v0.33.1 is a fix release covering two mirror-endpoint issues, both surfaced in production against v0.33.0.
Bug Fixes
- Mirror OOM-killed the API when serving large providers — the v0.33.0 lazy h1 backfill loaded entire provider archives into RAM (twice: once via
storage.get(key), then again inside the hash function viafh.read()per zip entry).hashicorp/awsat ~500 MB per platform blew past the 2 GiB pod limit, exit-137-killed both API pods in a tight crashloop, and surfaced as HTTP 500 from/v1/providers/.../version.jsonto the runner. Fixed by chunked-per-entry h1 compute (~1 MB peak) and a new_compute_h1_from_zip_paththat operates on an on-disk tempfile. - Mirror returned empty
archivesfor self-hosted providers — the platformterrapodprovider (and any operator-published provider) lives in the registry tables, not the cache tables that the mirror consulted. Result: the runner's lock-extender loggedno h1 from mirror for providerand fell back totofu providers lockfor every self-served lookup. Added a "Tier 0" registry lookup at the top ofget_or_fetch_platformsfor requests whose hostname matches the configuredexternal_url; eager h1 compute at upload time avoids lazy-backfill on first read.
Operational
- API tempfile policy — h1-backfill streams now write to the CSP-attached ephemeral PVC (
settings.vcs.tmpdir, default/var/lib/terrapod/tmp) instead of/tmp(which is anemptyDir{}tmpfs on the API pod and would only move the OOM, not fix it). Audited the rest ofservices/;policy_vcs_poller._download_archivehad the same pattern and got the same one-line fix. The CSP-disk rule is now Architecture Principle #14. - New migration adds
registry_provider_platforms.h1_hash(nullable string, lazy-backfilled for existing rows, eagerly computed for new uploads).
Status
Stable — same code shape as v0.33.0 plus the mirror fixes; no API contract changes.
Full Changelog: v0.33.0...v0.33.1