Skip to content

[FEATURE]: FileSystemSource hot-reload ConfigSource impl #107

Description

@araujof

Summary

Ship FileSystemSource as the first concrete ConfigSource, so policy reloads without a restart.

The hot-reload seam already exists: ConfigSource::watch() returns a stream, the evaluator rebuilds the compiled IR and swaps it via ArcSwap (in-flight requests finish on the old policy, new requests pick up the new one). But it's a trait with no shipped impl. Add a FileSystemSource backed by a notify-crate file watch as the reference implementation.

User Story 1

  • As an: operator running CPEX
  • I want: policy changes picked up from disk without restarting
  • So that: I can update rules in production with no downtime

Acceptance Criteria

Scenario: Edited policy file is reloaded
  Given a FileSystemSource watching a policy file
  When the file is edited on disk
  Then the evaluator rebuilds the IR and swaps it atomically

Scenario: In-flight requests are unaffected
  Given a request is mid-evaluation when a reload occurs
  When the swap happens
  Then that request finishes on the old policy
  And subsequent requests use the new policy

Scenario: Invalid policy file does not break serving
  Given a FileSystemSource watching a policy file
  When the file is edited to an invalid policy
  Then the swap is rejected and the previous policy stays active

Additional Context

Scoped in the Praxis epic #678 alignment work (policy evaluation engine, praxis sub-issue #681). The ConfigSource::watch() seam exists today; this is the first concrete impl.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    Status
    Backlog

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions