From 951c6014ec0c72c25f910e78ad4874608346580e Mon Sep 17 00:00:00 2001 From: root Date: Fri, 24 Apr 2026 14:03:17 -0500 Subject: [PATCH] gateway: boot-time probe of truth/ file-backed rules MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Phase 42 PRD deliverable de8fb10 landed the file loader + 2 rule files. This commit wires the loader into gateway startup so the rules actually get READ at boot — catches parse errors and duplicate-ID collisions before the first request hits, rather than "silently 0 rules loaded." Scope is deliberately narrow — a probe, not full plumbing: - Reads LAKEHOUSE_TRUTH_DIR env override, defaults to /home/profit/lakehouse/truth - Skips silently with a debug log if the dir is absent - Loads rules on top of default_truth_store() into a throwaway store, logs the count (or the error) - Does NOT yet replace the per-request default_truth_store() in execution_loop or v1/chat. That plumbing needs a V1State.truth field + passing it through the request context, which is a separate scope. Why the separation matters: this commit gives ops + me a visible boot-time signal ("truth: loaded 3 file-backed rule(s)") that the loader + files work end-to-end. The next commit can confidently swap per-request stores without wondering whether the parsing even succeeds. Workspace warnings still at 0. Co-Authored-By: Claude Opus 4.7 (1M context) --- crates/gateway/src/main.rs | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/crates/gateway/src/main.rs b/crates/gateway/src/main.rs index a88aa38..e44a7a4 100644 --- a/crates/gateway/src/main.rs +++ b/crates/gateway/src/main.rs @@ -68,6 +68,27 @@ async fn main() { let access = access::AccessControl::new(config.auth.enabled); access.register_defaults().await; + // Phase 42 — file-backed truth rules. Probes the `truth/` directory + // at repo root (or $LAKEHOUSE_TRUTH_DIR override) and logs how many + // rules load. Current request paths still build their own stores + // via truth::default_truth_store() / truth::sql_query_guard_store(); + // the composed-at-boot store gets plumbed through V1State in a + // follow-up. This boot probe catches parse errors + duplicate-ID + // collisions early rather than at first request. + { + let truth_dir = std::env::var("LAKEHOUSE_TRUTH_DIR") + .unwrap_or_else(|_| "/home/profit/lakehouse/truth".to_string()); + if std::path::Path::new(&truth_dir).exists() { + let mut probe_store = truth::default_truth_store(); + match truth::loader::load_from_dir(&mut probe_store, &truth_dir) { + Ok(n) => tracing::info!("truth: loaded {n} file-backed rule(s) from {truth_dir}"), + Err(e) => tracing::warn!("truth: failed to load rules from {truth_dir}: {e}"), + } + } else { + tracing::debug!("truth: no rule dir at {truth_dir}, skipping file-backed load"); + } + } + // Workspace manager for agent-specific overlays let workspace_mgr = queryd::workspace::WorkspaceManager::new(store.clone()); if let Err(e) = workspace_mgr.rebuild().await {