improve: remove obsolete code

Author: evansims

Cargo.toml

@@ -5,8 +5,6 @@ members = [
   "crates/inferadb-control-config",
   "crates/inferadb-control-const",
   "crates/inferadb-control-core",
-  
-  "crates/inferadb-control-engine-client",
   "crates/inferadb-control-storage",
   "crates/inferadb-control-test-fixtures",
   "crates/inferadb-control-types",

crates/inferadb-control-api/Cargo.toml

@@ -13,7 +13,6 @@ version.workspace = true
 # Workspace crates
 inferadb-control-const = { path = "../inferadb-control-const" }
 inferadb-control-core = { path = "../inferadb-control-core" }
-inferadb-control-engine-client = { path = "../inferadb-control-engine-client" }
 inferadb-control-storage = { path = "../inferadb-control-storage" }
 inferadb-control-types = { path = "../inferadb-control-types" }
 inferadb-storage = { path = "../../../common/crates/inferadb-storage" }

crates/inferadb-control-api/src/handlers/auth.rs

@@ -12,7 +12,6 @@ use inferadb_control_core::{
     IdGenerator, RepositoryContext, UserPasswordResetToken, error::Error as CoreError,
     hash_password, verify_password,
 };
-use inferadb_control_engine_client::EngineClient;
 use inferadb_control_storage::Backend;
 use inferadb_control_types::{
     dto::{
@@ -33,7 +32,6 @@ use time;
 pub struct AppState {
     pub storage: Arc<Backend>,
     pub config: Arc<inferadb_control_core::ControlConfig>,
-    pub engine_client: Arc<EngineClient>,
     pub worker_id: u16,
     pub start_time: std::time::SystemTime,
     pub leader: Option<Arc<inferadb_control_core::LeaderElection<Backend>>>,
@@ -45,7 +43,6 @@ pub struct AppState {
 pub struct AppStateBuilder {
     storage: Arc<Backend>,
     config: Arc<inferadb_control_core::ControlConfig>,
-    engine_client: Arc<EngineClient>,
     worker_id: u16,
     leader: Option<Arc<inferadb_control_core::LeaderElection<Backend>>>,
     email_service: Option<Arc<inferadb_control_core::EmailService>>,
@@ -57,13 +54,11 @@ impl AppStateBuilder {
     pub fn new(
         storage: Arc<Backend>,
         config: Arc<inferadb_control_core::ControlConfig>,
-        engine_client: Arc<EngineClient>,
         worker_id: u16,
     ) -> Self {
         Self {
             storage,
             config,
-            engine_client,
             worker_id,
             leader: None,
             email_service: None,
@@ -100,7 +95,6 @@ impl AppStateBuilder {
         AppState {
             storage: self.storage,
             config: self.config,
-            engine_client: self.engine_client,
             worker_id: self.worker_id,
             start_time: std::time::SystemTime::now(),
             leader: self.leader,
@@ -116,17 +110,16 @@ impl AppState {
     /// # Example
     ///
     /// ```ignore
-    /// let state = AppState::builder(storage, config, engine_client, worker_id)
+    /// let state = AppState::builder(storage, config, worker_id)
     ///     .email_service(email_service)
     ///     .build();
     /// ```
     pub fn builder(
         storage: Arc<Backend>,
         config: Arc<inferadb_control_core::ControlConfig>,
-        engine_client: Arc<EngineClient>,
         worker_id: u16,
     ) -> AppStateBuilder {
-        AppStateBuilder::new(storage, config, engine_client, worker_id)
+        AppStateBuilder::new(storage, config, worker_id)
     }
 
     /// Create AppState for testing with default configuration
@@ -141,7 +134,6 @@ impl AppState {
         config.key_file = Some("/tmp/test-master.key".to_string());
         config.webauthn.party = "localhost".to_string();
         config.webauthn.origin = "http://localhost:3000".to_string();
-        let engine_client = EngineClient::new("http://localhost".to_string(), 8080).unwrap();
 
         // Create mock email service for testing
         let email_sender = Box::new(inferadb_control_core::MockEmailSender::new());
@@ -150,7 +142,6 @@ impl AppState {
         Self {
             storage,
             config: Arc::new(config),
-            engine_client: Arc::new(engine_client),
             worker_id: 0,
             start_time: std::time::SystemTime::now(),
             leader: None,

crates/inferadb-control-api/src/handlers/vaults.rs

@@ -110,23 +110,11 @@ pub async fn create_vault(
         org_ctx.member.user_id,
     )?;
 
-    // Save to repository
-    repos.vault.create(vault.clone()).await?;
+    // Mark as synced immediately - Ledger is the source of truth
+    vault.mark_synced();
 
-    // Attempt to sync with engine
-    match state.engine_client.create_vault(vault_id, org_ctx.organization_id).await {
-        Ok(()) => {
-            // Mark as synced
-            vault.mark_synced();
-            repos.vault.update(vault.clone()).await?;
-        },
-        Err(e) => {
-            // Mark as failed
-            let error_message: String = e.to_string();
-            vault.mark_sync_failed(error_message);
-            repos.vault.update(vault.clone()).await?;
-        },
-    }
+    // Save to repository (writes to Ledger)
+    repos.vault.create(vault.clone()).await?;
 
     // Auto-grant creator ADMIN role
     let grant_id = IdGenerator::next_id();
@@ -352,11 +340,7 @@ pub async fn delete_vault(
         repos.vault_team_grant.delete(grant.id).await?;
     }
 
-    // Attempt to delete from engine
-    // Note: Even if this fails, we soft-delete locally
-    let _ = state.engine_client.delete_vault(vault_id).await;
-
-    // Soft delete
+    // Soft delete (Ledger is the source of truth)
     vault.mark_deleted();
     repos.vault.update(vault).await?;
 

crates/inferadb-control-api/src/lib.rs

@@ -5,7 +5,6 @@
 use std::sync::Arc;
 
 use inferadb_control_core::{ControlConfig, startup};
-use inferadb_control_engine_client::EngineClient;
 use inferadb_control_storage::Backend;
 use tracing::info;
 
@@ -69,13 +68,11 @@ pub struct ServicesConfig {
 pub async fn serve(
     storage: Arc<Backend>,
     config: Arc<ControlConfig>,
-    engine_client: Arc<EngineClient>,
     worker_id: u16,
     services: ServicesConfig,
 ) -> anyhow::Result<()> {
     // Create AppState with services using the builder pattern
-    let mut builder =
-        AppState::builder(storage.clone(), config.clone(), engine_client.clone(), worker_id);
+    let mut builder = AppState::builder(storage.clone(), config.clone(), worker_id);
 
     if let Some(leader) = services.leader {
         builder = builder.leader(leader);

crates/inferadb-control-config/src/lib.rs

@@ -32,8 +32,6 @@ pub mod refresh;
 
 use std::path::Path;
 
-// Import discovery config types (used in ControlConfig struct)
-use inferadb_control_types::DiscoveryConfig;
 use inferadb_control_types::error::{Error, Result};
 pub use refresh::ConfigRefresher;
 use serde::{Deserialize, Serialize};
@@ -109,12 +107,8 @@ pub struct ControlConfig {
     #[serde(default)]
     pub limits: LimitsConfig,
     #[serde(default)]
-    pub mesh: MeshConfig,
-    #[serde(default)]
     pub webhook: WebhookConfig,
     #[serde(default)]
-    pub discovery: DiscoveryConfig,
-    #[serde(default)]
     pub frontend: FrontendConfig,
 }
 
@@ -130,11 +124,6 @@ pub struct ListenConfig {
     /// Format: "host:port" (e.g., "127.0.0.1:9091")
     #[serde(default = "default_grpc")]
     pub grpc: String,
-
-    /// Service mesh / inter-service communication address (engine-to-control, JWKS endpoint)
-    /// Format: "host:port" (e.g., "0.0.0.0:9092")
-    #[serde(default = "default_mesh")]
-    pub mesh: String,
 }
 
 /// WebAuthn configuration for passkey authentication
@@ -231,35 +220,6 @@ impl Default for FrontendConfig {
     }
 }
 
-/// Service mesh configuration for engine communication
-///
-/// This configuration controls how control discovers and connects to
-/// engine (policy service) instances. Both gRPC and HTTP internal endpoints are
-/// derived from the same base URL with different ports.
-#[derive(Debug, Clone, Serialize, Deserialize)]
-pub struct MeshConfig {
-    /// gRPC port for engine communication
-    /// Default: 8081
-    #[serde(default = "default_mesh_grpc")]
-    pub grpc: u16,
-
-    /// Mesh port for internal communication (webhooks/JWKS)
-    /// Default: 8082
-    #[serde(default = "default_mesh_port")]
-    pub port: u16,
-
-    /// Base URL (without port, used for discovery or direct connection)
-    /// e.g., "http://inferadb-engine.inferadb" for K8s or "http://localhost" for dev
-    #[serde(default = "default_mesh_url")]
-    pub url: String,
-}
-
-impl Default for MeshConfig {
-    fn default() -> Self {
-        Self { grpc: default_mesh_grpc(), port: default_mesh_port(), url: default_mesh_url() }
-    }
-}
-
 /// Webhook configuration for cache invalidation
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct WebhookConfig {
@@ -308,10 +268,6 @@ fn default_grpc() -> String {
     "127.0.0.1:9091".to_string()
 }
 
-fn default_mesh() -> String {
-    "0.0.0.0:9092".to_string() // Control internal/mesh server port
-}
-
 fn default_threads() -> usize {
     num_cpus::get()
 }
@@ -348,18 +304,6 @@ fn default_password_reset_tokens_per_hour() -> u32 {
     3
 }
 
