Address auto-standby review feedback

sjmiller609 · sjmiller609 · commit d3016516f09a · 2026-04-05T11:38:36.000-04:00
diff --git a/cmd/api/api/auto_standby.go b/cmd/api/api/auto_standby.go
@@ -26,7 +26,7 @@ func toDomainAutoStandbyPolicy(policy *oapi.AutoStandbyPolicy) (*autostandby.Pol
 	if policy.IgnoreDestinationPorts != nil {
 		out.IgnoreDestinationPorts = make([]uint16, 0, len(*policy.IgnoreDestinationPorts))
 		for _, port := range *policy.IgnoreDestinationPorts {
-			if port < 0 || port > 65535 {
+			if port < 1 || port > 65535 {
 				return nil, fmt.Errorf("auto_standby.ignore_destination_ports must be between 1 and 65535")
 			}
 			out.IgnoreDestinationPorts = append(out.IgnoreDestinationPorts, uint16(port))
diff --git a/cmd/api/api/instances_test.go b/cmd/api/api/instances_test.go
@@ -636,6 +636,48 @@ func TestUpdateInstance_MapsAutoStandbyPatch(t *testing.T) {
 	assert.True(t, *instance.AutoStandby.Enabled)
 }
 
+func TestUpdateInstance_RejectsZeroAutoStandbyIgnoreDestinationPort(t *testing.T) {
+	t.Parallel()
+	svc := newTestService(t)
+
+	origMgr := svc.InstanceManager
+	now := time.Now()
+	mockMgr := &captureUpdateManager{Manager: origMgr}
+	svc.InstanceManager = mockMgr
+
+	resolved := &instances.Instance{
+		StoredMetadata: instances.StoredMetadata{
+			Id:             "inst-update-auto-standby",
+			Name:           "inst-update-auto-standby",
+			Image:          "docker.io/library/alpine:latest",
+			CreatedAt:      now,
+			HypervisorType: hypervisor.TypeCloudHypervisor,
+		},
+		State: instances.StateStopped,
+	}
+	enabled := true
+	idleTimeout := "10m"
+	ignoreDestinationPorts := []int{0}
+
+	resp, err := svc.UpdateInstance(mw.WithResolvedInstance(ctx(), resolved.Id, resolved), oapi.UpdateInstanceRequestObject{
+		Id: resolved.Id,
+		Body: &oapi.UpdateInstanceRequest{
+			AutoStandby: &oapi.AutoStandbyPolicy{
+				Enabled:                &enabled,
+				IdleTimeout:            &idleTimeout,
+				IgnoreDestinationPorts: &ignoreDestinationPorts,
+			},
+		},
+	})
+	require.NoError(t, err)
+
+	badReq, ok := resp.(oapi.UpdateInstance400JSONResponse)
+	require.True(t, ok, "expected 400 response")
+	assert.Equal(t, "invalid_auto_standby", badReq.Code)
+	assert.Contains(t, badReq.Message, "between 1 and 65535")
+	assert.Nil(t, mockMgr.lastReq)
+}
+
 func TestUpdateInstance_RequiresBody(t *testing.T) {
 	t.Parallel()
 	svc := newTestService(t)
diff --git a/lib/instances/metadata_clone.go b/lib/instances/metadata_clone.go
@@ -0,0 +1,11 @@
+package instances
+
+func cloneMetadata(src *metadata) *metadata {
+	if src == nil {
+		return nil
+	}
+
+	return &metadata{
+		StoredMetadata: cloneStoredMetadataForFork(src.StoredMetadata),
+	}
+}
diff --git a/lib/instances/update.go b/lib/instances/update.go
@@ -43,11 +43,13 @@ func (m *manager) updateInstance(ctx context.Context, id string, req UpdateInsta
 	if len(req.Env) > 0 && inst.State != StateRunning && inst.State != StateInitializing {
 		return nil, fmt.Errorf("%w: instance must be running or initializing to update env (current state: %s)", ErrInvalidState, inst.State)
 	}
+	nextMeta := meta
 	if req.AutoStandby != nil {
-		meta.AutoStandby = cloneAutoStandbyPolicy(req.AutoStandby)
+		nextMeta = cloneMetadata(meta)
+		nextMeta.AutoStandby = cloneAutoStandbyPolicy(req.AutoStandby)
 	}
 	if len(req.Env) == 0 {
-		if err := m.saveMetadata(meta); err != nil {
+		if err := m.saveMetadata(nextMeta); err != nil {
 			return nil, fmt.Errorf("save metadata: %w", err)
 		}
 
