From fc6d3bdaf9dcc72da21d14ee8e912fdc21c927fb Mon Sep 17 00:00:00 2001 From: Lyon <88232613+pikasTech@users.noreply.github.com> Date: Fri, 26 Jun 2026 14:01:49 +0800 Subject: [PATCH] fix: gate d601 v03 postgres mode by yaml switch (#972) Co-authored-by: Codex --- config/hwlab-node-lanes.yaml | 20 +++++++++++++++++++- scripts/src/hwlab-node-lanes.ts | 4 ++++ scripts/src/hwlab-node/git-mirror.ts | 4 +++- scripts/src/hwlab-node/observability.ts | 7 +++++-- scripts/src/hwlab-node/plan.ts | 9 ++++++--- scripts/src/hwlab-node/public-exposure.ts | 5 +++-- scripts/src/hwlab-node/render.ts | 4 +++- scripts/src/hwlab-node/web-probe.ts | 22 ++++++++++++---------- 8 files changed, 55 insertions(+), 20 deletions(-) diff --git a/config/hwlab-node-lanes.yaml b/config/hwlab-node-lanes.yaml index 3dd5aa5e..9874e6de 100644 --- a/config/hwlab-node-lanes.yaml +++ b/config/hwlab-node-lanes.yaml @@ -144,7 +144,25 @@ lanes: renderDir: runtime-v03 runtimeStore: postgres: - mode: platform-service + mode: local-k3s + secretName: hwlab-v03-postgres + statefulSet: hwlab-v03-postgres + serviceName: hwlab-v03-postgres + adminUser: hwlab_v03 + adminPasswordSourceRef: hwlab/d601-v03-postgres.env + adminPasswordSourceKey: HWLAB_V03_POSTGRES_PASSWORD + cloudApi: + secretName: hwlab-cloud-api-v03-db + secretKey: database-url + database: hwlab_v03 + role: hwlab_v03 + openfga: + secretName: hwlab-v03-openfga + secretKey: datastore-uri + authnKey: authn-preshared-key + postgresPasswordKey: postgres-password + database: hwlab_openfga + role: hwlab_openfga poolMax: 16 connectionTimeoutMs: 5000 queryRetryMaxAttempts: 5 diff --git a/scripts/src/hwlab-node-lanes.ts b/scripts/src/hwlab-node-lanes.ts index 78cd64e4..342ab246 100644 --- a/scripts/src/hwlab-node-lanes.ts +++ b/scripts/src/hwlab-node-lanes.ts @@ -326,6 +326,10 @@ export interface HwlabRuntimeLaneSpec { readonly downloadProfile: HwlabDownloadProfileSpec; } +export function hwlabRuntimeActiveExternalPostgres(spec: HwlabRuntimeLaneSpec): HwlabRuntimeExternalPostgresSpec | undefined { + return spec.runtimeStore?.postgres?.mode === "platform-service" ? spec.externalPostgres : undefined; +} + export const HWLAB_NODE_LANE_CONFIG_PATH = "config/hwlab-node-lanes.yaml"; interface HwlabLaneConfig { diff --git a/scripts/src/hwlab-node/git-mirror.ts b/scripts/src/hwlab-node/git-mirror.ts index 7dc674fa..d5e7aa9d 100644 --- a/scripts/src/hwlab-node/git-mirror.ts +++ b/scripts/src/hwlab-node/git-mirror.ts @@ -358,7 +358,7 @@ export function withNodeRuntimeControlPlanePlanRendered(result: Record): Record { + const activeExternalPostgres = hwlabRuntimeActiveExternalPostgres(scoped.spec); return { ok: true, command: `hwlab nodes control-plane plan --node ${scoped.node} --lane ${scoped.lane}`, @@ -50,6 +52,7 @@ export function nodeRuntimeControlPlanePlan(scoped: ReturnType { + const activeExternalPostgres = hwlabRuntimeActiveExternalPostgres(spec); return { configPath: hwlabRuntimeLaneConfigPath(), node: spec.nodeId, @@ -151,6 +153,7 @@ export function nodeRuntimeExpected(spec: HwlabRuntimeLaneSpec): Record 0 && workloadReadiness.every((item) => item.ready); const localPostgresExpectedAbsent = nodeRuntimeLocalPostgresExpectedAbsent(spec); const localPostgresReady = localPostgresExpectedAbsent ? localPostgresObjects.length === 0 : localPostgresObjects.length > 0; - const runtimeReady = namespaceExists && localPostgresReady && workloadsReady && (spec.externalPostgres === undefined || (bridge.ready && secrets.ready)); + const runtimeReady = namespaceExists && localPostgresReady && workloadsReady && (activeExternalPostgres === undefined || (bridge.ready && secrets.ready)); const argoReady = argo.exitCode === 0 && repoURL === spec.argoRepoUrl && targetRevision === spec.gitopsBranch && path === spec.runtimePath && syncStatus === "Synced" && health === "Healthy"; const pipelineRunReady = pipelineRunProbe !