Revert "chore: drop 'Infisical' label from internal references"

This reverts commit 19706e56b3.
2026-06-07 15:51:30 +00:00 · 2026-05-04 01:18:15 +00:00
parent 19706e56b3
commit aebfd8bd7c
34 changed files with 64 additions and 63 deletions
@@ -11,7 +11,7 @@ import (
 )

 // ApprovalService manages the issuance approval-workflow primitive.
-// Rank 7 of the 2026-05-03 deep-research deliverable.
+// Rank 7 of the 2026-05-03 Infisical deep-research deliverable.
 //
 // Lifecycle: a profile with RequiresApproval=true causes the renewal
 // entry points (TriggerRenewal + CheckExpiringCertificates) to call
@@ -8,7 +8,7 @@ import (
 )

 // ApprovalMetrics is a thread-safe counter table for the issuance
-// approval-workflow dispatch path. Rank 7 of the 2026-05-03 deep-research
+// approval-workflow dispatch path. Rank 7 of the 2026-05-03 Infisical
 // deep-research deliverable. Mirrors the ExpiryAlertMetrics +
 // VaultRenewalMetrics shape: cmd/server/main.go constructs ONE instance,
 // passes it to ApprovalService (recording side) AND metricsHandler
@@ -39,7 +39,7 @@ type CertificateService struct {
 	// a parallel ApprovalRequest row is created via approvalSvc. The
 	// scheduler does NOT dispatch until ApprovalService.Approve
 	// transitions the job to Pending. Rank 7 of the 2026-05-03
-	// deep-research deliverable. Both setters are optional —
+	// Infisical deep-research deliverable. Both setters are optional —
 	// when either is nil, gating is skipped and TriggerRenewal falls
 	// back to the historical unattended path.
 	approvalSvc *ApprovalService
@@ -107,7 +107,7 @@ func (s *CertificateService) SetKeygenMode(mode string) {

 // SetApprovalService wires the approval-workflow service. When both this
 // and SetProfileRepo are wired, TriggerRenewal gates on
-// CertificateProfile.RequiresApproval. Rank 7 of the 2026-05-03 deep-research
+// CertificateProfile.RequiresApproval. Rank 7 of the 2026-05-03 Infisical
 // deep-research deliverable.
 func (s *CertificateService) SetApprovalService(svc *ApprovalService) {
 	s.approvalSvc = svc
@@ -8,8 +8,8 @@ import (

 // ExpiryAlertMetrics is a thread-safe counter table for the per-policy
 // multi-channel expiry-alert dispatch path. Rank 4 of the 2026-05-03
-// deep-research deliverable
-// (cowork/deep-research-results-2026-05-03.md Part 5). Closes the
+// Infisical deep-research deliverable
+// (cowork/infisical-deep-research-results.md Part 5). Closes the
 // procurement-checklist gap where a customer who configured PagerDuty
 // for cert-expiry pages got silent nothing — ExpirationWarning shipped
 // only to Email pre-fix.
@@ -54,7 +54,7 @@ type NotificationService struct {
 	// to SendThresholdAlertOnChannel reports its outcome (success / failure)
 	// to the metric sink so the Prometheus exposer surfaces
 	// certctl_expiry_alerts_total{channel,threshold,result}. Rank 4 of the
-	// 2026-05-03 deep-research deliverable. Nil leaves the
+	// 2026-05-03 Infisical deep-research deliverable. Nil leaves the
 	// dispatch path unchanged (no metric emission, but alerts still fire).
 	expiryAlertMetrics ExpiryAlertRecorder
 }
@@ -149,7 +149,7 @@ func (s *NotificationService) SendExpirationWarning(ctx context.Context, cert *d
 //
 // Policy-driven dispatch in RenewalService.sendThresholdAlerts uses
 // SendThresholdAlertOnChannel directly with the channel resolved from the
-// per-policy AlertChannels matrix. Rank 4 of the 2026-05-03 deep-research
+// per-policy AlertChannels matrix. Rank 4 of the 2026-05-03 Infisical
 // deep-research deliverable.
 func (s *NotificationService) SendThresholdAlert(ctx context.Context, cert *domain.ManagedCertificate, daysUntilExpiry int, threshold int) error {
 	return s.SendThresholdAlertOnChannel(ctx, cert, daysUntilExpiry, threshold, domain.NotificationChannelEmail)
@@ -204,7 +204,7 @@ func (s *RenewalService) CheckExpiringCertificates(ctx context.Context) error {
 		// policy pointer (nil-safe) drives the per-(threshold) channel
 		// matrix; nil policy or empty AlertChannels falls through to the
 		// back-compat Email-only default. Rank 4 of the 2026-05-03
-		// deep-research deliverable.
+		// Infisical deep-research deliverable.
 		var policyPtr *domain.RenewalPolicy
 		if cert.RenewalPolicyID != "" {
 			policyPtr = policyCache[cert.RenewalPolicyID]
@@ -323,8 +323,8 @@ func (s *RenewalService) CheckExpiringCertificates(ctx context.Context) error {
 //     AND metadata->>'channel' = 'PagerDuty' to answer "did the on-call
 //     team get paged?".
 //
-// Rank 4 of the 2026-05-03 deep-research deliverable
-// (cowork/deep-research-results-2026-05-03.md Part 5). The policy
+// Rank 4 of the 2026-05-03 Infisical deep-research deliverable
+// (cowork/infisical-deep-research-results.md Part 5). The policy
 // argument is nil-safe — a cert with no RenewalPolicy attached gets the
 // back-compat Email-only default matrix.
 func (s *RenewalService) sendThresholdAlerts(
@@ -1,7 +1,7 @@
 package service

-// Rank 4 of the 2026-05-03 deep-research deliverable
-// (cowork/deep-research-results-2026-05-03.md Part 5). Pins every leg of
+// Rank 4 of the 2026-05-03 Infisical deep-research deliverable
+// (cowork/infisical-deep-research-results.md Part 5). Pins every leg of
 // the per-policy multi-channel expiry-alert fan-out matrix:
 //
 //   1. Default matrix → Email-only at every tier (back-compat).
@@ -513,7 +513,7 @@ func (m *mockNotifRepo) List(ctx context.Context, filter *repository.Notificatio
 	// Apply each non-zero filter field. Mirror the postgres notification
 	// repo's WHERE-clause shape (CertificateID, Type, Status, Channel,
 	// MessageLike) so the multi-channel expiry-alert tests
-	// (renewal_expiry_alerts_test.go, Rank 4 of the 2026-05-03 deep-research
+	// (renewal_expiry_alerts_test.go, Rank 4 of the 2026-05-03 Infisical
 	// deep-research deliverable) get the same per-(cert, threshold,
 	// channel) dedup behaviour they'd see in production. Pre-Rank 4 the
 	// mock returned all rows regardless of filter; legacy callers