Skip to content

Fix review app database credential mapping#197

Draft
justin808 wants to merge 1 commit into
mainfrom
jg-codex/fix-review-app-database-mapping
Draft

Fix review app database credential mapping#197
justin808 wants to merge 1 commit into
mainfrom
jg-codex/fix-review-app-database-mapping

Conversation

@justin808

@justin808 justin808 commented Jul 18, 2026

Copy link
Copy Markdown
Member

Fresh-default verification of #195 reached image build, then failed during release preparation because the review-app template's database credential mapping did not match the canonical app template.\n\nThis PR:\n- aligns the review-app mapping with the canonical template without changing workflow, routing, authorization, workload, or database topology;\n- adds a regression spec requiring exactly one role-specific database credential mapping per template;\n- compares only the canonical and review references; and\n- proves the negative assertion reports a sanitized failure without disclosing reference values.\n\nRelates to #194 and the verification evidence from #196. The issue must remain open until this fix merges and a new fresh-default verification PR completes deploy, behavioral smoke, and cleanup.\n\nLocal verification:\n- focused and combined template specs: pass;\n- RuboCop: 92 files, no offenses;\n- Control Plane GitHub-flow syntax/readiness validation: pass;\n- peer dependency check, Bundler audit, Brakeman scan, React on Rails doctor, TypeScript, and router-shim: pass;\n- full database/browser and online advisory checks: required in hosted CI because the local sandbox blocks its database socket and registry lookups.

Summary by CodeRabbit

  • Bug Fixes

    • Updated application review templates to use the correct database password secret reference, improving consistency with the standard application template.
  • Tests

    • Added automated checks to verify database credential mappings remain consistent across Control Plane templates and that validation errors avoid exposing sensitive secret references.

@coderabbitai

coderabbitai Bot commented Jul 18, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 0dd5b362-6334-46e6-a971-7b327728a30f

📥 Commits

Reviewing files that changed from the base of the PR and between 2d409e8 and 1277fe4.

📒 Files selected for processing (2)
  • .controlplane/templates/app-review.yml
  • spec/controlplane/template_mapping_spec.rb

Walkthrough

The app-review template now references an app-scoped PostgreSQL secret. A new RSpec spec loads template mappings, verifies consistency with app.yml, and checks that mismatch failures do not expose credential references.

Changes

Credential reference alignment

Layer / File(s) Summary
Template reference and validation
.controlplane/templates/app-review.yml, spec/controlplane/template_mapping_spec.rb
The app-review database password uses cpln://secret/{{APP_NAME}}-pg.password; specs extract database mappings, require exactly one match per template, verify equality with app.yml, and sanitize mismatch failures.

Estimated code review effort: 2 (Simple) | ~10 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Description check ⚠️ Warning The description covers the change but does not follow the required template sections or checkbox format. Add the required Summary, Validation Tier, Test Plan, and Starter Checklist sections using the repository's checkbox template.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title is concise and accurately summarizes the main change to review app database credential mapping.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch jg-codex/fix-review-app-database-mapping

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@github-actions

Copy link
Copy Markdown

🚀 Quick Review App Commands

Welcome! Here are the commands you can use in this PR:
They require the repository to have cpflow review apps configured, including the CPLN_TOKEN_STAGING secret.

+review-app-deploy

Deploy your PR branch for testing.

+review-app-delete

Remove the review app when done.

+review-app-help

Show detailed instructions, environment setup, and configuration options.

Comment +review-app-help for full setup details.

@justin808

justin808 commented Jul 18, 2026

Copy link
Copy Markdown
Member Author

Priority finding dispositions — superseded\n\nThe earlier maker findings were fixed, but a current-head independent review subsequently found a new blocking P1 in the production mapping relationship. PR #197 is back in draft, the review thread remains open, and no priority-disposition readiness marker is asserted while that finding is unresolved.\n\nBlocking review: #197 (comment)

@justin808
justin808 marked this pull request as ready for review July 18, 2026 11:15

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 1277fe4463

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

value: "{{APP_NAME}}_production_cable"
- name: REACT_ON_RAILS_STARTER_TANSTACK_DATABASE_PASSWORD
value: "cpln://secret/{{SHARED_SECRET_DATABASE}}.password"
value: "cpln://secret/{{APP_NAME}}-pg.password"

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Keep review apps on the shared DB secret

For review apps, this template is applied without the postgres template (setup_app_templates only includes app-review, rails, worker, and renderer, and additional_workloads: [] in .controlplane/controlplane.yml), while the only database grant is the shared database grant pointing at react-on-rails-starter-tanstack-staging-pg. Changing the password reference to {{APP_NAME}}-pg makes each review app look for a per-review secret that is never created or granted, so release preparation/boot will fail when Rails resolves REACT_ON_RAILS_STARTER_TANSTACK_DATABASE_PASSWORD for review apps.

Useful? React with 👍 / 👎.

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Confirmed as a blocking finding. The disposable composition omits per-app database provisioning and relies on the shared grant-backed relationship, so the current scalar change is not valid. I am keeping this thread open and the PR unmergeable while I restore the correct relationship and diagnose the original replay failure without exposing credential details.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant