Skip to content

fix: reuse pool_config for migrator tmp pool#84

Merged
Taure merged 1 commit intomainfrom
fix/migrator-reuse-pool-config
Apr 3, 2026
Merged

fix: reuse pool_config for migrator tmp pool#84
Taure merged 1 commit intomainfrom
fix/migrator-reuse-pool-config

Conversation

@Taure
Copy link
Copy Markdown
Owner

@Taure Taure commented Apr 3, 2026

Summary

  • Migrator tmp pool now uses kura_app:pool_config() with database => "postgres" and pool_size => 1
  • Inherits socket_options, so IPv6 (Fly.io) works for database creation
  • Stops the tmp pool after use — previously leaked a connection to postgres DB for the app lifetime

Problem

The migrator manually built its pool config, missing socket_options. On Fly.io with IPv6-only Postgres, ensure_database failed with nxdomain because the tmp pool couldn't resolve the host.

Test plan

  • 8 existing kura_app_tests pass
  • Tested locally with asobi_arena via _checkouts
  • Dialyzer clean

@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 3, 2026
edited
Loading

🟢 Code Coverage — 93.5%

1927 of 2062 lines covered.

🟡 ELP Lint — 1 warning

5 diagnostics found. See job logs for details.

ℹ️ 11 OTP CVEs auto-ignored (already fixed in running version)

These CVEs are patched in the installed OTP version but NVD data
has not been updated to reflect this. They are excluded from the
scan via an auto-generated .trivyignore.

CVE Details
CVE-2026-23943 Fixed in 28.4.1, running 28.4.1 — Pre-auth SSH DoS via unbounded zlib inflate
CVE-2026-23942 Fixed in 28.4.1, running 28.4.1 — SFTP root escape via component-agnostic prefix check in ssh_sftpd
CVE-2026-23941 Fixed in 28.4.1, running 28.4.1 — Request smuggling via first-wins Content-Length parsing in inets httpd
CVE-2026-21620 Fixed in 28.3.2, running 28.4.1 — TFTP Path Traversal
CVE-2016-1000107 Fixed in 28.0.4, running 28.4.1 — Httpd CGI Scripts Environment Variable Pollution AKA "httpoxy"
CVE-2025-58050 Fixed in 28.0.3, running 28.4.1 — Buffer Read Overflow on Regular Expressions with (*scs:) and (*ACCEPT)
CVE-2025-48038 Fixed in 28.0.3, running 28.4.1 — SSH Unverified File Handles can Cause Excessive Use of System Resources
CVE-2025-48039 Fixed in 28.0.3, running 28.4.1 — SSH Unverified Paths can Cause Excessive Use of System Resources
CVE-2025-48040 Fixed in 28.0.3, running 28.4.1 — SSH Malicious Key Exchange Messages may Lead to Excessive Resource Consumption
CVE-2025-48041 Fixed in 28.0.3, running 28.4.1 — SSH_FXP_OPENDIR may Lead to Exhaustion of File Handles
CVE-2025-4748 Fixed in 28.0.1, running 28.4.1 — Absolute Path in Zip Module

@Taure
fix: reuse pool_config for migrator tmp pool
74d77b8 
The migrator's temporary pool (used to ensure the database exists)
was manually constructing its config, missing socket_options and
any future pool_config additions. Now reuses kura_app:pool_config()
with database overridden to "postgres" and pool_size to 1.

Also stops the tmp pool after use to avoid leaking a connection.
@Taure Taure force-pushed the fix/migrator-reuse-pool-config branch from a7cc2a6 to 74d77b8 Compare April 3, 2026 08:37
@Taure Taure merged commit 47caf91 into main Apr 3, 2026
16 checks passed
@Taure Taure deleted the fix/migrator-reuse-pool-config branch April 3, 2026 08:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Taure