Merge pull request #819 from openziti/leak-fixes

leak fixes

Author: plorenz

CHANGELOG.md

@@ -1,3 +1,11 @@
+# Release notes 1.2.9
+
+## Issues Fixed and Dependency Updates
+
+* github.com/openziti/sdk-golang: [v1.2.8 -> v1.2.9](https://github.com/openziti/sdk-golang/compare/v1.2.8...v1.2.9)
+    * [Issue #818](https://github.com/openziti/sdk-golang/issues/818) - Full re-auth should not clear services list, as that breaks the on-change logic
+    * [Issue #817](https://github.com/openziti/sdk-golang/issues/817) - goroutines can get stuck when iterating over randomized HA controller list
+
 # Release notes 1.2.8
 
 ## Issues Fixed and Dependency Updates

edge-apis/pool.go

@@ -17,16 +17,17 @@
 package edge_apis
 
 import (
-	"github.com/go-openapi/runtime"
-	"github.com/michaelquigley/pfxlog"
-	cmap "github.com/orcaman/concurrent-map/v2"
-	errors "github.com/pkg/errors"
 	"math/rand/v2"
 	"net"
 	"net/url"
 	"slices"
 	"sync/atomic"
 	"time"
+
+	"github.com/go-openapi/runtime"
+	"github.com/michaelquigley/pfxlog"
+	cmap "github.com/orcaman/concurrent-map/v2"
+	errors "github.com/pkg/errors"
 )
 
 type ApiClientTransport struct {
@@ -151,23 +152,14 @@ func (c *ClientTransportPoolRandom) TryTransportsForOp(operation *runtime.Client
 	return result, err
 }
 
-func (c *ClientTransportPoolRandom) IterateRandomTransport() <-chan *ApiClientTransport {
-	var transportsToTry []*cmap.Tuple[string, *ApiClientTransport]
-	for tpl := range c.pool.IterBuffered() {
-		transportsToTry = append(transportsToTry, &tpl)
-	}
-
-	ch := make(chan *ApiClientTransport, len(transportsToTry))
-
-	go func() {
-		for len(transportsToTry) > 0 {
-			var transportTpl *cmap.Tuple[string, *ApiClientTransport]
-			transportTpl, transportsToTry = selectAndRemoveRandom(transportsToTry, nil)
-			ch <- transportTpl.Val
-		}
-	}()
+func (c *ClientTransportPoolRandom) IterateRandomTransport() []*ApiClientTransport {
+	var result []*ApiClientTransport
+	c.pool.IterCb(func(_ string, v *ApiClientTransport) {
+		result = append(result, v)
+	})
 
-	return ch
+	Randomize(result)
+	return result
 }
 
 func (c *ClientTransportPoolRandom) TryTransportForF(cb func(*ApiClientTransport) (any, error)) (any, error) {
@@ -200,12 +192,12 @@ func (c *ClientTransportPoolRandom) TryTransportForF(cb func(*ApiClientTransport
 	// either no active or active failed, lets start trying them at random
 	pfxlog.Logger().Debug("trying random transports from pool")
 
-	ch := c.IterateRandomTransport()
+	transports := c.IterateRandomTransport()
 
 	var lastResult any
 	lastErr := errors.New("no transports to try, active transport already failed or was nil") //default err should never be returned
 	attempts := 0
-	for transport := range ch {
+	for _, transport := range transports {
 		// skip the already attempted active key
 		if activeKey != "" && transport.ApiUrl.String() == activeKey {
 			continue
@@ -258,6 +250,16 @@ func errorIndicatesControllerSwap(err error) bool {
 	return false
 }
 
+func Randomize[T any](s []T) {
+	for i := 0; i < len(s); i++ {
+		idx := rand.IntN(len(s))
+		e1 := s[i]
+		e2 := s[idx]
+		s[i] = e2
+		s[idx] = e1
+	}
+}
+
 func selectAndRemoveRandom[T any](slice []T, zero T) (selected T, modifiedSlice []T) {
 	if len(slice) == 0 {
 		return zero, slice

ziti/contexts.go

@@ -92,6 +92,9 @@ func NewContextWithOpts(cfg *Config, options *Options) (Context, error) {
 		routerProxy:           cfg.RouterProxy,
 		maxDefaultConnections: int(cfg.MaxDefaultConnections),
 		maxControlConnections: int(cfg.MaxControlConnections),
+		services:              cmap.New[*rest_model.ServiceDetail](),
+		sessions:              cmap.New[*rest_model.SessionDetail](),
+		intercepts:            cmap.New[*edge.InterceptV1Config](),
 	}
 
 	if newContext.maxDefaultConnections < 1 {

ziti/sdkinfo/build_info.go

@@ -545,7 +545,6 @@ func (context *ContextImpl) processServiceUpdates(services []*rest_model.Service
 			context.Emit(EventServiceRemoved, svc)
 
 			context.deleteServiceSessions(*svc.ID)
-
 		}
 	})
 
@@ -603,7 +602,9 @@ func (context *ContextImpl) processServiceAddOrUpdated(s *rest_model.ServiceDeta
 	})
 
 	if isChange {
-		context.Emit(EventServiceChanged, s)
+		if valuesDiffer {
+			context.Emit(EventServiceChanged, s)
+		}
 	} else {
 		context.Emit(EventServiceAdded, s)
 	}
@@ -614,7 +615,6 @@ func (context *ContextImpl) processServiceAddOrUpdated(s *rest_model.ServiceDeta
 				context.options.OnServiceUpdate(ServiceChanged, s)
 			}
 		} else {
-			context.services.Set(*s.Name, s)
 			context.options.OnServiceUpdate(ServiceAdded, s)
 		}
 	}
@@ -740,17 +740,16 @@ func (context *ContextImpl) refreshServices(forceRefresh, refreshAfterAuth bool)
 			}
 
 			target := &service.ListServicesUnauthorized{}
-			if errors.As(err, &target) {
-				log.Info("attempting to re-authenticate")
-				if authErr := context.Authenticate(); authErr != nil {
-					log.WithError(authErr).Error("unable to re-authenticate during services refresh")
-					return err
-				}
-				if services, err = context.CtrlClt.GetServices(); err != nil {
-					return err
-				}
+			if !errors.As(err, &target) {
+				return err
+			}
 
-			} else {
+			log.Info("attempting to re-authenticate")
+			if authErr := context.Authenticate(); authErr != nil {
+				log.WithError(authErr).Error("unable to re-authenticate during services refresh")
+				return err
+			}
+			if services, err = context.CtrlClt.GetServices(); err != nil {
 				return err
 			}
 		}
@@ -955,9 +954,7 @@ func (context *ContextImpl) setUnauthenticated() {
 
 func (context *ContextImpl) authenticate() error {
 	logrus.Debug("attempting to authenticate")
-	context.services = cmap.New[*rest_model.ServiceDetail]()
-	context.sessions = cmap.New[*rest_model.SessionDetail]()
-	context.intercepts = cmap.New[*edge.InterceptV1Config]()
+	context.sessions.Clear()
 
 	context.setUnauthenticated()