Page MenuHomePhabricator
Differential D13278

[identity] avoid returning errors if one-time keys are missing
ClosedPublic
Actions

Authored by varun on Sep 10 2024, 5:29 PM.
Tags
None
Referenced Files
F3011552: D13278.id44018.diff
Sat, Oct 19, 1:29 AM
F3011542: D13278.id44019.diff
Sat, Oct 19, 1:27 AM
F3009808: D13278.diff
Fri, Oct 18, 11:52 PM
Unknown Object (File)
Mon, Oct 14, 2:28 PM
Unknown Object (File)
Wed, Oct 9, 7:18 PM
Unknown Object (File)
Tue, Oct 8, 7:09 AM
Unknown Object (File)
Mon, Oct 7, 4:29 PM
Unknown Object (File)
Sat, Sep 28, 4:19 PM
View All 32 Files
Subscribers
ashoat
tomek

Details

Reviewers
bartek
kamil
will
Commits
rCOMM5dd8a28b5c71: [identity] avoid returning errors if one-time keys are missing
Summary

in our olm fork, one-time keys are now optional. however, in the identity service, we still have a couple places where we treat them as required, and fail certain requests if we're unable to fetch them. we should update these parts of the code to complete RPCs successfully regardless of OTK retrieval success or failure.

Test Plan
  • Manually deleted OTKs from my test account on staging, then called GetKeyserverKeys and GetOutboundKeysForUser and got successful responses from both (without any OTKs in the response)
  • Modified get_one_time_key to return an error and confirmed that both RPCs were still successful

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

varun created this revision.Sep 10 2024, 5:29 PM
varun held this revision as a draft.
Herald added subscribers: tomek, ashoat. · View Herald TranscriptSep 10 2024, 5:29 PM
Harbormaster completed remote builds in B31515: Diff 44018.Sep 10 2024, 5:48 PM
varun edited the test plan for this revision. (Show Details)Sep 10 2024, 7:51 PM
varun edited the test plan for this revision. (Show Details)Sep 10 2024, 8:15 PM
varun added reviewers: bartek, kamil, will.
varun updated this revision to Diff 44019.Sep 10 2024, 8:16 PM

remove enum variant

varun published this revision for review.Sep 10 2024, 8:16 PM
Harbormaster completed remote builds in B31516: Diff 44019.Sep 10 2024, 8:36 PM
bartek added a comment.Sep 11 2024, 12:14 AM

I'm letting others review as well.
Generally feels alright and solves the original issue. Left one comment that's concerning to me

services/identity/src/database.rs
786–802 ↗(On Diff #44019)

I think we should not simply unwrap_or(None) here, at least without some considerations:
The self.get_one_time_key() returns sth like Result<Option<OTK>, Error>, so it should already return Ok(None) when an OTK cannot be retrieved. However, other errors can still happen and should be somehow propagated.

I see two options here:

  1. Either we back to await? here - this results in RPC failing when AWS/DynamoDB errors occur, but not when no OTKs are available
  2. Or we discard all errors like you did here, so the RPC will succeed with None, but we should either:
    • Introduce here a log displaying the error message. This is more future-proof but might result in duplicated error alerts in our dashboard.
    • Or make sure all possible failures inside self.get_one_time_key() (and inner calls of self.get_one_time_keys()) have their respective error logs. This requires no action now, but increases maintenance cost in the future - we need to remember that errors are discarded without notice at some layer above.

After a brief look, the conditions for option 2b are met, but I'd appreciate double-checking it.

The same applies for the get_keyserver_keys

varun added inline comments.Sep 11 2024, 8:32 AM
services/identity/src/database.rs
786–802 ↗(On Diff #44019)

i think 2a makes sense. the duplication is a minor issue IMO

varun updated this revision to Diff 44044.Sep 11 2024, 9:15 AM

address feedback

Harbormaster completed remote builds in B31536: Diff 44044.Sep 11 2024, 9:33 AM
ashoat added a comment.Sep 12 2024, 3:03 AM

Hey team, let's prioritize reviewing this one – I'm continuing to see identity errors in production related to missing OTKs, and I'm worried they're causing "unknown error" issues

It would be great if we could try and launch this this fix to production by the end of the week, or at least by Monday

kamil accepted this revision.Sep 12 2024, 3:04 AM
This revision is now accepted and ready to land.Sep 12 2024, 3:04 AM
kamil added a comment.Sep 12 2024, 3:10 AM

@varun FYI @bartek messages me that it looked good for him, just was waiting for me to review it as well but I just now have a chance to look at it.

varun added a comment.Sep 12 2024, 3:11 AM
In D13278#374845, @kamil wrote:

@varun FYI @bartek messages me that it looked good for him, just was waiting for me to review it as well but I just now have a chance to look at it.

got it, thanks!

Closed by commit rCOMM5dd8a28b5c71: [identity] avoid returning errors if one-time keys are missing (authored by varun). · Explain WhySep 12 2024, 4:25 AM
This revision was automatically updated to reflect the committed changes.
varun added a commit: rCOMM5dd8a28b5c71: [identity] avoid returning errors if one-time keys are missing.

Revision Contents
Changeset List

PathSize
services/
identity/
src/
36 lines
database/
10 lines
2 lines

Diff 44074

View Options

services/identity/src/database.rs

Loading...
View Options

services/identity/src/database/one_time_keys.rs

Loading...
View Options

services/identity/src/error.rs

Loading...