Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: updating ratelimits for identities #2067

Merged
merged 1 commit into from
Sep 5, 2024
Merged

fix: updating ratelimits for identities #2067

merged 1 commit into from
Sep 5, 2024

Conversation

chronark
Copy link
Collaborator

@chronark chronark commented Sep 5, 2024
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • New Features

    • Enhanced handling of rate limits during identity updates, ensuring unique rate limit names.
    • Introduced a new endpoint for retrieving OpenAPI specifications in JSON format.

  • Bug Fixes

    • Improved error handling for duplicate rate limits during identity updates.

  • Documentation

    • Updated configuration paths for generated OpenAPI files.

  • Refactor

    • Restructured import paths for OpenAPI package to improve organization and modularity.
    • Streamlined logic for managing rate limits in identity updates.

  • Tests

    • Added new test cases for validating rate limit uniqueness and repeated applications of rate limits.

@chronark chronark requested a review from perkinsjr as a code owner September 5, 2024 11:38
@vercel Vercel
Copy link

vercel bot commented Sep 5, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
dashboard ✅ Ready (Inspect) Visit Preview 💬 Add feedback Sep 5, 2024 11:42am
planetfall ✅ Ready (Inspect) Visit Preview 💬 Add feedback Sep 5, 2024 11:42am
play ✅ Ready (Inspect) Visit Preview 💬 Add feedback Sep 5, 2024 11:42am
workflows ✅ Ready (Inspect) Visit Preview 💬 Add feedback Sep 5, 2024 11:42am
www ✅ Ready (Inspect) Visit Preview 💬 Add feedback Sep 5, 2024 11:42am

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Sep 5, 2024

⚠️ No Changeset found

Latest commit: fb1fb20

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 5, 2024
edited
Loading

Thank you for following the naming conventions for pull request titles! 🙏

@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Sep 5, 2024
edited
Loading

Walkthrough

Walkthrough

The changes involve a significant restructuring of the project, primarily focusing on the organization of the OpenAPI package. The import paths for the OpenAPI package have been updated across multiple files, transitioning from a generated code directory to a more stable package location. Additionally, modifications to error handling and the instantiation of components have been made, enhancing the clarity and maintainability of the codebase. New test cases have also been introduced to validate the handling of rate limits.

Changes

Files Change Summary
apps/agent/integration/cluster/docker/ratelimits_test.go, apps/agent/pkg/api/errors/internal_server_error.go, apps/agent/pkg/api/errors/validation_error.go, apps/agent/pkg/api/routes/not_found/handler.go, apps/agent/pkg/api/routes/sender.go, apps/agent/pkg/api/routes/v1_liveness/handler.go, apps/agent/pkg/api/routes/v1_liveness/handler_test.go, apps/agent/pkg/api/routes/v1_ratelimit_commitLease/handler.go, apps/agent/pkg/api/routes/v1_ratelimit_commitLease/handler_test.go, apps/agent/pkg/api/routes/v1_ratelimit_multiRatelimit/handler.go, apps/agent/pkg/api/routes/v1_ratelimit_ratelimit/handler.go, apps/agent/pkg/api/routes/v1_ratelimit_ratelimit/handler_test.go, apps/agent/pkg/api/routes/v1_vault_decrypt/handler.go, apps/agent/pkg/api/routes/v1_vault_encrypt/handler.go, apps/agent/pkg/api/routes/v1_vault_encrypt_bulk/handler.go, apps/agent/pkg/api/server.go, apps/agent/pkg/api/testutil/harness.go, apps/agent/pkg/api/validation/validator.go, apps/agent/pkg/openapi/config.yaml, apps/agent/pkg/openapi/spec.go, apps/agent/pkg/tinybird/tinybird.go Import path for OpenAPI package changed from github.com/unkeyed/unkey/apps/agent/gen/openapi to github.com/unkeyed/unkey/apps/agent/pkg/openapi.
apps/agent/schema.json Modifications to the schema definition for "clickhouse" and "vault" objects, including property renaming and updates to required properties.
apps/agent/services/eventrouter/service.go Import path for OpenAPI package changed from github.com/unkeyed/unkey/apps/agent/gen/openapi to github.com/unkeyed/unkey/apps/agent/pkg/openapi.
apps/api/src/routes/v1_identities_updateIdentity.error.test.ts, apps/api/src/routes/v1_identities_updateIdentity.happy.test.ts New test cases added for validating rate limit handling during identity updates.
apps/api/src/routes/v1_identities_updateIdentity.ts Significant modifications to the registerV1IdentitiesUpdateIdentity function, enhancing rate limit handling and logging.

Sequence Diagram(s)

sequenceDiagram
    participant Client
    participant Server
    participant Database

    Client->>Server: POST /v1/identities.updateIdentity
    Server->>Database: Validate and process rate limits
    alt Successful update
        Database-->>Server: Rate limits updated
        Server-->>Client: 200 OK
    else Duplicate rate limits
        Server-->>Client: 412 Precondition Failed
    end
Loading

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share
Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai generate interesting stats about this repository and render them as a table.
    • @coderabbitai show all the console.log statements in this repository.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot]
coderabbitai bot reviewed Sep 5, 2024
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

Outside diff range, codebase verification and nitpick comments (7)
apps/agent/pkg/api/routes/not_found/handler.go (1)

Line range hint 9-20: Address the placeholder in the error response.

The Type field in the openapi.BaseError struct is set to "TODO docs link". It is important to replace this placeholder with an actual link to the relevant documentation to provide users with more context about the error.

Consider updating this field once the appropriate documentation is ready.

apps/agent/pkg/api/errors/validation_error.go (1)

Line range hint 11-25: Review of HandleValidationError function.

The function correctly constructs a ValidationError object based on the issues extracted from the error. However, consider the following improvements:

  • Error Messages: The static messages "Internal Server Error" and "An internal server error occurred" are misleading since this function handles validation errors, which are typically client-side issues. Consider using more appropriate messages that reflect the nature of the error.
  • Documentation Link: The placeholder "TODO docs link" should be replaced with an actual link to relevant documentation. This will help developers and users understand the error context better.
apps/agent/pkg/api/routes/v1_vault_encrypt/handler.go (1)

Line range hint 9-30: Approve the functionality of the New function.

The function correctly initializes a new route and handles encryption requests. The logic for request validation, encryption, and error handling is sound. Consider adding more detailed logging at key steps (e.g., before sending responses or handling errors) to improve traceability and debugging.

apps/agent/pkg/api/routes/sender.go (1)

Line range hint 19-52: Suggest improvements in error handling and response formatting.

The Send method in the JsonSender struct is crucial for sending JSON responses. Here are a few suggestions for improvement:

  • Error Handling: When marshaling the error object fails, the method defaults to sending a plain text error message. Consider logging this failure or using a predefined JSON error response to maintain consistency in response format.
  • Response Formatting: The method sets the Content-Type header after writing the status code, which should be set before to ensure proper header handling by clients.

Consider the following refactoring for the error handling:

-		if err != nil {
-			w.Write([]byte("failed to marshal response body"))
-			return
-		}
+		if err != nil {
+			r.logger.Error().Err(err).Msg("failed to marshal error response body")
+			w.Write([]byte("{\"error\":\"failed to marshal response body\"}"))
+			return
+		}

And adjust the header setting sequence:

-	w.WriteHeader(status)
-	w.Header().Set("Content-Type", "application/json")
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(status)
apps/agent/pkg/api/routes/v1_ratelimit_ratelimit/handler.go (1)

Line range hint 10-47: Approve the function implementation with a suggestion for improvement.

The function New is well-implemented with proper error handling and default value setup. The usage of the new import path in openapi.V1RatelimitRatelimitRequestBody and openapi.V1RatelimitRatelimitResponseBody is correct. However, consider adding more detailed logging for debugging and monitoring purposes, especially before sending responses or handling errors.

Consider adding detailed logging statements to improve traceability and debugging. For example:

log.Printf("Sending response with status %d and body: %+v", 200, response)
apps/agent/pkg/api/validation/validator.go (1)

Line range hint 50-90: Refactor suggestion for Body function to improve error handling and reduce code duplication.

The Body function effectively reads and validates the HTTP request body. However, the error handling code is repeated for different types of errors, which could be refactored into a helper function to improve maintainability and reduce code duplication.

Consider implementing a helper function to handle the creation of openapi.ValidationError objects, which can be reused across different error scenarios in this function.

Here's a proposed refactor to introduce a helper function:

func createValidationError(title, detail, message string, status int, r *http.Request) openapi.ValidationError {
	return openapi.ValidationError{
		Title:     title,
		Detail:    detail,
		Errors:    []openapi.ValidationErrorDetail{{Location: "body", Message: message}},
		Instance:  "https://errors.unkey.com/todo",
		Status:    status,
		RequestId: ctxutil.GetRequestId(r.Context()),
	}
}

// Usage within the Body function:
if err != nil {
	return createValidationError("Bad Request", "Failed to read request body", err.Error(), http.StatusBadRequest, r), false
}
apps/api/src/routes/v1_identities_updateIdentity.ts (1)

Line range hint 232-362: Refactor rate limit handling into separate operations.

The separation of rate limit handling into delete, update, and create operations is a significant improvement in code structure. This separation makes the code easier to read and maintain. Each operation is clearly delineated, which reduces the complexity and potential for errors.

