Skip to main content

Module migrate

Module migrate 

Source
Expand description

gtc op env migrate-dev <target> (A4b of plans/next-gen-deployment.md).

Preflight-gated, one-shot migration of a legacy dev environment to the A4 bootstrap target (typically local). Two verbs:

Scope is intentionally narrow:

  • Refuses migration of any source env that carries bundles, revisions, traffic splits, or a credentials_ref — those require deep ref rewrites (env-scoped SecretRefs, BundleDeployment.env_id, etc.) which A4b’s “presence guarantee” semantic does not promise.
  • On a “simple” source (only host_config + optional pack bindings), the merge preserves user-customized bindings on the target: defaults missing from target get filled from source; slots already bound on target stay untouched (the A4 #206 lesson — bootstrap is presence, not replacement).
  • Audit-log scanning (A7) and secrets-store scanning (A4b PR4) ship as NotYetImplemented placeholders so the report surface is forward-stable.

Structs§

AuditLogScanner
Placeholder for the audit-log scanner. A7 adds an append-only audit log keyed by env; until then we report a single informational finding so operators don’t expect this surface to silently catch missed references.
BundleHintScanner
Permanent no-op scanner — bundles carry no embedded env hint in any shipped code (per the A4b inventory), so any future drift would surface as a new scanner rather than a finding here.
LocalFsStoreScanner
Inspects the configured LocalFsStore root for a <from_env> directory. Classifies any source env as either a “simple” candidate (only host_config + optional pack bindings) or “complex” (carries bundles, revisions, traffic splits, or a credentials_ref).
MigrateDevApplyOutcome
Outcome of migrate-dev --apply. Only emitted when the check was clean.
MigrateDevReport
Report returned by migrate-dev --check.
MigrationFinding
One observation from a scanner run.
RuntimeConfigScanner
Reports a finding when GREENTIC_ENV is set to the legacy value in the process environment running the check. The migration tool can’t fix this from inside the process (the var is set in the caller’s shell), but flagging it informs the operator that their shell will still resolve dev after the on-disk migration.
ScanContext
Read-only context handed to every scanner.
SecretsStoreScanner
Placeholder for the secrets-store scanner. PR4 of A4b adds the real helper in greentic-secrets-broker; until then, no production code-paths enumerate dev-scoped keys, so this scanner reports a no-op informational finding.

Enums§

FindingSeverity
Severity classification for a single finding.

Constants§

LEGACY_ENV_ID
Legacy env-id this migration moves from. The target env-id is provided by the caller; defaults to LOCAL_ENV_ID in the binary clap layer.

Traits§

MigrationScanner
Pluggable scanner — each implementation reports zero or more MigrationFindings for one slice of legacy dev-named state.

Functions§

apply
op env migrate-dev <target> --apply. Re-runs the check, refuses with OpError::Conflict if not clean, then merges the source env into the target under the target’s transact lock and renames the source directory to a hidden .dev-migrated-<ts> sentinel.
check
op env migrate-dev <target> --check. Reports findings without touching state.
classify_runtime_env_var
Pure classification helper for RuntimeConfigScanner. Returns Some(finding) iff value equals the legacy env id. Extracted from the scanner so tests can exercise the logic without mutating the process environment — the crate is #![forbid(unsafe_code)] and Rust 2024 requires unsafe to set/remove env vars.
default_scanners
Bundle the set of scanners that ship with A4b. Future PRs add to this vector; consumers that want a different set can call the individual scanners directly.
run_check
Run every scanner and produce the report.