Skip to content

ci(api-server): guard dual-DB pool selection (assets_db vs db) typo #717

Description

@thxforall

What to build

api-server routes between two physical DB pools — prod db and assets assets_db (#333). The selection is a hand-written convention (state.assets_db.as_ref() vs state.db), and a typo routes a query to the wrong physical database — a production-incident-class bug.

A runtime trait abstraction was considered and rejected (shallow, and it can't model the legitimate dual-pool sites; KISS/YAGNI). Instead, add a static CI guard to the existing .github/workflows/api-server-invariants.yml: a grep-based check that flags assets_db references outside the sanctioned domains, so a stray pool reference fails CI instead of shipping.

Acceptance criteria

  • api-server-invariants.yml gains a check that fails when assets_db is referenced outside an allowlist of domains that legitimately use it (raw_posts, plus any genuine dual-pool sites such as verify/delete flows)
  • The allowlist is documented inline in the workflow
  • The check passes on current main; a deliberately-wrong assets_db reference in a prod-only domain makes it fail

Blocked by

None - can start immediately

Metadata

Metadata

Assignees

Labels

ready-for-agentFully specified, ready for an AFK agenttech-debt기술 부채

Type

No type

Fields

No fields configured for issues without a type.

Projects

Status
Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions