Skip to content

fix(server): harden auth upstream connection handling#235

Merged
abhinav-galileo merged 4 commits into
mainfrom
fix/auth-upstream-connection-tuning
Jun 5, 2026
Merged

fix(server): harden auth upstream connection handling#235
abhinav-galileo merged 4 commits into
mainfrom
fix/auth-upstream-connection-tuning

Conversation

@abhinav-galileo
Copy link
Copy Markdown
Collaborator

@abhinav-galileo abhinav-galileo commented Jun 5, 2026
edited
Loading

Summary

  • set auth upstream HTTP keepalive expiry to avoid reusing stale idle sockets while preserving HTTPX's default connection-count capacity
  • expose generic auth upstream HTTP pool tuning env vars for keepalive expiry and connection limits
  • add low-cardinality Prometheus metrics for auth upstream attempts and latency
  • cover connection tuning validation and single-attempt network error behavior in auth framework tests

Non-goals

  • no retry logic
  • no caching
  • no API changes
  • no deployment-specific behavior

Tests

  • uv run --package agent-control-server pytest -q --noconftest server/tests/test_auth_framework.py -k http_upstream
  • uv run --package agent-control-server ruff check --config pyproject.toml server/src/agent_control_server/auth_framework/providers/http_upstream.py server/src/agent_control_server/auth_framework/config.py server/tests/test_auth_framework.py
  • uv run --package agent-control-server mypy --config-file pyproject.toml server/src/agent_control_server/auth_framework/providers/http_upstream.py server/src/agent_control_server/auth_framework/config.py

@abhinav-galileo abhinav-galileo changed the title fix: harden auth upstream connection handling fix(server): harden auth upstream connection handling Jun 5, 2026
@codecov
Copy link
Copy Markdown

codecov Bot commented Jun 5, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

namrataghadi-galileo
namrataghadi-galileo reviewed Jun 5, 2026
View reviewed changes
Comment thread server/src/agent_control_server/auth_framework/config.py Outdated
@abhinav-galileo abhinav-galileo force-pushed the fix/auth-upstream-connection-tuning branch from 391954e to d5e67b3 Compare June 5, 2026 13:41
@abhinav-galileo abhinav-galileo merged commit 16d0115 into main Jun 5, 2026
6 checks passed
@abhinav-galileo abhinav-galileo deleted the fix/auth-upstream-connection-tuning branch June 5, 2026 13:48
galileo-automation pushed a commit that referenced this pull request Jun 5, 2026
@semantic-release-bot
chore(release): ts sdk v3.0.0 [skip ci]
09c5a54 
## [3.0.0](ts-sdk-v2.6.0...ts-sdk-v3.0.0) (2026-06-05)

### ⚠ BREAKING CHANGES

* **evaluators:** remove Luna2 evaluator (#234)

### Bug Fixes

* **evaluators:** remove Luna2 evaluator ([#234](#234)) ([ccc4fc6](ccc4fc6))
* **server:** harden auth upstream connection handling ([#235](#235)) ([16d0115](16d0115))
@galileo-automation
Copy link
Copy Markdown
Collaborator

galileo-automation commented Jun 5, 2026

🎉 This PR is included in version 3.0.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@namrataghadi-galileo namrataghadi-galileo namrataghadi-galileo approved these changes

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@abhinav-galileo @galileo-automation @namrataghadi-galileo