docs: document validation edge cases, promote/rollback scope, actor resolution, and env vars#25
Merged
Conversation
…esolution, env vars - docs/http-api.md: clarify POST /v1/events validation rules — empty events array returns HTTP 422 (Pydantic); api_version values other than 'v1' (empty string, null, wrong case, unknown strings) return HTTP 400 with a specific message; document that 'inserted' counts only newly written rows; add 422 to Errors table; note inconsistent agent_id within one side's events as a 400 source on POST /v1/diff. - docs/operations-and-policy.md: add 'compute_diff vs. promote/rollback: filter scope' subsection explaining that promote/rollback query events by environment only (no tenant_id or task_id filter), whereas compute_diff supports all three; expand 'cross-agent diffs' section to document the mixed-agent_id-within-events error and its cause; add the new error to the common errors table. - docs/cli.md: document that flightdeck init does not require a pre-existing flightdeck.yaml (it is the exception to the 'all commands require config' rule); add 'Actor resolution' section documenting USER / USERNAME / 'unknown' fallback for CLI audit records and how the HTTP API actor field differs. - DEVELOPMENT.md: add 'Environment variables' reference table covering FLIGHTDECK_LOCAL_API_TOKEN, FLIGHTDECK_USE_SYSTEM_TEMP, USER/USERNAME, VITE_FLIGHTDECK_LOCAL_API_TOKEN, VITE_DEV_PROXY_TARGET, and TMPDIR/TEMP/TMP. Co-authored-by: Gottam Sai Bharath <Gsbreddy@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Documentation-only PR triggered by the recent push to
main(commit9f849fd). Addresses knowledge gaps identified by reviewing the source against the existing docs.Docs added/updated
docs/http-api.mdPOST /v1/eventsvalidation rules: documents that an emptyeventsarray returns HTTP 422 (Pydantic validation), not 400. Clarifies thatapi_versionvalues other than"v1"— empty string,null, wrong case ("V1"), unknown strings — all return HTTP 400 with a specific message ("Unsupported api_version for POST /v1/events: <value> (only 'v1' is accepted)."). Documents thatinsertedcounts only newly written rows (duplicates silently skipped). Adds 422 to the Errors table.POST /v1/differrors: adds "inconsistentagent_idwithin one side's run events" as a 400 source.docs/operations-and-policy.mdcompute_diffvs.promote_release/rollback_release: filter scope" — explains thatpromoteandrollbackquery events by environment only (notenant_idortask_idfilter), whilecompute_diffsupports all three. Advises operators to userelease difffirst when tenant-scoped evaluation is needed.ValueErrorraised when events for one side span multipleagent_idvalues ("Each side of the diff must have a single consistent agent_id among run events."), explains the cause (incorrectly tagged ingest), and gives the fix.docs/cli.mdflightdeck initcaveat — clarifies thatinitis the one exception to the "all commands requireflightdeck.yaml" rule: it creates the file without callingload_config.actorfromUSER(Unix/macOS), thenUSERNAME(Windows), falling back to"unknown". Notes that the HTTP API accepts an explicitactorfield (default"http").DEVELOPMENT.mdFLIGHTDECK_LOCAL_API_TOKEN,FLIGHTDECK_USE_SYSTEM_TEMP,USER/USERNAME,VITE_FLIGHTDECK_LOCAL_API_TOKEN,VITE_DEV_PROXY_TARGET, andTMPDIR/TEMP/TMP.Codepaths covered
src/flightdeck/server/routes/ingest.py—IngestEventsRequestvalidation,api_versionchecksrc/flightdeck/ledger.py—diff_releasesagent_id invariantsrc/flightdeck/operations.py—_evaluate_promotion_or_rollbackevent query scopesrc/flightdeck/cli/main.py—actor_name(),initcommandKnowledge gaps addressed
[]or use wrongapi_versioncasing got opaque errors with no docs to explain the distinction.--tenant/--taskflags onrelease diffhave no equivalent inrelease promote, making tenant-specific safety analysis a multi-step workflow.agent_idin events: a silent data quality issue that surfaces as a confusingValueErrorwith no previous mention in docs.release_actionswould see"unknown"or a username with no explanation of how those values are set.