docs(lore-0063): re-diff BE RBAC + draft BE-repo PR#50
Merged
Conversation
Re-diffed the prices tenant additions against soroban-block-explorer develop @ 8e4e705d. Corrected the drafted services.xml: XML <grants> take no "TO <user>" clause, and added <access_management>0</access_management> to match BE's five live users. Confirmed quotas.xml caps are an exact match to the live high_write / api_throttle values, and that profiles.xml needs no change (write_no_ddl + read_only both in use). Locked two decisions into the runbook: dedicated quota naming (prices_write / prices_read, open item 4) and single-CN with no env suffix (prices-ingestion / prices-api, open item 5). Remaining open item 6 is the pre-PR check that the box CH version applies user-XML <grants> at startup, else fall back to init.sql GRANTs. Added a paste-ready BE-repo PR description (G-be-rbac-pr-description), including a why-this-PR context section for BE reviewers / AI agents.
Last check before applying prices.* to Hetzner. Verified close_usd (task 0061) is wired end-to-end: defined in init.sql (pos 12, all 7 grains via idempotent ALTERs), propagated by argMax through the full rollups.sql MV chain and preroll.sql, and read by the price_usd_series views — which the init binary applies on every run. Confirmed MV positional matching is correct and the views.sql USDC issuer literal is a byte-exact match to prices_clickhouse::USDC_ISSUER. Verdict GREEN: schema clear to deploy. Caveat recorded: close_usd is DEFAULT 0 until enrichment fills it, so price_usd_series is empty post-apply until ingestion populates it (0026/0038/backfill).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
soroban-block-explorerdevelop@8e4e705d; corrected the draftedservices.xml(XML<grants>take noTO <user>clause; added<access_management>0</access_management>to match BE's 5 live users).quotas.xmlcaps are an exact match to BE's livehigh_write/api_throttle, andprofiles.xmlneeds no change (write_no_ddl+read_onlyboth already in use).prices_write/prices_read(open item 4) and single-CN with no env suffixprices-ingestion/prices-api(open item 5).G-be-rbac-pr-description.md) with a why-this-PR context section for BE reviewers / AI agents.<grants>at startup (elseinit.sqlGRANT fallback).