feat(pb): get multi-actors working e2e, add resources for builds

[MasterPtato]

Changes

[MasterPtato]

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

• fix: get pb manager test working e2e again #2721
• fix: convert runner protocol to protobuf #2702
• fix: even more actor api changes #2714
• chore: flatten actor api spec #2698
• fix: increase default actor kill timeout to 5s #2701
• fix: dont clear ingress ports on reschedule #2700
• fix: add cpu constraints to oci config #2697
• fix: api changes #2692
• fix: fix logs for new actors #2649
• feat: add actor queue #2644
• feat: add actor kv to runners #2638
• feat: get multi actors working e2e on docker compose #2637
• fix: add udp ports to docker compose #2635
• chore: fix merge conflicts #2634
• fix: get new actors working on docker compose #2623
• fix: figure out actor log shipping #2622
• fix(pegboard): convert ws manager socket to unix socket #2478
• fix(pb): get new actor ids working e2e #2471
• feat: implement new actor ids #2467
• feat(pb): get multi-actors working e2e, add resources for builds #2465 👈 (View in Graphite)
• feat(pb): add runner logs #2447
• feat: add runners to pb protocol #2433
• chore(pegboard): add exit code log from container runner #2477
• fix(workflows): fix branch version bug #2475
• chore(pegboard): replace computing image size manually with using tar bytes read #2625
• fix: make pb image downloads random, remove prewarm from pb protocol #2784
• fix: clean up worker threads in the event of an error #2783
• fix: make query_as macros retry #2773
• main

---

How to use the Graphite Merge Queue

Add the label merge-queue to this PR to add it to the merge queue.

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

[cloudflare-workers-and-pages]

Deploying rivet with    Cloudflare Pages

Latest commit:	0a4329c
Status:	🚫  Build failed.

View logs

[greptile-apps]

PR Summary

This PR implements multi-actor support and resource management for builds, with significant changes across the codebase to support allocation types and optional resource specifications.

• Added new BuildsAllocation types in SDKs to support both single and multi-slot allocations, with proper serialization and validation
• Made actor resources optional by changing resources field from required to optional in ActorsActor type, affecting database schema and API endpoints
• Renamed build-related types for better consistency (e.g., BuildsBuildKind -> BuildsKind, BuildsBuildCompression -> BuildsCompression)
• Fixed critical bug in managerClient.ts where signal_actor handler incorrectly references packet.start_actor instead of packet.signal_actor
• Added proper resource validation in pegboard service based on build allocation type (None, Single, Multi) with CPU millicores and memory MiB specifications

_{139 file(s) reviewed, 44 comment(s)
Edit PR Review Bot Settings | Greptile}

[greptile-apps]

style: unreachable code after process.exit() should be removed

[greptile-apps]

style: avoid using 'any' type - should define proper type from @hono/node-ws

[greptile-apps]

style: server instance should be handled for graceful shutdown (e.g., process.on('SIGTERM'))

[greptile-apps]

style: use explicit boolean check for environment variable

Suggested change

	if (process.env.MULTI) {
	if (process.env.MULTI === 'true') {

[greptile-apps]

style: port validation should happen before socket creation to avoid creating resources that may need cleanup

[greptile-apps]

logic: content_length is typed as i64 but documented as 'Unsigned 64 bit integer' - this could allow negative values when it shouldn't

Suggested change

	#[serde(rename = "content_length")]
	pub content_length: i64,
	#[serde(rename = "content_length")]
	pub content_length: u64,

[greptile-apps]

style: Missing explicit serde crate import. While it may work due to prelude, explicit imports improve code clarity

[greptile-apps]

logic: Both fields being optional (marked with ?) means an Allocation could potentially have neither single nor multi set. Consider if this is the intended behavior or if at least one should be required.

[greptile-apps]

style: Raw type should be marked as readonly to prevent accidental modification of valid enum values

[greptile-apps]

logic: Removing this file will break build compression type serialization unless this functionality has been moved elsewhere. Need to verify that equivalent functionality exists in another location before proceeding with deletion.

[cloudflare-workers-and-pages]

Deploying rivet-studio with    Cloudflare Pages

Latest commit:	0a4329c
Status:	🚫  Build failed.

View logs

[cloudflare-workers-and-pages]

Deploying rivet-hub with    Cloudflare Pages

Latest commit:	0a4329c
Status:	🚫  Build failed.

View logs

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[claude]

Claude finished @MasterPtato's task —— View job

---

PR Review: Multi-Actor Support and Resource Management

Review Checklist:

• Read repository guidelines and understand changes
• Review API design and type safety
• Examine core service logic and resource management
• Check database migrations and schema changes
• Analyze security implications
• Review example implementations
• Provide comprehensive feedback

Progress: Analysis complete, providing detailed feedback...

🐛 Critical Issues

1. Logic Bug in Manager Client (High Priority)

File: examples/system-test-actor/src/managerClient.ts:59-60

// BUG: Using packet.start_actor instead of packet.signal_actor
actor_id: packet.start_actor.actor_id,
generation: packet.start_actor.generation,

Fix:

actor_id: packet.signal_actor.actor_id,
generation: packet.signal_actor.generation,

This will cause runtime errors when signal_actor packets are received.

2. Invalid API State: Empty Allocation

File: sdks/api/fern/definition/builds/common.yml:37-40

The Allocation type allows both single and multi to be null/undefined, creating invalid states. The API should enforce that exactly one allocation type is specified.

🔧 Type Safety & Design Issues

3. Type Safety Loss with serde_json::Value

Files: Multiple SDK files use serde_json::Value for single allocation

// Current (loses type safety)
pub single: Option<serde_json::Value>,

// Better approach
pub single: Option<BuildsAllocationSingle>,

4. Signed vs Unsigned Integer Mismatch

File: sdks/api/full/rust/src/models/builds_build.rs:22

// Should be u64 as documented
pub content_length: i64, // Currently signed, should be unsigned

5. Missing Validation for Slot Count

File: sdks/api/full/rust/src/models/builds_allocation_multi.rs:17

Slot count should be positive and have reasonable limits:

pub slots: u32, // Use unsigned, add validation for min/max

⚡ Performance & Resource Management

6. Good: Proper Resource Validation

The validation logic in packages/edge/services/pegboard/src/workflows/actor2/setup.rs:94-121 correctly handles different allocation types:

• Single: Requires actor-specified resources
• Multi: Uses build-defined resources
• None: Properly rejects old builds

7. Good: Tier-Based Resource Selection

The resource selection logic properly finds appropriate tiers and validates against available resources.

🔒 Security Assessment

8. Good: Input Validation**

Resource limits are properly validated:

• CPU millicores and memory MiB checks
• Tag count and size limits (max 8 tags, 32 bytes labels, 1024 bytes values)
• Environment variable limits (max 64, proper size limits)

9. Good: Database Security

Database fields are properly parameterized, preventing SQL injection.

📊 Database & Migration Issues

10. Missing Constraints

File: packages/edge/services/pegboard/src/workflows/actor2/migrations.rs:27

Add CHECK constraints for positive resource values:

resources_cpu_millicores INT CHECK (resources_cpu_millicores IS NULL OR resources_cpu_millicores >= 0),
resources_memory_mib INT CHECK (resources_memory_mib IS NULL OR resources_memory_mib >= 0)

🚨 API Consistency Issues

11. Allocation Logic Validation

File: packages/core/api/actor/src/route/builds.rs:396-415

The validation correctly prevents invalid states:

match (&alloc.single, &alloc.multi) {
    (Some(_), Some(_)) => bail!("cannot set both single and multi"),
    (None, None) => bail!("must set one of single or multi"),
    // ...
}

However, the API schema should enforce this at the type level.

🎯 Style & Code Quality

12. Unreachable Code

File: examples/system-test-actor/src/httpServer.ts:42

Code after process.exit() should be removed as it's unreachable.

13. Grammar Fix

File: sdks/api/fern/definition/builds/common.yml:33

# Current
docs: None compression.
# Should be
docs: No compression.

✅ Positive Aspects

1. Comprehensive Resource Management: The multi-allocation system is well-designed with proper validation
2. Good Error Handling: Clear error messages and proper validation throughout
3. Backward Compatibility: Proper handling of legacy builds
4. Resource Optimization: Intelligent tier selection for resource allocation
5. Security: Good input validation and parameterized queries

📋 Recommendations

High Priority

1. Fix the critical manager client bug - This will cause runtime failures
2. Enforce allocation type constraints at the API schema level
3. Add database CHECK constraints for resource values

Medium Priority

1. Replace serde_json::Value with proper types for better type safety
2. Fix integer signedness for content_length field
3. Add proper validation for slot counts and resource limits

Low Priority

1. Clean up unreachable code and grammar issues
2. Add comprehensive integration tests for the new allocation types
3. Document the resource allocation strategy for different build types

🧪 Test Coverage Assessment

Based on the code changes, the following areas need thorough testing:

• Multi-actor allocation and scheduling
• Resource validation edge cases
• Build creation with different allocation types
• Manager client protocol handling
• Database migration compatibility

The PR implements a complex feature that significantly changes resource allocation behavior, so comprehensive end-to-end testing is crucial.

Overall Assessment: This is a substantial and well-architected change that introduces important multi-actor capabilities. The core logic is sound, but there are several critical and type safety issues that should be addressed before merging.

[claude]

Claude finished @MasterPtato's task —— View job

---

PR Review: Multi-Actor Support and Resource Management

Review Checklist:

• Read repository guidelines and understand changes
• Review API design and type safety
• Examine core service logic and resource management
• Check database migrations and schema changes
• Analyze security implications
• Review example implementations
• Provide comprehensive feedback

Progress: Analysis complete, providing detailed feedback...

🐛 Critical Issues

1. Logic Bug in Manager Client (High Priority)

File: examples/system-test-actor/src/managerClient.ts:59-60

// BUG: Using packet.start_actor instead of packet.signal_actor
actor_id: packet.start_actor.actor_id,
generation: packet.start_actor.generation,

Fix:

actor_id: packet.signal_actor.actor_id,
generation: packet.signal_actor.generation,

This will cause runtime errors when signal_actor packets are received.

2. Invalid API State: Empty Allocation

File: sdks/api/fern/definition/builds/common.yml:37-40

The Allocation type allows both single and multi to be null/undefined, creating invalid states. The API should enforce that exactly one allocation type is specified.

🔧 Type Safety & Design Issues

3. Type Safety Loss with serde_json::Value

Files: Multiple SDK files use serde_json::Value for single allocation

// Current (loses type safety)
pub single: Option<serde_json::Value>,

// Better approach
pub single: Option<BuildsAllocationSingle>,

4. Signed vs Unsigned Integer Mismatch

File: sdks/api/full/rust/src/models/builds_build.rs:22

// Should be u64 as documented
pub content_length: i64, // Currently signed, should be unsigned

5. Missing Validation for Slot Count

File: sdks/api/full/rust/src/models/builds_allocation_multi.rs:17

Slot count should be positive and have reasonable limits:

pub slots: u32, // Use unsigned, add validation for min/max

⚡ Performance & Resource Management

6. Good: Proper Resource Validation

The validation logic in packages/edge/services/pegboard/src/workflows/actor2/setup.rs:94-121 correctly handles different allocation types:

• Single: Requires actor-specified resources
• Multi: Uses build-defined resources
• None: Properly rejects old builds

7. Good: Tier-Based Resource Selection

The resource selection logic properly finds appropriate tiers and validates against available resources.

🔒 Security Assessment

8. Good: Input Validation**

Resource limits are properly validated:

• CPU millicores and memory MiB checks
• Tag count and size limits (max 8 tags, 32 bytes labels, 1024 bytes values)
• Environment variable limits (max 64, proper size limits)

9. Good: Database Security

Database fields are properly parameterized, preventing SQL injection.

📊 Database & Migration Issues

10. Missing Constraints

File: packages/core/services/build/db/build/migrations/20250520152659_resources.up.sql

Add CHECK constraints for positive resource values:

resources_cpu_millicores INT CHECK (resources_cpu_millicores IS NULL OR resources_cpu_millicores >= 0),
resources_memory_mib INT CHECK (resources_memory_mib IS NULL OR resources_memory_mib >= 0)

🚨 API Consistency Issues

11. Allocation Logic Validation

File: packages/core/api/actor/src/route/builds.rs:396-415

The validation correctly prevents invalid states:

match (&alloc.single, &alloc.multi) {
    (Some(_), Some(_)) => bail!("cannot set both single and multi"),
    (None, None) => bail!("must set one of single or multi"),
    // ...
}

However, the API schema should enforce this at the type level.

🎯 Style & Code Quality

12. Unreachable Code

File: examples/system-test-actor/src/httpServer.ts:42

Code after process.exit() should be removed as it's unreachable.

13. Grammar Fix

File: sdks/api/fern/definition/builds/common.yml:33

# Current
docs: None compression.
# Should be
docs: No compression.

✅ Positive Aspects

1. Comprehensive Resource Management: The multi-allocation system is well-designed with proper validation
2. Good Error Handling: Clear error messages and proper validation throughout
3. Backward Compatibility: Proper handling of legacy builds
4. Resource Optimization: Intelligent tier selection for resource allocation
5. Security: Good input validation and parameterized queries

📋 Recommendations

High Priority

1. Fix the critical manager client bug - This will cause runtime failures
2. Enforce allocation type constraints at the API schema level
3. Add database CHECK constraints for resource values

Medium Priority

1. Replace serde_json::Value with proper types for better type safety
2. Fix integer signedness for content_length field
3. Add proper validation for slot counts and resource limits

Low Priority

1. Clean up unreachable code and grammar issues
2. Add comprehensive integration tests for the new allocation types
3. Document the resource allocation strategy for different build types

🧪 Test Coverage Assessment

Based on the code changes, the following areas need thorough testing:

• Multi-actor allocation and scheduling
• Resource validation edge cases
• Build creation with different allocation types
• Manager client protocol handling
• Database migration compatibility

The PR implements a complex feature that significantly changes resource allocation behavior, so comprehensive end-to-end testing is crucial.

Overall Assessment: This is a substantial and well-architected change that introduces important multi-actor capabilities. The core logic is sound, but there are several critical and type safety issues that should be addressed before merging.

---

[claude]

Claude finished @MasterPtato's task —— View job

---

PR Review: Multi-Actor Support and Resource Management

Review Checklist:

• Read repository guidelines and understand changes
• Review API design and type safety
• Examine core service logic and resource management
• Check database migrations and schema changes
• Analyze security implications
• Review example implementations
• Provide comprehensive feedback

Progress: Analysis complete, providing detailed feedback...

🐛 Critical Issues

1. Logic Bug in Manager Client (High Priority)

File: examples/system-test-actor/src/managerClient.ts:59-60

// BUG: Using packet.start_actor instead of packet.signal_actor
actor_id: packet.start_actor.actor_id,
generation: packet.start_actor.generation,

Fix:

actor_id: packet.signal_actor.actor_id,
generation: packet.signal_actor.generation,

This will cause runtime errors when signal_actor packets are received.

2. Invalid API State: Empty Allocation

File: sdks/api/fern/definition/builds/common.yml:37-40

The Allocation type allows both single and multi to be null/undefined, creating invalid states. The API should enforce that exactly one allocation type is specified.

🔧 Type Safety & Design Issues

3. Type Safety Loss with serde_json::Value

Files: Multiple SDK files use serde_json::Value for single allocation

// Current (loses type safety)
pub single: Option<serde_json::Value>,

// Better approach
pub single: Option<BuildsAllocationSingle>,

4. Signed vs Unsigned Integer Mismatch

File: sdks/api/full/rust/src/models/builds_build.rs:22

// Should be u64 as documented
pub content_length: i64, // Currently signed, should be unsigned

5. Missing Validation for Slot Count

File: sdks/api/full/rust/src/models/builds_allocation_multi.rs:17

Slot count should be positive and have reasonable limits:

pub slots: u32, // Use unsigned, add validation for min/max

⚡ Performance & Resource Management

6. Good: Proper Resource Validation

The validation logic in packages/edge/services/pegboard/src/workflows/actor2/setup.rs:94-121 correctly handles different allocation types:

• Single: Requires actor-specified resources
• Multi: Uses build-defined resources
• None: Properly rejects old builds

7. Good: Tier-Based Resource Selection

The resource selection logic properly finds appropriate tiers and validates against available resources.

🔒 Security Assessment

8. Good: Input Validation**

Resource limits are properly validated:

• CPU millicores and memory MiB checks
• Tag count and size limits (max 8 tags, 32 bytes labels, 1024 bytes values)
• Environment variable limits (max 64, proper size limits)

9. Good: Database Security

Database fields are properly parameterized, preventing SQL injection.

📊 Database & Migration Issues

10. Missing Constraints

File: packages/edge/services/pegboard/src/workflows/actor2/migrations.rs:27

Add CHECK constraints for positive resource values:

resources_cpu_millicores INT CHECK (resources_cpu_millicores IS NULL OR resources_cpu_millicores >= 0),
resources_memory_mib INT CHECK (resources_memory_mib IS NULL OR resources_memory_mib >= 0)

🚨 API Consistency Issues

11. Allocation Logic Validation

File: packages/core/api/actor/src/route/builds.rs:396-415

The validation correctly prevents invalid states:

match (&alloc.single, &alloc.multi) {
    (Some(_), Some(_)) => bail!("cannot set both single and multi"),
    (None, None) => bail!("must set one of single or multi"),
    // ...
}

However, the API schema should enforce this at the type level.

🎯 Style & Code Quality

12. Unreachable Code

File: examples/system-test-actor/src/httpServer.ts:42

Code after process.exit() should be removed as it's unreachable.

13. Grammar Fix

File: sdks/api/fern/definition/builds/common.yml:33

# Current
docs: None compression.
# Should be
docs: No compression.

✅ Positive Aspects

1. Comprehensive Resource Management: The multi-allocation system is well-designed with proper validation
2. Good Error Handling: Clear error messages and proper validation throughout
3. Backward Compatibility: Proper handling of legacy builds
4. Resource Optimization: Intelligent tier selection for resource allocation
5. Security: Good input validation and parameterized queries

📋 Recommendations

High Priority

1. Fix the critical manager client bug - This will cause runtime failures
2. Enforce allocation type constraints at the API schema level
3. Add database CHECK constraints for resource values

Medium Priority

1. Replace serde_json::Value with proper types for better type safety
2. Fix integer signedness for content_length field
3. Add proper validation for slot counts and resource limits

Low Priority

1. Clean up unreachable code and grammar issues
2. Add comprehensive integration tests for the new allocation types
3. Document the resource allocation strategy for different build types

🧪 Test Coverage Assessment

Based on the code changes, the following areas need thorough testing:

• Multi-actor allocation and scheduling
• Resource validation edge cases
• Build creation with different allocation types
• Manager client protocol handling
• Database migration compatibility

The PR implements a complex feature that significantly changes resource allocation behavior, so comprehensive end-to-end testing is crucial.

Overall Assessment: This is a substantial and well-architected change that introduces important multi-actor capabilities. The core logic is sound, but there are several critical and type safety issues that should be addressed before merging.

---

[claude]

Claude finished @MasterPtato's task —— View job

---

PR Review: Multi-Actor Support and Resource Management

Review Checklist:

• Read repository guidelines and understand changes
• Review API design and type safety
• Examine core service logic and resource management
• Check database migrations and schema changes
• Analyze security implications
• Review example implementations
• Provide comprehensive feedback

Progress: Analysis complete, providing detailed feedback...

🐛 Critical Issues

1. Logic Bug in Manager Client (High Priority)

File: examples/system-test-actor/src/managerClient.ts:59-60

// BUG: Using packet.start_actor instead of packet.signal_actor
actor_id: packet.start_actor.actor_id,
generation: packet.start_actor.generation,

Fix:

actor_id: packet.signal_actor.actor_id,
generation: packet.signal_actor.generation,

This will cause runtime errors when signal_actor packets are received.

2. Invalid API State: Empty Allocation

File: sdks/api/fern/definition/builds/common.yml:37-40

The Allocation type allows both single and multi to be null/undefined, creating invalid states. The API should enforce that exactly one allocation type is specified.

🔧 Type Safety & Design Issues

3. Type Safety Loss with serde_json::Value

Files: Multiple SDK files use serde_json::Value for single allocation

// Current (loses type safety)
pub single: Option<serde_json::Value>,

// Better approach
pub single: Option<BuildsAllocationSingle>,

4. Signed vs Unsigned Integer Mismatch

File: sdks/api/full/rust/src/models/builds_build.rs:22

// Should be u64 as documented
pub content_length: i64, // Currently signed, should be unsigned

5. Missing Validation for Slot Count

File: sdks/api/full/rust/src/models/builds_allocation_multi.rs:17

Slot count should be positive and have reasonable limits:

pub slots: u32, // Use unsigned, add validation for min/max

⚡ Performance & Resource Management

6. Good: Proper Resource Validation

The validation logic in packages/edge/services/pegboard/src/workflows/actor2/setup.rs:94-121 correctly handles different allocation types:

• Single: Requires actor-specified resources
• Multi: Uses build-defined resources
• None: Properly rejects old builds

7. Good: Tier-Based Resource Selection

The resource selection logic properly finds appropriate tiers and validates against available resources.

🔒 Security Assessment

8. Good: Input Validation**

Resource limits are properly validated:

• CPU millicores and memory MiB checks
• Tag count and size limits (max 8 tags, 32 bytes labels, 1024 bytes values)
• Environment variable limits (max 64, proper size limits)

9. Good: Database Security

Database fields are properly parameterized, preventing SQL injection.

📊 Database & Migration Issues

10. Missing Constraints

File: packages/edge/services/pegboard/src/workflows/actor2/migrations.rs:27

Add CHECK constraints for positive resource values:

resources_cpu_millicores INT CHECK (resources_cpu_millicores IS NULL OR resources_cpu_millicores >= 0),
resources_memory_mib INT CHECK (resources_memory_mib IS NULL OR resources_memory_mib >= 0)

🚨 API Consistency Issues

11. Allocation Logic Validation

File: packages/core/api/actor/src/route/builds.rs:396-415

The validation correctly prevents invalid states:

match (&alloc.single, &alloc.multi) {
    (Some(_), Some(_)) => bail!("cannot set both single and multi"),
    (None, None) => bail!("must set one of single or multi"),
    // ...
}

However, the API schema should enforce this at the type level.