-fn default_mesh_grpc() -> u16 {
-    8081 // Engine's public gRPC port
-}
-
-fn default_mesh_port() -> u16 {
-    8082 // Engine's mesh/internal API port
-}
-
-fn default_mesh_url() -> String {
-    "http://localhost".to_string() // Default for development
-}
-
 fn default_frontend_url() -> String {
     "http://localhost:3000".to_string()
 }
@@ -383,11 +327,7 @@ impl Default for ControlConfig {
             logging: default_logging(),
             storage: default_storage(),
             ledger: LedgerConfig::default(),
-            listen: ListenConfig {
-                http: default_http(),
-                grpc: default_grpc(),
-                mesh: default_mesh(),
-            },
+            listen: ListenConfig { http: default_http(), grpc: default_grpc() },
             webauthn: WebAuthnConfig::default(),
             key_file: default_key_file(),
             email: EmailConfig {
@@ -405,36 +345,14 @@ impl Default for ControlConfig {
                 email_verification_tokens_per_hour: default_email_verification_tokens_per_hour(),
                 password_reset_tokens_per_hour: default_password_reset_tokens_per_hour(),
             },
-            mesh: MeshConfig::default(),
             pem: None,
             webhook: WebhookConfig::default(),
-            discovery: DiscoveryConfig::default(),
             frontend: FrontendConfig::default(),
         }
     }
 }
 
 impl ControlConfig {
-    /// Get the effective gRPC URL for the engine service
-    ///
-    /// Combines `mesh.url` with `mesh.grpc`
-    /// to produce the full gRPC endpoint URL.
-    ///
-    /// Example: "http://localhost" + 8081 → "http://localhost:8081"
-    pub fn effective_grpc_url(&self) -> String {
-        format!("{}:{}", self.mesh.url, self.mesh.grpc)
-    }
-
-    /// Get the effective mesh URL for the engine service
-    ///
-    /// Combines `mesh.url` with `mesh.port`
-    /// to produce the full mesh/internal API endpoint URL.
-    ///
-    /// Example: "http://localhost" + 8082 → "http://localhost:8082"
-    pub fn effective_mesh_url(&self) -> String {
-        format!("{}:{}", self.mesh.url, self.mesh.port)
-    }
-
     /// Load configuration with layered precedence: defaults → file → env vars
     ///
     /// This function implements a proper configuration hierarchy:
@@ -517,9 +435,6 @@ impl ControlConfig {
         self.listen.grpc.parse::<std::net::SocketAddr>().map_err(|e| {
             Error::Config(format!("listen.grpc '{}' is not valid: {}", self.listen.grpc, e))
         })?;
-        self.listen.mesh.parse::<std::net::SocketAddr>().map_err(|e| {
-            Error::Config(format!("listen.mesh '{}' is not valid: {}", self.listen.mesh, e))
-        })?;
 
         // Validate storage backend
         match self.storage.as_str() {
@@ -605,14 +520,6 @@ impl ControlConfig {
             ));
         }
 
-        // Validate mesh.url format
-        if !self.mesh.url.starts_with("http://") && !self.mesh.url.starts_with("https://") {
-            return Err(Error::Config("mesh.url must start with http:// or https://".to_string()));
-        }
-        if self.mesh.url.ends_with('/') {
-            return Err(Error::Config("mesh.url must not end with trailing slash".to_string()));
-        }
-
         Ok(())
     }
 
@@ -658,7 +565,6 @@ mod tests {
     fn test_config_defaults() {
         assert_eq!(default_http(), "127.0.0.1:9090");
         assert_eq!(default_grpc(), "127.0.0.1:9091");
-        assert_eq!(default_mesh(), "0.0.0.0:9092");
         assert_eq!(default_storage(), "ledger"); // Ledger is now the default
         assert_eq!(default_webauthn_party(), "localhost");
         assert_eq!(default_webauthn_origin(), "http://localhost:3000");
@@ -695,18 +601,4 @@ mod tests {
         config.ledger.namespace_id = Some(1);
         assert!(config.validate().is_ok());
     }
-
-    #[test]
-    fn test_effective_urls() {
-        let config = ControlConfig::default();
-        assert_eq!(config.effective_grpc_url(), "http://localhost:8081");
-        assert_eq!(config.effective_mesh_url(), "http://localhost:8082");
-
-        let mut config = ControlConfig::default();
-        config.mesh.url = "http://inferadb-engine.inferadb".to_string();
-        config.mesh.grpc = 9000;
-        config.mesh.port = 9191;
-        assert_eq!(config.effective_grpc_url(), "http://inferadb-engine.inferadb:9000");
-        assert_eq!(config.effective_mesh_url(), "http://inferadb-engine.inferadb:9191");
-    }
 }