Skip to content

feat(server): adapt Hubble 2.0 & add graph/role management#3008

Merged
imbajin merged 38 commits into
apache:masterfrom
Yeaury:feat/hubble-api-compatibility
Jul 10, 2026
Merged

feat(server): adapt Hubble 2.0 & add graph/role management#3008
imbajin merged 38 commits into
apache:masterfrom
Yeaury:feat/hubble-api-compatibility

Conversation

@Yeaury

@Yeaury Yeaury commented Apr 24, 2026

Copy link
Copy Markdown
Contributor

Purpose of the PR

Adapt the Server APIs needed by Hubble 2.0 so the community Server can support
Hubble's graph, GraphSpace, default graph, default role, schema template, and
manager flows.

Hubble2 will use only the canonical APIs listed below. Since Hubble2 has not
been released, legacy form-based APIs and state-changing GET aliases are not
compatibility requirements and should be removed before release.

Hubble2 reference: hugegraph/hugegraph-toolchain#4

Main Changes

  • Graph management (GraphsAPI.java)
  • GraphSpace and default-role APIs (GraphSpaceAPI.java)
  • GraphSpace managers (ManagerAPI.java)
  • Schema templates (SchemaTemplateAPI.java)
  • Authentication and graph metadata support

Integration Boundaries

  • Hubble2 uses canonical graph create/default APIs:
    • POST /graphspaces/{graphspace}/graphs/{name}
    • POST /graphspaces/{graphspace}/graphs/{name}/default
    • DELETE /graphspaces/{graphspace}/graphs/{name}/default
  • Server and Hubble should remove legacy form-urlencoded graph creation and
    state-changing GET aliases before Hubble2 is released.
  • GraphSpace lifecycle, default role, schema template, and manager APIs are
    PD-mode APIs. Standalone/non-PD Hubble should hide or degrade these flows
    instead of requiring Server to emulate the full PD GraphSpace model.
  • Hubble2 non-PD flows should continue to use DEFAULT GraphSpace and graph
    operations that are meaningful in standalone mode.
  • Graph clear must remain user-oriented and expose two real operations:
    data-only clear that preserves schema, and schema-and-data clear. Server must
    implement and verify both semantics before Hubble wires both user actions.

Known Integration Follow-ups

  • Current PD smoke found GET /graphspaces/DEFAULT/graphs returning an empty
    list while direct GET /graphspaces/DEFAULT/graphs/hugegraph succeeds.
  • Hubble Gremlin overview can still show max counts when Server-side Gremlin
    execution does not provide the expected g alias.
  • Default-role checks still need a full Hubble PD workflow smoke after the API
    boundary is finalized.

Server follow-up status

  • Require memory_monitor.period to be positive, while keeping
    memory_monitor.threshold=1.0 as the disable switch.
  • Roll back MemoryMonitor, Gremlin, and REST resources if MemoryMonitor
    construction or startup fails.
  • Validate GraphSpace and OBSERVER graph existence in the manager
    default-role check.
  • Pass the selected Maven backend profile into the test JVM and remove the
    nonexistent singular auth/manager/default test route.
  • Implement two explicit graph-clear operations in Server: data-only clear
    that preserves schema, and schema-and-data clear. Define canonical APIs,
    confirmation/error semantics, and verify behavior across supported backends.
  • Remove the Server public GET default-graph mutation aliases before
    Hubble2 is released; retain only the canonical POST/DELETE operations.

Hubble migration status

  • Use the canonical JSON graph-create resource path.
  • Use canonical POST/DELETE methods to set and unset the default graph.
  • Read the default graph through the canonical Server endpoint.
  • Align default-role calls and handle the empty 204 delete response.
  • Align schema-template and graph-profile contracts.
  • Use the canonical Server PUT contract for backend-to-Server graph
    metadata updates; the legacy Hubble GET /update route is removed.
  • Remove the form-urlencoded graph-create facade and legacy default-role
    facades; keep only canonical resource APIs.
  • Normalize the default-graph read to /graphs/default and remove Hubble
    GET default-graph mutation aliases.
  • Make graph clear confirmation explicit and safe: show the graph name and
    deletion scope, warn that it is irreversible, and require strong confirmation.
  • Stop Hubble from using per-graph reload. The shared Client overload stays
    for now, but is explicitly deprecated because Server accepts only update.
  • Hide the default-GraphSpace mutation; Hubble no longer exposes its own GET
    mutation facade.

Hubble TODOs

  • After Server implements both graph-clear modes, wire the two confirmed
    Hubble actions to non-GET operations: data-only clear that preserves schema,
    and schema-and-data clear. Keep both user-facing actions and add UI smoke
    coverage proving the invoked mode and deletion scope.
  • Complete the outstanding PD integration smoke for graph list/lifecycle,
    default-role/account/role, loader peers, algorithms, and async tasks once the
    Server API boundary and test environment are available.

Remaining design decisions

  • Hubble2 is unreleased and does not require legacy API compatibility.
  • Decide whether default-role owner input needs an explicit user/group type
    when a user and group can share the same name.
  • Decide the canonical Server contract for default GraphSpace before the
    feature is exposed by Hubble.

Verifying these changes

  • Server unit coverage for the master check and default-role permission
    boundaries.
  • Server regression coverage for MemoryMonitor configuration/startup
    rollback, manager resource validation, and backend-profile propagation.
  • Hubble2 non-PD smoke for graph management, default graph APIs, and
    canonical graph create path.
  • Hubble2 packaged loader/auth smoke with current toolchain loader/client.
  • Hubble2 PD minimal API smoke for versions, GraphSpace list/get, direct
    graph get, schema template list, and Gremlin schema/data read-write.
  • Server tests for data-only and schema-and-data clear across the supported
    standalone and distributed backends.
  • Hubble UI smoke proving that each clear action invokes the correct Server
    mode and that its confirmation accurately describes the deletion scope.
  • Hubble2 PD graph list/lifecycle smoke.
  • Hubble2 PD default-role/account/role smoke.
  • Hubble2 PD loader peers, algorithms, and async task smoke.

Yeaury added 5 commits April 24, 2026 10:53
- Add listProfile endpoint with default graph sorting and prefix filtering
- Add setDefault/unsetDefault/getDefault endpoints for default graph management
- Add manage(PUT) endpoint for graph nickname update
- Add createByForm for form-urlencoded graph creation compatibility
- Auto-fill HStore/PD defaults (backend/serializer/store) during graph creation
- Add setDefaultRole/checkDefaultRole/deleteDefaultRole in GraphSpaceAPI
- Add checkDefaultRole endpoint in ManagerAPI
- Add default role interfaces in AuthManager
- Implement default role CRUD in StandardAuthManager and StandardAuthManagerV2
- Add stub proxy methods in HugeGraphAuthProxy
- Add new SchemaTemplateAPI with list/get/create/update/delete operations
- Fix package path from api.profile to api.space
- Use HugeGraphAuthProxy.username() instead of authManager.username()

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds/extends HugeGraph Server REST endpoints and auth-layer capabilities needed by the Hubble 2.0 frontend, focusing on graph profile listing, default graph selection, default role management, and schema template CRUD within graphspaces.

Changes:

  • Added graph profile listing + default-graph set/unset/query APIs, plus graph create compatibility tweaks.
  • Implemented default-graph/default-role persistence methods in the AuthManager interface and its implementations/proxies.
  • Introduced schema template CRUD API and corresponding GraphManager helpers.

Reviewed changes

Copilot reviewed 10 out of 10 changed files in this pull request and generated 16 comments.

Show a summary per file
File Description
hugegraph-server/hugegraph-core/src/main/java/org/apache/hugegraph/util/ConfigUtil.java Adds config-to-string helper used by graph profile listing.
hugegraph-server/hugegraph-core/src/main/java/org/apache/hugegraph/auth/AuthManager.java Extends auth interface for default graph/role operations.
hugegraph-server/hugegraph-core/src/main/java/org/apache/hugegraph/auth/StandardAuthManager.java Implements new default graph/role methods (non-PD auth manager).
hugegraph-server/hugegraph-core/src/main/java/org/apache/hugegraph/auth/StandardAuthManagerV2.java Implements new default graph/role methods (PD-mode auth manager).
hugegraph-server/hugegraph-api/src/main/java/org/apache/hugegraph/auth/HugeGraphAuthProxy.java Proxies/delegates new AuthManager methods.
hugegraph-server/hugegraph-api/src/main/java/org/apache/hugegraph/core/GraphManager.java Adds schema template management helpers.
hugegraph-server/hugegraph-api/src/main/java/org/apache/hugegraph/api/profile/GraphsAPI.java Adds graph profile listing, default graph APIs, manage/update behavior, and create defaults.
hugegraph-server/hugegraph-api/src/main/java/org/apache/hugegraph/api/space/GraphSpaceAPI.java Adds default role management endpoints and JSON tolerance.
hugegraph-server/hugegraph-api/src/main/java/org/apache/hugegraph/api/auth/ManagerAPI.java Adds endpoint to query whether current user has a default role.
hugegraph-server/hugegraph-api/src/main/java/org/apache/hugegraph/api/space/SchemaTemplateAPI.java New schema template CRUD endpoint implementation.
Comments suppressed due to low confidence (1)

hugegraph-server/hugegraph-api/src/main/java/org/apache/hugegraph/api/profile/GraphsAPI.java:443

  • configs is only validated as non-null when clone_graph_name is empty. If clone_graph_name is provided and the request body is omitted/empty, configs can be null and convConfig(configs) will throw a NullPointerException in the clone branch. Consider defaulting configs to an empty map (or making convConfig() null-safe) before using it for cloning.
        // Check required parameters for creating graph
        if (StringUtils.isEmpty(clone)) {
            // Only check required parameters when creating new graph, not when cloning
            E.checkArgument(configs != null, "Config parameters cannot be null");
            // Auto-fill defaults for PD/HStore mode when not provided
            configs.putIfAbsent("backend", "hstore");
            configs.putIfAbsent("serializer", "binary");
            configs.putIfAbsent("store", name);
            // Map frontend 'schema' field to backend config key
            Object schema = configs.remove("schema");
            if (schema != null && !schema.toString().isEmpty()) {
                configs.put("schema.init_template", schema.toString());
            }
        }

        String creator = HugeGraphAuthProxy.username();

        if (StringUtils.isNotEmpty(clone)) {
            // Clone from existing graph
            LOG.debug("Clone graph '{}' to '{}' in graph space '{}'", clone, name, graphSpace);
            graph = manager.cloneGraph(graphSpace, clone, name, convConfig(configs));
        } else {
            // Create new graph
            graph = manager.createGraph(graphSpace, name, creator,
                                        convConfig(configs), true);
        }

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

…#3008)

- fix: use @POST/@delete for setDefault/unsetDefault (REST semantics)
- fix: add null/empty validation before role field access in GraphSpaceAPI
  to prevent NPE in setDefaultRole/checkDefaultRole/deleteDefaultRole
- fix: change isPrefix to private static and guard nickname null in
  GraphSpaceAPI and GraphsAPI
- fix: ConfigUtil.writeConfigToString always returns JSON regardless
  of whether config was loaded from file, fixing listProfile endpoint
- fix: add @RolesAllowed annotations to SchemaTemplateAPI endpoints
- fix: use ForbiddenException (403) instead of HugeException (400)
  for authorization failures in SchemaTemplateAPI and GraphSpaceAPI
- fix: correct LOG placeholder count in SchemaTemplateAPI.delete
- fix: use HugeException ('%s') format instead of SLF4J '{}' format
- fix: replace com.alipay StringUtils with commons-lang3 in ManagerAPI
- fix: add @consumes and checkUpdate() validation to SchemaTemplate.update
- fix: add ensurePdModeEnabled guard to ManagerAPI.checkDefaultRole
- fix: guard configs null access in GraphsAPI.create clone branch
@imbajin

imbajin commented Apr 25, 2026

Copy link
Copy Markdown
Member

新增 API 单机版(非 PD)兼容性对照

目标:社区默认的 RocksDB 单机版通过 graphspace=DEFAULT 使用 GraphsAPI,应支持图的增删改查和基础权限管理。GraphSpaceAPI、ManagerAPI、SchemaTemplateAPI 属于 PD 专属功能,不需要兼容。

