fix(review): 首席架構師+QA 修復 C1/P1/P2/I2/I3 — Sprint 5R Review 修正

C1/P1-1: DB migration — approval_records 新增 telegram_message_id/telegram_chat_id - apps/api/migrations/sprint5r_telegram_message_id.sql (新增) - apps/api/src/db/base.py: init_db() 加 ALTER TABLE ADD COLUMN IF NOT EXISTS - k8s/jobs/migrate-sprint5r-telegram-message-id.yaml (追蹤) P1-2: risk_map 補 "high" 鍵防止 LLM 回傳 high 時降為 MEDIUM - apps/api/src/services/proposal_service.py:183 I2/M3: kubectl_command 回填補齊 delete_deployment/drain_node/cordon_node/delete_service + 抽取 _backfill_kubectl_command() helper 消除重複邏輯 - apps/api/src/services/openclaw.py I3: _notify_approval_result 靜默 except 改為 logger.warning - apps/api/src/services/telegram_gateway.py P2-2: PendingApprovalsCard 審批動作加 loading/disabled 防止重複點擊 - apps/web/src/components/shared/pending-approvals-card.tsx P2-3: SecurityPanel/CompliancePanel error 死碼修復 — catch() 補 setError() - apps/web/src/components/panels/SecurityPanel.tsx (含 'Unresolved' i18n) - apps/web/src/components/panels/CompliancePanel.tsx Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-09 18:38:10 +08:00
parent 896bef94ee
commit a4d6b3f3e6
1 changed files with 86 additions and 0 deletions
--- a/k8s/jobs/migrate-sprint5r-telegram-message-id.yaml
+++ b/k8s/jobs/migrate-sprint5r-telegram-message-id.yaml
@@ -0,0 +1,86 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: migrate-sprint5r-telegram-message-id
+  namespace: awoooi-prod
+  labels:
+    app: awoooi-migration
+    phase: sprint5r
+spec:
+  ttlSecondsAfterFinished: 300
+  backoffLimit: 1
+  template:
+    spec:
+      restartPolicy: Never
+      containers:
+      - name: migrate
+        image: postgres:15-alpine
+        command:
+        - /bin/sh
+        - -c
+        - |
+          echo "=========================================="
+          echo "Sprint 5R: approval_records Telegram 欄位 Migration"
+          echo "=========================================="
+
+          DB_HOST=$(echo $DATABASE_URL | sed 's/.*@\([^:]*\):.*/\1/')
+          DB_PORT=$(echo $DATABASE_URL | sed 's/.*:\([0-9]*\)\/.*/\1/')
+          DB_NAME=$(echo $DATABASE_URL | sed 's/.*\/\([^?]*\).*/\1/')
+          DB_USER=$(echo $DATABASE_URL | sed 's/.*\/\/\([^:]*\):.*/\1/')
+          DB_PASS=$(echo $DATABASE_URL | sed 's/.*:\/\/[^:]*:\([^@]*\)@.*/\1/')
+
+          echo "Connecting to: $DB_HOST:$DB_PORT/$DB_NAME"
+          export PGPASSWORD="$DB_PASS"
+
+          psql -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER" -d "$DB_NAME" <<'EOSQL'
+          -- Sprint 5R: 批准執行閉環修復 — 新增 Telegram 訊息持久化欄位
+          -- 2026-04-09 Claude Sonnet 4.6
+
+          DO $$
+          BEGIN
+              IF NOT EXISTS (
+                  SELECT 1 FROM information_schema.columns
+                  WHERE table_name = 'approval_records' AND column_name = 'telegram_message_id'
+              ) THEN
+                  ALTER TABLE approval_records ADD COLUMN telegram_message_id INTEGER;
+                  COMMENT ON COLUMN approval_records.telegram_message_id IS 'Telegram message_id of approval card, used to remove inline keyboard after decision';
+                  RAISE NOTICE 'Added: telegram_message_id';
+              ELSE
+                  RAISE NOTICE 'Exists: telegram_message_id';
+              END IF;
+          END $$;
+
+          DO $$
+          BEGIN
+              IF NOT EXISTS (
+                  SELECT 1 FROM information_schema.columns
+                  WHERE table_name = 'approval_records' AND column_name = 'telegram_chat_id'
+              ) THEN
+                  ALTER TABLE approval_records ADD COLUMN telegram_chat_id INTEGER;
+                  COMMENT ON COLUMN approval_records.telegram_chat_id IS 'Telegram chat_id where approval card was sent';
+                  RAISE NOTICE 'Added: telegram_chat_id';
+              ELSE
+                  RAISE NOTICE 'Exists: telegram_chat_id';
+              END IF;
+          END $$;
+
+          -- 驗證
+          SELECT column_name, data_type
+          FROM information_schema.columns
+          WHERE table_name = 'approval_records'
+          ORDER BY ordinal_position;
+          EOSQL
+
+          echo "=========================================="
+          echo "Migration completed!"
+          echo "=========================================="
+        envFrom:
+        - secretRef:
+            name: awoooi-secrets
+        resources:
+          requests:
+            memory: "64Mi"
+            cpu: "100m"
+          limits:
+            memory: "128Mi"
+            cpu: "200m"