fix(wfctl): support compute staging infra gaps by intel352 · Pull Request #621 · GoCodeAlone/workflow

intel352 · 2026-05-10T18:07:27Z

Summary

add strict provider bridge coverage and compute-related wfctl infra/build gaps from the local branch
route sensitive IaC outputs through provider-safe secret keys so GitHub Actions secrets accept hyphenated resource names
add regression coverage for routed secret key sanitization/collision resistance

Verification

GOWORK=off go test ./iac/sensitive ./cmd/wfctl

Compute staging impact

This unblocks workflow-compute staging apply where DigitalOcean DB URI routing previously attempted to create invalid GitHub secret name workflow-compute-staging-db_uri.

Copilot

Pull request overview

This PR extends external plugin trigger support and introduces a sensitive-output routing helper to safely persist IaC outputs without leaking secrets (including generating GitHub Actions–compatible secret keys).

Changes:

Add trigger-type dispatching to the external plugin gRPC server and shift remote trigger handle creation to Configure (so config is available before creation).
Introduce iac/sensitive helpers to route ResourceOutput sensitive fields through secrets.Provider using placeholders + sanitized secret keys, with regression tests.
Expand IaC provider interfaces/sentinel errors and load external plugin step schemas during wfctl validate.

Reviewed changes

Copilot reviewed 10 out of 10 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
plugin/external/sdk/grpc_server.go	Dispatch `CreateModule` to trigger providers and adapt trigger instances into module lifecycle RPCs.
plugin/external/sdk/grpc_server_test.go	Add coverage ensuring trigger provider types are created and started/stopped via module lifecycle.
plugin/external/remote_trigger.go	Delay remote trigger handle creation until `Configure`; add guardrails for unconfigured start/stop/destroy.
plugin/external/adapter.go	Update trigger factory to return an unconfigured `RemoteTrigger` (no early RPC handle creation).
plugin/external/adapter_test.go	Add test ensuring trigger creation is delayed until `Configure`.
interfaces/iac_resource_driver.go	Add new IaC sentinel errors (image missing; optional method unimplemented).
interfaces/iac_provider.go	Add optional `EnumeratorAll` interface for providers without tag support.
iac/sensitive/route.go	New package for routing sensitive outputs to secret providers and masking placeholders for state/diff.
iac/sensitive/route_test.go	Tests for GitHub-safe secret key generation and routing behavior.
cmd/wfctl/validate.go	Load external plugin step schemas when validating with `--plugin-dir`.

github-actions · 2026-05-10T20:21:29Z

⏱ Benchmark Results

✅ No significant performance regressions detected.

benchstat comparison (baseline → PR)

## benchstat: baseline → PR
baseline-bench.txt:262: parsing iteration count: invalid syntax
baseline-bench.txt:302030: parsing iteration count: invalid syntax
baseline-bench.txt:629118: parsing iteration count: invalid syntax
baseline-bench.txt:964927: parsing iteration count: invalid syntax
baseline-bench.txt:1297769: parsing iteration count: invalid syntax
baseline-bench.txt:1608936: parsing iteration count: invalid syntax
benchmark-results.txt:262: parsing iteration count: invalid syntax
benchmark-results.txt:340439: parsing iteration count: invalid syntax
benchmark-results.txt:675711: parsing iteration count: invalid syntax
benchmark-results.txt:1007866: parsing iteration count: invalid syntax
benchmark-results.txt:1337873: parsing iteration count: invalid syntax
benchmark-results.txt:1665402: parsing iteration count: invalid syntax
goos: linux
goarch: amd64
pkg: github.com/GoCodeAlone/workflow/dynamic
cpu: AMD EPYC 7763 64-Core Processor                
                            │ baseline-bench.txt │
                            │       sec/op       │
InterpreterCreation-4               8.379m ± 63%
ComponentLoad-4                     3.597m ± 11%
ComponentExecute-4                  1.939µ ±  1%
PoolContention/workers-1-4          1.101µ ±  2%
PoolContention/workers-2-4          1.109µ ±  2%
PoolContention/workers-4-4          1.102µ ±  4%
PoolContention/workers-8-4          1.113µ ±  4%
PoolContention/workers-16-4         1.113µ ±  3%
ComponentLifecycle-4                3.585m ±  4%
SourceValidation-4                  2.293µ ±  2%
RegistryConcurrent-4                816.7n ±  8%
LoaderLoadFromString-4              3.604m ±  1%
geomean                             19.10µ

                            │ baseline-bench.txt │
                            │        B/op        │
InterpreterCreation-4               2.027Mi ± 0%
ComponentLoad-4                     2.180Mi ± 0%
ComponentExecute-4                  1.203Ki ± 0%
PoolContention/workers-1-4          1.203Ki ± 0%
PoolContention/workers-2-4          1.203Ki ± 0%
PoolContention/workers-4-4          1.203Ki ± 0%
PoolContention/workers-8-4          1.203Ki ± 0%
PoolContention/workers-16-4         1.203Ki ± 0%
ComponentLifecycle-4                2.183Mi ± 0%
SourceValidation-4                  1.984Ki ± 0%
RegistryConcurrent-4                1.133Ki ± 0%
LoaderLoadFromString-4              2.182Mi ± 0%
geomean                             15.25Ki

                            │ baseline-bench.txt │
                            │     allocs/op      │
InterpreterCreation-4                15.68k ± 0%
ComponentLoad-4                      18.02k ± 0%
ComponentExecute-4                    25.00 ± 0%
PoolContention/workers-1-4            25.00 ± 0%
PoolContention/workers-2-4            25.00 ± 0%
PoolContention/workers-4-4            25.00 ± 0%
PoolContention/workers-8-4            25.00 ± 0%
PoolContention/workers-16-4           25.00 ± 0%
ComponentLifecycle-4                 18.07k ± 0%
SourceValidation-4                    32.00 ± 0%
RegistryConcurrent-4                  2.000 ± 0%
LoaderLoadFromString-4               18.06k ± 0%
geomean                               183.3

cpu: AMD EPYC 9V74 80-Core Processor                
                            │ benchmark-results.txt │
                            │        sec/op         │
InterpreterCreation-4                 3.344m ± 184%
ComponentLoad-4                       3.588m ±   2%
ComponentExecute-4                    1.842µ ±   0%
PoolContention/workers-1-4            1.032µ ±   2%
PoolContention/workers-2-4            1.027µ ±   2%
PoolContention/workers-4-4            1.043µ ±   2%
PoolContention/workers-8-4            1.054µ ±   2%
PoolContention/workers-16-4           1.039µ ±   1%
ComponentLifecycle-4                  3.712m ±   5%
SourceValidation-4                    2.137µ ±   3%
RegistryConcurrent-4                  779.2n ±   4%
LoaderLoadFromString-4                3.726m ±   1%
geomean                               17.08µ

                            │ benchmark-results.txt │
                            │         B/op          │
InterpreterCreation-4                  2.027Mi ± 0%
ComponentLoad-4                        2.180Mi ± 0%
ComponentExecute-4                     1.203Ki ± 0%
PoolContention/workers-1-4             1.203Ki ± 0%
PoolContention/workers-2-4             1.203Ki ± 0%
PoolContention/workers-4-4             1.203Ki ± 0%
PoolContention/workers-8-4             1.203Ki ± 0%
PoolContention/workers-16-4            1.203Ki ± 0%
ComponentLifecycle-4                   2.183Mi ± 0%
SourceValidation-4                     1.984Ki ± 0%
RegistryConcurrent-4                   1.133Ki ± 0%
LoaderLoadFromString-4                 2.182Mi ± 0%
geomean                                15.25Ki

                            │ benchmark-results.txt │
                            │       allocs/op       │
InterpreterCreation-4                   15.68k ± 0%
ComponentLoad-4                         18.02k ± 0%
ComponentExecute-4                       25.00 ± 0%
PoolContention/workers-1-4               25.00 ± 0%
PoolContention/workers-2-4               25.00 ± 0%
PoolContention/workers-4-4               25.00 ± 0%
PoolContention/workers-8-4               25.00 ± 0%
PoolContention/workers-16-4              25.00 ± 0%
ComponentLifecycle-4                    18.07k ± 0%
SourceValidation-4                       32.00 ± 0%
RegistryConcurrent-4                     2.000 ± 0%
LoaderLoadFromString-4                  18.06k ± 0%
geomean                                  183.3

pkg: github.com/GoCodeAlone/workflow/middleware
cpu: AMD EPYC 7763 64-Core Processor                
                                  │ baseline-bench.txt │
                                  │       sec/op       │
CircuitBreakerDetection-4                  287.1n ± 6%
CircuitBreakerExecution_Success-4          21.51n ± 0%
CircuitBreakerExecution_Failure-4          66.25n ± 0%
geomean                                    74.23n

                                  │ baseline-bench.txt │
                                  │        B/op        │
CircuitBreakerDetection-4                 144.0 ± 0%
CircuitBreakerExecution_Success-4         0.000 ± 0%
CircuitBreakerExecution_Failure-4         0.000 ± 0%
geomean                                              ¹
¹ summaries must be >0 to compute geomean

                                  │ baseline-bench.txt │
                                  │     allocs/op      │
CircuitBreakerDetection-4                 1.000 ± 0%
CircuitBreakerExecution_Success-4         0.000 ± 0%
CircuitBreakerExecution_Failure-4         0.000 ± 0%
geomean                                              ¹
¹ summaries must be >0 to compute geomean

cpu: AMD EPYC 9V74 80-Core Processor                
                                  │ benchmark-results.txt │
                                  │        sec/op         │
CircuitBreakerDetection-4                     297.2n ± 3%
CircuitBreakerExecution_Success-4             22.67n ± 0%
CircuitBreakerExecution_Failure-4             70.95n ± 0%
geomean                                       78.19n

                                  │ benchmark-results.txt │
                                  │         B/op          │
CircuitBreakerDetection-4                    144.0 ± 0%
CircuitBreakerExecution_Success-4            0.000 ± 0%
CircuitBreakerExecution_Failure-4            0.000 ± 0%
geomean                                                 ¹
¹ summaries must be >0 to compute geomean

                                  │ benchmark-results.txt │
                                  │       allocs/op       │
CircuitBreakerDetection-4                    1.000 ± 0%
CircuitBreakerExecution_Success-4            0.000 ± 0%
CircuitBreakerExecution_Failure-4            0.000 ± 0%
geomean                                                 ¹
¹ summaries must be >0 to compute geomean

pkg: github.com/GoCodeAlone/workflow/module
cpu: AMD EPYC 7763 64-Core Processor                
                                 │ baseline-bench.txt │
                                 │       sec/op       │
JQTransform_Simple-4                     888.6n ± 28%
JQTransform_ObjectConstruction-4         1.440µ ±  3%
JQTransform_ArraySelect-4                3.348µ ±  4%
JQTransform_Complex-4                    38.65µ ±  4%
JQTransform_Throughput-4                 1.777µ ±  4%
SSEPublishDelivery-4                     66.63n ±  1%
geomean                                  1.642µ

                                 │ baseline-bench.txt │
                                 │        B/op        │
JQTransform_Simple-4                   1.273Ki ± 0%
JQTransform_ObjectConstruction-4       1.773Ki ± 0%
JQTransform_ArraySelect-4              2.625Ki ± 0%
JQTransform_Complex-4                  16.22Ki ± 0%
JQTransform_Throughput-4               1.984Ki ± 0%
SSEPublishDelivery-4                     0.000 ± 0%
geomean                                             ¹
¹ summaries must be >0 to compute geomean

                                 │ baseline-bench.txt │
                                 │     allocs/op      │
JQTransform_Simple-4                     10.00 ± 0%
JQTransform_ObjectConstruction-4         15.00 ± 0%
JQTransform_ArraySelect-4                30.00 ± 0%
JQTransform_Complex-4                    324.0 ± 0%
JQTransform_Throughput-4                 17.00 ± 0%
SSEPublishDelivery-4                     0.000 ± 0%
geomean                                             ¹
¹ summaries must be >0 to compute geomean

cpu: AMD EPYC 9V74 80-Core Processor                
                                 │ benchmark-results.txt │
                                 │        sec/op         │
JQTransform_Simple-4                        836.2n ± 30%
JQTransform_ObjectConstruction-4            1.411µ ±  1%
JQTransform_ArraySelect-4                   3.551µ ±  4%
JQTransform_Complex-4                       42.91µ ±  1%
JQTransform_Throughput-4                    1.726µ ±  6%
SSEPublishDelivery-4                        63.14n ±  1%
geomean                                     1.642µ

                                 │ benchmark-results.txt │
                                 │         B/op          │
JQTransform_Simple-4                      1.273Ki ± 0%
JQTransform_ObjectConstruction-4          1.773Ki ± 0%
JQTransform_ArraySelect-4                 2.625Ki ± 0%
JQTransform_Complex-4                     16.22Ki ± 0%
JQTransform_Throughput-4                  1.984Ki ± 0%
SSEPublishDelivery-4                        0.000 ± 0%
geomean                                                ¹
¹ summaries must be >0 to compute geomean

                                 │ benchmark-results.txt │
                                 │       allocs/op       │
JQTransform_Simple-4                        10.00 ± 0%
JQTransform_ObjectConstruction-4            15.00 ± 0%
JQTransform_ArraySelect-4                   30.00 ± 0%
JQTransform_Complex-4                       324.0 ± 0%
JQTransform_Throughput-4                    17.00 ± 0%
SSEPublishDelivery-4                        0.000 ± 0%
geomean                                                ¹
¹ summaries must be >0 to compute geomean

pkg: github.com/GoCodeAlone/workflow/schema
cpu: AMD EPYC 7763 64-Core Processor                
                                    │ baseline-bench.txt │
                                    │       sec/op       │
SchemaValidation_Simple-4                    1.104µ ± 2%
SchemaValidation_AllFields-4                 1.667µ ± 5%
SchemaValidation_FormatValidation-4          1.603µ ± 3%
SchemaValidation_ManySchemas-4               1.820µ ± 4%
geomean                                      1.522µ

                                    │ baseline-bench.txt │
                                    │        B/op        │
SchemaValidation_Simple-4                   0.000 ± 0%
SchemaValidation_AllFields-4                0.000 ± 0%
SchemaValidation_FormatValidation-4         0.000 ± 0%
SchemaValidation_ManySchemas-4              0.000 ± 0%
geomean                                                ¹
¹ summaries must be >0 to compute geomean

                                    │ baseline-bench.txt │
                                    │     allocs/op      │
SchemaValidation_Simple-4                   0.000 ± 0%
SchemaValidation_AllFields-4                0.000 ± 0%
SchemaValidation_FormatValidation-4         0.000 ± 0%
SchemaValidation_ManySchemas-4              0.000 ± 0%
geomean                                                ¹
¹ summaries must be >0 to compute geomean

cpu: AMD EPYC 9V74 80-Core Processor                
                                    │ benchmark-results.txt │
                                    │        sec/op         │
SchemaValidation_Simple-4                      1.081µ ± 24%
SchemaValidation_AllFields-4                   1.654µ ±  2%
SchemaValidation_FormatValidation-4            1.609µ ±  4%
SchemaValidation_ManySchemas-4                 1.595µ ±  4%
geomean                                        1.463µ

                                    │ benchmark-results.txt │
                                    │         B/op          │
SchemaValidation_Simple-4                      0.000 ± 0%
SchemaValidation_AllFields-4                   0.000 ± 0%
SchemaValidation_FormatValidation-4            0.000 ± 0%
SchemaValidation_ManySchemas-4                 0.000 ± 0%
geomean                                                   ¹
¹ summaries must be >0 to compute geomean

