Add Shutdowner to allow shutdown from a module

[SyrieBianco]

This adds a Shutdowner interface with a Shutdown method, providing it to all
Fx applications. This provides the ability to signal app shutdown from any Fx
module.

Note that a channel of signal receivers is used because os/signal.Notify,
and incidentally fx.App.Done() may be called multiple times, so we need
to notify all channels on shutdown.

Summary of Changes:

1. Add dones, a slice of done channels, and mu, a mutex, to the App object
   in order to maintain references to all done channels created via the Done
   method, and to be able to concurrency-safely read from and write to the
   dones.
2. Change the Done method to record created channels on the app as well as
   returning a read-only channel.
3. Create a Shutdowner interface with Shutdown() method by creating closure
   upon construction that has access to the app object's dones and mu, and
   holding a reference to it.
4. During the the construction of the App, instantiate the dones field and
   provide the Shutdowner to the container.

Points of consideration:

1. What test functionality do we want to make available to users through
   fxtest?
2. What ShutdownOptions should be added to the shutdown function and
   available to modules? Should any shutdown-related Options be surfaced to
   the end user, such as white-listing which modules are allowed to call
   Shutdown()?

Resolves #615.

[CLAassistant]

All committers have signed the CLA.

[codecov]

Codecov Report

Merging #660 into master will increase coverage by 0.21%.
The diff coverage is 100%.

@@            Coverage Diff             @@
##           master     #660      +/-   ##
==========================================
+ Coverage    95.8%   96.01%   +0.21%     
==========================================
  Files           9       10       +1     
  Lines         405      427      +22     
==========================================
+ Hits          388      410      +22     
  Misses         12       12              
  Partials        5        5

Impacted Files	Coverage Δ
app.go	96.77% <100%> (+0.07%)	⬆️
shutdown.go	100% <100%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 225986d...338afcb. Read the comment docs.

[amckinney]

Nice! Looks good overall. Some minor suggestions and points for discussion.

[amckinney]

I'm curious about this case. Should we consider this case an error with respect to a call to Shutdown? This means that all of the application's Done channels have received the os.Signal and we are about to start shutting down, so I'm not sure how we would expect our users to interpret the non-nil result from Shutdown. But, it is a special case in that we failed to send the given os.Signal to at least one of the Done channels.

This isn't necessarily a bad idea though. It makes sense in a "I failed to send the Shutdown signal since it's already sent". I guess the better question is: how do we intend users to use this information, if at all?

[akshayjshah]

To me, this is a lot like the error you get back from closing a file - usually, there's nothing you can do about it, so you log it but don't need to take any special programmatic action. We should still be returning it, though, because this probably indicates that something is deadlocked or otherwise unhealthy, and that information should end up in our exception tracking system.

More generally, we need an error return value here to make options sane later. Many options will take user input, and we'll need a way to indicate to the user that their input was invalid.

[akshayjshah]

To me, this is a lot like the error you get back from closing a file - usually, there's nothing you can do about it, so you log it but don't need to take any special programmatic action. We should still be returning it, though, because this probably indicates that something is deadlocked or otherwise unhealthy, and that information should end up in our exception tracking system.

More generally, we need an error return value here to make options sane later. Many options will take user input, and we'll need a way to indicate to the user that their input was invalid.

[akshayjshah]

Do we need the extra assertion on found? The rest of the unit tests are already asserting that invoked functions are always run.

[SyrieBianco]

So I patterned this test off of the "ProvidesLifecycle" line for line. I don't think that the assertion is necessary, but I figured that the tests to confirm whether or not a type is provided to the container should be the same in content. lmk if you think I should remove the found assertion from both tests or leave it.

[akshayjshah]

Overall, I like the way this came out - nice work!

I think we may want to expand the Shutdowner API a bit, though. In production, we'll want to know which module/package/whatever called Shutdown, otherwise it's going to be a complete mystery why applications are randomly shutting down. I'd prefer not to rely on each user of Shutdown doing the right thing and logging a good message; instead, I'd like the Shutdowner itself to collect structured logs and metrics about this.

Unfortunately, this will take a bit of work - the logger (or whatever other struct we're using to track this info) needs to come from inside the container, so it's not available at the Fx layer. Instead, I think we'll want applications to be able to register callbacks that execute just before we actually shut down the app. (Something like OnShutdown(func(*ShutdownInfo)).) We don't need to actually implement that functionality in this PR, but we do need to add a method that enables callback registration to the Shutdowner interface.

[akshayjshah]

Looks great - thanks for going along with the many rounds of review on this. Trust you to add punctuation to comments without further review :)

[akshayjshah]

nit: please add a period, exclamation point, or terminal punctuation of your choice at the end of this sentence.