However, consider adding more comments within each block to explain the logic, especially for the conditions that determine the classification into delete, update, and create categories.

Consider adding more detailed comments within each operation block to enhance understandability for future maintainers.

Example:

+ // Check if the rate limit should be deleted based on absence in the new request
  for (const rl of deleteRatelimits) {
    await tx.delete(schema.ratelimits).where(eq(schema.ratelimits.id, rl.id));
    ...
  }
Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 45cb72c and fb1fb20.

Files selected for processing (28)
  • apps/agent/integration/cluster/docker/ratelimits_test.go (1 hunks)
  • apps/agent/pkg/api/errors/internal_server_error.go (1 hunks)
  • apps/agent/pkg/api/errors/validation_error.go (1 hunks)
  • apps/agent/pkg/api/register_routes.go (2 hunks)
  • apps/agent/pkg/api/routes/not_found/handler.go (1 hunks)
  • apps/agent/pkg/api/routes/openapi/handler.go (1 hunks)
  • apps/agent/pkg/api/routes/sender.go (1 hunks)
  • apps/agent/pkg/api/routes/v1_liveness/handler.go (1 hunks)
  • apps/agent/pkg/api/routes/v1_liveness/handler_test.go (1 hunks)
  • apps/agent/pkg/api/routes/v1_ratelimit_commitLease/handler.go (1 hunks)
  • apps/agent/pkg/api/routes/v1_ratelimit_commitLease/handler_test.go (1 hunks)
  • apps/agent/pkg/api/routes/v1_ratelimit_multiRatelimit/handler.go (1 hunks)
  • apps/agent/pkg/api/routes/v1_ratelimit_ratelimit/handler.go (1 hunks)
  • apps/agent/pkg/api/routes/v1_ratelimit_ratelimit/handler_test.go (1 hunks)
  • apps/agent/pkg/api/routes/v1_vault_decrypt/handler.go (1 hunks)
  • apps/agent/pkg/api/routes/v1_vault_encrypt/handler.go (1 hunks)
  • apps/agent/pkg/api/routes/v1_vault_encrypt_bulk/handler.go (1 hunks)
  • apps/agent/pkg/api/server.go (1 hunks)
  • apps/agent/pkg/api/testutil/harness.go (1 hunks)
  • apps/agent/pkg/api/validation/validator.go (2 hunks)
  • apps/agent/pkg/openapi/config.yaml (1 hunks)
  • apps/agent/pkg/openapi/spec.go (1 hunks)
  • apps/agent/pkg/tinybird/tinybird.go (1 hunks)
  • apps/agent/schema.json (2 hunks)
  • apps/agent/services/eventrouter/service.go (1 hunks)
  • apps/api/src/routes/v1_identities_updateIdentity.error.test.ts (2 hunks)
  • apps/api/src/routes/v1_identities_updateIdentity.happy.test.ts (1 hunks)
  • apps/api/src/routes/v1_identities_updateIdentity.ts (7 hunks)
Files skipped from review due to trivial changes (11)
  • apps/agent/integration/cluster/docker/ratelimits_test.go
  • apps/agent/pkg/api/errors/internal_server_error.go
  • apps/agent/pkg/api/routes/v1_liveness/handler.go
  • apps/agent/pkg/api/routes/v1_liveness/handler_test.go
  • apps/agent/pkg/api/routes/v1_ratelimit_commitLease/handler.go
  • apps/agent/pkg/api/routes/v1_ratelimit_commitLease/handler_test.go
  • apps/agent/pkg/api/routes/v1_ratelimit_ratelimit/handler_test.go
  • apps/agent/pkg/api/routes/v1_vault_decrypt/handler.go
  • apps/agent/pkg/openapi/config.yaml
  • apps/agent/pkg/openapi/spec.go
  • apps/agent/pkg/tinybird/tinybird.go
Additional comments not posted (26)
apps/agent/pkg/api/routes/openapi/handler.go (1)

6-8: Approve the updated import paths.

The updated import paths align with the PR objectives of reorganizing the OpenAPI package. This change enhances the clarity and maintainability of the codebase by using more stable package locations.

apps/agent/pkg/api/routes/not_found/handler.go (1)

8-8: Verify the new import path for the OpenAPI package.

The import path for the OpenAPI package has been updated to github.com/unkeyed/unkey/apps/agent/pkg/openapi. Ensure that this new path correctly points to the intended package and that all functionalities related to the OpenAPI specifications are intact and compatible with the rest of the application.

Run the following script to verify the existence and correctness of the new import path:

Verification successful

Import path verification successful.

The import path github.com/unkeyed/unkey/apps/agent/pkg/openapi is correct, and the BaseError struct is present in the package, confirming that the necessary components are available for use. The changes are compatible with the rest of the application.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the existence and correctness of the new import path.

# Test: Search for the new import path in the repository. Expect: At least one occurrence.
rg --type go 'github.com/unkeyed/unkey/apps/agent/pkg/openapi'

Length of output: 2024

Script:

#!/bin/bash
# Description: Verify the existence of the BaseError struct in the openapi package.

# Test: Search for the BaseError struct definition in the openapi package.
rg --type go 'type BaseError struct' --glob 'apps/agent/pkg/openapi/*.go'

Length of output: 129

apps/agent/pkg/api/errors/validation_error.go (1)

9-9: Updated import path for openapi package.

The import path for the openapi package has been updated to reflect the restructuring of the project. Ensure that all references to types and functions from this package are correctly updated across the entire project to maintain compatibility.

Verification successful

Import path update verified successfully.

The new import path for the openapi package is correctly used across multiple files in the codebase, confirming that the restructuring has been implemented successfully. No occurrences of the old import path were found.

  • Files using the new import path include:
    • apps/agent/services/eventrouter/service.go
    • apps/agent/pkg/tinybird/tinybird.go
    • apps/agent/pkg/api/validation/validator.go
    • apps/agent/pkg/api/routes/openapi/handler.go
    • apps/agent/pkg/api/routes/sender.go
    • apps/agent/pkg/api/routes/v1_vault_decrypt/handler.go
    • apps/agent/pkg/api/routes/v1_ratelimit_ratelimit/handler_test.go
    • apps/agent/pkg/api/routes/v1_ratelimit_ratelimit/handler.go
    • apps/agent/integration/cluster/docker/ratelimits_test.go
    • apps/agent/pkg/api/routes/v1_ratelimit_commitLease/handler.go
    • apps/agent/pkg/api/routes/v1_liveness/handler_test.go
    • apps/agent/pkg/api/routes/v1_vault_encrypt_bulk/handler.go
    • apps/agent/pkg/api/routes/v1_ratelimit_commitLease/handler_test.go
    • apps/agent/pkg/api/routes/v1_liveness/handler.go
    • apps/agent/pkg/api/routes/not_found/handler.go
    • apps/agent/pkg/api/routes/v1_ratelimit_multiRatelimit/handler.go
    • apps/agent/pkg/api/errors/validation_error.go
    • apps/agent/pkg/api/routes/v1_vault_encrypt/handler.go
    • apps/agent/pkg/api/errors/internal_server_error.go
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that all references to the `openapi` package are updated.

# Test: Search for old import path. Expect: No occurrences.
rg --type go 'github.com/unkeyed/unkey/apps/agent/gen/openapi'

Length of output: 62

Script:

#!/bin/bash
# Description: Verify that the new import path for the `openapi` package is used.

# Test: Search for new import path. Expect: Occurrences in relevant files.
rg --type go 'github.com/unkeyed/unkey/apps/agent/pkg/openapi'

Length of output: 2024

apps/agent/pkg/api/routes/v1_vault_encrypt/handler.go (1)

9-9: Verify the new import path for the openapi package.

The import path has been updated to github.com/unkeyed/unkey/apps/agent/pkg/openapi. Please ensure that this new path is correct and that all functionalities provided by the openapi package are still accessible and functioning as expected.

Run the following script to verify the new import path and check for any other references to the old path:

Verification successful

Import Path Update Verified

The import path for the openapi package has been successfully updated to github.com/unkeyed/unkey/apps/agent/pkg/openapi across the codebase. No references to the old path were found, indicating a consistent update.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the new import path and check for any other references to the old path.

# Test: Search for the old import path. Expect: No occurrences.
rg --type go 'github.com/unkeyed/unkey/apps/agent/gen/openapi'

# Test: Search for the new import path. Expect: Occurrences in relevant files.
rg --type go 'github.com/unkeyed/unkey/apps/agent/pkg/openapi'

Length of output: 2087

apps/agent/pkg/api/routes/v1_vault_encrypt_bulk/handler.go (2)

Line range hint 18-39: Function New review: Well-structured and follows best practices.

The function New is well-structured and effectively handles HTTP requests and responses. The usage of the openapi types is consistent with the new import path, and the error handling is robust, using the fault package to wrap and log errors effectively.

11-11: Verify the correct usage of the new openapi import path.

The import path for the openapi package has been updated. It's crucial to ensure that all references to the openapi types in this file and potentially others are correctly updated to reflect this change.

Run the following script to verify the usage of the openapi package across the codebase:

Verification successful

The new openapi import path is used consistently across the codebase.

The transition to the new import path github.com/unkeyed/unkey/apps/agent/pkg/openapi has been successfully completed, with no remaining references to the old path. This ensures that the codebase is up-to-date with the latest package structure. No further action is required.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all references to the `openapi` package match the new import path.

# Test: Search for the old and new import paths. Expect: Only occurrences of the new import path.
rg --type go -A 5 $'github.com/unkeyed/unkey/apps/agent/pkg/openapi'
rg --type go -A 5 $'github.com/unkeyed/unkey/apps/agent/gen/openapi'

Length of output: 9659

apps/agent/pkg/api/routes/v1_ratelimit_multiRatelimit/handler.go (1)

9-9: Verify the compatibility of the new OpenAPI import.

Ensure that the new import github.com/unkeyed/unkey/apps/agent/pkg/openapi provides all the functionalities previously available in the removed import. This is crucial to maintain the integrity and functionality of the API handling.

Run the following script to verify the compatibility:

Verification successful

The new OpenAPI import is compatible with the existing codebase.

The import github.com/unkeyed/unkey/apps/agent/pkg/openapi is used consistently across multiple files, including handlers and validators, indicating that it provides the necessary functionalities required by these components. The integration appears to be successful without any apparent issues.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the compatibility of the new OpenAPI import with the existing code.

# Test: Search for the usage of the new OpenAPI import. Expect: Only occurrences of the new import.
rg --type go -A 5 $'github.com/unkeyed/unkey/apps/agent/pkg/openapi'

Length of output: 9591

apps/agent/pkg/api/routes/sender.go (2)

Line range hint 13-17: Interface Definition Approved

The Sender interface is clearly defined and serves its purpose well.

10-10: Verify the new import path for the OpenAPI package.

The import path for the OpenAPI package has been updated. Ensure that this new path is correctly integrated and accessible throughout the application.

Run the following script to verify the new import path usage:

Verification successful

The new import path for the OpenAPI package is successfully integrated.

The updated import path github.com/unkeyed/unkey/apps/agent/pkg/openapi is consistently used across multiple files in the codebase, indicating a successful integration of the new path. No issues were found with the import path update.

  • Files using the new import path include various handlers, validators, and error handling components.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the new import path usage for the OpenAPI package.

# Test: Search for the new import path usage. Expect: Only occurrences of the new path.
rg --type go -A 5 $'github.com/unkeyed/unkey/apps/agent/pkg/openapi'

Length of output: 9591

apps/agent/pkg/api/routes/v1_ratelimit_ratelimit/handler.go (1)

10-10: Verify the new import path usage.

The import path change from github.com/unkeyed/unkey/apps/agent/gen/openapi to github.com/unkeyed/unkey/apps/agent/pkg/openapi is crucial. Ensure that all references and usages in the code align with the new path and that the functionalities provided by the old path are adequately replaced or maintained.

Run the following script to verify the correct usage of the new import path:

Verification successful

Verified: Correct usage of the new import path.

The import path github.com/unkeyed/unkey/apps/agent/pkg/openapi is consistently used across various files in the codebase, indicating a comprehensive update from the previous path. This suggests that the functionalities provided by the old path are adequately maintained or replaced. No issues were found with the import path change.

  • Files with the new import path include handlers, services, and tests.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the correct usage of the new import path.

# Test: Search for the new import path usage. Expect: Correct and consistent usage across the codebase.
rg --type go -A 5 $'github.com/unkeyed/unkey/apps/agent/pkg/openapi'

Length of output: 9591

apps/agent/pkg/api/register_routes.go (2)

6-6: Approved new import path for the OpenAPI package.

The import path openapi "github.com/unkeyed/unkey/apps/agent/pkg/api/routes/openapi" is correctly updated to reflect the new package location. This change aligns with the project's restructuring objectives.

31-31: Approved addition of OpenAPI route registration.

The line openapi.New(svc).Register(s.mux) correctly registers the OpenAPI routes with the server's multiplexer. This is a key enhancement in the server's capabilities, allowing it to handle OpenAPI-related requests.

Please ensure that the integration of the OpenAPI routes does not interfere with existing routes and that all routes are correctly prioritized and handled.

apps/agent/pkg/api/testutil/harness.go (1)

84-84: Verify the new validation setup.

The change to validation.New() without any arguments simplifies the instantiation but raises questions about the flexibility and adequacy of the default validation settings. Ensure that this change does not negatively impact the system's ability to validate inputs correctly.

Consider adding documentation or comments in the code explaining the reason for this change to help maintainers understand the new validation logic.

apps/api/src/routes/v1_identities_updateIdentity.error.test.ts (1)

1-1: Comprehensive Review of the New Test Suite for Rate Limit Updates

The new test suite introduced in this file is well-structured and targets a critical aspect of the application—ensuring that duplicate rate limits are handled correctly. Here are some detailed observations and suggestions:

  1. Test Setup and Initialization:

    • The use of IntegrationHarness and the creation of a root key are appropriate for setting up the test environment. This setup ensures that the test runs in a controlled environment, which is crucial for reliability.

  2. Identity and Rate Limit Setup:

    • The creation of an identity and the insertion of rate limits into the database are executed correctly. However, it's important to ensure that these entries are cleaned up after the test to prevent side effects on other tests.

  3. POST Request Execution and Validation:

    • The POST request to the updateIdentity endpoint is well-formed. The headers and body of the request are correctly set up to simulate the scenario of duplicate rate limits.
    • The validation of the response status and body is done properly. The use of expect to check for a 412 status and the specific error message is a good practice.

  4. Error Handling and Message Validation:

    • The error message "ratelimit names must be unique" is clear and informative. It's crucial that such messages are maintained in the error documentation as referenced in the test.

  5. Suggestions for Improvement:

    • Database Cleanup: Ensure that there is a teardown process to clean up the database entries made during the test. This can prevent any unintended side effects on subsequent tests.
    • Additional Scenarios: Consider adding more tests to cover other edge cases, such as submitting rate limits with the same name but different limits or durations.

Overall, the test suite is a valuable addition to the project, enhancing the robustness of the application by ensuring that the functionality to handle duplicate rate limits is correctly implemented and verified.

Also applies to: 44-109

apps/agent/pkg/api/server.go (1)

86-86: Simplified Validation Initialization Approved

The change to initialize the validation component without a hardcoded file path simplifies the configuration and potentially enhances flexibility. However, it's crucial to ensure that the new method of loading validation rules is robust and aligns with the system's requirements.

Please verify the following:

  • How the validation.New() method now loads the validation rules.
  • The impact of this change on other parts of the system, especially where validation rules are critical.

Consider adding documentation or comments in the code explaining the new validation loading mechanism to aid future maintainability.

apps/agent/pkg/api/validation/validator.go (1)

27-29: Refactor of New function to use openapi.Spec is approved.

The changes to the New function simplify the instantiation of the Validator by using a pre-defined specification. This approach avoids potential runtime errors related to file access and improves performance by eliminating I/O operations.

However, it's crucial to ensure that openapi.Spec is correctly initialized and updated as needed elsewhere in the codebase.

Run the following script to verify the initialization and usage of openapi.Spec:

Also applies to: 29-39

apps/agent/services/eventrouter/service.go (3)

17-17: Updated Import Path: Verify Integration

The import path for the OpenAPI package has been updated from github.com/unkeyed/unkey/apps/agent/gen/openapi to github.com/unkeyed/unkey/apps/agent/pkg/openapi. This change is crucial as it affects how the OpenAPI functionalities are accessed throughout the service.

  • Action Required: Ensure that all references to the OpenAPI functionalities within this file and potentially other files in the project are updated to reflect this change. This includes checking for any deprecated or altered functions or methods due to the new package structure.
  • Potential Impact: This change could affect the behavior of functions that rely on the OpenAPI package, especially in how data is formatted or validated before being sent to or received from the API.
Verification successful

Import Path Update Verified

The import path for the OpenAPI package has been successfully updated to github.com/unkeyed/unkey/apps/agent/pkg/openapi across the codebase. The old import path is no longer present, and the new path is consistently used in various files, indicating a successful transition.

  • Files Updated: The new import path is used in multiple files, including handlers, validators, and test files, confirming widespread adoption.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all references to the OpenAPI functionalities are updated.

# Test: Search for the old import path usage. Expect: No occurrences.
rg --type go 'github.com/unkeyed/unkey/apps/agent/gen/openapi'

Length of output: 62

Script:

#!/bin/bash
# Description: Verify that the new import path is used consistently across the codebase.

# Test: Search for the new import path usage. Expect: Occurrences in relevant files.
rg --type go 'github.com/unkeyed/unkey/apps/agent/pkg/openapi'

Length of output: 2024

Line range hint 36-36: Review Batch Processing Logic and Error Handling

The flush function within the New constructor is critical for the application's data processing pipeline. It handles the logic for batching events and interfacing with external systems like Tinybird and Clickhouse.

  • Error Handling: Ensure that errors from the Tinybird.Ingest and Clickhouse.BufferKeyVerification methods are handled appropriately and that any changes in their APIs due to the new OpenAPI package are integrated correctly.
  • Performance Considerations: Given the potential high volume of events, ensure that the batching and error handling are optimized to prevent data loss and ensure system stability.

