src/artifactstore/storage/:
- spi.py: StorageBackend Protocol (backend_id, put, get, head, delete,
health) and result dataclasses (StorageReceipt, StorageObjectMetadata,
DeletionResult, BackendStatus). ObjectNotFoundError exception type.
- registry.py: backend lookup by string ID (register/get/list_backends/
clear) per ADR-0004.
- backends/local.py: LocalBackend implementation.
* Object layout <root>/<algorithm>/<hex[0:2]>/<hex[2:4]>/<hex>.
* Atomic writes: tmpfile + fsync + rename (idempotent re-puts drain the
stream without rewriting).
* Defence in depth: resolves the final path and asserts it remains under
the configured root.
* Range reads honour HTTP-style inclusive (start, end) tuples.
* health() returns disk usage via shutil.disk_usage and surfaces an
unhealthy status when the root has disappeared.
* delete() cleans up emptied shard directories opportunistically.
tests/unit/test_storage_local.py (14 cases): put/get round-trip; object
key layout matches blueprint; head returns metadata; head/get missing
raise ObjectNotFoundError; put is idempotent; delete returns True then
False; range read returns subrange; range read rejects invalid range;
health reports disk usage; health reports unhealthy when root vanished;
ContentAddress validation blocks path-traversal-flavoured inputs;
registry register/get/list/clear round-trip; idempotent re-put leaves
bytes intact.
Gates: ruff clean, mypy --strict clean on 41 files, 59 tests pass.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
src/artifactstore/events/:
- model.py: Event frozen dataclass (event_type, subject_kind, subject_id,
actor, payload, payload_digest; sequence + created_at populated by the
DB on write). make_event() helper computes payload_digest as raw BLAKE3
(32 bytes) of payload. ViewWriter Protocol with reset() + apply().
- log.py:
* write(connection, event) — inserts one row in the caller's transaction
and returns Event with sequence + created_at populated via RETURNING.
* fetch_since(connection, since_sequence, limit) — read events after a
cursor in order.
* tail(engine, since_sequence) — async-iterator long-poll over the log;
SQLite uses interval polling, PG LISTEN/NOTIFY is a future workplan.
* replay(engine, view_writer, reset=True) — drains the event log through
a ViewWriter inside one transaction; returns the highest sequence
applied.
- views.py: RegistryViewWriter — canonical event handlers shared by direct
write and replay paths. Ships handlers for v1.package.created (inserts
artifact_packages + retention_state) and v1.package.finalized (updates
status, finalized_at, manifest_digest). Unknown event types tolerated;
additional handlers register here as later tasks land.
src/artifactstore/db/schema.py: events.sequence type is now
BigInteger().with_variant(Integer(), 'sqlite') so SQLite's autoincrement
(INTEGER PRIMARY KEY rowid alias) works while PostgreSQL keeps BIGSERIAL.
tests/integration/test_event_log.py (6 cases):
- write() assigns monotonic sequence numbers (1, 2, ...) and a created_at.
- fetch_since(since_sequence=2) returns the ordered tail.
- tail() yields events and exits cleanly on consumer break.
- Direct write path (write + apply) and replay path produce byte-identical
materialised state — the key ADR-0002 invariant.
- Replay handles multiple event types (package.created -> finalized).
- Unknown event types are tolerated (no-op apply).
- payload_digest equals BLAKE3 of payload.
Gates: ruff clean, mypy --strict clean on 36 files, 45 tests pass.
make migrate-fresh end-to-end ok.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Schema (src/artifactstore/db/schema.py):
- events table (ADR-0002 source of truth): sequence BIGSERIAL PK, created_at,
event_type, subject_kind, subject_id, actor, payload (CBOR bytes),
payload_digest. Indexes on (subject_kind, subject_id) and
(event_type, sequence).
- artifact_packages, artifact_files, storage_locations, retention_state
(materialised views over events).
- retention_classes (seed table) and metadata_schemas (config table).
- ADR-0001 columns present: digest_algorithm, digest_primary, digest_sha256,
content_address. Blueprint tiering columns present: retrieval_tier
(default 'hot'), restore_status.
- Types portable: SQLAlchemy 2.0 Core with JSON().with_variant(JSONB, 'postgresql'),
Uuid, LargeBinary, DateTime(timezone=True), Boolean false() default.
Seed (src/artifactstore/db/seed.py): five v1 retention classes (transient,
raw-evidence, summary-evidence, release-evidence, permanent-record) with
default durations in seconds; permanent-record has no expiry.
Alembic:
- alembic.ini with sync sqlite URL default; path_separator=os to silence the
1.13 deprecation warning.
- migrations/env.py: translates async URLs (+aiosqlite, +asyncpg) to sync
counterparts at migrate-time so a single ARTIFACTSTORE_DATABASE_URL works
for both runtime (async) and Alembic (sync).
- migrations/script.py.mako template.
- migrations/versions/20260516_0001_initial.py: metadata.create_all + bulk
insert of retention class seeds.
Make:
- make migrate: alembic upgrade head (ensures var/ exists).
- make migrate-fresh: drop local SQLite + re-run.
Deps: psycopg[binary] added as optional `postgres` extra (PostgreSQL prod
path; SQLite default for dev needs no extra).
Tests:
- tests/unit/test_db_schema.py: every expected table present; ADR-0001 and
tiering columns present; seed has the five v1 classes; permanent-record
has no default_duration; create_all + FK insert + Boolean default
round-trip on in-memory SQLite.
- tests/integration/test_migrations.py: alembic upgrade head against a
tempfile SQLite produces all tables (+ alembic_version) and the seed rows.
Gates: ruff clean, mypy --strict clean on 32 files, 38 tests pass.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
fix-consistency assigned state_hub_task_id and state_hub_workstream_id UUIDs
to the tasks and workplans added in 747afc2.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Aligns the v1 architecture with the longer-horizon platform thesis so we can
start implementation without the schema-level inconsistencies the prior
review surfaced.
ADRs (docs/adr/0001..0006): content-addressed dual-digest storage, append-only
event log as source of truth, canonical CBOR manifests, control/data-plane
contract, v1 tech stack (Python 3.12 / uv / FastAPI / SQLAlchemy Core +
asyncpg / Alembic / cbor2 / blake3 / ruff / mypy / pytest / typer), OCI
compatibility kept reachable.
Architecture blueprint rewritten to v2: library-first (ffmpeg-shaped) module
layout, materialised-view data model over the event log, upload-session and
event-stream endpoints pinned, retrieval tiering promoted into the schema.
Roadmap added (docs/ROADMAP.md) with three phases. WP-0001 rewritten as the
Foundation plan (scaffold + kernels + local FS + minimal app). WP-0002..0005
created carrying the existing state_hub_task_ids forward semantically:
ingestion API (T004), retention lifecycle (T005), S3-compatible backend
(T006), guide-board pilot (T007). T001/T002/T003/T008 remain in WP-0001
with refined acceptance.
README and AGENTS.md refreshed to reflect the new repo shape.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Captures the longer-horizon thesis (sovereign-cloud artifact substrate)
alongside the carefully-scoped v1 INTENT. PLATFORM-AMBITION records nine
schema/contract commitments the v1 must preserve to keep that horizon
reachable. ASSEMBLY-EXPERIMENT frames an opt-in research line on
ffmpeg-grade hand-tuned asm with an MIT-0 vs LGPL-aware reuse map.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
