arcodange-org/factory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(adr): ADR-0003 — sandbox state lifecycle (iso-prod seed, reset & prod-write isolation) #19

Merged
arcodange merged 2 commits from claude/adr-0003-sandbox-reset into main 2026-06-28 20:21:57 +02:00
Conversation 0 Commits 2 Files Changed 2 +1 -1
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 8e69004b4c - Show all commits

2
vibe/ADR/0003-sandbox-state-lifecycle.md
View File

@@ -92,4 +92,4 @@ After rehearsing in the sandbox, the change is captured as a reviewable diff usi
- `factory` `postgres/iac/main.tf` — the per-instance flatten that owns each database by its `<app>_role` / `<app>_<env>_role`; `erp-sandbox` is owned by `erp_sandbox_role`, prod `erp` by `erp_role`, which is why the sandbox cannot drop prod.
- `tools` `hashicorp-vault/iac/modules/app_roles/main.tf` — the dynamic-credential role whose creation statement grants only `GRANT <app>_role TO {{name}}` (membership only), so `postgres/creds/erp-sandbox` carries no rights on the prod database.
- `erp` `.claude/skills/dolibarr-data-snapshot/` — the read-only, content-addressable snapshot skill used to capture the reviewable before/after diff at promote time and to verify the reset round-trip.
- PRs: this ADR is introduced by PR factory#NN (links back to this file). <!-- TODO: fill PR number on open -->
- PRs: this ADR is introduced by [PR factory#19](https://gitea.arcodange.lab/arcodange-org/factory/pulls/19) (links back to this file).