dohertj2/ScadaBridge
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

docs(m8): Transport site/instance transport, name-mapping, Myers diff, stale enumeration (M8 INT)

Browse Source
This commit is contained in:
Joseph Doherty
2026-06-18 07:53:25 -04:00
parent f881521cc9
commit 4d888c63a3
7 changed files with 136 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files
stillpending.md
+4 -4
View File
@@ -47,7 +47,7 @@ Real, but narrower than the spec — wrong in a way that could surprise an opera
| **13** | **Inbound `Object`/`List` extended types are shape-validated only** — no nested/field-level type validation, despite spec implying typed/nested validation. | `ParameterValidator.cs:109-145`; `ReturnValueValidator.cs:18` |
| **14** | **JWT-in-cookie session design not implemented**`/auth/login` signs a plain `ClaimsPrincipal`; `GenerateToken` only used by the CLI `/auth/token` path; `ValidateToken` has no external callers. | `AuthEndpoints.cs:38,75-112,152`; `ServiceCollectionExtensions.cs:99-118` |
| **15** | **"Re-query LDAP every 15 min / roles never >15 min stale" not implemented for interactive sessions** — `JwtTokenService.RefreshToken`/`RecordActivity`/`ShouldRefresh`/`IsIdleTimedOut` have **zero** call sites; roles fixed until cookie expiry. The 15-min sliding + 30-min idle layers are collapsed into a single 30-min sliding cookie window. | `JwtTokenService.*` (no callers); `ServiceCollectionExtensions.cs:99-148` |
| **16** | **Transport stale-instance enumeration always returns empty**`BundleImporter` returns `Array.Empty<int>()`; UI shows a generic warning with no count, link not filtered to stale instances. | `BundleImporter.cs:733`; `TransportImport.razor:347-388` |
| **16** | **FIXED (M8/T18).** Transport stale-instance enumeration is real: before commit, for each Overwritten template `BundleImporter` enumerates deployed target instances whose freshly-flattened revision hash drifts from `DeployedConfigSnapshot.RevisionHash` via the new `IStaleInstanceProbe` seam (Commons; implemented in DeploymentManager) and returns their ids; Confirm shows the real count and the result deep-links the filtered Deployments page. Was `Array.Empty<int>()`. | `BundleImporter.cs` (`ComputeStaleInstanceIdsAsync`); `IStaleInstanceProbe.cs`; `StaleInstanceProbe.cs`; `TransportImport.razor` |
| **17** | **`MachineDataDb` fail-fast requirement not enforced** — spec (REQ-HOST-3/4) requires central nodes to validate a non-empty `MachineDataDb` connection string. `DatabaseOptions` has only `ConfigurationDb`/`SiteDbPath`; validator never checks it; 0 `grep` hits in `src/`. Key lives only in docker appsettings as dead config. | `DatabaseOptions.cs:6-12`; `StartupValidator.cs:60-61` |
| **18** | **CI grep-guard against `UPDATE/DELETE … AuditLog` not in the repo** — spec claims a build-time grep that fails on data-layer mutations. DB-role DENY enforcement *is* present in migrations (so this is a backstop, not the only control), but the claimed code-level guard is absent. | spec `Component-AuditLog.md:335-336`, `Component-ConfigurationDatabase.md:297` |
@@ -98,9 +98,9 @@ Knowingly punted, with extensible seams and explicit doc notes. `[PERM]` = perma
- `[DELIVERED M7/T17]` OPC UA "Verify endpoint" connectivity button (captures-but-never-trusts an untrusted cert) + site-local cert-management UI (per-node `CertStoreActor`, DeploymentManager broadcast to both nodes). *Follow-up:* central-persisted, auditable cert trust (site-local today).
**Transport (#24)**
- `[PERM]` Site-scoped / instance-scoped artifact transport (needs name-mapping subsystem).
- `[PERM]` Direct cluster-to-cluster pull; asymmetric bundle signing; differential/incremental bundles.
- `[PERM/SLICE]` Per-line/Myers diff for Modified artifacts (coarse line-count delta only). — `ArtifactDiff.cs:18-25`
- `[DELIVERED M8/T18]` Site-scoped / instance-scoped artifact transport with the `BundleNameMap` name-mapping subsystem. Moves `Site`s, site-scoped `DataConnection`s, and `Instance`s (+ override children + `Area` by name); auto-match (sites by `SiteIdentifier`, connections by `{SiteIdentifier}/{Name}`, instances by `UniqueName`) with operator override via the import-wizard Map step / CLI `--map-site`/`--map-connection`/`--create-missing-*`; D3 carry-full-config (Site addresses travel; `DataConnection` config rides the encrypted `SecretsBlock`, presence-only in diffs); schema 1.1 (additive). *Follow-ups:* DeploymentManagerRepository hydration; large-bundle/perf hardening.
- `[DELIVERED M8/T20]` Per-line/Myers diff for Modified code fields — pure `LineDiffer` (custom Myers O(ND), no third-party lib); `ArtifactDiff` embeds a size-capped structured `lineDiff` (hunks + `truncated` + add/remove totals); rendered by the `LineDiffView` import-wizard component.
- `[PERM]` Direct cluster-to-cluster pull; asymmetric bundle signing; differential/incremental bundles. — **deferred** (T19, its own brainstorm).
**TreeView**
- `[SLICE/PERM]` R6 lazy-loading, R7 keyboard nav, R16 multi-select — spec marks all "(Deferred)". — `Component-TreeView.md:87-93,288-295`