Skip to content

Clean duplicate active preview receipts#36

Merged
rogu3bear merged 1 commit into
mainfrom
build/previews-dedupe-active
Jul 1, 2026
Merged

Clean duplicate active preview receipts#36
rogu3bear merged 1 commit into
mainfrom
build/previews-dedupe-active

Conversation

@rogu3bear

Copy link
Copy Markdown
Owner

Summary

  • Add cfctl previews purge-duplicate-active for local preview inventory cleanup after repeated plan refreshes.
  • Group active trusted preview receipts by lane plus policy/request/target fingerprints, keep the newest receipt, and remove only older local artifacts.
  • Update README, runbook, runtime policy, static contract, and public-contract smoke coverage so the command stays part of the public cfctl previews surface.

Behavioral Changes

  • cfctl previews rows now include trust fingerprints in the result payload.
  • purge-duplicate-active reports purged_count, duplicate_group_count, and removed receipt metadata.
  • Expired and legacy preview cleanup remain separate commands; this path does not run --ack-plan or mutate Cloudflare.

Implications

  • Repeated safe --plan refreshes can be compacted without losing the newest actionable operation id for a concrete request.
  • Maildesk sender-domain readiness receipts should be easier to read after refresh automation runs.
  • Existing preview/apply trust validation remains unchanged.

Risk Areas / Confidence

  • Duplicate key selection: high confidence. It uses lane plus policy/request/target fingerprints already required for trusted preview validation.
  • Deletion scope: high confidence. The implementation filters to active, non-expired, trust-complete local receipts and removes older siblings only.
  • Runtime docs/contract drift: high confidence. Static assertions and public-contract smoke checks were updated.

Test Plan

  • ./scripts/verify_static_contract.sh
  • python3 scripts/verify_permission_catalog.py --cfctl ./cfctl
  • ./cfctl previews purge-duplicate-active | jq '.summary'
  • ./cfctl previews purge-expired | jq '.summary'
  • ./cfctl doctor | jq '.summary'
  • ./cfctl previews | jq '.summary'

Review Focus

  • Confirm the duplicate key should not include operation_id, since that is the value repeated plan refreshes intentionally change.
  • Confirm expired previews should stay owned by purge-expired rather than being removed by duplicate-active cleanup.

Next Steps

  • After merge, use the new command from the maildesk private checkout to compact duplicate sender-domain plan receipts before the next readiness readback.
  • Protected --ack-plan sender-domain mutation remains outside this PR and still needs explicit operator approval.

Repeated safe plan refreshes can leave several active preview receipts for the same request, which makes maildesk sender-domain readiness look noisier than it is.

Add a cfctl previews purge-duplicate-active subcommand that groups active trusted receipts by lane plus policy/request/target fingerprints, keeps the newest receipt, and removes only older local artifacts. Expired and legacy cleanup remain separate paths.

Extend the static and public contract checks plus README/runbook/runtime-policy docs so the new cleanup stays discoverable and remains clearly outside Cloudflare mutation. Risk is limited to local ignored preview inventory cleanup; ack-plan writes are unchanged.
@rogu3bear

Copy link
Copy Markdown
Owner Author

@codex Please review the duplicate-active preview cleanup semantics: should the dedupe key remain lane + policy/request/target fingerprints without operation_id, and should expired receipts continue to be excluded so purge-expired remains the only expired-preview deletion path?

@rogu3bear rogu3bear merged commit 6b4a4e6 into main Jul 1, 2026
1 of 2 checks passed
@rogu3bear rogu3bear deleted the build/previews-dedupe-active branch July 1, 2026 07:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant