M4 Completion: Critical bug fixes + Phase 5-6 handlers#7
Merged
Conversation
- phase_platform_identity.py: Add PKIHandler import (line 35 usage) - phase_registries.py: Add json import (line 67 json.loads usage) - api/app.py: Add DNSHandler import (line 158 usage) - handlers/and_handler.py: Add ipaddress import (line 33 usage) - migrations/001_initial.sql: Add pgmq_delete() RPC function for message acknowledgment All 69 existing tests pass. M4 handlers now compile and are ready for M3 integration. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01X8FoC1a2wcbGVTE3jMwRg2
- Rewrote Orchestrator class to use proper BasePhaseHandler registry pattern
- Phase handlers (0-8) now properly registered in execution sequence
- execute_phases() implements loop with dependency checking, error handling, state persistence
- Uses healthcheck() and should_skip() from all handlers
- Proper PhaseContext DI for all handlers
- Completed Phase 3 and Phase 4 handlers with required abstract methods
- PKIPhaseHandler: Added should_skip() to check phase_completed[3]
- PlatformIdentityPhaseHandler: Added healthcheck() and should_skip()
- healthcheck() verifies Keycloak running + OIDC discovery endpoint responds
- Fixed Phase 7 handler import: BasePhaseHandler from _base, not handlers package
Orchestrator is now ready to execute full Phase 0-8 bootstrap sequence.
All 69 existing tests still passing.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01X8FoC1a2wcbGVTE3jMwRg2
- Fixed Phase 4 handler RuntimeState attribute access - Changed context.runtime_state.get() to getattr() since RuntimeState is a dataclass - Fixed bootstrap_admin_password and keycloak_platform_container_id access patterns - Improved Phase 4 healthcheck method - Added proper async/await handling for aiohttp ClientSession - Added SSL context configuration to allow self-signed certs - Added proper timeout and exception handling for network errors - Returns False gracefully if container not running or not found - Fixed Phase 3 event emission - Changed correlation_id and parent_event_id to use getattr() with defaults - Prevents AttributeError if these fields don't exist on RuntimeState - Added comprehensive M3 integration tests (13 test methods) - TestPKIPhaseHandlerContract: Verify Phase 3 implements BasePhaseHandler interface - TestPlatformIdentityPhaseHandlerContract: Verify Phase 4 implements interface - TestM3OrchestratorIntegration: Verify handlers registered correctly in sequence - All tests passing, validates handler contracts and phase ordering Test results: 82 passed, 2 skipped (M3+ placeholder tests) Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01X8FoC1a2wcbGVTE3jMwRg2
Added comprehensive orchestrator tests validating: - Phase execution control - Skip already-completed phases - Respect up_to_phase limit (don't execute beyond it) - Mark phases complete after successful execution - Raise error on healthcheck failure - Persist error state to RuntimeState on failure - Phase sequencing and ordering - Phases ordered sequentially 0-8 - All 9 phases have handlers - Phase 3 executes before Phase 4 Test results: 90 passed, 2 skipped - M0-M2 tests: 69 passing (spec, substrate, DNS) - M3 tests: 21 new tests (13 handler contract + 8 orchestrator behavior) - 2 skipped placeholder tests (Phase 4-5 scaffolds) Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01X8FoC1a2wcbGVTE3jMwRg2
P0 Critical Fixes (blocking execution): - pgmq_client.py: Fixed EventEnvelope serialization (event.dict() → event.to_dict()) Added retry_count initialization check in archive_to_dlq method - app_handler.py: Added missing datetime import for deployment timestamp generation - phase_registries.py: Implemented healthcheck() and should_skip() abstract methods - phase_inworld_identity.py: Implemented healthcheck() and should_skip() abstract methods Proper SSL context handling for self-signed Keycloak certificates - run_migrations.py: Complete rewrite to use subprocess + psql instead of non-existent Supabase REST endpoint, supports all database connection parameters - app.py: Fixed Keycloak admin credentials to read from environment/RuntimeState instead of using empty password, with proper 500 error handling P1 Medium Fixes (functional gaps): - app_handler.py: Refactored gateway_ip derivation to calculate from CIDR instead of reading non-existent database field using ipaddress module - 001_initial.sql: Fixed pgmq_pop() return type wrapper with json_build_object() to properly serialize pgmq record returns - 001_initial.sql: Added app_deployments table for tracking deployed applications with schema: id, org, app, domain, container_id, client_id, deployed_at New Tests: - tests/integration/test_m4_phases.py: Comprehensive Phase 5-6 handler contract tests covering interface compliance, skip logic, and healthcheck behavior (8 test methods) Test Results: - All 99 tests passing (2 skipped) - No regressions from any fixes - Code formatting with black, isort, flake8 validated Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01X8FoC1a2wcbGVTE3jMwRg2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR completes M4 implementation (Supabase + pgmq event queue + operator API) by fixing 6 critical P0 bugs and 3 medium P1 functional gaps that were blocking Phase 5-6 handler execution.
P0 Critical Fixes (Blocking Execution)
pgmq_client.py - EventEnvelope serialization bug
event.dict()on dataclass instead of Pydantic modelevent.to_dict()method (2 occurrences, lines 14, 45)app_handler.py - Missing datetime import
datetime.utcnow()without importing datetimefrom datetime import datetimeimportphase_registries.py - Missing abstract methods
healthcheck()andshould_skip()methodsphase_inworld_identity.py - Missing abstract methods
healthcheck()andshould_skip()methodsrun_migrations.py - Non-existent Supabase endpoint
/api/rest/v1/rpc/exec_sqlendpoint that doesn't existapp.py - Empty Keycloak credentials
P1 Medium Fixes (Functional Gaps)
app_handler.py - Missing gateway IP derivation logic
gateway_ipfield from address_leases table_get_gateway_ip()to calculate from CIDR using ipaddress module001_initial.sql - pgmq_pop() return type
001_initial.sql - Missing app_deployments table
New Tests
Test Results
✅ All 99 tests passing (2 skipped)
Impact
These fixes unblock:
Related
/root/.claude/plans/root-claude-uploads-664a3b00-6702-56b7-delegated-unicorn.md🤖 Generated with Claude Code
https://claude.ai/code/session_01X8FoC1a2wcbGVTE3jMwRg2
Generated by Claude Code