feat(cf): unified cross-env Cloudflare map (GET /admin/cf/map)#283
Merged
Conversation
The per-env snapshot only ever sees its own `dd-{env}-*` slice, so it
can't surface a closed PR's leaked resources (no per-env CP exists to
notice them). But prod and every pr-N share one CF account, so the
management view must handle them together.
Add a cross-env map built straight from the CF API (independent of any
CP being up — the basis for "CF is source of truth"):
- `Env::from_resource_name(name)` attributes any `dd-{env}-{cp|agent|api}-…`
resource to its env, recovering hyphenated labels (pr-42) intact.
- `cf_map::build_map` enumerates ALL `dd-*` tunnels/apps + every
tunnel-targeting CNAME, groups them by installation (production, each
pr-N, bot, dogfood) plus an `(unattributed)` bucket for resources whose
env can't be parsed or whose CNAME targets a tunnel we no longer have
(the leak). DNS is attributed via the tunnel its content references.
Each install reports `has_live_cp` (a non-deleted `-cp-` tunnel exists)
so torn-down envs stand out. Degraded-aware (reuses the PR-2 pattern).
- `GET /admin/cf/map` serves it, same auth as `/admin/cf/snapshot`,
read-only. The per-env snapshot stays for the focused view.
Groundwork for the operator-gated reconcile (next PRs); no mutations.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
DD preview readyURL: https://pr-283.devopsdefender.com Browser login: visit https://pr-283.devopsdefender.com — DD redirects you to Machine-to-machine: GitHub Actions workflows in the Register endpoint for a local agent: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
PR-3 of the CF-reconcile arc — the unified cross-env view (per your steer: prod + PRs can't be cleanly isolated, so the management layer handles both together).
Why
The per-env
/admin/cf/snapshotonly sees its owndd-{env}-*slice, so it can't surface a closed PR's leaked CF resources — no per-env CP exists to notice them. Since prod and every pr-N share one Cloudflare account, the management view must enumerate and attribute everything together.What
Built straight from the CF API (so it reflects reality regardless of which CPs are up — the basis for "CF is source of truth"):
Env::from_resource_name(name)attributes anydd-{env}-{cp|agent|api}-…resource to its env, recovering hyphenated labels (pr-42) intact.cf_map::build_mapenumerates ALLdd-*tunnels + apps + every tunnel-targeting CNAME, groups by installation (production, eachpr-N,bot,dogfood) + an(unattributed)bucket for unparseable names or CNAMEs whose target tunnel is gone (the leak). DNS is attributed via the tunnel its*.cfargotunnel.comcontent references. Each install reportshas_live_cpso torn-down envs stand out. Degraded-aware (reuses PR-2's independently-fallible fetches).GET /admin/cf/mapserves it — same auth as/admin/cf/snapshot, read-only. The per-env snapshot stays for the focused view.Groundwork for the operator-gated reconcile (next PRs); no mutations here.
Validation
cargo fmtclean; compiles locally (only the macOSsessiond.rsnoise; CI builds musl). Unit tests forEnv::from_resource_name(incl.pr-42,bot, non-conforming → None).GET /admin/cf/mapshows both installations grouped, each resource env-attributed.🤖 Generated with Claude Code