需要兼容单机版的端点(GraphsAPI)

API 端点 当前状态 问题说明 需要的改动
GET .../graphs/profile ⚠️ ConfigUtil.writeConfigToString 序列化全部配置项,可能泄露 password/token 等敏感字段 白名单过滤或排除敏感 key
PUT .../graphs/{name} (manage/update nickname) 1. isExistedGraphNickname() 调用 metaManager.graphConfigs() — 非 PD 下 MetaManager 未初始化,NPE;2. exist.nickname() 只改内存,缺少持久化调用 1. 加 isPDEnabled() 分支,非 PD 下用内存图列表做去重;2. 补充持久化调用
POST .../graphs (create JSON) 无条件执行 configs.putIfAbsent("backend", "hstore"),单机版默认 RocksDB 会被覆盖为 hstore 导致创建失败 if (manager.isPDEnabled()) 包裹 hstore/binary 默认值填充
POST .../graphs/{name} (createByText) 委托 create() 方法,同上 同上(修复 create 即可)
POST .../graphs/{name}/default (设置默认图) StandardAuthManager 已实现
DELETE .../graphs/{name}/default (取消默认图) StandardAuthManager 已实现
GET .../graphs/default (查询默认图) StandardAuthManager 已实现

PD 专属端点(无需兼容单机版)

API 端点 归属 说明
POST/GET/DELETE .../graphspaces/{gs}/role GraphSpaceAPI 图空间级角色管理,PD-only by design
GET /auth/manager/default ManagerAPI 已有 ensurePdModeEnabled() 门禁
GET/POST/PUT/DELETE .../schematemplates[/{name}] SchemaTemplateAPI 全部走 metaManager,PD-only

总结:7 个 GraphsAPI 端点需要兼容单机版。其中 3 个需要代码改动(manage 需加 isPDEnabled() 分支 + 持久化修复,create/createByText 需条件化 hstore 默认值),1 个需过滤敏感配置,3 个已可正常工作。

Yeaury added 2 commits April 26, 2026 16:16
… mode

## Background

Hubble 2.0 previously relied exclusively on PD mode (distributed HStore
backend). This PR makes the server-side APIs fully compatible with the
community default: single-node RocksDB without PD/HStore, so that Hubble
remains functional out of the box for all deployment modes.

## Core bug fixes

### GraphsAPI
- Fix `create()`: `backend=hstore` / `serializer=binary` defaults are now
  only injected when `manager.isPDEnabled()` is true, preventing graph
  creation failures on standalone RocksDB deployments.
- Fix `manage()`: replace `exist.nickname(nickname)` (in-memory only) with
  `manager.updateGraphNickname()`, which persists the change to PD meta
  storage in distributed mode and gracefully falls back to in-memory update
  in standalone mode.
- Fix `manage()`: relax `actionMap.size() == 2` validation to
  `containsKey(GRAPH_ACTION)`, so extra fields from the frontend no longer
  cause spurious 400 errors.
- Guard `getDefaultGraph()`, `setDefault()`, `unsetDefault()`, and
  `getDefault()` with `isPDEnabled()` checks; return empty results in
  standalone mode instead of throwing NPE.
- Fix `listProfile()`: guard `getDefaultGraph()` call with `isPDEnabled()`;
  add null-safe fallback for `gs.nickname()` in non-PD mode.

### GraphManager
- `isExistedGraphNickname()`: add non-PD branch that scans in-memory graphs
  instead of accessing the uninitialized `metaManager`, preventing NPE in
  standalone mode.
- New `updateGraphNickname()`: updates in-memory graph instance first, then
  persists nickname to `metaManager` only in PD mode.

### ConfigUtil
- `writeConfigToString()`: always serializes config to JSON (previously
  could emit raw properties format), fixing `listProfile` deserialization.
- New `isSensitiveKey()`: filters keys containing `password`, `secret`,
  `token`, `credential`, `private_key`, or `auth.key` from the serialized
  output to prevent credential leakage through the API.

### ManagerAPI
- Add `ensurePdModeEnabled()` guard to all PD-specific endpoints
  (`createManager`, `deleteManager`, `list`, `checkRole`, `getRolesInGs`,
  `checkDefaultRole`).
- Wrap `HugeDefaultRole.valueOf()` in try-catch to return HTTP 400 instead
  of HTTP 500 when an invalid role string is supplied.

### SchemaTemplateAPI
- Fix incorrect `HugeException` import; replace with `ForbiddenException`
  for proper HTTP 403 semantics.
- Add missing `@RolesAllowed` annotations and implement `checkUpdate()`
  validation.

### StandardAuthManager
- Implement `setDefaultGraph` / `getDefaultGraph` / `unsetDefaultGraph`
  using marker-group pattern (HugeGroup + HugeBelong) for persistence.
- Implement `createDefaultRole` / `createSpaceDefaultRole` /
  `isDefaultRole` / `deleteDefaultRole` with the same marker-group
  mechanism.
- Add detailed design-note Javadoc explaining the workaround, its
  limitations, and the non-PD degradation path.

## Code quality improvements

- Extract shared `isPrefix(Map, String)` helper and `DATE_FORMATTER`
  constant into the `API` base class, eliminating ~30 lines of duplicated
  code across `GraphsAPI` and `GraphSpaceAPI`.
- Replace non-thread-safe `SimpleDateFormat` (constructed per-request) with
  a single static `DateTimeFormatter` (immutable, thread-safe).
- Fix 12-hour clock format `hh` → 24-hour `HH` in `GraphSpaceAPI`.
@Yeaury Yeaury marked this pull request as ready for review April 26, 2026 09:47
@dosubot dosubot Bot added the size:XXL This PR changes 1000+ lines, ignoring generated files. label Apr 26, 2026

@imbajin imbajin left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Follow-up review after the latest update: these are remaining current-PR issues that look small enough to fix directly, while already-covered findings are intentionally not duplicated.

Yeaury and others added 2 commits May 21, 2026 19:19
- Restore SecurityManager and clean up prepared GremlinServer on startup failures
- Resolve default-role owner type detection for group bindings
- Validate graphspace and observer graph ownership in default-role APIs
- Return 4xx for malformed graph manage requests instead of server errors
- Invalidate user cache after default graph/default role mutations
- Make V2 default-role deletion idempotent for repeated requests
- Validate graph create/clone config values and reject null or non-scalar input
- Avoid rolling back local nickname state after successful PD persistence
- Remove misleading @consumes annotations from entity-less default-role endpoints
- Add standalone tests for malformed graph API requests
- Add hstore-gated graph default lifecycle coverage for graphspace graphs

- Add default role lifecycle coverage through the graphspace role API

- Add schema template lifecycle coverage in PD/HStore mode

- Clean trailing whitespace in GraphsAPI
@imbajin

imbajin commented May 21, 2026

Copy link
Copy Markdown
Member

Follow-up TODO for CI coverage:

Add a real distributed-mode CI job that boots PD + Store and runs the hstore-backed graphspace API tests against that environment. The tests added in this PR compile and are gated to backend=hstore, but they still rely on an external PD/Store runtime to prove the full happy path.

Suggested scope for a separate issue:

  1. Start a minimal PD + Store + Server stack in CI.
  2. Run the hstore/PD graphspace API suite, including default graph, default role, and schema template lifecycle coverage.
  3. Keep the existing standalone/RocksDB compatibility tests separate so both modes remain visible.

This is not necessarily a blocker for the current PR, but it is the right follow-up to prevent these Hubble-compatible APIs from only being validated at compile time.

@VGalaxies VGalaxies left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review summary

  • Blocking: yes
  • Summary: The PR introduces a cluster master safety regression and an authorization gap in default-role management.
  • Evidence:
    • git diff origin/master...HEAD
    • mvn -pl hugegraph-server/hugegraph-api -am -DskipTests -Dmaven.javadoc.skip=true compile passed

page = PageInfo.pageInfo(servers);
}
} while (page != null);
} catch (Exception e) {

@VGalaxies VGalaxies Jun 8, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

High: Existing live master detection is swallowed

hugegraph-server/hugegraph-core/src/main/java/org/apache/hugegraph/task/ServerInfoManager.java:139

Evidence

  • The uniqueness check at lines 131-133 throws when another alive master exists, but the new broad catch (Exception e) at line 139 logs and continues to saveServerInfo() at line 149.

Impact

  • A node can register itself as master even after detecting an existing alive master, allowing multiple masters in the same cluster.

Requested fix

  • Do not catch the invariant failure. Only handle the specific schema-mismatch/read error if needed, and rethrow when an existing alive master is found.

imbajin added 2 commits July 4, 2026 23:46
- rethrow duplicate master invariant failures
- restrict default-role mutations to admin/space manager
- add regression tests for master and role boundaries
- move master uniqueness regression into MasterServerInfoManagerTest

- keep UnitTestSuite using normal imports and class references

- avoid conflicting with master ServerInfoManagerTest coverage
@imbajin imbajin force-pushed the feat/hubble-api-compatibility branch from 4f69c52 to 682c2b5 Compare July 4, 2026 16:13
@imbajin

imbajin commented Jul 4, 2026

Copy link
Copy Markdown
Member

Follow-up boundary notes after rechecking the current Hubble2 branch:

  • Hubble2 currently still calls graph creation as form-urlencoded POST /graphspaces/{graphspace}/graphs and default graph through GET aliases such as setdefault/getdefault. I am not adding these extra Server compatibility aliases in this pass. Since Hubble2 is still under development, the cleaner direction is to adjust Hubble2 to the Server API contract unless we explicitly decide to expand the Server public API.
  • The master heartbeat uniqueness concern is tied to the deprecated master-worker scheduling path. I am not adding more code to that path here.
  • The current Server-side patch is limited to issues that remain valid independent of those boundaries: default-role auth cache invalidation, keeping GraphSpace profile PD-only, and making hstore graphspace API tests fail fast instead of hiding API failures as skips.

- clear auth proxy user-role cache after default-role mutations
- keep graphspace profile behind the PD-mode guard
- make hstore graphspace API tests fail fast when unavailable
- add unit coverage for default-role cache invalidation

@imbajin imbajin left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Blocking: yes. Summary: Current head still has a shared-storage server-info regression and a test coverage gap; visible hbase CI is failing. Evidence: final gate saw build-server (hbase, 11) and codecov/patch failures; static review of refs/remotes/pr/3008.

* Re-save ServerInfo to recover automatically.
*/
LOG.warn("ServerInfo is missing: {}, re-saving it now", this.selfNodeId());
serverInfo = this.saveServerInfo(this.selfNodeId(), this.selfNodeRole());

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

heartbeat() now re-saves missing ServerInfo for master nodes too, and the latest hbase job is failing on that path. The log shows ServerInfo is missing: DEFAULT-hugegraph/server-1, re-saving it now, then GremlinApiTest.testClearAndInit hits Already existed master 'DEFAULT-hugegraph/server-1' in current cluster, followed by decreaseLoad() NPEs because self ServerInfo is still missing for DEFAULT-hugegraph/server1. Please make current-node master re-registration idempotent, or skip only the normalized current node in the uniqueness scan, and guard decreaseLoad() when self ServerInfo is unavailable.


boolean result;
if (hasGraph) {
result = authManager.isDefaultRole(graphSpace, graph, user,

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This endpoint checks raw default-role metadata without first validating that the path graphspace exists, and for OBSERVER it only checks that graph is non-empty. A typo or stale graph name can therefore return a metadata result instead of a clear 4xx. Please mirror GraphSpaceAPI: validate the graphspace before the auth lookup, and for observer roles verify that the graph exists in that graphspace before calling isDefaultRole().