Also applies to: 50-50

Line range hint 148-148: Ensure Correct Usage of Updated OpenAPI Package and Rate Limit Handling

The CreateHandler function sets up an HTTP handler that is crucial for the application's API interface. It uses the openapi.V0EventsResponseBody for formatting the HTTP response, which directly relates to the updated OpenAPI package.

  • Correct Usage: Verify that the openapi.V0EventsResponseBody and other related functionalities are used correctly following the update to the OpenAPI package.
  • Rate Limit Handling: As the PR objectives mention updating rate limits, ensure that the rate limit logic is correctly implemented and tested, particularly in scenarios where rate limits are exceeded.

Also applies to: 167-167

apps/agent/schema.json (2)

16-22: Review of the "clickhouse" object changes.

The changes to the "clickhouse" object simplify the configuration by consolidating connection details into a single "url" property. This change should make configuration easier but could potentially break existing setups that use the old "addr", "username", and "password" properties.

  • Correctness: The new "url" property is correctly defined with a minimum length requirement, which is good practice for URL fields.
  • Migration Path: Consider adding documentation or migration instructions for users moving from the old configuration to the new one.
  • Verification Needed: Verify that all parts of the application that interact with the ClickHouse configuration have been updated to use the new "url" property.
Verification successful

Verification Successful: "clickhouse" Object Update

The transition from the "addr" property to the "url" property in the "clickhouse" object is correctly implemented. The search results confirm that the old "addr" property is not used in the context of the "clickhouse" configuration, ensuring that the update is complete and consistent.

  • No occurrences of "addr" related to "clickhouse" were found, confirming the change is isolated and correctly applied.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that the new "url" property is used throughout the application.

# Test: Search for the old "addr" property usage. Expect: No occurrences.
rg --type json -A 5 $'addr'

Length of output: 1729

279-280: Review of the "vault" object changes.

The addition of the "vault" property as a required field in the "services" object is a significant change that emphasizes the importance of this configuration for proper functionality. The restriction on additional properties helps maintain a clean configuration schema.

  • Correctness: The schema correctly marks "vault" as required, ensuring that it must be configured.
  • Best Practices: The restriction on additional properties is a good practice to avoid unintended configurations.
  • Verification Needed: Ensure that the application's functionality that depends on the "vault" configuration is tested to handle the new requirements.
Verification successful

Integration of the "vault" property is consistent and thorough.

The "vault" property is well-integrated across various configuration files and is essential for API operations related to encryption and decryption. The schema change to make "vault" a required property is justified and aligns with its usage in the codebase.

  • Configuration Files: The "vault" property is present in config.docker.json, config.staging.json, and config.production.json, indicating its importance across different environments.
  • API Operations: The OpenAPI specification includes multiple endpoints related to "vault", confirming its role in critical functionalities.

Ensure that the application's functionality, especially those dependent on the "vault" configuration, is thoroughly tested to handle the new schema requirements.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that the "vault" property is correctly integrated and required in the application.

# Test: Search for the "vault" property usage in the application code. Expect: Proper handling and usage.
rg --type json -A 5 $'vault'

Length of output: 4538

apps/api/src/routes/v1_identities_updateIdentity.happy.test.ts (1)

135-181: Review of the new test case "sets the same ratelimits again".

This test case is well-structured and effectively tests the functionality of setting the same rate limits multiple times on an identity. Here are some observations and suggestions:

  1. Initialization and Setup:

    • The test initializes the integration harness and creates a root key with appropriate permissions. This setup is consistent with other tests and correctly isolates the test environment.

  2. Identity and Rate Limits Setup:

    • An identity is created and rate limits are set up in a loop. The use of new Array(6).fill(null).map(...) to generate rate limits is a clever way to create multiple configurations dynamically.

  3. Request Loop:

    • The test sends ten requests to update the identity with the same set of rate limits. This effectively tests the system's ability to handle repeated updates without errors.

  4. Assertions:

    • After each request, the test checks the response status and verifies that the rate limits in the database match the expected values. This is crucial for ensuring that the rate limits are correctly applied.

  5. Potential Improvements:

    • Error Handling: Consider adding checks for potential errors or unexpected responses. This could help identify issues when the system does not behave as expected.
    • Performance Metrics: If applicable, measuring the response time for these requests could provide insights into the performance impact of repeated updates.

Overall, the test case adds valuable coverage for a critical functionality and helps ensure the robustness of the rate limit handling mechanism.

apps/api/src/routes/v1_identities_updateIdentity.ts (4)

7-7: Review the updated import statement.

The import statement now includes type Ratelimit which is used later in the code to define types for arrays handling rate limits. This change is necessary for the new functionality and aligns with the PR objectives to enhance rate limit handling.

151-159: Ensure rate limit names are unique.

