Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Propagate request ID when webhook requests are made #1542

Merged
merged 9 commits into from
Feb 27, 2024
Merged

Propagate request ID when webhook requests are made #1542

merged 9 commits into from
Feb 27, 2024

Conversation

hslatman
Copy link
Member

@hslatman hslatman commented Sep 19, 2023
edited
Loading

This PR adds support for propagating the request ID to the webhook receiver. The request ID is sent in the X-Request-ID header and uses the value that is originally created by and sent by the client in the X-Smallstep-ID header. If it's not set, it'll be created by the CA.

The request ID is propagated through a context.Context. This required adding the SignWithContext method to the (TLS) authority and interfaces related to the authority. By adding the method, we can deprecate the existing Sign method, and soon default to only using the context-aware method. I think the latter makes sense, because there are already some methods that take ctx as the first argument, so we can make that the standard way.

Technically, the request ID is used more like a tracing ID in this case, so I'm fine with using a different header name. X-Smallstep-ID could be used for that? I chose X-Request-ID because the value is reported as request-id in the logs, so it's easier to ascertain that these are the same values and can be used for correlating/tracing requests to the CA and onwards to the webhook receiver.

Currently this relies on the existing logic for setting the request ID based on the logging package, which takes the ID to forward from the X-Smallstep-Id request header. Will follow up with a more end-to-end implementation and testing for the X-Request-ID header.

@hslatman
Propagate (original) request ID to webhook requests
f3229d3 
Technically the webhook request is a new request, so maybe the
`X-Request-ID` should not be set to the value of the original
request? But then the original request ID should be propageted
in the webhook request body, or using a different header.

The way the request ID is used in this functionality is actually
more like a tracing ID, so that may be an option too.
@hslatman
Remove the webhook Do method
b2301ea
@hslatman
Add SignWithContext method to authority and mocks
4e06bdb
@hslatman
Use SignWithContext in the critical paths
9e3807e
@github-actions github-actions bot added the needs triage Waiting for discussion / prioritization by team label Sep 19, 2023
@hslatman hslatman changed the title Propagate request ID when webhooks requests are made Propagate request ID when webhook requests are made Sep 19, 2023
@hslatman hslatman mentioned this pull request Jan 23, 2024
Merged
@hslatman hslatman requested a review from a team February 27, 2024 13:44
@hslatman hslatman added this to the v0.25.3 milestone Feb 27, 2024
dopey
dopey approved these changes Feb 27, 2024
View reviewed changes
Copy link
Contributor

@dopey dopey left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

love this

@hslatman hslatman merged commit c798735 into master Feb 27, 2024
13 checks passed
@hslatman hslatman deleted the herman/webhook-request-id branch February 27, 2024 19:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dopey dopey dopey approved these changes

Assignees

@dopey dopey

Labels
needs triage Waiting for discussion / prioritization by team
Projects
None yet
Milestone
v0.26.0
Development

Successfully merging this pull request may close these issues.
2 participants
@hslatman @dopey