Fix review app database credential mapping#197
Conversation
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (2)
WalkthroughThe app-review template now references an app-scoped PostgreSQL secret. A new RSpec spec loads template mappings, verifies consistency with app.yml, and checks that mismatch failures do not expose credential references. ChangesCredential reference alignment
Estimated code review effort: 2 (Simple) | ~10 minutes 🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
🚀 Quick Review App CommandsWelcome! Here are the commands you can use in this PR:
|
Priority finding dispositions — superseded\n\nThe earlier maker findings were fixed, but a current-head independent review subsequently found a new blocking P1 in the production mapping relationship. PR #197 is back in draft, the review thread remains open, and no priority-disposition readiness marker is asserted while that finding is unresolved.\n\nBlocking review: #197 (comment) |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 1277fe4463
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| value: "{{APP_NAME}}_production_cable" | ||
| - name: REACT_ON_RAILS_STARTER_TANSTACK_DATABASE_PASSWORD | ||
| value: "cpln://secret/{{SHARED_SECRET_DATABASE}}.password" | ||
| value: "cpln://secret/{{APP_NAME}}-pg.password" |
There was a problem hiding this comment.
Keep review apps on the shared DB secret
For review apps, this template is applied without the postgres template (setup_app_templates only includes app-review, rails, worker, and renderer, and additional_workloads: [] in .controlplane/controlplane.yml), while the only database grant is the shared database grant pointing at react-on-rails-starter-tanstack-staging-pg. Changing the password reference to {{APP_NAME}}-pg makes each review app look for a per-review secret that is never created or granted, so release preparation/boot will fail when Rails resolves REACT_ON_RAILS_STARTER_TANSTACK_DATABASE_PASSWORD for review apps.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
Confirmed as a blocking finding. The disposable composition omits per-app database provisioning and relies on the shared grant-backed relationship, so the current scalar change is not valid. I am keeping this thread open and the PR unmergeable while I restore the correct relationship and diagnose the original replay failure without exposing credential details.
Fresh-default verification of #195 reached image build, then failed during release preparation because the review-app template's database credential mapping did not match the canonical app template.\n\nThis PR:\n- aligns the review-app mapping with the canonical template without changing workflow, routing, authorization, workload, or database topology;\n- adds a regression spec requiring exactly one role-specific database credential mapping per template;\n- compares only the canonical and review references; and\n- proves the negative assertion reports a sanitized failure without disclosing reference values.\n\nRelates to #194 and the verification evidence from #196. The issue must remain open until this fix merges and a new fresh-default verification PR completes deploy, behavioral smoke, and cleanup.\n\nLocal verification:\n- focused and combined template specs: pass;\n- RuboCop: 92 files, no offenses;\n- Control Plane GitHub-flow syntax/readiness validation: pass;\n- peer dependency check, Bundler audit, Brakeman scan, React on Rails doctor, TypeScript, and router-shim: pass;\n- full database/browser and online advisory checks: required in hosted CI because the local sandbox blocks its database socket and registry lookups.
Summary by CodeRabbit
Bug Fixes
Tests