breaking(BA-5653): drop sessions/kernels access_key columns#11040
Closed
jopemachine wants to merge 28 commits into
Closed
breaking(BA-5653): drop sessions/kernels access_key columns#11040jopemachine wants to merge 28 commits into
jopemachine wants to merge 28 commits into
Conversation
github-actions
Bot
added
size:L
jopemachine
changed the base branch from
feat/BA-5650-session-owner-id-signatures
to
refactor/BA-5650-I-remaining
This was referenced Apr 14, 2026
jopemachine
force-pushed
the
feat/BA-5653-drop-session-access-key-columns
branch
from
ceb31a4 to
c0b9566
Compare
jopemachine
force-pushed
the
refactor/BA-5650-I-remaining
branch
from
d0c6db5 to
7cad928
Compare
jopemachine
force-pushed
the
feat/BA-5653-drop-session-access-key-columns
branch
from
c0b9566 to
95d059c
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
This PR introduces a breaking schema change to remove redundant access_key snapshot columns from the sessions and kernels tables, aligning persistence with the newer approach of resolving the owner’s main_access_key via the users table.
Changes:
- Add an Alembic migration to drop
sessions.access_keyandkernels.access_key(with best-effort index cleanup). - Regenerate/update GraphQL schema reference docs (enum ordering change only).
- Add a breaking-change note documenting the dropped columns.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
src/ai/backend/manager/models/alembic/versions/8c1d2e3f4a5b_drop_session_kernel_access_key.py |
Migration to drop access_key columns from sessions/kernels. |
docs/manager/graphql-reference/v2-schema.graphql |
Documentation-only schema output change (enum value ordering). |
docs/manager/graphql-reference/supergraph.graphql |
Documentation-only supergraph output change (enum value ordering). |
changes/11040.breaking.md |
Release-note entry for the breaking schema change. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
jopemachine
force-pushed
the
refactor/BA-5650-I-remaining
branch
from
5798c3f to
e2a1508
Compare
jopemachine
force-pushed
the
feat/BA-5653-drop-session-access-key-columns
branch
from
5e98b29 to
e620fed
Compare
jopemachine
commented
Apr 14, 2026
jopemachine
commented
Apr 14, 2026
jopemachine
force-pushed
the
refactor/BA-5650-I-remaining
branch
from
8cc4f1a to
bf40534
Compare
Clean up the ``changes/BA-5650-{D,E,F}.misc.md`` files that were superseded when each slice's news fragment was renamed to the assigned PR number (e.g. ``changes/11046.enhance.md``). These stragglers made it onto downstream branches during the cascade rebases.
- Tests for SessionEnqueueData / KernelEnqueueData / TerminatingSessionData now use ``main_access_key`` and ``owner_id`` (renamed in slice F/G). - ``SessionAdapter._session_data_to_node`` reads ``data.owner_id`` and drops the obsolete ``data.access_key``; the SessionMetadata GQL DTO's ``access_key`` field is now an empty string until the read-time resolver lands. - ``cache_invalidation`` uses ``info.access_key`` (the field name on SessionTransitionInfo). - ``ShutdownServiceAction``/``GetContainerLogsAction``/``RenameSessionAction`` no longer accept ``owner_access_key``; drop the kwarg in the GQL adapter. - ``ModelServingRepository.get_session_by_id`` drops the now-removed positional ``owner_access_key`` arg from ``SessionRow.get_session``. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
REST v1 session endpoints no longer accept owner_access_key. The delegation field is replaced with owner_id (user UUID) and is honored only on the three session-creation endpoints (create_from_template / create_from_params / create_cluster). Read and control endpoints always act as the authenticated caller. - common/dto/manager/session/request.py: drop the owner_access_key field from Create/Destroy/Restart/GetContainerLogs/GetStatusHistory request DTOs; add owner_id to the three creation DTOs. - api/rest/session/handler.py: remove all 26 resolve_access_key_scope calls, drop the AuthProcessors dependency, and renumber log format placeholders that dropped the owner argument. - api/rest/v2/session/handler.py: drop the redundant user_ctx / access_key arguments from shutdown_service / get_logs / update. - api/adapters/session.py: update adapter call sites accordingly. - api/rest/tree.py: drop the auth= argument from SessionHandler(). Test updates for the corresponding DTO assertions and component fixtures are included.
Final slice of the BA-5650 stack split. Contains: - Remaining ORM touch-ups: models/endpoint/row.py, models/keypair/row.py, repositories/scheduler/{repository,db_source}.py, api/adapters/vfolder.py, api/gql_legacy/endpoint.py, api/gql_legacy/routing.py. - Test updates that depend on the action/service/DTO renames already landed in earlier slices: adapter/session, scheduler repositories, session lifecycle/service, sokovan scheduler suite, compute_sessions handler, dependency injection tests. - Autouse ``_user_context`` fixture under tests/unit/manager/services/session/conftest.py so service tests work without the auth middleware.
Co-authored-by: octodog <mu001@lablup.com>
This slice was carrying unrelated work that crept in during the original PR split (prometheus client, valkey route health, deployment auto_activate, web ssl_enabled, auth client_type_id, gql_legacy routing health_status). All such files are reverted to the slice-H base. Also fixes: - Use session.user.main_access_key (loaded via selectinload) instead of session.main_access_key in scheduler db_source — SessionRow has no main_access_key attribute. - UserService delegate path now resolves target_main_access_key via UserRepository.get_main_access_key_by_id and forwards it to delegate_endpoint_ownership. - Drop stale changes/BA-5650-H.breaking.md (slice H ships 11050.breaking.md). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Resolve conflict markers in scheduler db_source by keeping the user-table-joined ``main_access_key`` lookup (single source of truth) rather than the obsolete ``session.access_key`` snapshot. - Drop duplicate ``resolve_main_access_keys`` definition introduced by the rebase. - Use ``spec.access_key`` (SessionCreationSpec) where applicable — the spec dataclass keeps ``access_key`` for now. - Test fixture ``_make_session_data`` now passes ``owner_id`` instead of relying on attribute assignment after construction. - Use ``main_access_key`` on PendingSessionData in provisioner test. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
jopemachine
force-pushed
the
refactor/BA-5650-I-remaining
branch
from
9fbd63d to
d95ce09
Compare
``SessionRepository`` and the underlying ``SessionDBSource`` now take ``owner_id: UUID`` on every method that previously accepted ``owner_access_key: AccessKey``. Affects: - ``get_session_validated`` - ``match_sessions`` - ``update_session_name`` - ``find_dependency_sessions`` / ``_find_dependent_sessions`` - ``get_target_session_ids`` - ``get_session_with_group`` The matching ``dependency_graph`` helpers and ``creators`` are updated in lockstep. Service-layer callers still pass ``owner_access_key`` temporarily; they will be migrated in the next slice.
Rename access_key -> main_access_key on sokovan data types
(SessionAllocation, PreparedSessionData, SessionDataForPull,
SessionDataForStart, SessionWorkload) and update every sokovan caller
accordingly. Affects:
- sokovan/data/{allocation,lifecycle,workload}.py
- sokovan/scheduler/handlers/lifecycle/*
- sokovan/scheduler/handlers/maintenance/sweep_sessions.py
- sokovan/scheduler/provisioner/{provisioner,sequencers,validators}/*
- sokovan/scheduler/launcher/launcher.py
- sokovan/scheduler/post_processors/cache_invalidation.py
- sokovan/scheduler/fair_share/aggregator.py
- sokovan/scheduling_controller/{preparers,scheduling_controller}.py
- sokovan/deployment/{executor,route}.py
No external behavior change.
Clean up the ``changes/BA-5650-{D,E,F}.misc.md`` files that were superseded when each slice's news fragment was renamed to the assigned PR number (e.g. ``changes/11046.enhance.md``). These stragglers made it onto downstream branches during the cascade rebases.
