fix: dlq status and dashboard dropdown menu

devarshishimpi · devarshishimpi · commit 7db73a9fdbd4 · 2026-05-08T14:34:59.000+05:30
diff --git a/.dev.vars.example b/.dev.vars.example
@@ -38,8 +38,9 @@ DATABASE_URL="postgresql://user:password@localhost:5432/codra_dev"
 # MUST be a separate database to avoid data loss during test sweeps.
 TEST_DATABASE_URL="postgresql://user:password@localhost:5432/codra_test"
 
-# --- Cloudflare Management (Optional) ---
-# Required only for inspecting/replaying Dead Letter Queues (DLQ) via /api/dlq
+# --- Cloudflare DLQ / Queue Management (Required) ---
+# Required for DLQ inspection, replay, and purge via /api/dlq
+# Create or identify the DLQ queue, then set CF_DLQ_ID to that queue's ID.
 # Generate token at https://dash.cloudflare.com/profile/api-tokens (Queues:Edit permission)
 CF_API_TOKEN="REPLACE_WITH_CLOUDFLARE_API_TOKEN"
 CF_ACCOUNT_ID="REPLACE_WITH_YOUR_CLOUDFLARE_ACCOUNT_ID"
diff --git a/README.md b/README.md
@@ -55,12 +55,13 @@ What the deploy button does not provision for you:
 - GitHub App credentials
 - GitHub OAuth app credentials
 - Gemini API key
+- Cloudflare API credentials for DLQ inspection, replay, and purge
 
 That means the deploy flow is best thought of as "Cloudflare infrastructure bootstrap", followed by a short secrets setup step.
 
 For this repo's own production deployment, the checked-in route and binding IDs in [`wrangler.jsonc`](/wrangler.jsonc) are intentional. They are what keep `codra.run` deploying against the same Worker, KV namespace, and queues. If you fork Codra, replace those values with your own resources.
 
-## Required Secrets And Local DB Vars
+## Required Secrets, DLQ, And Local DB Vars
 
 Codra expects these secrets in Cloudflare production and in local `.dev.vars` for development:
 
@@ -70,23 +71,30 @@ Codra expects these secrets in Cloudflare production and in local `.dev.vars` fo
 - `GITHUB_CLIENT_ID`
 - `GITHUB_CLIENT_SECRET`
 - `GEMINI_API_KEY`
+- `CF_API_TOKEN`
+- `CF_ACCOUNT_ID`
+
+DLQ setup is required during installation because Codra includes `/api/dlq` inspection, replay, and purge workflows. Create or identify the dead letter queue and copy its queue ID into `CF_DLQ_ID`:
+
+```bash
+npx wrangler queues create codra-review-dlq
+npx wrangler queues list
+```
+
+The Cloudflare API token must have Queues edit access for the account that owns the Worker queues. `CF_DLQ_ID` is a required environment variable, not a secret, and should point at the `codra-review-dlq` queue used by the `dead_letter_queue` consumer config in [`wrangler.jsonc`](/wrangler.jsonc).
 
 Local development and migrations also need:
 
 - `CLOUDFLARE_HYPERDRIVE_LOCAL_CONNECTION_STRING_HYPERDRIVE` for local Worker DB access
 - `DATABASE_URL` for local/admin migrations
 
-Optional, only for DLQ inspection and replay APIs:
-
-- `CF_API_TOKEN`
-- `CF_ACCOUNT_ID`
-
 The expected local shape is already documented in [`.dev.vars.example`](/.dev.vars.example).
 
 In the checked-in production Wrangler config, these values are regular environment vars rather than secrets:
 
 - `AUTH_CALLBACK_URL`
 - `DASHBOARD_ALLOWED_USERS`
+- `CF_DLQ_ID`
 
 ## Dashboard Auth
 
diff --git a/src/client/components/features/stats/time-range-select.tsx b/src/client/components/features/stats/time-range-select.tsx
@@ -27,7 +27,7 @@ export function TimeRangeSelect({ value, onValueChange, className }: TimeRangeSe
         value: range.value.toString(),
       }))}
       leadingIcon={<Clock className="h-3.5 w-3.5" />}
-      triggerClassName={cn('w-[160px]', className)}
+      triggerClassName={cn('w-44', className)}
     />
   );
 }
diff --git a/src/client/components/ui/select.tsx b/src/client/components/ui/select.tsx
@@ -54,26 +54,26 @@ export function Select({
               triggerClassName
             )}
           >
-            <span className="flex min-w-0 items-center gap-2">
+            <span className="flex min-w-0 flex-1 items-center gap-2">
               {leadingIcon && (
                 <span className="shrink-0 text-primary/70">
                   {leadingIcon}
                 </span>
               )}
-              <span className="truncate">
+              <span className="min-w-0 truncate">
                 {selectedOption ? selectedOption.label : placeholder}
               </span>
             </span>
             <ChevronDown className="h-4 w-4 opacity-50 shrink-0 ml-2" />
           </Button>
         </DropdownMenuTrigger>
-        <DropdownMenuContent className="min-w-[var(--radix-dropdown-menu-trigger-width)]">
+        <DropdownMenuContent className="w-max min-w-[var(--radix-dropdown-menu-trigger-width)]">
           {options.map((option) => (
             <DropdownMenuItem
               key={option.value}
               onClick={() => onValueChange(option.value)}
               className={cn(
-                'cursor-pointer',
+                'cursor-pointer whitespace-nowrap',
                 value === option.value && 'bg-accent font-medium dark:bg-primary/[0.12]'
               )}
             >
diff --git a/src/server/env.ts b/src/server/env.ts
@@ -43,9 +43,9 @@ export interface AppBindings {
   GEMINI_API_KEY: string;
   BOT_USERNAME: string;
   ENVIRONMENT: string;
-  CF_API_TOKEN?: string;
-  CF_ACCOUNT_ID?: string;
-  CF_DLQ_ID?: string;
+  CF_API_TOKEN: string;
+  CF_ACCOUNT_ID: string;
+  CF_DLQ_ID: string;
 }
 
 export interface AppVariables {
diff --git a/src/server/routes/api/dlq.ts b/src/server/routes/api/dlq.ts
@@ -19,7 +19,7 @@ import { logger } from '@server/core/logger';
  *
  * Note: Cloudflare's pull-queue API requires a CF_API_TOKEN with
  *       Queues:Edit permissions. Add CF_API_TOKEN and CF_ACCOUNT_ID as
- *       Worker secrets (see .dev.vars.example).
+ *       Worker secrets, and CF_DLQ_ID as a required var (see .dev.vars.example).
  */
 
 const CF_QUEUES_BASE = 'https://api.cloudflare.com/client/v4';
@@ -74,15 +74,16 @@ export function createDlqRouter() {
 
     const apiToken = c.env.CF_API_TOKEN;
     const accountId = c.env.CF_ACCOUNT_ID;
+    const dlqId = c.env.CF_DLQ_ID;
 
-    if (!apiToken || !accountId) {
-      return jsonError('CF_API_TOKEN and CF_ACCOUNT_ID secrets are required for DLQ inspection.', 503);
+    if (!apiToken || !accountId || !dlqId) {
+      return jsonError('CF_API_TOKEN, CF_ACCOUNT_ID, and CF_DLQ_ID are required DLQ installation configuration for inspection.', 503);
     }
 
     try {
       const result = await cfQueuesRequest(
         'POST',
-        `/accounts/${accountId}/queues/${c.env.CF_DLQ_ID}/messages/pull`,
+        `/accounts/${accountId}/queues/${dlqId}/messages/pull`,
         apiToken,
         { batch_size: batchSize, visibility_timeout_ms: 30_000 },
       ) as { messages?: CfQueueMessage[] };
@@ -119,9 +120,10 @@ export function createDlqRouter() {
 
     const apiToken = c.env.CF_API_TOKEN;
     const accountId = c.env.CF_ACCOUNT_ID;
+    const dlqId = c.env.CF_DLQ_ID;
 
-    if (!apiToken || !accountId) {
-      return jsonError('CF_API_TOKEN and CF_ACCOUNT_ID secrets are required for DLQ replay.', 503);
+    if (!apiToken || !accountId || !dlqId) {
+      return jsonError('CF_API_TOKEN, CF_ACCOUNT_ID, and CF_DLQ_ID are required DLQ installation configuration for replay.', 503);
     }
 
     // Step 1 – pull the specific messages so we have their bodies.
@@ -131,7 +133,7 @@ export function createDlqRouter() {
     try {
       const result = await cfQueuesRequest(
         'POST',
-        `/accounts/${accountId}/queues/${c.env.CF_DLQ_ID}/messages/pull`,
+        `/accounts/${accountId}/queues/${dlqId}/messages/pull`,
         apiToken,
         { batch_size: 100, visibility_timeout_ms: 60_000 },
       ) as { messages?: CfQueueMessage[] };
@@ -153,7 +155,7 @@ export function createDlqRouter() {
     try {
       await cfQueuesRequest(
         'POST',
-        `/accounts/${accountId}/queues/${c.env.CF_DLQ_ID}/messages/ack`,
+        `/accounts/${accountId}/queues/${dlqId}/messages/ack`,
         apiToken,
         { acks: targets.map((m) => ({ lease_id: m.lease_id })) },
       );
@@ -203,15 +205,16 @@ export function createDlqRouter() {
 
     const apiToken = c.env.CF_API_TOKEN;
     const accountId = c.env.CF_ACCOUNT_ID;
+    const dlqId = c.env.CF_DLQ_ID;
 
-    if (!apiToken || !accountId) {
-      return jsonError('CF_API_TOKEN and CF_ACCOUNT_ID secrets are required for DLQ purge.', 503);
+    if (!apiToken || !accountId || !dlqId) {
+      return jsonError('CF_API_TOKEN, CF_ACCOUNT_ID, and CF_DLQ_ID are required DLQ installation configuration for purge.', 503);
     }
 
     try {
       await cfQueuesRequest(
         'POST',
-        `/accounts/${accountId}/queues/${c.env.CF_DLQ_ID}/messages/ack`,
+        `/accounts/${accountId}/queues/${dlqId}/messages/ack`,
         apiToken,
         { acks: body.data.lease_ids.map((id) => ({ lease_id: id })) },
       );
diff --git a/test/helpers.ts b/test/helpers.ts
@@ -108,6 +108,9 @@ export function createTestEnv(overrides: Partial<AppBindings> = {}): AppBindings
     GEMINI_API_KEY: 'gemini-key',
     BOT_USERNAME: 'codra-app',
     ENVIRONMENT: 'test',
+    CF_API_TOKEN: 'cf-api-token',
+    CF_ACCOUNT_ID: 'cf-account-id',
+    CF_DLQ_ID: 'cf-dlq-id',
     ...overrides,
   };
 }

Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,7 @@ export function TimeRangeSelect({ value, onValueChange, className }: TimeRangeSe`
`27`	`27`	`value: range.value.toString(),`
`28`	`28`	`}))}`
`29`	`29`	`leadingIcon={<Clock className="h-3.5 w-3.5" />}`
`30`		`- triggerClassName={cn('w-[160px]', className)}`
	`30`	`+ triggerClassName={cn('w-44', className)}`
`31`	`31`	`/>`
`32`	`32`	`);`
`33`	`33`	`}`