Skip to content

[fm] Introduce SitrepGuardedInsert.#10564

Open
mergeconflict wants to merge 3 commits into
mainfrom
mergeconflict/fm-sitrepguardedinsert
Open

[fm] Introduce SitrepGuardedInsert.#10564
mergeconflict wants to merge 3 commits into
mainfrom
mergeconflict/fm-sitrepguardedinsert

Conversation

@mergeconflict

@mergeconflict mergeconflict commented Jun 8, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Add the SitrepGuardedInsert Diesel combinator and the SitrepGuardedResource trait: a generic primitive for FM rendezvous to insert a resource row idempotently and guarded against stale-sitrep execution.

The combinator wraps a caller-supplied resource INSERT in a single CTE statement that:

  • aborts (StaleSitrep) unless the executor's expected generation still equals the latest sitrep's generation column;
  • short-circuits (AlreadyExists) if a creation marker already exists for the resource id;
  • on a successful insert, atomically writes a creation marker, gated by WHERE EXISTS (SELECT 1 FROM new_resource) so a marker is never fabricated for a pre-existing row.

Context: #10248. This PR was previously #10532 but I made a mess of it. This is used in #10533 and #10535 which are split out in hopes of making the review somewhat less miserable.

@mergeconflict
[fm] Introduce SitrepGuardedInsert.
21c72b0 
Add the `SitrepGuardedInsert` Diesel combinator and the
`SitrepGuardedResource` trait: a generic primitive for FM rendezvous to
insert a resource row idempotently and guarded against stale-sitrep
execution.

The combinator wraps a caller-supplied resource INSERT in a single CTE
statement that:

  - aborts (StaleSitrep) unless the executor's expected generation still
    equals the latest sitrep's generation column;
  - short-circuits (AlreadyExists) if a creation marker already exists for
    the resource id;
  - on a successful insert, atomically writes a creation marker, gated by
    `WHERE EXISTS (SELECT 1 FROM new_resource)` so a marker is never
    fabricated for a pre-existing row.

All spliced SQL identifiers come from the trait's `&'static str` consts, so
the query is injection-safe. The result is surfaced as a
`SitrepGuardedInsertOutcome` of Created / AlreadyExists / StaleSitrep.
@mergeconflict mergeconflict requested review from hawkw and smklein June 8, 2026 18:00
@mergeconflict mergeconflict self-assigned this Jun 8, 2026
@mergeconflict mergeconflict added the fault-management Everything related to the fault-management initiative (RFD480 and others) label Jun 8, 2026
This was referenced Jun 8, 2026
Open
Open
@mergeconflict mergeconflict added this to the 21 milestone Jun 8, 2026
smklein
smklein reviewed Jun 8, 2026
View reviewed changes
Comment thread nexus/db-queries/src/db/sitrep_guard.rs Outdated
Comment thread nexus/db-queries/src/db/sitrep_guard.rs
Comment thread nexus/db-queries/src/db/sitrep_guard.rs Outdated
Comment thread nexus/db-queries/tests/output/sitrep_guarded_insert.sql
@mergeconflict mergeconflict requested a review from smklein June 8, 2026 20:13
smklein
smklein approved these changes Jun 8, 2026
View reviewed changes

@smklein smklein left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remember to hold off on merging until the gate re-opens, but otherwise LGTM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@smklein smklein smklein approved these changes

@hawkw hawkw Awaiting requested review from hawkw

Assignees

@mergeconflict mergeconflict

Labels

fault-management Everything related to the fault-management initiative (RFD480 and others)

Projects

None yet

Milestone

21

Development

Successfully merging this pull request may close these issues.

2 participants

@mergeconflict @smklein