fix: replace SHA1 with SHA256 in ServiceInstanceName; fix preflight E2E tests

- Use crypto/sha256 instead of crypto/sha1 to satisfy static analysis
- Preflight E2E tests now create the DB first, then update with the
  bad config — asserting the update task fails rather than expecting
  NewDatabaseFixture itself to fail

Author: moizpgedge

e2e/postgrest_test.go

@@ -167,7 +167,13 @@ func TestPostgRESTPreflight_MissingSchema(t *testing.T) {
 	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Minute)
 	defer cancel()
 
+	// Create the database without any services first (this must succeed).
 	db := fixture.NewDatabaseFixture(ctx, t, &controlplane.CreateDatabaseRequest{
+		Spec: postgrestBaseSpec("test_postgrest_preflight_schema", []string{host1}, nil),
+	})
+
+	// Adding PostgREST with a nonexistent schema must cause the task to fail.
+	err := db.Update(ctx, UpdateOptions{
 		Spec: postgrestBaseSpec(
 			"test_postgrest_preflight_schema",
 			[]string{host1},
@@ -178,17 +184,8 @@ func TestPostgRESTPreflight_MissingSchema(t *testing.T) {
 			},
 		),
 	})
-
-	// The database itself provisions; only the PostgREST task fails.
-	require.NoError(t, db.Refresh(ctx))
-
-	// Service instance should not reach running.
-	for _, si := range db.ServiceInstances {
-		if si.ServiceID == "postgrest-api" {
-			assert.NotEqual(t, "running", si.State,
-				"service should not reach running when schema is missing")
-		}
-	}
+	require.Error(t, err, "expected update task to fail due to missing schema")
+	assert.Contains(t, err.Error(), "nonexistent_schema", "error should mention the missing schema")
 }
 
 // TestPostgRESTPreflight_MissingAnonRole verifies the preflight check rejects
@@ -201,7 +198,13 @@ func TestPostgRESTPreflight_MissingAnonRole(t *testing.T) {
 	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Minute)
 	defer cancel()
 
+	// Create the database without any services first (this must succeed).
 	db := fixture.NewDatabaseFixture(ctx, t, &controlplane.CreateDatabaseRequest{
+		Spec: postgrestBaseSpec("test_postgrest_preflight_role", []string{host1}, nil),
+	})
+
+	// Adding PostgREST with a nonexistent anon role must cause the task to fail.
+	err := db.Update(ctx, UpdateOptions{
 		Spec: postgrestBaseSpec(
 			"test_postgrest_preflight_role",
 			[]string{host1},
@@ -212,15 +215,8 @@ func TestPostgRESTPreflight_MissingAnonRole(t *testing.T) {
 			},
 		),
 	})
-
-	require.NoError(t, db.Refresh(ctx))
-
-	for _, si := range db.ServiceInstances {
-		if si.ServiceID == "postgrest-api" {
-			assert.NotEqual(t, "running", si.State,
-				"service should not reach running when anon role is missing")
-		}
-	}
+	require.Error(t, err, "expected update task to fail due to missing anon role")
+	assert.Contains(t, err.Error(), "nonexistent_role", "error should mention the missing role")
 }
 
 // TestPostgRESTHealthCheck verifies the service responds to HTTP requests once running.

server/internal/orchestrator/swarm/orchestrator.go

@@ -3,7 +3,7 @@ package swarm
 import (
 	"bytes"
 	"context"
-	"crypto/sha1"
+	"crypto/sha256"
 	"errors"
 	"fmt"
 	"io"
@@ -162,9 +162,9 @@ func (o *Orchestrator) GenerateInstanceResources(spec *database.InstanceSpec) (*
 // are hashed together into a single 16-char base-36 suffix. The serviceType
 // prefix is kept for readability and is truncated to 10 chars to fit comfortably.
 func ServiceInstanceName(serviceType, databaseID, serviceID, hostID string) string {
-	hash := sha1.Sum([]byte(databaseID + ":" + serviceID + ":" + hostID))
+	hash := sha256.Sum256([]byte(databaseID + ":" + serviceID + ":" + hostID))
 	base36 := new(big.Int).SetBytes(hash[:]).Text(36)
-	// Pad to 16 chars (sha1 produces enough entropy; left-pad with zeros if short).
+	// Pad to 16 chars (sha256 produces enough entropy; left-pad with zeros if short).
 	suffix := fmt.Sprintf("%016s", base36)[:16]
 	prefix := serviceType
 	if len(prefix) > 10 {