The implementation uses a Set to track unique rate limit names, which is a clear and efficient way to ensure uniqueness. This change improves the clarity and efficiency of the code by replacing a potentially less efficient previous method.

201-220: Enhanced audit logging for identity updates.

The audit logging now captures detailed meta information and other relevant details, which enhances traceability and is in line with best practices for security and compliance.

388-388: Proper handling of audit logs.

The function correctly waits until all audit logs are ingested before completing the request, which ensures that all operations are logged even if the request processing is asynchronous. This is a good practice for ensuring data integrity and reliability in audit trails.

apps/agent/pkg/api/routes/openapi/handler.go
Comment on lines +10 to +21
func New(svc routes.Services) *routes.Route {

return routes.NewRoute("GET", "/openapi.json",
func(w http.ResponseWriter, r *http.Request) {

w.WriteHeader(200)
w.Header().Set("Content-Type", "application/json")
w.Write(openapi.Spec)

},
)
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add error handling for response writing.

The function writes the OpenAPI specification to the response but does not handle potential errors from the w.Write method. It's recommended to handle this error to ensure robustness, especially in production environments.

- w.Write(openapi.Spec)
+ if _, err := w.Write(openapi.Spec); err != nil {
+     http.Error(w, "Failed to write OpenAPI spec", http.StatusInternalServerError)
+     return
+ }
Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
func New(svc routes.Services) *routes.Route {
return routes.NewRoute("GET", "/openapi.json",
func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(200)
w.Header().Set("Content-Type", "application/json")
w.Write(openapi.Spec)
},
)
}
func New(svc routes.Services) *routes.Route {
return routes.NewRoute("GET", "/openapi.json",
func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(200)
w.Header().Set("Content-Type", "application/json")
if _, err := w.Write(openapi.Spec); err != nil {
http.Error(w, "Failed to write OpenAPI spec", http.StatusInternalServerError)
return
}
},
)
}

Refactor for improved readability and maintainability.

Consider refactoring the handler function to separate concerns and improve readability. This can be achieved by defining the handler logic in a separate function, which can then be tested more easily.

+ func handleOpenAPISpec(w http.ResponseWriter, r *http.Request) {
+     w.WriteHeader(http.StatusOK)
+     w.Header().Set("Content-Type", "application/json")
+     if _, err := w.Write(openapi.Spec); err != nil {
+         http.Error(w, "Failed to write OpenAPI spec", http.StatusInternalServerError)
+         return
+     }
+ }
+
  func New(svc routes.Services) *routes.Route {
      return routes.NewRoute("GET", "/openapi.json", handleOpenAPISpec)
  }
Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
func New(svc routes.Services) *routes.Route {
return routes.NewRoute("GET", "/openapi.json",
func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(200)
w.Header().Set("Content-Type", "application/json")
w.Write(openapi.Spec)
},
)
}
func handleOpenAPISpec(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
w.Header().Set("Content-Type", "application/json")
if _, err := w.Write(openapi.Spec); err != nil {
http.Error(w, "Failed to write OpenAPI spec", http.StatusInternalServerError)
return
}
}
func New(svc routes.Services) *routes.Route {
return routes.NewRoute("GET", "/openapi.json", handleOpenAPISpec)
}

apps/agent/pkg/api/routes/v1_ratelimit_multiRatelimit/handler.go
ratelimitv1 "github.com/unkeyed/unkey/apps/agent/gen/proto/ratelimit/v1"
"github.com/unkeyed/unkey/apps/agent/pkg/api/errors"
"github.com/unkeyed/unkey/apps/agent/pkg/api/routes"
"github.com/unkeyed/unkey/apps/agent/pkg/openapi"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Optimize the handling of ratelimits and response construction.

Consider the following optimizations:

  • Pre-allocate the ratelimits array with the exact required capacity to avoid potential reallocations.
  • Use a similar approach for the res.Ratelimits array to ensure efficient memory usage.

Apply this diff to optimize the handling of the ratelimits array and the response construction:

- ratelimits := make([]*ratelimitv1.RatelimitRequest, len(req.Ratelimits))
+ ratelimits := make([]*ratelimitv1.RatelimitRequest, 0, len(req.Ratelimits))
- res.Ratelimits = make([]openapi.SingleRatelimitResponse, len(res.Ratelimits))
+ res.Ratelimits = make([]openapi.SingleRatelimitResponse, 0, len(svcRes.Ratelimits))

Committable suggestion was skipped due to low confidence.

@chronark chronark merged commit 41dfa3b into main Sep 5, 2024
27 checks passed
@chronark chronark deleted the update-identities branch September 5, 2024 12:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@perkinsjr perkinsjr Awaiting requested review from perkinsjr perkinsjr is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@chronark