🎯 Style & Code Quality

12. Unreachable Code

File: examples/system-test-actor/src/httpServer.ts:42

Code after process.exit() should be removed as it's unreachable.

13. Grammar Fix

File: sdks/api/fern/definition/builds/common.yml:33

# Current
docs: None compression.
# Should be
docs: No compression.

✅ Positive Aspects

1. Comprehensive Resource Management: The multi-allocation system is well-designed with proper validation
2. Good Error Handling: Clear error messages and proper validation throughout
3. Backward Compatibility: Proper handling of legacy builds
4. Resource Optimization: Intelligent tier selection for resource allocation
5. Security: Good input validation and parameterized queries

📋 Recommendations

High Priority

1. Fix the critical manager client bug - This will cause runtime failures
2. Enforce allocation type constraints at the API schema level
3. Add database CHECK constraints for resource values

Medium Priority

1. Replace serde_json::Value with proper types for better type safety
2. Fix integer signedness for content_length field
3. Add proper validation for slot counts and resource limits

Low Priority

1. Clean up unreachable code and grammar issues
2. Add comprehensive integration tests for the new allocation types
3. Document the resource allocation strategy for different build types

🧪 Test Coverage Assessment

Based on the code changes, the following areas need thorough testing:

• Multi-actor allocation and scheduling
• Resource validation edge cases
• Build creation with different allocation types
• Manager client protocol handling
• Database migration compatibility

The PR implements a complex feature that significantly changes resource allocation behavior, so comprehensive end-to-end testing is crucial.

Overall Assessment: This is a substantial and well-architected change that introduces important multi-actor capabilities. The core logic is sound, but there are several critical and type safety issues that should be addressed before merging.

[claude]

Claude finished @MasterPtato's task —— View job

---

PR Review: Multi-Actor Support and Resource Management

Review Checklist:

• Read repository guidelines and understand changes
• Review API design and type safety
• Examine core service logic and resource management
• Check database migrations and schema changes
• Analyze security implications
• Review example implementations
• Provide comprehensive feedback

Progress: Analysis complete, providing detailed feedback...

🐛 Critical Issues

1. Logic Bug in Manager Client (High Priority)

File: examples/system-test-actor/src/managerClient.ts:59-60

// BUG: Using packet.start_actor instead of packet.signal_actor
actor_id: packet.start_actor.actor_id,
generation: packet.start_actor.generation,

Fix:

actor_id: packet.signal_actor.actor_id,
generation: packet.signal_actor.generation,

This will cause runtime errors when signal_actor packets are received.

2. Invalid API State: Empty Allocation

File: sdks/api/fern/definition/builds/common.yml:37-40

The Allocation type allows both single and multi to be null/undefined, creating invalid states. The API should enforce that exactly one allocation type is specified.

🔧 Type Safety & Design Issues

3. Type Safety Loss with serde_json::Value

Files: Multiple SDK files use serde_json::Value for single allocation

// Current (loses type safety)
pub single: Option<serde_json::Value>,

// Better approach
pub single: Option<BuildsAllocationSingle>,

4. Signed vs Unsigned Integer Mismatch

File: sdks/api/full/rust/src/models/builds_build.rs:22

// Should be u64 as documented
pub content_length: i64, // Currently signed, should be unsigned

5. Missing Validation for Slot Count

File: sdks/api/full/rust/src/models/builds_allocation_multi.rs:17

Slot count should be positive and have reasonable limits:

pub slots: u32, // Use unsigned, add validation for min/max

⚡ Performance & Resource Management

6. Good: Proper Resource Validation

The validation logic in packages/edge/services/pegboard/src/workflows/actor2/setup.rs:94-121 correctly handles different allocation types:

• Single: Requires actor-specified resources
• Multi: Uses build-defined resources
• None: Properly rejects old builds

7. Good: Tier-Based Resource Selection

The resource selection logic properly finds appropriate tiers and validates against available resources.

🔒 Security Assessment

8. Good: Input Validation**

Resource limits are properly validated:

• CPU millicores and memory MiB checks
• Tag count and size limits (max 8 tags, 32 bytes labels, 1024 bytes values)
• Environment variable limits (max 64, proper size limits)

9. Good: Database Security

Database fields are properly parameterized, preventing SQL injection.

📊 Database & Migration Issues

10. Missing Constraints

File: packages/edge/services/pegboard/src/workflows/actor2/migrations.rs:27

Add CHECK constraints for positive resource values:

resources_cpu_millicores INT CHECK (resources_cpu_millicores IS NULL OR resources_cpu_millicores >= 0),
resources_memory_mib INT CHECK (resources_memory_mib IS NULL OR resources_memory_mib >= 0)

🚨 API Consistency Issues

11. Allocation Logic Validation

File: packages/core/api/actor/src/route/builds.rs:396-415

The validation correctly prevents invalid states:

match (&alloc.single, &alloc.multi) {
    (Some(_), Some(_)) => bail!("cannot set both single and multi"),
    (None, None) => bail!("must set one of single or multi"),
    // ...
}

However, the API schema should enforce this at the type level.

🎯 Style & Code Quality

12. Unreachable Code

File: examples/system-test-actor/src/httpServer.ts:42

Code after process.exit() should be removed as it's unreachable.

