Skip to content

Gateway Node proxies user requests to Vault Node #18420

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
secure-michelemin merged 23 commits into from
Jul 11, 2025
Merged

Gateway Node proxies user requests to Vault Node #18420

secure-michelemin merged 23 commits into from
Jul 11, 2025

Conversation

@DeividasK
Copy link
Contributor

@DeividasK DeividasK commented Jul 1, 2025
edited
Loading

This PR introduces a new VaultHandler implementation and updates to error handling.

TODOs

  • Propagate new handler error
  • Cleanup expired pending requests
  • Switch to using beholder over prometheus

prashantkumar1982
prashantkumar1982 reviewed Jul 4, 2025
View reviewed changes
@DeividasK DeividasK changed the title Gateway Node => Vault Node implementation Gateway Node proxy user requests to Vault Node Jul 8, 2025
@DeividasK DeividasK changed the title Gateway Node proxy user requests to Vault Node Gateway Node proxies user requests to Vault Node Jul 8, 2025
@DeividasK DeividasK force-pushed the PRIV-96-e-2-e-gateway-vault-flow-with-mocks branch from 9b22a5d to c80c729 Compare July 8, 2025 15:31
@DeividasK DeividasK force-pushed the PRIV-96-e-2-e-gateway-vault-flow-with-mocks branch from 100cde6 to 188b76b Compare July 9, 2025 16:21
@DeividasK DeividasK force-pushed the PRIV-96-e-2-e-gateway-vault-flow-with-mocks branch from 188b76b to b4437b5 Compare July 9, 2025 16:28
@DeividasK DeividasK marked this pull request as ready for review July 9, 2025 16:39
@DeividasK DeividasK requested review from a team as code owners July 9, 2025 16:39
cedric-cordenier
cedric-cordenier reviewed Jul 9, 2025
View reviewed changes
core/services/gateway/handlers/vault/handler.go Outdated
cfg.RequestTimeoutSec = 30
}

userRateLimiter, _ := ratelimit.NewRateLimiter(cfg.UserRateLimiterConfig)
Copy link
Contributor

@cedric-cordenier cedric-cordenier Jul 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's the second value that is being omitted here? (Not an error I hope 😬 ?)

Copy link
Contributor

@prashantkumar1982 prashantkumar1982 Jul 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is error. we should handle it

cedric-cordenier
cedric-cordenier reviewed Jul 9, 2025
View reviewed changes
core/services/gateway/handlers/vault/handler.go Outdated
ErrNotAllowlisted = errors.New("sender not allowlisted")
ErrRateLimited = errors.New("rate-limited")

promRequestInternalError = promauto.NewCounterVec(prometheus.CounterOpts{
Copy link
Contributor

@cedric-cordenier cedric-cordenier Jul 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should use beholder rather than prometheus :)

cedric-cordenier
cedric-cordenier reviewed Jul 9, 2025
View reviewed changes
core/services/gateway/handlers/vault/handler.go Outdated

userRateLimiter *ratelimit.RateLimiter
nodeRateLimiter *ratelimit.RateLimiter
requestTimeoutSec int
Copy link
Contributor

@cedric-cordenier cedric-cordenier Jul 9, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not use a time.Duration here directly?

Copy link
Contributor

@prashantkumar1982 prashantkumar1982 Jul 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't see the timeout being used or enforced in our logic.
The gateway has a separate timeout for user request anyway.
If we want to use this timeout to just keep our pendingRequests queue bounded, we will need to implement a cleanup on timeout.
Currently the timeout is just used on a context when calling the don.SendToNode() method, but that doesn't affect our queue here.

Copy link
Contributor Author

@DeividasK DeividasK Jul 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated the timeout to affect the queue instead of just the don.SendToNode. This also effectively prunes the queue.

@DeividasK DeividasK force-pushed the PRIV-96-e-2-e-gateway-vault-flow-with-mocks branch from e0eabae to 50b9b60 Compare July 10, 2025 11:28
@github-actions
Copy link
Contributor

github-actions bot commented Jul 10, 2025

Flakeguard Summary

Ran new or updated tests between develop and 50b9b60 (PRIV-96-e-2-e-gateway-vault-flow-with-mocks).

View Flaky Detector Details | Compare Changes

Found Flaky Tests ❌

2 Results
Name Pass Ratio Panicked? Timed Out? Race? Runs Successes Failures Skips Package Package Panicked? Avg Duration Code Owners
TestVaultHandler_HandleJSONRPCUserMessage 0% true false false 3 0 3 0 github.com/smartcontractkit/chainlink/v2/core/services/gateway/handlers/vault true 0s Unknown
TestVaultHandler_HandleJSONRPCUserMessage/happy_path 0% true false false 3 0 3 0 github.com/smartcontractkit/chainlink/v2/core/services/gateway/handlers/vault true 0s Unknown

Artifacts

For detailed logs of the failed tests, please refer to the artifact failed-test-results-with-logs.json.

prashantkumar1982
prashantkumar1982 previously approved these changes Jul 10, 2025
View reviewed changes
@cl-sonarqube-production
Copy link

cl-sonarqube-production bot commented Jul 10, 2025

Quality Gate passed Quality Gate passed

Issues
0 New issues
1 Fixed issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

cedric-cordenier
cedric-cordenier reviewed Jul 11, 2025
View reviewed changes
core/services/gateway/handlers/vault/handler.go
func (h *handler) Start(ctx context.Context) error {
return h.StartOnce("VaultHandler", func() error {
h.lggr.Info("starting vault handler")
ctx, _ := h.stopCh.NewCtx()
Copy link
Contributor

@cedric-cordenier cedric-cordenier Jul 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You should call the cancel func by deferring it inside the go func on line 145

Copy link
Contributor

@cedric-cordenier cedric-cordenier Jul 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(And maybe calling <-ctx.Done() on line 151 for consistency

Copy link
Contributor Author

@DeividasK DeividasK Jul 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll address this in a follow up PR

@DeividasK DeividasK added this pull request to the merge queue Jul 11, 2025
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Jul 11, 2025
@cedric-cordenier cedric-cordenier added this pull request to the merge queue Jul 11, 2025
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Jul 11, 2025
@DeividasK DeividasK added this pull request to the merge queue Jul 11, 2025
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Jul 11, 2025
@DeividasK DeividasK added this pull request to the merge queue Jul 11, 2025
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Jul 11, 2025
@secure-michelemin secure-michelemin merged commit 10d02c8 into develop Jul 11, 2025
158 checks passed
@secure-michelemin secure-michelemin deleted the PRIV-96-e-2-e-gateway-vault-flow-with-mocks branch July 11, 2025 15:34
This was referenced Jul 11, 2025
Draft
Draft
Draft
@github-actions github-actions bot mentioned this pull request Jul 25, 2025
Merged
@github-actions github-actions bot mentioned this pull request Aug 21, 2025
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cedric-cordenier cedric-cordenier cedric-cordenier approved these changes

@prashantkumar1982 prashantkumar1982 prashantkumar1982 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@DeividasK @cedric-cordenier @prashantkumar1982 @secure-michelemin