allocator/mmaprototype: add repair action foundation

[tbg]

First PR in the MMA repair productionization stack (see #164658 for the
prototype and how-to-productionize.md for the full plan).

This PR adds the foundation for MMA repair:

• RepairAction enum: 12 actionable repair actions plus 3 terminal states,
  priority-ordered. The ordering determines both which problem to fix first for
  a single range and which ranges get repaired first across the cluster.

• computeRepairAction() decision tree: maps range state (replica counts,
  store health, constraint satisfaction) to the highest-priority repair action
  needed. This is a straightforward if/else cascade — no numerical scoring.

• Repair index on clusterState: eagerly-computed repairAction per range,
  with a repairRanges map indexing ranges by action for efficient iteration.
  Recomputed at every trigger point (range messages, pending changes, store
  status changes).

• Constraint helper methods: moved 7 methods from test-only code to
  production code. These are prerequisites for the per-action repair functions
  in later PRs.

• DSL test infrastructure: repair-needed command to inspect the repair
  index, plus parser enhancements for compact repair test scenarios.

No repair actions are executed yet — that comes in PR 2 (AddVoter +
orchestration). This PR establishes the action space and priority ordering
for early review feedback.

Informs #164658.

[trunk-io]

Merging to master in this repository is managed by Trunk.

• To merge this pull request, check the box to the left or comment /trunk merge below.

[blathers-crl]

Your pull request contains more than 1000 changes. It is strongly encouraged to split big PRs into smaller chunks.

_{🦉 Hoot! I am a Blathers, a bot for CockroachDB. My owner is dev-inf.}

[cockroach-teamcity]

This change is 

[tbg]

@tbg reviewed 13 files and all commit messages, and made 9 comments.
Reviewable status: complete! 0 of 0 LGTMs obtained.

---

-- commits line 27 at r2:
Can you find where the corresponding sequence for the legacy allocator lives (see Allocator.ComputeAction) and, in the commit message, draw a comparison between both of them and their priority ordering with the goal of explaining to the reviewer what changes here, if anything, when transitioning from legacy to mma. Iterate on it with me before pushing the result.

---

pkg/kv/kvserver/allocator/mmaprototype/cluster_state.go line 1315 at r3 (raw file):

	// repairRanges indexes ranges by their RepairAction. Ranges with
	// NoRepairNeeded or RepairPending are NOT stored. This allows repair()
	// to iterate ranges needing repair without scanning all ranges.

mention that this is always consistent with the rangeState.repairAction fields of all the tracked ranges.

Is there a convenient place to assert this (maybe we have other integrity checks already)?

---

pkg/kv/kvserver/allocator/mmaprototype/cluster_state.go line 1966 at r3 (raw file):

	delete(cs.pendingChanges, change.changeID)
	// Recompute repair action if all pending changes for this range have
	// been enacted.

Add that this is correct (we don't have to re-compute if partially enacted) because as long as there are ANY pending changes, the repair action is RepairPending anyway.
(.. and check that I'm not saying something wrong here..)

Or should we just call this unconditionally? Performance is not a concern in this path. I'm asking because undoPendingChange unconditionally calls updateRepairAction so it would be more consistent to do this here, too.

---

pkg/kv/kvserver/allocator/mmaprototype/cluster_state.go line 2344 at r3 (raw file):

		// If the store's status changed, recompute repair actions for all
		// ranges on this store. The cached rs.constraints is still valid here
		// (store status doesn't affect constraint satisfaction).

Log at verbosity one about the status change and the need to do a full recomputation.

---

pkg/kv/kvserver/allocator/mmaprototype/cluster_state_repair.go line 1 at r2 (raw file):

// Copyright 2025 The Cockroach Authors.

2026

---

pkg/kv/kvserver/allocator/mmaprototype/cluster_state_repair.go line 85 at r2 (raw file):

)

var repairActionNames = [...]string{

Can you make this use go:generate stringer like done in other places? There might be some BAZEL stuff to get this right but you can copy from other types that have this already.

---

pkg/kv/kvserver/allocator/mmaprototype/cluster_state_repair.go line 197 at r2 (raw file):

	aliveVoters := numVoters - deadVoters
	quorum := numVoters/2 + 1
	if aliveVoters < quorum {

this should be swapped with step 4. If we don't have quorum, we also shouldn't try to finalize replication changes or to remove learners because that too requires quorum.

---

pkg/kv/kvserver/allocator/mmaprototype/cluster_state_repair.go line 269 at r3 (raw file):

	// Remove from old bucket.
	if oldAction != NoRepairNeeded && oldAction != RepairPending && oldAction != 0 {
		if m, ok := cs.repairRanges[oldAction]; ok {

It would be an invariant violation to hit !ok, right? Add an assertion (only when buildutil.CrdbTestBuild).

---

pkg/kv/kvserver/allocator/mmaprototype/cluster_state_test.go line 731 at r3 (raw file):

					return fmt.Sprintf("%s%v\n", safeTrace(t, &sb), out)

				case "repair":

I don't think this is used anywhere, so back this out for now. It can come back when it's actually wired up to do something useful and exercised.

[tbg]

@tbg reviewed 12 files and all commit messages, and resolved 5 discussions.
Reviewable status: complete! 0 of 0 LGTMs obtained.

[tbg]

@tbg reviewed 13 files and all commit messages, and resolved 4 discussions.
Reviewable status: complete! 0 of 0 LGTMs obtained (waiting on tbg).