13. Grammar Fix

File: sdks/api/fern/definition/builds/common.yml:33

# Current
docs: None compression.
# Should be
docs: No compression.

✅ Positive Aspects

1. Comprehensive Resource Management: The multi-allocation system is well-designed with proper validation
2. Good Error Handling: Clear error messages and proper validation throughout
3. Backward Compatibility: Proper handling of legacy builds
4. Resource Optimization: Intelligent tier selection for resource allocation
5. Security: Good input validation and parameterized queries

📋 Recommendations

High Priority

1. Fix the critical manager client bug - This will cause runtime failures
2. Enforce allocation type constraints at the API schema level
3. Add database CHECK constraints for resource values

Medium Priority

1. Replace serde_json::Value with proper types for better type safety
2. Fix integer signedness for content_length field
3. Add proper validation for slot counts and resource limits

Low Priority

1. Clean up unreachable code and grammar issues
2. Add comprehensive integration tests for the new allocation types
3. Document the resource allocation strategy for different build types

🧪 Test Coverage Assessment

Based on the code changes, the following areas need thorough testing:

• Multi-actor allocation and scheduling
• Resource validation edge cases
• Build creation with different allocation types
• Manager client protocol handling
• Database migration compatibility

The PR implements a complex feature that significantly changes resource allocation behavior, so comprehensive end-to-end testing is crucial.

Overall Assessment: This is a substantial and well-architected change that introduces important multi-actor capabilities. The core logic is sound, but there are several critical and type safety issues that should be addressed before merging.

---

[claude]

Claude finished @MasterPtato's task —— View job

---

PR Review: Multi-Actor Support and Resource Management

Review Checklist:

• Read repository guidelines and understand changes
• Review API design and type safety
• Examine core service logic and resource management
• Check database migrations and schema changes
• Analyze security implications
• Review example implementations
• Provide comprehensive feedback

Progress: Analysis complete, providing detailed feedback...

🐛 Critical Issues

1. Logic Bug in Manager Client (High Priority)

File: examples/system-test-actor/src/managerClient.ts:59-60

// BUG: Using packet.start_actor instead of packet.signal_actor
actor_id: packet.start_actor.actor_id,
generation: packet.start_actor.generation,

Fix:

actor_id: packet.signal_actor.actor_id,
generation: packet.signal_actor.generation,

This will cause runtime errors when signal_actor packets are received.

2. Invalid API State: Empty Allocation

File: sdks/api/fern/definition/builds/common.yml:37-40

The Allocation type allows both single and multi to be null/undefined, creating invalid states. The API should enforce that exactly one allocation type is specified.

🔧 Type Safety & Design Issues

3. Type Safety Loss with serde_json::Value

Files: Multiple SDK files use serde_json::Value for single allocation

// Current (loses type safety)
pub single: Option<serde_json::Value>,

// Better approach
pub single: Option<BuildsAllocationSingle>,

4. Signed vs Unsigned Integer Mismatch

File: sdks/api/full/rust/src/models/builds_build.rs:22

// Should be u64 as documented
pub content_length: i64, // Currently signed, should be unsigned

5. Missing Validation for Slot Count

File: sdks/api/full/rust/src/models/builds_allocation_multi.rs:17

Slot count should be positive and have reasonable limits:

pub slots: u32, // Use unsigned, add validation for min/max

⚡ Performance & Resource Management

6. Good: Proper Resource Validation

The validation logic in packages/edge/services/pegboard/src/workflows/actor2/setup.rs:94-121 correctly handles different allocation types:

• Single: Requires actor-specified resources
• Multi: Uses build-defined resources
• None: Properly rejects old builds

7. Good: Tier-Based Resource Selection

The resource selection logic properly finds appropriate tiers and validates against available resources.

🔒 Security Assessment

8. Good: Input Validation**

Resource limits are properly validated:

• CPU millicores and memory MiB checks
• Tag count and size limits (max 8 tags, 32 bytes labels, 1024 bytes values)
• Environment variable limits (max 64, proper size limits)

9. Good: Database Security

Database fields are properly parameterized, preventing SQL injection.

📊 Database & Migration Issues

10. Missing Constraints

File: packages/edge/services/pegboard/src/workflows/actor2/migrations.rs:27

Add CHECK constraints for positive resource values:

resources_cpu_millicores INT CHECK (resources_cpu_millicores IS NULL OR resources_cpu_millicores >= 0),
resources_memory_mib INT CHECK (resources_memory_mib IS NULL OR resources_memory_mib >= 0)

🚨 API Consistency Issues

11. Allocation Logic Validation

File: packages/core/api/actor/src/route/builds.rs:396-415

The validation correctly prevents invalid states:

match (&alloc.single, &alloc.multi) {
    (Some(_), Some(_)) => bail!("cannot set both single and multi"),
    (None, None) => bail!("must set one of single or multi"),
    // ...
}

However, the API schema should enforce this at the type level.

🎯 Style & Code Quality

12. Unreachable Code

File: examples/system-test-actor/src/httpServer.ts:42

Code after process.exit() should be removed as it's unreachable.

