Skip to content

feat(tilt): Add setup peerdb peers in Tilt#4444

Open
masterashu wants to merge 3 commits into
mainfrom
add-setup-peers-in-tilt
Open

feat(tilt): Add setup peerdb peers in Tilt#4444
masterashu wants to merge 3 commits into
mainfrom
add-setup-peers-in-tilt

Conversation

@masterashu

@masterashu masterashu commented Jun 18, 2026

Copy link
Copy Markdown
Contributor

No description provided.

@masterashu masterashu requested a review from a team as a code owner June 18, 2026 14:16
@masterashu masterashu changed the title Add setup peerdb peers in Tilt setup files Add setup peerdb peers in Tilt Jun 18, 2026
ilidemi
ilidemi reviewed Jun 18, 2026
View reviewed changes
Comment thread local_provision_scripts/setup-clickhouse-peer.sh Outdated
. "$SCRIPT_DIR/../.env"
. "$SCRIPT_DIR/../ancillary.env"

PEERDB_NEXUS_PORT="${PEERDB_NEXUS_PORT:-9900}"

@ilidemi ilidemi Jun 18, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Being able to use psql is nice but we want to hard move away from Nexus. curl request to flow-api should be about the same complexity and backcompat

@masterashu masterashu Jun 19, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Got it 👍

@masterashu masterashu changed the title Add setup peerdb peers in Tilt feat(tilt): Add setup peerdb peers in Tilt Jun 19, 2026
@claude

claude Bot commented Jun 19, 2026

Copy link
Copy Markdown

Code review

Issue: REVIEW.md violation — secrets logged to stdout

File: local_provision_scripts/flow_api_call.sh (line 12-14)

The call_api() function unconditionally echoes the full JSON payload to stdout:

echo "Payload: $_call_api_payload"

Every calling script passes payloads containing credentials — PG_PASSWORD, CI_MYSQL_ROOT_PASSWORD, CI_MONGO_PASSWORD, AWS_SECRET_ACCESS_KEY, etc. In the Tilt dev environment, this output is captured and displayed in the Tilt UI logs.

This violates REVIEW.md rule #1:

Changes should not include addition of outputs through stdout, stderr or logs that might contain PII or Secret information. Play special attention to printing passwords and access tokens.

Suggested fix: Remove line 13 (echo "Payload: $_call_api_payload") from flow_api_call.sh. The endpoint and method are already logged on line 12, which is sufficient for debugging without exposing secrets.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ilidemi ilidemi ilidemi left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@masterashu @ilidemi