Migrate from Trillium [part 7C]: admin routes and Trillium router removal#2247
Merged
Migrate from Trillium [part 7C]: admin routes and Trillium router removal#2247
Conversation
tgeoghegan
approved these changes
May 7, 2026
divergentdave
approved these changes
May 7, 2026
…oval - Move the admin queue routes (index, show, delete) to Axum handlers gated by the new AdminPermissionsActor extractor, which centralizes the admin-only check (returning 404 for non-admins to hide endpoint existence). This is enforced by using a nested router, which has a `route_layer` that layers `admin::require_admin` on top of everything in that router, so we don't forget anything. - Wire ReplaceMimeTypesLayer on the Axum /api sub-router now that all API routes are served by Axum. Removed the Trillium routes() and api_routes() functions, the api() handler chain, handler/misc.rs (actor_required, admin_required), and all FromConn impls from route files. Then I realized this is supposed to be in Part 8 and I stopped. - Add #[serde(alias)]es to JobStatus so query-param deserialization accepts lowercase values (matching the previous QueryStrong behavior). - Add #[cfg(all(assets)...] to a couple of telemetry things so we don't commit compilation crimes. These'll get cleaned up when we drop trillium_opentelemetry, I think. Note that there is still cleanup to do in Part 8, even though the migration is mostly done here. I wasn't super disciplined with what I deleted and what I marked dead, for which I request grace. Just, one thing at a time.
jcjones
force-pushed
the
jcj/axum-migration-part7c
branch
from
71e32ec to
6f819cf
Compare
Contributor
Author
|
The |
Collaborator
We might need an Axum replacement for |
Contributor
Author
I came back to this window to say basically the same thing, and found you solved the problem before me! I stripped this out too early, basically. For good reasons. |
The Trillium `api()` handler chain had `state(User::for_integration_testing())` gated on `#[cfg(feature = "integration-testing")]`, which injected an admin user into every request. When 7C removed the Trillium router, this injection was lost, causing the `pair_aggregator` container in compose.dev.yaml to get 403 Forbidden on `POST /api/aggregators` (n.b. the CLI uses `--token=""` and relies on the integration-testing user for auth). So, let's fix it. This is a new Axum middleware that unconditionally injects the `integration-testing` user into request extensions when the feature is enabled. While I'm at it, I also rename the existing `test-header-injection` middleware to `inject_test_header_user` in order to distinguish it from the unconditional injection.
divergentdave
approved these changes
May 8, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Move the admin queue routes (
index,show,delete) to Axum handlers gated by the newAdminPermissionsActorextractor, which centralizes the admin-only check (returning 404 for non-admins to hide endpoint existence). This is enforced by using a nested router, which has aroute_layerthat layersadmin::require_adminon top of everything in that router, so we don't forget anything.Wire
ReplaceMimeTypesLayeron the Axum/apisub-router now that all API routes are served by Axum. Removed the Trilliumroutes()andapi_routes()functions, theapi()handler chain,handler/misc.rs(actor_required, admin_required), and allFromConn implsfrom route files. Then I realized this is supposed to be in Part 8 and I stopped.Add
#[serde(alias)]es toJobStatusso query-param deserialization accepts lowercase values (matching the previousQueryStrongbehavior).Add
#[cfg(all(assets)...]to a couple of telemetry things so we don't commit compilation crimes. These'll get cleaned up when we droptrillium_opentelemetry, I think.Note that there is still cleanup to do in Part 8, even though the migration is mostly done here. I wasn't super disciplined with what I deleted and what I marked dead, for which I request grace. Just, one thing at a time.