== null && pipelineRunProbe.status === "True"; const pipelineRunDegradedReason = typeof pipelineRunDiagnostics?.degradedReason === "string" diff --git a/scripts/src/hwlab-node/web-probe.ts b/scripts/src/hwlab-node/web-probe.ts index ab763769..0a644649 100644 --- a/scripts/src/hwlab-node/web-probe.ts +++ b/scripts/src/hwlab-node/web-probe.ts @@ -37,10 +37,12 @@ import { compactRuntimeCommand, runNodeHostScript } from "./runtime-common"; import { assertLane, assertNodeId, keyValueLinesFromText, numericField, optionValue, optionalStringValue, positiveIntegerOption, positiveIntegerValue, record, requiredOption, shellQuote, statusText, stringValue, stripOptions } from "./utils"; import { discoverWebObserveIndexEntry, readWebObserveIndexEntry } from "./web-observe-render"; import { assertKnownOptions, nodeWebProbeAutoCommandTimeoutSeconds, nodeWebProbeDefaultUrl, normalizeNodeWebProbeObserveArgs, parseNodeWebProbeObserveOptions, parseNodeWebProbeSentinelOptions, parseWebProbeBrowserProxyMode } from "./web-probe-observe"; +import { hwlabRuntimeActiveExternalPostgres } from "../hwlab-node-lanes"; export function nodeRuntimeRenderOverlay(spec: HwlabRuntimeLaneSpec): Record { const gitSshProxy = httpProxyEndpoint(spec.networkProfile.proxy.http); const gitMirror = nodeRuntimeGitMirrorTarget(spec); + const activeExternalPostgres = hwlabRuntimeActiveExternalPostgres(spec); const renderGitMirror = { ...gitMirror, egressProxy: gitMirror.egressProxy.mode === "direct" ? { @@ -109,13 +111,13 @@ export function nodeRuntimeRenderOverlay(spec: HwlabRuntimeLaneSpec): Record | null { - const pg = spec.externalPostgres; + const pg = hwlabRuntimeActiveExternalPostgres(spec); if (pg === undefined) return null; const secretRoot = externalPostgresSecretSourceRoot(spec); const cloudApi = readSecretSourceValue(secretRoot, pg.cloudApi.sourceRef, pg.cloudApi.envKey); @@ -905,7 +907,7 @@ export function ensureNodeBaseImage(spec: HwlabRuntimeLaneSpec, dryRun: boolean, } export function externalPostgresSecretSetupScript(spec: HwlabRuntimeLaneSpec, dryRun: boolean): string { - const pg = spec.externalPostgres; + const pg = hwlabRuntimeActiveExternalPostgres(spec); if (pg === undefined) return "true"; const authnKey = pg.openfga.authnKey ?? "authn-preshared-key"; return [ @@ -1068,7 +1070,7 @@ export function isLocalPostgresObject(name: string, spec: HwlabRuntimeLaneSpec): } export function externalPostgresBridgeStatus(spec: HwlabRuntimeLaneSpec, namespaceExists: boolean): Record { - const pg = spec.externalPostgres; + const pg = hwlabRuntimeActiveExternalPostgres(spec); if (pg === undefined) return { required: false, ready: true }; if (!namespaceExists) return { required: true, ready: false, degradedReason: "runtime-namespace-missing" }; const runtimeAccess = pg.runtimeAccess ?? { endpointAddress: pg.endpointAddress, port: pg.port }; @@ -1113,7 +1115,7 @@ export function externalPostgresBridgeStatus(spec: HwlabRuntimeLaneSpec, namespa } export function externalPostgresSecretStatus(spec: HwlabRuntimeLaneSpec, namespaceExists: boolean): Record { - const pg = spec.externalPostgres; + const pg = hwlabRuntimeActiveExternalPostgres(spec); if (pg === undefined) return { required: false, ready: true }; if (!namespaceExists) return { required: true, ready: false, degradedReason: "runtime-namespace-missing" }; const cloudApi = secretKeyStatus(spec, pg.cloudApi.secretName, pg.cloudApi.secretKey);