SSH proxy + governance: ShellClass, ceremony, breach, delegation (Rust)
Tyler J King
eab96ef3d4
Two bugs surfaced when bascule-gateway pods first reached Running and
attempted config load (F.4 deployment):
1. Env-var override didn't take effect for any BASCULE_* variable.
config::Environment::with_prefix("BASCULE") without an explicit
prefix_separator strips the literal "BASCULE" with no separator,
so BASCULE_ACCORD_PATH became "_ACCORD_PATH" (leading underscore)
which doesn't match the field "accord_path". Result: every env
override silently fell back to the default in config.rs, and the
pod read /accord/accord.yaml instead of /etc/bascule/accord.yaml
from the configured volume. Adds .prefix_separator("_") to match
QM's pattern in services/quartermaster/src/config.rs:150.
2. Embedded fallback accord YAML had `sampled: []` and a stray
`sampleRate: 1`, but the schema has
`sampled: Option<SampledConfig {events, sample_rate}>` — empty
list mis-parses as struct. Result: when accord file lookup failed,
the .expect("empty accord must parse") panicked, crashing the
bascule-gateway container. Now omitted (Option default None).
Both fixes verified against accord-core's schema in
services/accord-core/src/schema.rs.
Signed-off-by: Tyler J King <tking@guildhouse.dev>
|
||
|---|---|---|
| bascule-agent | ||
| bascule-core | ||
| bascule-filter-core | ||
| bascule-gateway | ||
| bascule-node-agent | ||
| bascule-proto | ||
| bascule-shell | ||
| bascule-tail | ||
| ceremony-engine | ||
| proto/bascule/v1 | ||
| .gitignore | ||
| ARCHITECTURE.md | ||
| Cargo.lock | ||
| Cargo.toml | ||
| CHANGELOG.md | ||