Skip to content

[WIP] add support for file level auditing / metrics management that frontend can use#91

Open
matthewpeterkort wants to merge 14 commits into
developmentfrom
feature/storage-summary
Open

[WIP] add support for file level auditing / metrics management that frontend can use#91
matthewpeterkort wants to merge 14 commits into
developmentfrom
feature/storage-summary

Conversation

@matthewpeterkort

@matthewpeterkort matthewpeterkort commented Jun 24, 2026

Copy link
Copy Markdown
Contributor

what has started as a metrics PR has turned into a cleanup PR.
file path based metrics don't make sense to go here, since the system revolves around github paths,
so this functionality is added to Gecko instead.

@netlify

netlify Bot commented Jun 24, 2026

Copy link
Copy Markdown

Deploy Preview for drs-server ready!

Name Link
🔨 Latest commit c134cd3
🔍 Latest deploy log https://app.netlify.com/projects/drs-server/deploys/6a481f08a86dd600090ac77c
😎 Deploy Preview https://deploy-preview-91--drs-server.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 42a6b9c958

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread internal/repair/service.go Outdated
obj.scopeAmbiguous = ambiguous
obj.inferredScope = resource
if known {
obj.scope = scopes[resource][0]

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Guard missing scope targets before indexing

When a record already has exactly one controlled_access project but that project has no bucket scope returned by loadScopeTargets, inferRecordResource still returns known=true; indexing scopes[resource][0] then panics with index out of range and aborts the whole audit/apply run. Treat this as an unknown or non-canonical scope unless a target exists.

Useful? React with 👍 / 👎.

if err != nil {
return err
}
if authz.HasMethodAccess(ctx, methods[0], []string{"/programs", "/data_file"}) || authz.HasAnyMethodAccess(ctx, []string{resource}, methods...) {

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Require delete access for apply

When the apply route calls this helper with read, delete, HasAnyMethodAccess succeeds if the caller has only one of those methods, so a read-only project user can enter the apply path and receive a 200 dry-run/delete plan instead of being rejected up front. Require the destructive method explicitly (and read separately if needed) before calling Apply.

Useful? React with 👍 / 👎.

Comment on lines +193 to +194
if sawMissing {
return StorageProbeStatusMissing, "storage object not found"

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Preserve probe errors when some URLs are missing

For records with multiple access URLs, this returns missing as soon as any URL was not found, even if another URL returned a credential/permission/provider error. In that mixed case the record is later treated as a stale duplicate or stale orphan and can be deleted, although one storage location was never successfully verified; return error whenever any non-not-found probe failed.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant