bc4318ef97
- Created `StellaOps.TestKit.Tests` project for unit tests related to determinism. - Implemented `DeterminismManifestTests` to validate deterministic output for canonical bytes and strings, file read/write operations, and error handling for invalid schema versions. - Added `SbomDeterminismTests` to ensure identical inputs produce consistent SBOMs across SPDX 3.0.1 and CycloneDX 1.6/1.7 formats, including parallel execution tests. - Updated project references in `StellaOps.Integration.Determinism` to include the new determinism testing library.
1.2 KiB
1.2 KiB
PostgreSQL patterns
Row-level security (RLS)
- Require tenant context via app.tenant_id session setting.
- Policies filter by tenant_id on all tenant-scoped tables.
- Admin operations use explicit bypass roles and audited access.
Validating RLS
- Run staging tests that attempt cross-tenant reads and writes.
- Use deterministic replay tests for RLS regressions.
Bitemporal unknowns
- Store current and historical states with valid_from and valid_to.
- Support point-in-time queries and deterministic ordering.
Time-based partitioning
- Partition high-volume tables by time.
- Pre-create future partitions and archive old partitions.
- Use deterministic maintenance checklists for partition health.
Generated columns
- Use generated columns for derived flags and query optimization.
- Add columns via migrations and backfill deterministically.
Troubleshooting
- RLS failures: verify tenant context and policy attachment.
- Partition issues: check missing partitions and default tables.
- Bitemporal queries: confirm valid time windows and index usage.
Related references
- data/postgresql-operations.md
- security/multi-tenancy.md
- docs/operations/postgresql-patterns-runbook.md