131868bdca
Major security, observability, and configuration improvements:
## Security Hardening
- Implemented configurable CORS (no more wildcards)
- Added comprehensive auth middleware for admin endpoints
- Enhanced webhook HMAC validation
- Added input validation and rate limiting
- Security headers and CSP policies
## Configuration Management
- Made N8N webhook URL configurable (WHOOSH_N8N_BASE_URL)
- Replaced all hardcoded endpoints with environment variables
- Added feature flags for LLM vs heuristic composition
- Gitea fetch hardening with EAGER_FILTER and FULL_RESCAN options
## API Completeness
- Implemented GetCouncilComposition function
- Added GET /api/v1/councils/{id} endpoint
- Council artifacts API (POST/GET /api/v1/councils/{id}/artifacts)
- /admin/health/details endpoint with component status
- Database lookup for repository URLs (no hardcoded fallbacks)
## Observability & Performance
- Added OpenTelemetry distributed tracing with goal/pulse correlation
- Performance optimization database indexes
- Comprehensive health monitoring
- Enhanced logging and error handling
## Infrastructure
- Production-ready P2P discovery (replaces mock implementation)
- Removed unused Redis configuration
- Enhanced Docker Swarm integration
- Added migration files for performance indexes
## Code Quality
- Comprehensive input validation
- Graceful error handling and failsafe fallbacks
- Backwards compatibility maintained
- Following security best practices
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
108 lines
3.0 KiB
Go
108 lines
3.0 KiB
Go
package pgx
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/jackc/pgx/v5/pgconn"
|
|
)
|
|
|
|
// QueryTracer traces Query, QueryRow, and Exec.
|
|
type QueryTracer interface {
|
|
// TraceQueryStart is called at the beginning of Query, QueryRow, and Exec calls. The returned context is used for the
|
|
// rest of the call and will be passed to TraceQueryEnd.
|
|
TraceQueryStart(ctx context.Context, conn *Conn, data TraceQueryStartData) context.Context
|
|
|
|
TraceQueryEnd(ctx context.Context, conn *Conn, data TraceQueryEndData)
|
|
}
|
|
|
|
type TraceQueryStartData struct {
|
|
SQL string
|
|
Args []any
|
|
}
|
|
|
|
type TraceQueryEndData struct {
|
|
CommandTag pgconn.CommandTag
|
|
Err error
|
|
}
|
|
|
|
// BatchTracer traces SendBatch.
|
|
type BatchTracer interface {
|
|
// TraceBatchStart is called at the beginning of SendBatch calls. The returned context is used for the
|
|
// rest of the call and will be passed to TraceBatchQuery and TraceBatchEnd.
|
|
TraceBatchStart(ctx context.Context, conn *Conn, data TraceBatchStartData) context.Context
|
|
|
|
TraceBatchQuery(ctx context.Context, conn *Conn, data TraceBatchQueryData)
|
|
TraceBatchEnd(ctx context.Context, conn *Conn, data TraceBatchEndData)
|
|
}
|
|
|
|
type TraceBatchStartData struct {
|
|
Batch *Batch
|
|
}
|
|
|
|
type TraceBatchQueryData struct {
|
|
SQL string
|
|
Args []any
|
|
CommandTag pgconn.CommandTag
|
|
Err error
|
|
}
|
|
|
|
type TraceBatchEndData struct {
|
|
Err error
|
|
}
|
|
|
|
// CopyFromTracer traces CopyFrom.
|
|
type CopyFromTracer interface {
|
|
// TraceCopyFromStart is called at the beginning of CopyFrom calls. The returned context is used for the
|
|
// rest of the call and will be passed to TraceCopyFromEnd.
|
|
TraceCopyFromStart(ctx context.Context, conn *Conn, data TraceCopyFromStartData) context.Context
|
|
|
|
TraceCopyFromEnd(ctx context.Context, conn *Conn, data TraceCopyFromEndData)
|
|
}
|
|
|
|
type TraceCopyFromStartData struct {
|
|
TableName Identifier
|
|
ColumnNames []string
|
|
}
|
|
|
|
type TraceCopyFromEndData struct {
|
|
CommandTag pgconn.CommandTag
|
|
Err error
|
|
}
|
|
|
|
// PrepareTracer traces Prepare.
|
|
type PrepareTracer interface {
|
|
// TracePrepareStart is called at the beginning of Prepare calls. The returned context is used for the
|
|
// rest of the call and will be passed to TracePrepareEnd.
|
|
TracePrepareStart(ctx context.Context, conn *Conn, data TracePrepareStartData) context.Context
|
|
|
|
TracePrepareEnd(ctx context.Context, conn *Conn, data TracePrepareEndData)
|
|
}
|
|
|
|
type TracePrepareStartData struct {
|
|
Name string
|
|
SQL string
|
|
}
|
|
|
|
type TracePrepareEndData struct {
|
|
AlreadyPrepared bool
|
|
Err error
|
|
}
|
|
|
|
// ConnectTracer traces Connect and ConnectConfig.
|
|
type ConnectTracer interface {
|
|
// TraceConnectStart is called at the beginning of Connect and ConnectConfig calls. The returned context is used for
|
|
// the rest of the call and will be passed to TraceConnectEnd.
|
|
TraceConnectStart(ctx context.Context, data TraceConnectStartData) context.Context
|
|
|
|
TraceConnectEnd(ctx context.Context, data TraceConnectEndData)
|
|
}
|
|
|
|
type TraceConnectStartData struct {
|
|
ConnConfig *ConnConfig
|
|
}
|
|
|
|
type TraceConnectEndData struct {
|
|
Conn *Conn
|
|
Err error
|
|
}
|