Cursor is missing in permission_service.proto file

[sachin-bagla]

Based on the Authzed documentation, the cursor should be included in the GRPC permission service schema, as stated in the LookupResourcesRequest section: https://buf.build/authzed/api/docs/main:authzed.api.v1#authzed.api.v1.LookupResourcesRequest

However, it appears to be missing in the permission_service.proto file.

quarkus-authzed-client/grpc/generator/src/main/proto/authzed/api/v1/permission_service.proto

Line 308 in f29be01

message LookupResourcesRequest {

[kohli-rahul]

Just to add more context.

We are using quarkus-Authzed-client library to communicate with SpiceDB. Till now, we were using LookupResources method with the cursor and limit on the resources but now since the number of resources now have increased the Spicedb doesn't have enough memory because of which the stream gets closed abruptly giving an error.

Error: rpc error: code = Unavailable desc = error reading from server: read tcp : read: connection reset by peer
Error: rpc error: code = Unavailable desc = closing transport due to: connection error: desc = "error reading from server: read tcp  : read: connection reset by peer", received prior goaway: code: NO_ERROR, debug data: "max_age" (edited) 

Now to fix this, we were planning to use the cursor and limit the number of resources which we are trying to fetch to reduce the load on the Spicedb Instance. Looks like quarkus-authzed-client doesn't support these 2 attributes in the request because of which we are not able to use cursors.

or is there something that we are missing. Thanks

[JuanmaBM]

Is there some way to reproduce the issue?

[kohli-rahul]

We don't have specific steps to reproduce as this was happening only for a specific scenario which worked for another user.
We are using the spicedb instance and using LookupResources to fetch all the resources. The expected outcome was around 450 resources from spiceDB but the stream got closed because of the memory issue of spicedb instance.

Now to solve this we are trying to implement cursors so that we can fine tune to only fetch limited data that our spicedb would be able to serve without consuming enough memory. Hope this helps.

[JuanmaBM]

Do you have some technical documentation about the planned solution?
I would like to know some more details about the fix you talked it about please

[sachin-bagla]

Hi @JuanmaBM Please see attached technical document
Utilize Cursor and Limit for enhance Spice DB retrieval performance.pdf

[sachin-bagla]

Thanks @JuanmaBM, Code is fixed and merged now.
I have cloned repo quarkus-authzed-client in local and build quarkus-authzed-client-deployment-1.0.0-SNAPSHOT.jar and able see both fields (limit, cursor) after using quarkus-authzed-client-deployment-1.0.0-SNAPSHOT.jar.

I am still seeing old 0.3.0 as latest version https://repo.maven.apache.org/maven2/io/quarkiverse/authzed/quarkus-authzed-client/. Could you please provide latest official quarkus-authzed-client release version to test?? cc: @garethahealy