Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix memory leak issue when using fetch in oidc authentication #2640

Open
wants to merge 12 commits into
base: main
Choose a base branch
from
Open

Fix memory leak issue when using fetch in oidc authentication #2640

wants to merge 12 commits into from
+18 −5

Conversation

lisbet-alvarez
Copy link
Collaborator

@lisbet-alvarez lisbet-alvarez commented Dec 27, 2024
edited
Loading

Description

When making a fetch request that returns a response body, we have to consume the body in order to avoid undefined behavior. If we do not consume response body then its up to the env. garbage collection to free up the memory. In linux this was causing a memory leak during pending oidc authentications. Therefore, it is best practice to always consume response body (with .json). This github issue was illustrates what we were also running into.

This memory leak issue for oidc authentication is visible in linux desktop client v2.2.0. But was not able to reproduce in mac. (haven't tried windows)
Before desktop client v2.2.0 this was not an issue because we were using ember-fetch but was introduced in this commit since we migrated away from that package and started using fetch native to node.

Screenshots (if appropriate)

Before:

Screen.Recording.clip.2.mov

After:

Screen.Recording.clip.mov

How to Test

  1. Use amazon workspaces (linux env) test account & checkout this branch
  2. Test oidc authentication workflow
  3. Test restore workflow by using ctrl + R after signing in
  4. Validate memory and CPU don't go up indefinitely, when clicking sign-in for oidc auth.

Checklist

  • I have added before and after screenshots for UI changes
  • I have added JSON response output for API changes
  • I have added steps to reproduce and test for bug fixes in the description
  • I have commented on my code, particularly in hard-to-understand areas
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works

@vercel Vercel
Copy link

vercel bot commented Dec 27, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
boundary-ui ✅ Ready (Inspect) Visit Preview 💬 Add feedback Dec 27, 2024 7:57pm
boundary-ui-desktop ✅ Ready (Inspect) Visit Preview 💬 Add feedback Dec 27, 2024 7:57pm

@ZedLi
Copy link
Collaborator

ZedLi commented Dec 27, 2024

Great find!! I'm curious, do you know if this is reproducible in other environments and not just linux?

ZedLi
ZedLi reviewed Dec 27, 2024
View reviewed changes
addons/auth/addon/authenticators/base.js
@@ -66,6 +66,12 @@ export default class BaseAuthenticator extends SimpleAuthBaseAuthenticator {
headers: { Authorization: `Bearer ${token}` },
}),
);

// Note: Always consume response object in order to avoid memory leaks.
// visit https://undici.nodejs.org/#/?id=garbage-collection for more info.
Copy link
Collaborator

@ZedLi ZedLi Dec 27, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just want to point out we don't use undici since this is a node package, but is still relevant since it points out the fetch spec depends on garbage collection which means this behavior might not be well defined when depending on garbage collection. Might be worth clarifying that in this comment?

Also, should we consider making a HEAD request instead as suggested in your link and here if we don't need the body? I don't think there's much data returned so it might not matter too much either way

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thank you for the feedback!! comment updated!
i tested out using the head method tho i get the "method not allowed" error in the console :(
image

Copy link
Collaborator

@ZedLi ZedLi Dec 27, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah I guess we don't support HEAD requests 😢, I wonder how much actual work that is from the backend but either way I think it's fine if we just keep making GET requests

@lisbet-alvarez lisbet-alvarez marked this pull request as ready for review December 27, 2024 20:45
@lisbet-alvarez lisbet-alvarez requested a review from a team as a code owner December 27, 2024 20:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ZedLi ZedLi ZedLi left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
addons auth-addon
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lisbet-alvarez @ZedLi