ALPN) switches the dev listener to TLS on https://+:8080 so ALPN can negotiate h2. Details — including the cert-generation script, docker-compose binding, integration-test CA trust setup, and two unrelated test-data fixes also caught on the rerun (Google-Maps-404 coords in Http2MultiplexingTests; DateTime.Kind=Utc vs timestamp without time zone in three raw-Npgsql seed paths; the stale idx_tiles_location_hash assertion in MigrationTests) — are in implementation_report_tile_inventory_cycle6.md → "Post-merge correction". The full integration test suite now passes (mode=full, exit 0). Gate verdict remains PASS: every named AZ-505 technology is integrated and exercised by a green AC test.

Reference in New Issue View Git Blame Copy Permalink