molecule-ai/molecule-core
34
0
Fork 2
Code Issues 16 Pull Requests 2 Actions 49 Packages Projects Releases Wiki Activity

feat(workspaces): update_tier column for canary vs production fan-out
Some checks failed
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 19s
Details
CodeQL / Analyze (${{ matrix.language }}) (go) (pull_request) Successful in 4s
Details
CodeQL / Analyze (${{ matrix.language }}) (javascript-typescript) (pull_request) Successful in 4s
Details
CodeQL / Analyze (${{ matrix.language }}) (python) (pull_request) Successful in 4s
Details
Check migration collisions / Migration version collision check (pull_request) Successful in 29s
Details
CI / Detect changes (pull_request) Successful in 1m3s
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 39s
Details
E2E API Smoke Test / detect-changes (pull_request) Successful in 47s
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 23s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 34s
Details
Harness Replays / detect-changes (pull_request) Successful in 38s
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 38s
Details
CI / Canvas (Next.js) (pull_request) Successful in 11s
Details
CI / Shellcheck (E2E scripts) (pull_request) Successful in 11s
Details
CI / Python Lint & Test (pull_request) Successful in 10s
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 15s
Details
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Details
Harness Replays / Harness Replays (pull_request) Failing after 35s
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 21s
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 6m49s
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 7m55s
Details
CI / Platform (Go) (pull_request) Successful in 14m6s
Details

Browse Source 
Closes core#115 partial. Schema-only change; the apply-endpoint filter
logic that reads this column lands with core#123 (drift detector +
queue + apply endpoint, the deferred follow-up of core#113).

Default 'production' so existing customers (Reno-Stars + any future
tenant) are default-safe. Synthetic dogfooding workspaces opt INTO
'canary' explicitly.

CHECK constraint pins the closed value set ('canary' | 'production') —
the apply endpoint's filter relies on the database to reject anything
else, so a future operator typo in PATCH /workspaces/:id ({update_tier:
'canery'}) returns a constraint violation, not silent fan-out to
nobody.

Partial index on canary rows since the apply-endpoint query path
('apply this update only to canary tier first') hits canary much more
often than production, and the production set is the much larger
default.

WHAT THIS DOES NOT DO (lands with core#123)
  - PATCH endpoint to flip a workspace to canary
  - The apply endpoint that consults the column
  - Tests that exercise canary-vs-production fan-out

Schema-only foundation; same pattern as core#113 (workspace_plugins).

PHASE 4 SELF-REVIEW
  Correctness: No finding — IF NOT EXISTS guards, DEFAULT clause means
    existing rows get 'production' on migration apply.
  Readability: No finding — comment block documents the tier semantics
    + the deferral to core#123.
  Architecture: No finding — additive ALTER, partial index for the
    expected access pattern.
  Security: No finding — no code path; column constraint reduces blast
    radius of bad PATCH input.
  Performance: No finding — partial index minimizes write amplification
    on the production-default rows.

REFS
  core#115 — this issue
  core#123 — apply endpoint follow-up (will exercise this column)
  core#113 — version subscription DB foundation (sibling pattern)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
claude-ceo-assistant 2026-05-08 08:55:19 -07:00
parent b7f3b270a3
commit 120b3a25aa
2 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
workspace-server/migrations/20260508170000_workspaces_update_tier.down.sql Normal file
View File

@ -0,0 +1,2 @@
DROP INDEX IF EXISTS workspaces_update_tier_canary;
ALTER TABLE workspaces DROP COLUMN IF EXISTS update_tier;

26
workspace-server/migrations/20260508170000_workspaces_update_tier.up.sql Normal file
View File

@ -0,0 +1,26 @@
-- workspaces.update_tier — canary vs production filter for plugin updates
-- (core#115). Composes with the version-subscription DB foundation
-- (core#113, merged) and the upcoming drift+queue+apply endpoint
-- (core#123).
--
-- Tiers:
-- 'production' (default) — fan-out target; only updated AFTER canary soak
-- 'canary' — early-adopter target; updates land here first
--
-- Default 'production' so existing customers (Reno-Stars + any future
-- live tenant) are default-safe. Synthetic dogfooding workspaces opt
-- INTO 'canary' explicitly.
--
-- The column is just metadata at this layer; the actual filter logic
-- ('apply this update only to canary tier first') lives in the future
-- POST /admin/plugin-updates/:id/apply endpoint (core#123).
ALTER TABLE workspaces
ADD COLUMN IF NOT EXISTS update_tier TEXT NOT NULL DEFAULT 'production'
CHECK (update_tier IN ('canary', 'production'));
-- Partial index for the apply endpoint's canary-tier scan: only
-- index canary rows since the apply path queries them most often
-- and the production set is the much larger default.
CREATE INDEX IF NOT EXISTS workspaces_update_tier_canary
ON workspaces(update_tier) WHERE update_tier = 'canary';