                                    │ benchmark-results.txt │
                                    │       allocs/op       │
SchemaValidation_Simple-4                      0.000 ± 0%
SchemaValidation_AllFields-4                   0.000 ± 0%
SchemaValidation_FormatValidation-4            0.000 ± 0%
SchemaValidation_ManySchemas-4                 0.000 ± 0%
geomean                                                   ¹
¹ summaries must be >0 to compute geomean

pkg: github.com/GoCodeAlone/workflow/store
cpu: AMD EPYC 7763 64-Core Processor                
                                   │ baseline-bench.txt │
                                   │       sec/op       │
EventStoreAppend_InMemory-4                1.200µ ± 40%
EventStoreAppend_SQLite-4                  1.469m ±  8%
GetTimeline_InMemory/events-10-4           14.20µ ±  3%
GetTimeline_InMemory/events-50-4           79.66µ ±  3%
GetTimeline_InMemory/events-100-4          134.4µ ± 20%
GetTimeline_InMemory/events-500-4          639.3µ ±  2%
GetTimeline_InMemory/events-1000-4         1.304m ±  1%
GetTimeline_SQLite/events-10-4             106.2µ ±  1%
GetTimeline_SQLite/events-50-4             246.9µ ±  2%
GetTimeline_SQLite/events-100-4            431.8µ ±  2%
GetTimeline_SQLite/events-500-4            1.851m ±  1%
GetTimeline_SQLite/events-1000-4           3.513m ±  4%
geomean                                    224.6µ

                                   │ baseline-bench.txt │
                                   │        B/op        │
EventStoreAppend_InMemory-4                  800.5 ± 7%
EventStoreAppend_SQLite-4                  1.986Ki ± 2%
GetTimeline_InMemory/events-10-4           7.953Ki ± 0%
GetTimeline_InMemory/events-50-4           46.62Ki ± 0%
GetTimeline_InMemory/events-100-4          94.48Ki ± 0%
GetTimeline_InMemory/events-500-4          472.8Ki ± 0%
GetTimeline_InMemory/events-1000-4         944.3Ki ± 0%
GetTimeline_SQLite/events-10-4             16.74Ki ± 0%
GetTimeline_SQLite/events-50-4             87.14Ki ± 0%
GetTimeline_SQLite/events-100-4            175.4Ki ± 0%
GetTimeline_SQLite/events-500-4            846.1Ki ± 0%
GetTimeline_SQLite/events-1000-4           1.639Mi ± 0%
geomean                                    67.42Ki

                                   │ baseline-bench.txt │
                                   │     allocs/op      │
EventStoreAppend_InMemory-4                  7.000 ± 0%
EventStoreAppend_SQLite-4                    53.00 ± 0%
GetTimeline_InMemory/events-10-4             125.0 ± 0%
GetTimeline_InMemory/events-50-4             653.0 ± 0%
GetTimeline_InMemory/events-100-4           1.306k ± 0%
GetTimeline_InMemory/events-500-4           6.514k ± 0%
GetTimeline_InMemory/events-1000-4          13.02k ± 0%
GetTimeline_SQLite/events-10-4               382.0 ± 0%
GetTimeline_SQLite/events-50-4              1.852k ± 0%
GetTimeline_SQLite/events-100-4             3.681k ± 0%
GetTimeline_SQLite/events-500-4             18.54k ± 0%
GetTimeline_SQLite/events-1000-4            37.29k ± 0%
geomean                                     1.162k

cpu: AMD EPYC 9V74 80-Core Processor                
                                   │ benchmark-results.txt │
                                   │        sec/op         │
EventStoreAppend_InMemory-4                   1.079µ ± 20%
EventStoreAppend_SQLite-4                     1.069m ±  5%
GetTimeline_InMemory/events-10-4              12.87µ ±  3%
GetTimeline_InMemory/events-50-4              71.67µ ±  4%
GetTimeline_InMemory/events-100-4             144.0µ ±  3%
GetTimeline_InMemory/events-500-4             565.1µ ± 25%
GetTimeline_InMemory/events-1000-4            1.145m ±  1%
GetTimeline_SQLite/events-10-4                84.72µ ±  1%
GetTimeline_SQLite/events-50-4                223.9µ ±  1%
GetTimeline_SQLite/events-100-4               388.3µ ±  1%
GetTimeline_SQLite/events-500-4               1.697m ±  1%
GetTimeline_SQLite/events-1000-4              3.306m ±  3%
geomean                                       200.0µ

