tyk icon indicating copy to clipboard operation
tyk copied to clipboard

Published 20 hours ago verified publisher icon TykTechnologies

[TT-7325] PoC: Don't count blocked requests during sentinel key lifetime

Open titpetric opened this issue 1 year ago • 7 comments

User description

PR contains two changes:

  • sentinel rate limit blocks and doesn't count blocked requests until key expires
  • copy of quota implementation to implement fixed window rate limit (ejects the default DRL/RRL case)

Not intended for merge, intended for test/demo purposes only.

https://tyktech.atlassian.net/browse/TT-7325

Type

bug_fix

Description

  • Moved the deferred function call for doRollingWindowWrite to execute only if the sentinel key is not active. This prevents rate-limited requests from being counted when a sentinel key is set, aligning with the intended behavior of not counting blocked requests during the sentinel key's lifetime.

Changes walkthrough

Relevant files
Bug fix
session_manager.go
Modify deferred function call position in session limiter

gateway/session_manager.go

  • Moved the deferred function call to after the sentinel key check.
 +4/-4     

PR-Agent usage: Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

titpetric avatar Apr 22 '24 13:04 titpetric

PR Description updated to latest commit (https://github.com/TykTechnologies/tyk/commit/20cae9ffe9c596308dfc1d33495a7f1a0d7ff90c)

github-actions[bot] avatar Apr 22 '24 13:04 github-actions[bot]

API Changes

no api changes detected

github-actions[bot] avatar Apr 22 '24 13:04 github-actions[bot]

PR Review

⏱️ Estimated effort to review [1-5]

2, because the PR involves a simple change in the position of a deferred function call within a single function. The logic is straightforward and the impact is limited to a specific condition.

🧪 Relevant tests

No

🔍 Possible issues

Possible Bug: The deferred function doRollingWindowWrite might not execute if an error occurs before reaching the defer statement. This could lead to inconsistent state or data loss if the function is critical for maintaining state.

🔒 Security concerns

No

Code feedback:
relevant filegateway/session_manager.go
suggestion      

Consider adding error handling or a recovery mechanism before the defer statement to ensure doRollingWindowWrite executes even if a panic occurs. This could improve the robustness of the session management. [important]
relevant linedefer func() {
✨ Review tool usage guide:

Overview: The review tool scans the PR code changes, and generates a PR review which includes several types of feedbacks, such as possible PR issues, security threats and relevant test in the PR. More feedbacks can be added by configuring the tool.

The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on any PR.

  • When commenting, to edit configurations related to the review tool (pr_reviewer section), use the following template:
/review --pr_reviewer.some_config1=... --pr_reviewer.some_config2=...

[pr_reviewer]
some_config1=...
some_config2=...

See the review usage page for a comprehensive guide on using this tool.

github-actions[bot] avatar Apr 22 '24 13:04 github-actions[bot]

PR Code Suggestions

CategorySuggestions                                                                                                                                                       
Best practice
Add error handling for the retrieval of the sentinel key.

Consider checking the error returned by store.GetRawKey to handle potential failures in
retrieving the sentinel key. Ignoring errors can lead to unexpected behavior if the key
retrieval fails.

gateway/session_manager.go [164]

-_, sentinelActive := store.GetRawKey(rateLimiterSentinelKey)
+sentinelValue, err := store.GetRawKey(rateLimiterSentinelKey)
+if err != nil {
+    // handle error appropriately
+}
Possible issue
Review and ensure synchronization in deferred goroutines to prevent race conditions.

Ensure that the goroutine launched by defer does not lead to race conditions or unexpected
behavior, especially since it modifies shared state potentially accessed elsewhere
concurrently.

gateway/session_manager.go [170-172]

 defer func() {
+    // Ensure proper synchronization mechanisms are in place
     go l.doRollingWindowWrite(key, rateLimiterKey, rateLimiterSentinelKey, currentSession, store, globalConf, apiLimit, dryRun)
 }()
✨ Improve tool usage guide:

Overview: The improve tool scans the PR code changes, and automatically generates suggestions for improving the PR code. The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on a PR.

  • When commenting, to edit configurations related to the improve tool (pr_code_suggestions section), use the following template:
/improve --pr_code_suggestions.some_config1=... --pr_code_suggestions.some_config2=...

[pr_code_suggestions]
some_config1=...
some_config2=...

See the improve usage page for a comprehensive guide on using this tool.

github-actions[bot] avatar Apr 22 '24 13:04 github-actions[bot]

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarqubecloud[bot] avatar Apr 22 '24 13:04 sonarqubecloud[bot]

:boom: CI tests failed :see_no_evil:

git-state

all ok

Please look at the run or in the Checks tab.

github-actions[bot] avatar Apr 22 '24 14:04 github-actions[bot]

:boom: CI tests failed :see_no_evil:

git-state

all ok

Please look at the run or in the Checks tab.

github-actions[bot] avatar Apr 22 '24 14:04 github-actions[bot]