fix(managedstream): use fixed ledger timestamp cursors

[michiosw]

Where We Are

Katana managed observe can fail hosted ingest when old local ledger rows contain timestamps without offsets, exact-second timestamps, or corrupt timestamp strings. The old export path used raw timestamp text for both hosted payloads and cursor pagination.

Where We Want To Go

Managed observe should keep uploading valid ledger batches and keep cursor pagination stable. It should not skip same-second rows, upload invalid datetime strings, leak internal cursor fields, or fail store migration because one legacy timestamp is bad.

How do we get there

This adds a fixed-width UTC cursor key for authorization actions, backfills it during SQLite migration, and uses it for bounded cursor queries. Exported ledger timestamps are normalized to hosted-valid RFC3339 strings; corrupt optional timestamps become null, and corrupt required timestamps fall back to a valid UTC timestamp. Managed-stream state parsing now accepts old no-offset and SQLite-space timestamp formats. Verified with go test -count=1 ./internal/guard/store/sqlite ./internal/managedstream, go test ./..., and pnpm --dir /Users/michelosswald/cobro/code/workspace/kontext --filter api test -- authorization-ledger.validation.spec.ts --runInBand.

[michiosw]

• fix(managedstream): use fixed ledger timestamp cursors #267 👈 (View in Graphite)
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

[greptile-apps]

Greptile Summary

This PR hardens managed ledger export cursoring and timestamp handling. The main changes are:

• Fixed-width UTC cursor keys for authorization action pagination.
• SQLite migration and backfill for updated_at_cursor_key.
• Hosted export timestamp normalization for ledger records.
• Legacy managed-stream state parsing for no-offset and SQLite-space timestamps.
• Tests for cursor ordering, corrupt legacy timestamps, and normalized hosted payloads.

Confidence Score: 5/5

This looks safe to merge.

• No blocking issues found in the changed managed export path.
• The new cursor column is backfilled and used consistently for action pagination.
• Exported cursor helper fields are removed from hosted payloads.

Important Files Changed

Filename	Overview
internal/guard/store/sqlite/ledger.go	Adds cursor-key based action pagination and normalizes exported ledger timestamp fields.
internal/guard/store/sqlite/store.go	Adds migration, backfill, index, and insert support for updated_at_cursor_key.
internal/managedstream/stream.go	Accepts legacy managed-stream cursor timestamp formats when loading state.

_{Reviews (1): Last reviewed commit: "fix(managedstream): use fixed ledger tim..." | Re-trigger Greptile}