Skip to content

harden exec, log sessions adn sqlite #814

Merged
emirhandurmus merged 13 commits into
eclipse-iofog:developfrom
Datasance:develop
Jun 24, 2026
Merged

harden exec, log sessions adn sqlite #814
emirhandurmus merged 13 commits into
eclipse-iofog:developfrom
Datasance:develop

Conversation

@emirhandurmus

Copy link
Copy Markdown
Contributor

No description provided.

emirhandurmus and others added 13 commits June 24, 2026 21:17
Enable WAL, busy_timeout, and NORMAL synchronous pragmas on connect. Add
withDbBusyRetry for task claims and improve SQLITE_BUSY detection in the
transaction decorator and NATS reconcile claim path.
Introduce FogPlatformSpecs, FogPlatformStatuses, FogPlatformReconcileTasks,
ServicePlatformReconcileTasks, and HubRouterConfigLocks with Sequelize
models, managers, deduplicated enqueue, and stale task reclaim.
Extract router/NATS lifecycle into FogPlatformService with full recompute
of service-derived TCP bridges. Add ServicePlatformService for hub
connector/listener, K8s Service lifecycle, ConfigMap lock, and fog fan-out.
Run fog and service reconcile claims in one worker with backoff and max
attempts. Add periodic drift sweep and delay reconcile-heavy jobs on boot
to reduce SQLite lock contention on single-controller deployments.
…PIs.

Enqueue fog and service reconcile tasks on create, update, and delete.
Add spec fallback for router/nats modes, platformStatus on fog GET, manual
reconcile endpoints, and agent warning gating during non-Ready phases.
Add platformStatus, provisioningStatus hub semantics, reconcile routes,
and architecture overview for the three-layer reconcile model.
…c_b lifecycle.

Enforce connection limits and fresh DB transactions on close, add HA AMQP fail-fast,
30s SIGTERM drain, stale session reconcile job, batched log session queries, and OTEL metrics.
Replace callback-based db.run/db.close with sqliteRun/sqliteClose and reliable rollback on failure.
… tests.

Cover same-replica pairing, mock AMQP cross-replica relay, RBAC and rate limits,
session quotas and timeouts, graceful drain, and a 500-pair load probe script.
Add architecture HA section, ws-sessions operations guide, and changelog entry for session hardening.
Scrub phase labels from Dockerfile, PKI guide, RBAC reference, rbac-audit script, and OIDC test README.
…ning

Controller/16 ws exec log hardening
@emirhandurmus emirhandurmus merged commit 40bf367 into eclipse-iofog:develop Jun 24, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant