-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Operation dispatcher err handling #125
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
few comments dropped
@@ -114,15 +127,15 @@ impl Context for Filter { | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should check status_code
. When grpc endpoint is unreachable, this is flagged on the status_code
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does it make sense to check the status_code
from on_grpc_call_response
input param?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if not, the error will come from trying to parse the GRPC response, which may be empty because there is no GrpcMessageResponse
being serialized
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it might be useful, however I'm a bit confused about what are the status_code
valid values... since there's no docs, its signature is just u32
and it's confusing their examples... would it be a GrpcStatusCode or Status.. then it's a bit confusing in this particular example how they treat it. What do you reckon? what meaningful check can we do to avoid parsing and returning early?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is still not working for me. I run the following configuration: {
"services": {
"limitadorA": {
"type": "ratelimit",
"endpoint": "limitador",
"failureMode": "deny"
},
"limitadorB": {
"type": "ratelimit",
"endpoint": "unknown",
"failureMode": "deny"
}
},
"actionSets": [
{
"name": "basic",
"routeRuleConditions": {
"hostnames": [
"*.example.com"
]
},
"actions": [
{
"service": "limitadorA",
"scope": "basic",
"data": [
{
"expression": {
"key": "a",
"value": "1"
}
}
]
},
{
"service": "limitadorB",
"scope": "basic",
"data": [
{
"expression": {
"key": "a",
"value": "1"
}
}
]
}
]
}
]
} There are two actions, both with |
f07915d
to
541b3f3
Compare
@eguzki PR is still a draft, so many things won't work as you expect :) Will definitely ping you and add you as a reviewer once I think it's done ;) |
e991d6a
to
88fb257
Compare
Now @eguzki ! this is your time to shine !!! (and thanks in advance for the reviews 🙏🏼 ) |
(I've included the commits from your test, just for easy testing... I could remove them from this PR if you want) |
src/filter/http_context.rs
Outdated
}, | ||
Ok(None) => { | ||
Action::Continue // No operations left to perform | ||
} | ||
} else { | ||
Action::Continue | ||
Err(OperationError { | ||
failure_mode: FailureMode::Deny, | ||
.. | ||
}) => { | ||
self.send_http_response(500, vec![], Some(b"Internal Server Error.\n")); | ||
Action::Continue | ||
} | ||
_ => Action::Continue, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we could omit
Ok(None) => {
Action::Continue // No operations left to perform
}
Left it there just so we now explicitly in case we want to perform something else
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So, for all other Err
, we ... Action::Continue
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess I'm saying that I'd leave the Ok(None) => Action::Continue,
as an explicit branch but would have 3 Err
branches:
FailureMode::Deny
, as you do (log the actual error there? as this where it all ends, right?)FailureMode::Allow
, explicit with the actual error logged againErr(_)
, that possiblypanic!
or is marked asunreachable!
as that I think is the assumption this builds upon
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I made it explicit the handling of both failure modes, but the third branch makes clippy unhappy:
warning: unreachable pattern
--> src/filter/http_context.rs:90:13
|
90 | Err(_) => unreachable!()
| ^^^^^^
|
= note: `#[warn(unreachable_patterns)]` on by default
I could add exception to our clippy default rules tho if needed.
I'm also logging the status. Would that be enough?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let me know and I can include it in a following PR ;)
|
||
impl fmt::Display for OperationError { | ||
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { | ||
match self.status { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Depending on the status we could add specific messages
5e13324
to
b9a52d6
Compare
Signed-off-by: dd di cesare <didi@posteo.net>
Signed-off-by: dd di cesare <didi@posteo.net>
Signed-off-by: dd di cesare <didi@posteo.net>
* Mutating the state if found * Returning Err with status NotFound and default failureMode Signed-off-by: dd di cesare <didi@posteo.net>
Signed-off-by: dd di cesare <didi@posteo.net>
Signed-off-by: dd di cesare <didi@posteo.net>
Signed-off-by: dd di cesare <didi@posteo.net>
b9a52d6
to
06f654f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
working software 🎖️
All tests passing:
- e2e test: basic #124
- e2e: parallel requests #122
- e2e test: missing cluster #121
- e2e: unreachable service #128
plus existing unittests
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thinking error handling from performing an operation could be pushed within the Operations themselves, making the orchestration of the pipeline/operation chain a little easier on the reader... not asking to change this tho.
src/filter/http_context.rs
Outdated
}, | ||
Ok(None) => { | ||
Action::Continue // No operations left to perform | ||
} | ||
} else { | ||
Action::Continue | ||
Err(OperationError { | ||
failure_mode: FailureMode::Deny, | ||
.. | ||
}) => { | ||
self.send_http_response(500, vec![], Some(b"Internal Server Error.\n")); | ||
Action::Continue | ||
} | ||
_ => Action::Continue, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So, for all other Err
, we ... Action::Continue
?
Signed-off-by: dd di cesare <didi@posteo.net>
Fixes #123
Also fixes the following e2e tests:
This PR introduces a refactor that besides fixing the issue #123, makes the code a bit more consistent regarding the flow of the
Operation
s State controlled by theOperationHandler
. It aims to handle all the exceptions raised and report back to the Filter (or any caller).