Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make ThreadContext.markAsSystemContext package-private #14988

Closed
wants to merge 7 commits into from

Conversation

cwperks
Copy link
Member

@cwperks cwperks commented Jul 26, 2024

Description

The ThreadContext class overly exposes many methods as public. Currently, markAsSystemContext is publicly exposed. This PR changes the access modifier on this method to package-private to prevent this internally used method from being exposed publicly.

This PR creates an Internal wrapper around the ThreadContext called InternalThreadContextWrapper which is marked as @opensearch.internal. The purpose of this class is to allow the core repo to still have public access to certain methods while preventing plugins from having access to the same methods.

Related Issues

Related to #14931

Check List

  • Functionality includes testing.
  • API changes companion pull request created, if applicable.
  • Public documentation issue/PR created, if applicable.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

Signed-off-by: Craig Perkins <[email protected]>
@cwperks cwperks added the backport 2.x Backport to 2.x branch label Jul 26, 2024
Copy link
Contributor

❌ Gradle check result for bc19108: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

Copy link
Contributor

❌ Gradle check result for a62b147: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

Signed-off-by: Craig Perkins <[email protected]>
Copy link
Contributor

❌ Gradle check result for 39a7a0b: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

Copy link
Contributor

❌ Gradle check result for 7313e5f: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

Signed-off-by: Craig Perkins <[email protected]>
Copy link
Contributor

❌ Gradle check result for 777a546: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

Signed-off-by: Craig Perkins <[email protected]>
Copy link
Contributor

❌ Gradle check result for 288d8f2: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

Signed-off-by: Craig Perkins <[email protected]>
Copy link
Contributor

✅ Gradle check result for 5be69fc: SUCCESS

Copy link

codecov bot commented Jul 27, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 71.93%. Comparing base (1fe58b5) to head (5be69fc).
Report is 6 commits behind head on main.

Additional details and impacted files
@@             Coverage Diff              @@
##               main   #14988      +/-   ##
============================================
+ Coverage     71.78%   71.93%   +0.14%     
- Complexity    62694    62771      +77     
============================================
  Files          5160     5162       +2     
  Lines        294211   294374     +163     
  Branches      42553    42578      +25     
============================================
+ Hits         211212   211769     +557     
+ Misses        65599    65163     -436     
- Partials      17400    17442      +42     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

*
* @opensearch.internal
*/
public class InternalThreadContextWrapper {
Copy link
Collaborator

@reta reta Jul 29, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@cwperks definitely +1 for the intent but I don't think the taking implementation path is correct:

  • The usage of the ThreadContext within core should be frictionless. The InternalThreadContextWrapper does break this promise, plus the class exposes public static from so anyone could do InternalThreadContextWrapper.from(threadPool.getThreadContext()); to gain the access
  • The usage of the ThreadContext outside of the core should not be possible. The long term solution for that is using JPMS but meanwhile, we could close it up using security permissions:
private static final Permission ACCESS_SYSTEM_THREAD_CONTEXT_PERMISSION = new RuntimePermission("markAsSystemContext");
SecurityManager sm = System.getSecurityManager();
        if (sm != null) {
            sm.checkPermission(ACCESS_SYSTEM_THREAD_CONTEXT_PERMISSION);
        }

Yes, the compile time checks won't be enforced but runtime checks will be.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@reta That sounds like a good approach to grant/prohibit the usage of certain methods in this class in the plugin ecosystem.

I decided to take this approach initially to take advantage of the @opensearch.internal annotation so that this repo could use InternalThreadContextWrapper.from(threadPool.getThreadContext());, but plugins cannot. I will look into making this a permission that is granted through the JSM policy file.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@reta I opened 2 other PRs similar to this one, but they don't make use of this class.

Do you think the other 2 PRs should be updated similarly, or would the changes in those PRs be ok?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you think the other 2 PRs should be updated similarly, or would the changes in those PRs be ok?

Thanks @cwperks , I think if we cannot cleanly seal the ThreadContext methods, we would need same change there (plus, changing the method visibility for public API is breaking).

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I mean those are public, right? We sadly don't know who might have been using them (since we don't host all plugins)

Copy link
Member Author

@cwperks cwperks Jul 29, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be safe to change the modifier on stashWithOrigin because a plugin would still have access to stashContext after that PR and could refactor to 2 lines.

final ThreadContext.StoredContext storedContext = threadContext.stashContext();
threadContext.putTransient(ACTION_ORIGIN_TRANSIENT_NAME, origin);

I think stashAndMergeHeaders would be safe to change based on the usages I see in the core repo, but yes generally changing an access modifier could be breaking.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think stashAndMergeHeaders would be safe to change based on the usages I see in the core repo, but yes generally changing an access modifier could be breaking.

That's the thing, thank you

@cwperks
Copy link
Member Author

cwperks commented Jul 30, 2024

Closing in favor of #15016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport 2.x Backport to 2.x branch
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants