feat(catalog): Add operations and mirrors#1369
Conversation
Add primary and mirror catalog source operations with fallback refresh, verified revision history, explicit rollback, key-rotation status, emergency advisory refresh, operator API and Web Shell surfaces, docs, tests, and deterministic release-certification evidence.
Update AGENTS, project skills, and the release runbook to reflect catalog operations and mirrors, production beta go/no-go evidence, waiver handling, host-only catalog operation routes, and focused validation ownership added since 32b5145.
Update catalog.operations-and-mirrors evidence to inspect the refactored AppCatalogOperations and AppCatalogRefreshCoordinator sources so release-candidate certification sees fallback, stale-revision, rollback, and key-rotation support after the manager split.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: f34ab28efd
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: e83d096c2e
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 1370d6bbd2
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: ba05431353
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: f7d273b0a3
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 5dca67dc3a
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b6cddc3542
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 1d0e295b73
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 21714b2085
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| sourceStore.writeMirrorHealth(normalizedCatalogId, context.health()); | ||
| } catch (IOException metadataException) { |
There was a problem hiding this comment.
Preserve the selected refresh failure when health is oversized
When all endpoints fail and the accumulated health sidecar crosses the new size cap (for example, many mirrors with long resolved URIs/errors), writeMirrorHealth() throws AppCatalogException, not IOException, so this catch is skipped and the API returns invalid_catalog_source instead of the selected catalog_fetch_failed/stale refresh failure. Please catch/suppress catalog metadata failures here as well, or trim before writing, so oversized health metadata does not mask the actual refresh result.
Useful? React with 👍 / 👎.


Summary
catalog.operations-and-mirrorsrelease-certification evidence plus catalog operations docs/runbooks and updated agent guidance.Test plan
./gradlew spotlessApply./gradlew :platform-appcatalog:test./gradlew :platform-api:test --tests '*AppCatalogsApiHandlerTest'./gradlew :test --tests '*PlatformApiToadletTest'./gradlew :platform-appcatalog:test :platform-api:test :test --tests '*PlatformApiRouterTest'python3 tools/release-certification/app_platform_smoke.py --self-testpython3 tools/release-certification/app_platform_docs_check.py --self-testpython3 tools/release-certification/release_certification.py --self-testpython3 tools/release-certification/app_platform_smoke.py --workspace-root . --out-dir build/app-platform-smoke-review --mode pr --skip-gradlecompleted with the expected overallwarndue to--skip-gradle;catalog.operations-and-mirrorsreportedpass.git diff --checkgit diff --cached --checkNotes
./gradlew testwas not rerun for the final branch state; focused module/API/router tests and release-certification self-tests passed.