13. Grammar Fix

File: sdks/api/fern/definition/builds/common.yml:33

# Current
docs: None compression.
# Should be
docs: No compression.

✅ Positive Aspects

1. Comprehensive Resource Management: The multi-allocation system is well-designed with proper validation
2. Good Error Handling: Clear error messages and proper validation throughout
3. Backward Compatibility: Proper handling of legacy builds
4. Resource Optimization: Intelligent tier selection for resource allocation
5. Security: Good input validation and parameterized queries

📋 Recommendations

High Priority

1. Fix the critical manager client bug - This will cause runtime failures
2. Enforce allocation type constraints at the API schema level
3. Add database CHECK constraints for resource values

Medium Priority

1. Replace serde_json::Value with proper types for better type safety
2. Fix integer signedness for content_length field
3. Add proper validation for slot counts and resource limits

Low Priority

1. Clean up unreachable code and grammar issues
2. Add comprehensive integration tests for the new allocation types
3. Document the resource allocation strategy for different build types

🧪 Test Coverage Assessment

Based on the code changes, the following areas need thorough testing:

• Multi-actor allocation and scheduling
• Resource validation edge cases
• Build creation with different allocation types
• Manager client protocol handling
• Database migration compatibility

The PR implements a complex feature that significantly changes resource allocation behavior, so comprehensive end-to-end testing is crucial.

Overall Assessment: This is a substantial and well-architected change that introduces important multi-actor capabilities. The core logic is sound, but there are several critical and type safety issues that should be addressed before merging.

---

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
rivet-site	Error			Aug 21, 2025 8:41pm

[claude]

Claude finished @MasterPtato's task —— View job

---

PR Review: Multi-Actor Support and Resource Management

Review Checklist:

• Read repository guidelines and understand changes
• Review API design and type safety
• Examine core service logic and resource management
• Check database migrations and schema changes
• Analyze security implications
• Review example implementations
• Provide comprehensive feedback

Progress: Analysis complete, providing detailed feedback...

🐛 Critical Issues

1. Logic Bug in Manager Client (High Priority)

File: examples/system-test-actor/src/managerClient.ts:59-60

// BUG: Using packet.start_actor instead of packet.signal_actor
actor_id: packet.start_actor.actor_id,
generation: packet.start_actor.generation,

Fix:

actor_id: packet.signal_actor.actor_id,
generation: packet.signal_actor.generation,

This will cause runtime errors when signal_actor packets are received.

2. Invalid API State: Empty Allocation

File: sdks/api/fern/definition/builds/common.yml:37-40

The Allocation type allows both single and multi to be null/undefined, creating invalid states. The API should enforce that exactly one allocation type is specified.

🔧 Type Safety & Design Issues

3. Type Safety Loss with serde_json::Value

Files: Multiple SDK files use serde_json::Value for single allocation

// Current (loses type safety)
pub single: Option<serde_json::Value>,

// Better approach
pub single: Option<BuildsAllocationSingle>,

4. Signed vs Unsigned Integer Mismatch

File: sdks/api/full/rust/src/models/builds_build.rs:22

// Should be u64 as documented
pub content_length: i64, // Currently signed, should be unsigned

5. Missing Validation for Slot Count

File: sdks/api/full/rust/src/models/builds_allocation_multi.rs:17

Slot count should be positive and have reasonable limits:

pub slots: u32, // Use unsigned, add validation for min/max

⚡ Performance & Resource Management

6. Good: Proper Resource Validation

The validation logic in packages/edge/services/pegboard/src/workflows/actor2/setup.rs:94-121 correctly handles different allocation types:

• Single: Requires actor-specified resources
• Multi: Uses build-defined resources
• None: Properly rejects old builds

7. Good: Tier-Based Resource Selection

The resource selection logic properly finds appropriate tiers and validates against available resources.

🔒 Security Assessment

8. Good: Input Validation**

Resource limits are properly validated:

• CPU millicores and memory MiB checks
• Tag count and size limits (max 8 tags, 32 bytes labels, 1024 bytes values)
• Environment variable limits (max 64, proper size limits)

9. Good: Database Security

Database fields are properly parameterized, preventing SQL injection.

📊 Database & Migration Issues

10. Missing Constraints

File: packages/edge/services/pegboard/src/workflows/actor2/migrations.rs:27

Add CHECK constraints for positive resource values:

resources_cpu_millicores INT CHECK (resources_cpu_millicores IS NULL OR resources_cpu_millicores >= 0),
resources_memory_mib INT CHECK (resources_memory_mib IS NULL OR resources_memory_mib >= 0)

🚨 API Consistency Issues

11. Allocation Logic Validation

File: packages/core/api/actor/src/route/builds.rs:396-415

The validation correctly prevents invalid states:

match (&alloc.single, &alloc.multi) {
    (Some(_), Some(_)) => bail!("cannot set both single and multi"),
    (None, None) => bail!("must set one of single or multi"),
    // ...
}

However, the API schema should enforce this at the type level.

🎯 Style & Code Quality

12. Unreachable Code

File: examples/system-test-actor/src/httpServer.ts:42

Code after process.exit() should be removed as it's unreachable.

13. Grammar Fix

File: sdks/api/fern/definition/builds/common.yml:33

# Current
docs: None compression.
# Should be
docs: No compression.

✅ Positive Aspects

1. Comprehensive Resource Management: The multi-allocation system is well-designed with proper validation
2. Good Error Handling: Clear error messages and proper validation throughout
3. Backward Compatibility: Proper handling of legacy builds
4. Resource Optimization: Intelligent tier selection for resource allocation
5. Security: Good input validation and parameterized queries

📋 Recommendations

High Priority

1. Fix the critical manager client bug - This will cause runtime failures
2. Enforce allocation type constraints at the API schema level
3. Add database CHECK constraints for resource values

Medium Priority

1. Replace serde_json::Value with proper types for better type safety
2. Fix integer signedness for content_length field
3. Add proper validation for slot counts and resource limits

Low Priority

1. Clean up unreachable code and grammar issues
2. Add comprehensive integration tests for the new allocation types
3. Document the resource allocation strategy for different build types

🧪 Test Coverage Assessment

Based on the code changes, the following areas need thorough testing:

• Multi-actor allocation and scheduling
• Resource validation edge cases
• Build creation with different allocation types
• Manager client protocol handling
• Database migration compatibility

The PR implements a complex feature that significantly changes resource allocation behavior, so comprehensive end-to-end testing is crucial.