@@ -60,16 +62,16 @@ func (m *manager) updateInstance(ctx context.Context, id string, req UpdateInsta
 		return updated, nil
 	}
 
-	prevEnv := cloneEnvMap(meta.Env)
-	nextEnv := cloneEnvMap(meta.Env)
+	prevEnv := cloneEnvMap(nextMeta.Env)
+	nextEnv := cloneEnvMap(nextMeta.Env)
 	if nextEnv == nil {
 		nextEnv = make(map[string]string)
 	}
 	for k, v := range req.Env {
 		nextEnv[k] = v
 	}
 
-	if err := validateCredentialEnvBindings(meta.Credentials, nextEnv); err != nil {
+	if err := validateCredentialEnvBindings(nextMeta.Credentials, nextEnv); err != nil {
 		return nil, err
 	}
 
@@ -79,7 +81,7 @@ func (m *manager) updateInstance(ctx context.Context, id string, req UpdateInsta
 		return nil, fmt.Errorf("egress proxy service unavailable")
 	}
 
-	if err := applyUpdatedInstanceEnv(ctx, log, id, meta, prevEnv, nextEnv, m.saveMetadata, svc); err != nil {
+	if err := applyUpdatedInstanceEnv(ctx, log, id, nextMeta, prevEnv, nextEnv, m.saveMetadata, svc); err != nil {
 		return nil, err
 	}
 
diff --git a/lib/instances/update_test.go b/lib/instances/update_test.go
@@ -181,3 +181,61 @@ func TestApplyUpdatedInstanceEnvReturnsRollbackFailure(t *testing.T) {
 	assert.Equal(t, prevEnv, meta.Env)
 	require.Len(t, svc.calls, 2)
 }
+
+func TestApplyUpdatedInstanceEnvSavesAutoStandbyAlongsideEnvWithoutMutatingOriginal(t *testing.T) {
+	t.Parallel()
+
+	original := &metadata{
+		StoredMetadata: StoredMetadata{
+			Id:            "inst-autostandby-copy",
+			NetworkEgress: &NetworkEgressPolicy{Enabled: true},
+			Credentials: map[string]CredentialPolicy{
+				"OUTBOUND_OPENAI_KEY": {
+					Source: CredentialSource{Env: "OUTBOUND_OPENAI_KEY"},
+					Inject: []CredentialInjectRule{{
+						As: CredentialInjectAs{
+							Header: "Authorization",
+							Format: "Bearer ${value}",
+						},
+					}},
+				},
+			},
+			Env: map[string]string{"OUTBOUND_OPENAI_KEY": "old"},
+			AutoStandby: &autostandby.Policy{
+				Enabled:     false,
+				IdleTimeout: "5m0s",
+			},
+		},
+	}
+	updated := cloneMetadata(original)
+	updated.AutoStandby = &autostandby.Policy{
+		Enabled:                true,
+		IdleTimeout:            "10m0s",
+		IgnoreSourceCIDRs:      []string{"10.0.0.0/8"},
+		IgnoreDestinationPorts: []uint16{22},
+	}
+
+	prevEnv := cloneEnvMap(updated.Env)
+	nextEnv := map[string]string{"OUTBOUND_OPENAI_KEY": "new"}
+	svc := &fakeUpdateInstanceRulesService{}
+
+	var saved *metadata
+	err := applyUpdatedInstanceEnv(context.Background(), nil, updated.Id, updated, prevEnv, nextEnv, func(meta *metadata) error {
+		saved = cloneMetadata(meta)
+		return nil
+	}, svc)
+	require.NoError(t, err)
+
+	require.NotNil(t, saved)
+	require.NotNil(t, saved.AutoStandby)
+	assert.True(t, saved.AutoStandby.Enabled)
+	assert.Equal(t, "10m0s", saved.AutoStandby.IdleTimeout)
+	assert.Equal(t, []string{"10.0.0.0/8"}, saved.AutoStandby.IgnoreSourceCIDRs)
+	assert.Equal(t, []uint16{22}, saved.AutoStandby.IgnoreDestinationPorts)
+	assert.Equal(t, nextEnv, saved.Env)
+
+	require.NotNil(t, original.AutoStandby)
+	assert.False(t, original.AutoStandby.Enabled)
+	assert.Equal(t, "5m0s", original.AutoStandby.IdleTimeout)
+	assert.Equal(t, map[string]string{"OUTBOUND_OPENAI_KEY": "old"}, original.Env)
+}

Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,7 @@ func toDomainAutoStandbyPolicy(policy oapi.AutoStandbyPolicy) (autostandby.Pol`
`26`	`26`	`if policy.IgnoreDestinationPorts != nil {`
`27`	`27`	`out.IgnoreDestinationPorts = make([]uint16, 0, len(*policy.IgnoreDestinationPorts))`
`28`	`28`	`for _, port := range *policy.IgnoreDestinationPorts {`
`29`		`- if port < 0 \|\| port > 65535 {`
	`29`	`+ if port < 1 \|\| port > 65535 {`
`30`	`30`	`return nil, fmt.Errorf("auto_standby.ignore_destination_ports must be between 1 and 65535")`
`31`	`31`	`}`
`32`	`32`	`out.IgnoreDestinationPorts = append(out.IgnoreDestinationPorts, uint16(port))`
Original file line number	Diff line number	Diff line change
`@@ -43,11 +43,13 @@ func (m *manager) updateInstance(ctx context.Context, id string, req UpdateInsta`
`43`	`43`	`if len(req.Env) > 0 && inst.State != StateRunning && inst.State != StateInitializing {`
`44`	`44`	`return nil, fmt.Errorf("%w: instance must be running or initializing to update env (current state: %s)", ErrInvalidState, inst.State)`
`45`	`45`	`}`
	`46`	`+ nextMeta := meta`
`46`	`47`	`if req.AutoStandby != nil {`
`47`		`- meta.AutoStandby = cloneAutoStandbyPolicy(req.AutoStandby)`
	`48`	`+ nextMeta = cloneMetadata(meta)`
	`49`	`+ nextMeta.AutoStandby = cloneAutoStandbyPolicy(req.AutoStandby)`
`48`	`50`	`}`
`49`	`51`	`if len(req.Env) == 0 {`
`50`		`- if err := m.saveMetadata(meta); err != nil {`
	`52`	`+ if err := m.saveMetadata(nextMeta); err != nil {`
`51`	`53`	`return nil, fmt.Errorf("save metadata: %w", err)`
`52`	`54`	`}`
`53`	`55`
`@@ -60,16 +62,16 @@ func (m *manager) updateInstance(ctx context.Context, id string, req UpdateInsta`
`60`	`62`	`return updated, nil`
`61`	`63`	`}`
`62`	`64`
`63`		`- prevEnv := cloneEnvMap(meta.Env)`
`64`		`- nextEnv := cloneEnvMap(meta.Env)`
	`65`	`+ prevEnv := cloneEnvMap(nextMeta.Env)`
	`66`	`+ nextEnv := cloneEnvMap(nextMeta.Env)`
`65`	`67`	`if nextEnv == nil {`
`66`	`68`	`nextEnv = make(map[string]string)`
`67`	`69`	`}`
`68`	`70`	`for k, v := range req.Env {`
`69`	`71`	`nextEnv[k] = v`
`70`	`72`	`}`
`71`	`73`
`72`		`- if err := validateCredentialEnvBindings(meta.Credentials, nextEnv); err != nil {`
	`74`	`+ if err := validateCredentialEnvBindings(nextMeta.Credentials, nextEnv); err != nil {`
`73`	`75`	`return nil, err`
`74`	`76`	`}`
`75`	`77`
`@@ -79,7 +81,7 @@ func (m *manager) updateInstance(ctx context.Context, id string, req UpdateInsta`
`79`	`81`	`return nil, fmt.Errorf("egress proxy service unavailable")`
`80`	`82`	`}`
`81`	`83`
`82`		`- if err := applyUpdatedInstanceEnv(ctx, log, id, meta, prevEnv, nextEnv, m.saveMetadata, svc); err != nil {`
	`84`	`+ if err := applyUpdatedInstanceEnv(ctx, log, id, nextMeta, prevEnv, nextEnv, m.saveMetadata, svc); err != nil {`
`83`	`85`	`return nil, err`
`84`	`86`	`}`
`85`	`87`