GraphSpaceApiTest.class,
GraphSpaceApiStandaloneTest.class,
ManagerApiStandaloneTest.class,
GraphsApiStandaloneTest.class,

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Adding the backend-specific suites here does not make them run in CI as written. The new standalone and hstore tests gate on System.getProperty("backend"), but run-api-test.sh invokes Maven as mvn ... -P api-test,$BACKEND, and the surefire config does not pass the Maven backend profile property into the test JVM. That leaves backend null, so assumeStandaloneMode() skips the standalone suite and GraphSpaceApiTest skips as non-hstore. Please pass backend into surefire, for example with systemPropertyVariables, or call Maven with -Dbackend=$BACKEND.

imbajin added 2 commits July 6, 2026 09:48
- stop swallowing unexpected master scan failures

- classify server-info startup failures as backend errors

- cover skew, interrupt, and scan failure paths
- reject non-admin SPACE default-role checks

- add unit coverage for admin and manager paths

- keep standalone GraphSpaceAPI behavior unchanged
imbajin added 8 commits July 8, 2026 14:38
- include loaded DEFAULT local config graphs in PD graph lists
- keep system graph hidden from graph list responses
- add unit coverage for local config and SYS_GRAPH filtering
- verify GraphSpaceAPITest and diff whitespace
- include loaded DEFAULT graph registry entries in PD graph listing

- keep non-admin graph list filtering on READ roles

- allow admin managers to list/profile loaded graphs

- add regression coverage for loaded graph registry listing
- adopt soft-disabled ServerInfo behavior from master
- keep GraphSpace API unit coverage in the merged suite
- remove obsolete legacy master ServerInfo tests
- reject invalid memory monitor periods and roll back startup resources
- validate default-role graphspace and observer graph targets
- propagate backend profiles into API test JVMs
- remove stale manager route coverage and add regressions
- support canonical default graph APIs in standalone mode
- make marker group creation idempotent
- remove state-changing GET compatibility routes
- cover repeated set and canonical API semantics
- separate V2 schema cache names from V1 caches
- prevent incompatible cache attachment casts
- preserve cache sharing within each transaction generation
- derive V2 cache fixtures from production prefixes
- verify V1 and V2 caches remain isolated
- cover graph-specific V2 cache clearing
- keep backend-aware API tests on the selected profile
- restore core and unit test JVM property boundaries
- avoid enabling excluded HStore core scenarios
imbajin added 2 commits July 11, 2026 00:57
- link legacy HStore guards to issue 3090
- explain why backend remains API-test scoped
- preserve the current test behavior
- use graphspace-scoped user and manager API routes
- assert successful space manager creation in the fixture
- expect the established 404 after schema template deletion

@imbajin imbajin left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TODO: update related doc

@dosubot dosubot Bot added the lgtm This PR has been approved by a maintainer label Jul 10, 2026
@imbajin imbajin changed the title feat(server): adapt Hubble 2.0 frontend APIs and implement default graph/role management feat(server): adapt Hubble 2.0 & add graph/role management Jul 10, 2026
@imbajin imbajin merged commit 99936be into apache:master Jul 10, 2026
15 of 16 checks passed
@github-project-automation github-project-automation Bot moved this from 🏗 In progress to ✅ Done in HugeGraph Tasks Jul 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

api Changes of API feature New feature lgtm This PR has been approved by a maintainer size:XXL This PR changes 1000+ lines, ignoring generated files.

Projects

Status: ✅ Done

Development

Successfully merging this pull request may close these issues.

4 participants