Overall Assessment: This is a substantial and well-architected change that introduces important multi-actor capabilities. The core logic is sound, but there are several critical and type safety issues that should be addressed before merging.

---

[claude]

Claude finished @MasterPtato's task —— View job

---

PR Review: Multi-Actor Support and Resource Management

Review Checklist:

• Read repository guidelines and understand changes
• Review API design and type safety
• Examine core service logic and resource management
• Check database migrations and schema changes
• Analyze security implications
• Review example implementations
• Provide comprehensive feedback

Progress: Analysis complete, providing detailed feedback...

🐛 Critical Issues

1. Logic Bug in Manager Client (High Priority)

File: examples/system-test-actor/src/managerClient.ts:59-60

// BUG: Using packet.start_actor instead of packet.signal_actor
actor_id: packet.start_actor.actor_id,
generation: packet.start_actor.generation,

Fix:

actor_id: packet.signal_actor.actor_id,
generation: packet.signal_actor.generation,

This will cause runtime errors when signal_actor packets are received.

2. Invalid API State: Empty Allocation

File: sdks/api/fern/definition/builds/common.yml:37-40

The Allocation type allows both single and multi to be null/undefined, creating invalid states. The API should enforce that exactly one allocation type is specified.

🔧 Type Safety & Design Issues

3. Type Safety Loss with serde_json::Value

Files: Multiple SDK files use serde_json::Value for single allocation

// Current (loses type safety)
pub single: Option<serde_json::Value>,

// Better approach
pub single: Option<BuildsAllocationSingle>,

4. Signed vs Unsigned Integer Mismatch

File: sdks/api/full/rust/src/models/builds_build.rs:22

// Should be u64 as documented
pub content_length: i64, // Currently signed, should be unsigned

5. Missing Validation for Slot Count

File: sdks/api/full/rust/src/models/builds_allocation_multi.rs:17

Slot count should be positive and have reasonable limits:

pub slots: u32, // Use unsigned, add validation for min/max

⚡ Performance & Resource Management

6. Good: Proper Resource Validation

The validation logic in packages/edge/services/pegboard/src/workflows/actor2/setup.rs:94-121 correctly handles different allocation types:

• Single: Requires actor-specified resources
• Multi: Uses build-defined resources
• None: Properly rejects old builds

7. Good: Tier-Based Resource Selection

The resource selection logic properly finds appropriate tiers and validates against available resources.

🔒 Security Assessment

8. Good: Input Validation**

Resource limits are properly validated:

• CPU millicores and memory MiB checks
• Tag count and size limits (max 8 tags, 32 bytes labels, 1024 bytes values)
• Environment variable limits (max 64, proper size limits)

9. Good: Database Security

Database fields are properly parameterized, preventing SQL injection.

📊 Database & Migration Issues

10. Missing Constraints

File: packages/core/services/build/db/build/migrations/20250520152659_resources.up.sql

Add CHECK constraints for positive resource values:

resources_cpu_millicores INT CHECK (resources_cpu_millicores IS NULL OR resources_cpu_millicores >= 0),
resources_memory_mib INT CHECK (resources_memory_mib IS NULL OR resources_memory_mib >= 0)

🚨 API Consistency Issues

11. Allocation Logic Validation

File: packages/core/api/actor/src/route/builds.rs:396-415

The validation correctly prevents invalid states:

match (&alloc.single, &alloc.multi) {
    (Some(_), Some(_)) => bail!("cannot set both single and multi"),
    (None, None) => bail!("must set one of single or multi"),
    // ...
}

However, the API schema should enforce this at the type level.

🎯 Style & Code Quality

12. Unreachable Code

File: examples/system-test-actor/src/httpServer.ts:42

Code after process.exit() should be removed as it's unreachable.

13. Grammar Fix

File: sdks/api/fern/definition/builds/common.yml:33

# Current
docs: None compression.
# Should be
docs: No compression.

✅ Positive Aspects

1. Comprehensive Resource Management: The multi-allocation system is well-designed with proper validation
2. Good Error Handling: Clear error messages and proper validation throughout
3. Backward Compatibility: Proper handling of legacy builds
4. Resource Optimization: Intelligent tier selection for resource allocation
5. Security: Good input validation and parameterized queries

📋 Recommendations

High Priority

1. Fix the critical manager client bug - This will cause runtime failures
2. Enforce allocation type constraints at the API schema level
3. Add database CHECK constraints for resource values

Medium Priority

1. Replace serde_json::Value with proper types for better type safety
2. Fix integer signedness for content_length field
3. Add proper validation for slot counts and resource limits

Low Priority

1. Clean up unreachable code and grammar issues
2. Add comprehensive integration tests for the new allocation types
3. Document the resource allocation strategy for different build types

🧪 Test Coverage Assessment

Based on the code changes, the following areas need thorough testing:

• Multi-actor allocation and scheduling
• Resource validation edge cases
• Build creation with different allocation types
• Manager client protocol handling
• Database migration compatibility

The PR implements a complex feature that significantly changes resource allocation behavior, so comprehensive end-to-end testing is crucial.

Overall Assessment: This is a substantial and well-architected change that introduces important multi-actor capabilities. The core logic is sound, but there are several critical and type safety issues that should be addressed before merging.

---

[claude]

Claude encountered an error —— View job

---

I'll analyze this and get back to you.

[claude]

Claude encountered an error —— View job

---

I'll analyze this and get back to you.