diff --git a/docs/testing/skip-inventory.md b/docs/testing/skip-inventory.md index 251f7f6..66a8138 100644 --- a/docs/testing/skip-inventory.md +++ b/docs/testing/skip-inventory.md @@ -8,8 +8,8 @@ ## Summary -- Total t.Skip sites: **144** -- testing.Short() guards: **78** (these gate behind `go test -short`) +- Total t.Skip sites: **147** +- testing.Short() guards: **82** (these gate behind `go test -short`) Re-run inventory with: `./scripts/skip-inventory.sh`. @@ -162,6 +162,9 @@ Re-run inventory with: `./scripts/skip-inventory.sh`. ### `internal/repository/postgres` +- `internal/repository/postgres/audit_chain_test.go:137` — t.Skip("skipping integration test in short mode") +- `internal/repository/postgres/audit_chain_test.go:36` — t.Skip("skipping integration test in short mode") +- `internal/repository/postgres/audit_chain_test.go:58` — t.Skip("skipping integration test in short mode") - `internal/repository/postgres/audit_worm_test.go:29` — t.Skip("skipping integration test in short mode") - `internal/repository/postgres/auth_revoke_scope_test.go:118` — t.Skip("integration test in short mode") - `internal/repository/postgres/auth_revoke_scope_test.go:149` — t.Skip("integration test in short mode") diff --git a/internal/repository/postgres/user.go b/internal/repository/postgres/user.go index e3e34a8..9038d86 100644 --- a/internal/repository/postgres/user.go +++ b/internal/repository/postgres/user.go @@ -185,6 +185,13 @@ func (r *UserRepository) ListAll(ctx context.Context, tenantID string) ([]*userd // this list per tick and calls UserRetentionService.DeleteUserPII on // each. Cross-tenant on purpose: a single retention policy spans the // whole control plane. +// +// multi-tenant-query-coverage carve-out: the SELECT below intentionally +// omits `tenant_id` because retention is a control-plane-wide policy +// (one CERTCTL_USER_RETENTION_WINDOW for the whole deployment, not +// per-tenant). Adding a `tenant_id = $N` filter would require the +// scheduler loop to iterate every tenant, which is more code for +// equivalent semantics. The guard's baseline counts this query. func (r *UserRepository) ListDeactivatedBefore(ctx context.Context, threshold time.Time) ([]*userdomain.User, error) { rows, err := r.db.QueryContext(ctx, `SELECT `+userColumns+` diff --git a/internal/service/audit_chain_metric.go b/internal/service/audit_chain_metric.go index e5c32bf..95589bc 100644 --- a/internal/service/audit_chain_metric.go +++ b/internal/service/audit_chain_metric.go @@ -88,8 +88,10 @@ func (c *AuditChainCounter) RecordBreak(brokenAtID string, brokenAtPos int) { } } -// Snapshot returns the current counter state for the Prometheus -// exposer. Reads use atomic loads — no mutex. +// AuditChainSnapshot is the point-in-time view of the counters the +// Prometheus exposer reads. Snapshot() returns one of these; the +// metrics handler renders each field into Prometheus exposition +// format. Reads use atomic loads — no mutex required. type AuditChainSnapshot struct { BreaksDetected uint64 WalksCompleted uint64 diff --git a/scripts/ci-guards/multi-tenant-query-coverage.sh b/scripts/ci-guards/multi-tenant-query-coverage.sh index c12f45d..c25faa1 100755 --- a/scripts/ci-guards/multi-tenant-query-coverage.sh +++ b/scripts/ci-guards/multi-tenant-query-coverage.sh @@ -67,8 +67,16 @@ TARGET_DIR="${REPO_ROOT}/internal/repository/postgres" # # To rebase: re-run the guard, set BASELINE_COUNT to the new value, # include the rebase commit's SHA in the "last rebase" comment. -BASELINE_COUNT=31 -# Last rebase: 2026-05-11 (Audit 2026-05-11 fix bundle dropped tenant_id-less +BASELINE_COUNT=32 +# Last rebase: 2026-05-16 (Sprint 6 COMP-002-RETENTION added +# UserRepository.ListDeactivatedBefore at internal/repository/postgres/user.go:191 +# — legitimately tenant-spanning by design. The scheduler's +# userRetentionLoop walks every tenant's deactivated users on the +# same tick; the retention policy is control-plane-wide, not +# per-tenant. Documented inline in the SQL comment. +# +# Prior rebases: +# 2026-05-11 (Audit 2026-05-11 fix bundle dropped tenant_id-less # queries by 1; v2.1.0 release-gate Phase 5 ratcheted baseline 32 -> 31). if [ ! -d "$TARGET_DIR" ]; then