- Tests for SessionEnqueueData / KernelEnqueueData / TerminatingSessionData now use ``main_access_key`` and ``owner_id`` (renamed in slice F/G). - ``SessionAdapter._session_data_to_node`` reads ``data.owner_id`` and drops the obsolete ``data.access_key``; the SessionMetadata GQL DTO's ``access_key`` field is now an empty string until the read-time resolver lands. - ``cache_invalidation`` uses ``info.access_key`` (the field name on SessionTransitionInfo). - ``ShutdownServiceAction``/``GetContainerLogsAction``/``RenameSessionAction`` no longer accept ``owner_access_key``; drop the kwarg in the GQL adapter. - ``ModelServingRepository.get_session_by_id`` drops the now-removed positional ``owner_access_key`` arg from ``SessionRow.get_session``. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Final slice of the BA-5650 stack split. Contains: - Remaining ORM touch-ups: models/endpoint/row.py, models/keypair/row.py, repositories/scheduler/{repository,db_source}.py, api/adapters/vfolder.py, api/gql_legacy/endpoint.py, api/gql_legacy/routing.py. - Test updates that depend on the action/service/DTO renames already landed in earlier slices: adapter/session, scheduler repositories, session lifecycle/service, sokovan scheduler suite, compute_sessions handler, dependency injection tests. - Autouse ``_user_context`` fixture under tests/unit/manager/services/session/conftest.py so service tests work without the auth middleware.
This slice was carrying unrelated work that crept in during the original PR split (prometheus client, valkey route health, deployment auto_activate, web ssl_enabled, auth client_type_id, gql_legacy routing health_status). All such files are reverted to the slice-H base. Also fixes: - Use session.user.main_access_key (loaded via selectinload) instead of session.main_access_key in scheduler db_source — SessionRow has no main_access_key attribute. - UserService delegate path now resolves target_main_access_key via UserRepository.get_main_access_key_by_id and forwards it to delegate_endpoint_ownership. - Drop stale changes/BA-5650-H.breaking.md (slice H ships 11050.breaking.md). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Resolve conflict markers in scheduler db_source by keeping the user-table-joined ``main_access_key`` lookup (single source of truth) rather than the obsolete ``session.access_key`` snapshot. - Drop duplicate ``resolve_main_access_keys`` definition introduced by the rebase. - Use ``spec.access_key`` (SessionCreationSpec) where applicable — the spec dataclass keeps ``access_key`` for now. - Test fixture ``_make_session_data`` now passes ``owner_id`` instead of relying on attribute assignment after construction. - Use ``main_access_key`` on PendingSessionData in provisioner test. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
REST v1 session endpoints no longer accept owner_access_key. The delegation field is replaced with owner_id (user UUID) and is honored only on the three session-creation endpoints (create_from_template / create_from_params / create_cluster). Read and control endpoints always act as the authenticated caller. - common/dto/manager/session/request.py: drop the owner_access_key field from Create/Destroy/Restart/GetContainerLogs/GetStatusHistory request DTOs; add owner_id to the three creation DTOs. - api/rest/session/handler.py: remove all 26 resolve_access_key_scope calls, drop the AuthProcessors dependency, and renumber log format placeholders that dropped the owner argument. - api/rest/v2/session/handler.py: drop the redundant user_ctx / access_key arguments from shutdown_service / get_logs / update. - api/adapters/session.py: update adapter call sites accordingly. - api/rest/tree.py: drop the auth= argument from SessionHandler(). Test updates for the corresponding DTO assertions and component fixtures are included.
Final slice of the BA-5650 stack split. Contains: - Remaining ORM touch-ups: models/endpoint/row.py, models/keypair/row.py, repositories/scheduler/{repository,db_source}.py, api/adapters/vfolder.py, api/gql_legacy/endpoint.py, api/gql_legacy/routing.py. - Test updates that depend on the action/service/DTO renames already landed in earlier slices: adapter/session, scheduler repositories, session lifecycle/service, sokovan scheduler suite, compute_sessions handler, dependency injection tests. - Autouse ``_user_context`` fixture under tests/unit/manager/services/session/conftest.py so service tests work without the auth middleware.
- Resolve conflict markers in scheduler db_source by keeping the user-table-joined ``main_access_key`` lookup (single source of truth) rather than the obsolete ``session.access_key`` snapshot. - Drop duplicate ``resolve_main_access_keys`` definition introduced by the rebase. - Use ``spec.access_key`` (SessionCreationSpec) where applicable — the spec dataclass keeps ``access_key`` for now. - Test fixture ``_make_session_data`` now passes ``owner_id`` instead of relying on attribute assignment after construction. - Use ``main_access_key`` on PendingSessionData in provisioner test. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Final slice of the BA-5650 stack split. Contains: - Remaining ORM touch-ups: models/endpoint/row.py, models/keypair/row.py, repositories/scheduler/{repository,db_source}.py, api/adapters/vfolder.py, api/gql_legacy/endpoint.py, api/gql_legacy/routing.py. - Test updates that depend on the action/service/DTO renames already landed in earlier slices: adapter/session, scheduler repositories, session lifecycle/service, sokovan scheduler suite, compute_sessions handler, dependency injection tests. - Autouse ``_user_context`` fixture under tests/unit/manager/services/session/conftest.py so service tests work without the auth middleware.
