omnigraph/docs/user
Andrew Altshuler 20e5fada8a
docs: state cluster apply is storage-direct, not server-routed (#306)
* docs: state cluster apply is storage-direct, not server-routed

`cluster apply` reaches the object store directly — the `__cluster/` ledger
and each graph's Lance datasets — never through a running omnigraph-server,
so the host that runs it needs storage credentials. The rationale (declarative
control plane, not a runtime mutation API) was documented in cluster-axioms.md
§3/§4, and the out-of-band/direct-storage fact was stated for the maintenance
verbs and init/load, but never spelled out for apply itself.

- docs/user/clusters/index.md: add a day-2 note making apply's storage-direct
  execution and credential requirement explicit, linking the why to axioms 3/4.
- skills/omnigraph/SKILL.md: extend the "init/load write storage directly
  (bypassing the server)" line to include cluster apply, with the same reasoning.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* docs: disambiguate the §5 cross-reference in cluster apply note

The trailing (§5) sat right after the cluster-axioms.md §3/§4 citation, so a
reader could read §5 as referring to cluster-axioms.md (whose §5 covers locked
state) rather than this guide's §5. Make it an explicit same-page forward
reference. Addresses Greptile P2 on #306.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* docs: don't claim the server is read-only against storage

The "server only reads from it" wording was wrong: the data plane serves HTTP
writes (mutate/load/branch) that go through the server to the graph datasets,
so omnigraph-server is not read-only against object storage. The hazard is an
operator granting the server read-only S3 creds and breaking runtime writes.
Scope the read-only claim to cluster (control-plane) state at boot, and state
that data-plane writes still need read-write storage access. Addresses Greptile
P-level finding on #306.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Co-authored-by: Ragnor Comerford <ragnor.comerford@gmail.com>
2026-06-28 17:14:58 +02:00
..
branching fix(engine): stop branch-merge fast-forward OOM on embedding tables (#277) 2026-06-19 00:15:06 +02:00
cli docs(user): coherence cleanup aligned with 0.7.1 (#293) 2026-06-21 00:02:34 +03:00
clusters docs: state cluster apply is storage-direct, not server-routed (#306) 2026-06-28 17:14:58 +02:00
concepts feat(engine): retire commit-graph tables (#311) 2026-06-28 16:49:49 +02:00
mutations feat(engine): Stage the delete path; retire the inline-delete residual (#308) 2026-06-27 16:48:41 +02:00
operations feat(engine): retire commit-graph tables (#311) 2026-06-28 16:49:49 +02:00
queries docs(user): de-dev polish — strip internal scaffolding from user docs (Phase 3a) (#226) 2026-06-14 14:39:25 +03:00
reference feat(engine): retire commit-graph tables (#311) 2026-06-28 16:49:49 +02:00
schema docs(user): coherence cleanup aligned with 0.7.1 (#293) 2026-06-21 00:02:34 +03:00
search docs(user): coherence cleanup aligned with 0.7.1 (#293) 2026-06-21 00:02:34 +03:00
deployment.md fix(cluster): stop cluster-apply crash-loops from the recovery-sidecar trap (#284) 2026-06-19 03:34:15 +03:00
index.md feat(engine): retire commit-graph tables (#311) 2026-06-28 16:49:49 +02:00
install.md Add Windows release binaries (#127) 2026-05-30 14:23:40 +02:00
quickstart.md docs(readme): embedded quick-start run-through + trimmed Clients (#266) 2026-06-16 12:36:11 +02:00