Refactor async code synchronization #499
Conversation
ansasaki
force-pushed
the
async_refactor
branch
3 times, most recently
from
c7ba7ef
to
25df334
Compare
ansasaki
changed the title
ansasaki
force-pushed
the
async_refactor
branch
from
25df334
to
496c1a8
Compare
|
It seems the change I introduced in e3ebc06 makes I'll revert it for now. |
ansasaki
force-pushed
the
async_refactor
branch
from
496c1a8
to
504b763
Compare
ansasaki
force-pushed
the
async_refactor
branch
2 times, most recently
from
a5f1ba9
to
d515ce2
Compare
ansasaki
force-pushed
the
async_refactor
branch
from
d515ce2
to
4ac3b8c
Compare
I still see the error? |
It seems this is back (sigh). It is difficult to debug this as I can't reproduce locally... I will investigate |
ansasaki
force-pushed
the
async_refactor
branch
4 times, most recently
from
cda679d
to
c9f2aa4
Compare
|
@aplanas I did not find the root cause that makes The only thing I could do was to update the image used for testing to a newer version (from Fedora 34 to Fedora 37). If the issue makes the tests to fail frequently, let's disable the tests that runs external binaries or move the coverage measurement to a separate job which is not required to pass. |
ansasaki
force-pushed
the
async_refactor
branch
2 times, most recently
from
954cd7d
to
7f8b26b
Compare
|
@THS-on Could you please review/approve this? |
|
@ashcrow @mbestavros @lukehinds @lkatalin @puiterwijk @mpeters @ueno Could someone please review/approve this? I believe we need to review/expand the reviewers who can approve changes to get merged. I'm trying to get this merged for weeks, but cannot get the required approval. Also I would like to make changes to the repository (e.g. creating a template for issues, creating a template for PR checklist) but I do not have the required permission. Could someone with the right permissions please contact me? |
Separate the ZeroMQ service from the worker task. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
ansasaki
force-pushed
the
async_refactor
branch
2 times, most recently
from
1f7da3d
to
035b378
Compare
|
I'm happy to approve given I see 3 approvals already and all outstanding comments have been resolved. My only caveat is that the Fedora tests failed. If this is a known issue then I'll add my approval, if not, let's get that fixed first 🙏 @lkatalin Is there a discussion already on going about approvers by chance? |
Add the payloads module which contains all payload-related functions. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Use messages for synchronization instead of mutexes and condvar. Add separate workers for keys and payload execution, holding the state locally instead of storing all data in server context (QuoteData). The keys worker holds the received U and K keys and is responsible for combining them to obtain K. It also provides the K key when requested by the /keys/verify endpoint to prove that the resulting K is correct. When the U and V keys combination is successful (the HMAC verification is successful), the keys worker wakes the payloads worker sending the obtained K key and the encrypted payload. The payloads worker is responsible for decrypting and running the payload sent by the keys worker. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Use a separate task to handle the SIGINT (Ctrl + C) signal and wait for all the tasks to finish. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Modify the ZeroMQ listener to poll the socket for events before trying to read instead of blocking. Create a revocation worker which is reponsible for running the revocation payloads. The payloads worker will send a message to the revocation worker after decrypting the payload which may contain the revocation certificate. The payloads worker will also send a message to the ZeroMQ worker to start listening for revocation notifications. All revocation messages received through both ZeroMQ and Rest API are sent to the revocation worker which will process them one by one. This is to avoid running revocation scripts concurrently, which may conflict. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Cleanup U and V keys processing and add tests for processing with bogus keys in the vectors of received keys. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
ansasaki
force-pushed
the
async_refactor
branch
from
035b378
to
6b37e82
Compare
@ashcrow Done! |
Use messages for synchronization instead of mutexes and condvar. Add
separate workers for keys, payload, and revocation execution, as well as
a worker to handle the revocations coming from ZeroMQ channel.
The workers hold the state locally instead of storing all data in server
context (QuoteData).
The keys worker holds the received U and K keys and is responsible for
combining them to obtain K. It also provides the K key when requested
by the /keys/verify endpoint to prove that the resulting K is correct.
When the U and V keys combination is successful (the HMAC verification
is successful), the keys worker wakes the payloads worker sending the
obtained K key and the encrypted payload.
The payloads worker is responsible for decrypting and running the
payload sent by the keys worker.
After decrypting and running the payload, the payloads worker will send
messages to the revocation worker and ZMQ worker to start listening for
revocations.
This also implements graceful shutdown on Ctrl + C (SIGINT) signal.
A dedicated task is spawned to receive the signal and stop the other workers.
Unit tests were implemented for the changes.
Fixes: #363, #447