- Resolve conflict markers in scheduler db_source by keeping the user-table-joined ``main_access_key`` lookup (single source of truth) rather than the obsolete ``session.access_key`` snapshot. - Drop duplicate ``resolve_main_access_keys`` definition introduced by the rebase. - Use ``spec.access_key`` (SessionCreationSpec) where applicable — the spec dataclass keeps ``access_key`` for now. - Test fixture ``_make_session_data`` now passes ``owner_id`` instead of relying on attribute assignment after construction. - Use ``main_access_key`` on PendingSessionData in provisioner test. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Final slice of the BA-5650 stack split. Contains: - Remaining ORM touch-ups: models/endpoint/row.py, models/keypair/row.py, repositories/scheduler/{repository,db_source}.py, api/adapters/vfolder.py, api/gql_legacy/endpoint.py, api/gql_legacy/routing.py. - Test updates that depend on the action/service/DTO renames already landed in earlier slices: adapter/session, scheduler repositories, session lifecycle/service, sokovan scheduler suite, compute_sessions handler, dependency injection tests. - Autouse ``_user_context`` fixture under tests/unit/manager/services/session/conftest.py so service tests work without the auth middleware.
Schema-only step following the BA-5650 refactor stack. The access_key column is removed from both the sessions and kernels tables; downstream code resolves the owner's main_access_key from the users table at read time (keypair-scoped concurrency tracking, resource policy lookups, agent RPC payloads). The user_uuid column stays on both tables as the canonical owner reference. Adds alembic migration 8c1d2e3f4a5b_drop_session_kernel_access_key on top of 2a531e0c528e.
- Drop ix_kernels_unique_sess_token index by name and drop columns directly, instead of probing inspector for index names. - Tighten 11040.breaking.md to follow the project's single-sentence fragment convention. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Drop conflict markers in scheduler db_source and user/service.py introduced by rebase against the updated slice I (preserve the user-table-joined main_access_key resolution). - Drop duplicate ``resolve_main_access_keys`` definition. - Use ``spec.access_key`` for SessionCreationSpec in scheduler db_source. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
jopemachine
force-pushed
the
feat/BA-5653-drop-session-access-key-columns
branch
from
0a3d4b4 to
23aeac6
Compare
Co-authored-by: octodog <mu001@lablup.com>
jopemachine
force-pushed
the
refactor/BA-5650-I-remaining
branch
from
10229f8 to
edba2e7
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
📚 Stack
mainMerge from top to bottom. Intermediate slices may not build standalone; the final refactor tip is #11051, and #11040 is the schema-drop follow-up on top of it.
Summary
Breaking schema change. Alembic migration
8c1d2e3f4a5b_drop_session_kernel_access_keydropssessions.access_keyandkernels.access_keycolumns. Downstream callers resolve the owner'smain_access_keyfrom theuserstable.user_uuidcolumn stays. ORM drop of theaccess_keymapped column and call-site migration follow in subsequent commits on this branch.Resolves BA-5653. Part of epic BA-5650.
📚 Documentation preview 📚: https://sorna--11040.org.readthedocs.build/en/11040/
📚 Documentation preview 📚: https://sorna-ko--11040.org.readthedocs.build/ko/11040/
BA-5650 Series: Split Rationale
Overall goal: migrate the session owner identifier from
access_key(keypair) toowner_id(user UUID), and drop thesessions.access_key/kernels.access_keycolumns.Split criteria: layer + dependency order. Bottom-up (DB helpers → service → API) so the destructive column drop can land safely at the end.
get_main_access_key_by_idand related resolver helpers (everything else depends on this)UserPermission.user_uuid → owner_id; addmain_access_keyfieldSessionData.user_uuid → owner_id; Row adapters; GQL nodeSessionRepository,SessionDBSource, creators signaturesowner_idfrom 21 read/control Actions; resolve viacurrent_user()owner_access_keyfrom REST v1 DTOs (breaking)Why this split
access_keyfromowner_id. BA-5653 (destructive) only runs once every reader has migrated off the dropped column.