fix(preflight): resolve API-key secrets via get_secret(), not stale env-var check (Sat SF DataPhase1 P0, facet 2)#248
Merged
Conversation
…nv-var check Second facet of the #241/#242 .env-deprecation regression, surfaced by the 2026-05-16 Saturday SF recovery run: AWS_REGION fix (#247) let DataPhase1 clear preflight and MorningEnrich completed (polygon 913/921 + FRED 4/4 fetched fine via get_secret()), but `weekly_collector.py --phase 1` then aborted at preflight: RuntimeError: Pre-flight: required env vars missing: ['FRED_API_KEY', 'POLYGON_API_KEY'] Every collector AND both reachability probes in this file already resolve these keys via get_secret() (SSM). The only stale code was DataPreflight.run()'s `check_env_vars("FRED_API_KEY","POLYGON_API_KEY")` (and the phase2 FMP/FINNHUB/EDGAR equivalent) — an os.environ assertion the env-deprecation arc migrated every consumer away from but missed here. MorningEnrich slipped through because its preflight only checks AWS_REGION; phase1/phase2 hard-failed on the stale gate. Fix: AWS_REGION stays an env-var check (plain boto3 region, not a secret); the API keys now go through a new `_check_secrets()` helper that calls get_secret(required=False) — same <1s fail-fast intent, same RuntimeError shape, sourced from SSM (with get_secret's env fallback) instead of os.environ. phase2 had the identical latent bug and is fixed in the same change. Tests updated to the get_secret() reality (patch preflight.get_secret rather than os.environ); full suite 1050 passed, 1 skipped. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This was referenced May 16, 2026
Merged
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Context — second facet of the #241/#242 .env-deprecation regression
Surfaced during the 2026-05-16 Saturday SF recovery. #247 (AWS_REGION) worked: DataPhase1 cleared preflight and MorningEnrich completed end-to-end (
Morning enrichment OK for 2026-05-15 ... in 1675s; polygon 913/921 + FRED 4/4 fetched fine viaget_secret()) — so Friday's polygon-authoritativedaily_closesare now collected and the original stale-data P0 is resolved.But
weekly_collector.py --phase 1then aborted at preflight:Root cause (reproduced, not speculative)
Every collector and both reachability probes in
preflight.pyitself already resolve these keys viaget_secret()(SSM) — empirically proven by MorningEnrich succeeding with no env vars set. The only stale code isDataPreflight.run():The env-deprecation arc migrated every consumer to
get_secret()but missed this gate. MorningEnrich slipped through because its preflight only checksAWS_REGION; phase1/phase2 hard-fail on the stale gate. phase2 would have been the next failure.Fix
AWS_REGIONstays an env-var check (plain boto3 region, not a secret — supplied by fix(spot): re-export AWS_REGION into spot shell — close #241 .env-removal regression (Sat SF DataPhase1 P0) #247'sENV_SOURCE)._check_secrets()helper usingget_secret(required=False)— identical <1s fail-fast intent andRuntimeErrorshape, sourced from SSM (withget_secret's env fallback) instead ofos.environ.Test
Updated the two end-to-end tests that encoded the old env-var assumption to patch
preflight.get_secretinstead; added a renamed regression test (test_phase1_missing_polygon_secret_short_circuits) asserting the SSM-layer short-circuit still fires before HTTP/S3/ArcticDB. Full suite: 1050 passed, 1 skipped.Recovery
After merge, re-trigger the Saturday SF. MorningEnrich's Friday fill from the recovery run is already persisted (ArcticDB + S3), so the re-run is safe; phase1 will now pass preflight and proceed.
🤖 Generated with Claude Code