                                   │ benchmark-results.txt │
                                   │         B/op          │
EventStoreAppend_InMemory-4                    778.5 ± 10%
EventStoreAppend_SQLite-4                    1.985Ki ±  1%
GetTimeline_InMemory/events-10-4             7.953Ki ±  0%
GetTimeline_InMemory/events-50-4             46.62Ki ±  0%
GetTimeline_InMemory/events-100-4            94.48Ki ±  0%
GetTimeline_InMemory/events-500-4            472.8Ki ±  0%
GetTimeline_InMemory/events-1000-4           944.3Ki ±  0%
GetTimeline_SQLite/events-10-4               16.74Ki ±  0%
GetTimeline_SQLite/events-50-4               87.14Ki ±  0%
GetTimeline_SQLite/events-100-4              175.4Ki ±  0%
GetTimeline_SQLite/events-500-4              846.1Ki ±  0%
GetTimeline_SQLite/events-1000-4             1.639Mi ±  0%
geomean                                      67.26Ki

                                   │ benchmark-results.txt │
                                   │       allocs/op       │
EventStoreAppend_InMemory-4                     7.000 ± 0%
EventStoreAppend_SQLite-4                       53.00 ± 0%
GetTimeline_InMemory/events-10-4                125.0 ± 0%
GetTimeline_InMemory/events-50-4                653.0 ± 0%
GetTimeline_InMemory/events-100-4              1.306k ± 0%
GetTimeline_InMemory/events-500-4              6.514k ± 0%
GetTimeline_InMemory/events-1000-4             13.02k ± 0%
GetTimeline_SQLite/events-10-4                  382.0 ± 0%
GetTimeline_SQLite/events-50-4                 1.852k ± 0%
GetTimeline_SQLite/events-100-4                3.681k ± 0%
GetTimeline_SQLite/events-500-4                18.54k ± 0%
GetTimeline_SQLite/events-1000-4               37.29k ± 0%
geomean                                        1.162k

Benchmarks run with go test -bench=. -benchmem -count=6.
Regressions ≥ 20% are flagged. Results compared via benchstat.

Copilot

Pull request overview

Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.

Copilot AI review requested due to automatic review settings May 10, 2026 18:07

Copilot started reviewing on behalf of intel352 May 10, 2026 18:08 View session

Copilot AI reviewed May 10, 2026

View reviewed changes

Comment thread iac/sensitive/route.go Outdated

Comment thread plugin/external/remote_trigger.go Outdated

Comment thread plugin/external/adapter_test.go Outdated

intel352 added 3 commits May 10, 2026 15:52

fix: support compute workflow gaps

3d02c5c

fix(iac): sanitize routed secret keys

294696f

fix: resolve PR 621 feedback

39c27f8

intel352 force-pushed the codex/compute-wfctl-gaps branch from a851625 to 39c27f8 Compare May 10, 2026 20:09

test: avoid repeated regex compile

4c8fe7c

Copilot AI review requested due to automatic review settings May 10, 2026 20:17

Copilot started reviewing on behalf of intel352 May 10, 2026 20:18 View session

Copilot AI reviewed May 10, 2026

View reviewed changes

Comment thread iac/sensitive/route.go

fix(wfctl): protect routed secrets in audit

6f24016

intel352 merged commit b71a727 into main May 10, 2026
24 checks passed

intel352 deleted the codex/compute-wfctl-gaps branch May 10, 2026 20:43

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(wfctl): support compute staging infra gaps#621

fix(wfctl): support compute staging infra gaps#621
intel352 merged 5 commits into
mainfrom
codex/compute-wfctl-gaps

intel352 commented May 10, 2026

Uh oh!

Copilot AI left a comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

github-actions Bot commented May 10, 2026 •

edited

Loading

Uh oh!

Copilot AI left a comment

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

intel352 commented May 10, 2026

Summary

Verification

Compute staging impact

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Reviewed changes

Uh oh!

Uh oh!

Uh oh!

Uh oh!

github-actions Bot commented May 10, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

⏱ Benchmark Results

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

github-actions Bot commented May 10, 2026 •

edited

Loading