fix problems when writing to telemetry #2127
Conversation
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #2127 +/- ##
==========================================
+ Coverage 48.67% 48.69% +0.02%
==========================================
Files 241 241
Lines 30576 30612 +36
==========================================
+ Hits 14882 14906 +24
- Misses 14574 14578 +4
- Partials 1120 1128 +8 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
There was a problem hiding this comment.
Pull Request Overview
This PR fixes issues with HTTP response handling in the telemetry middleware by preventing duplicate header writes and adding proper interface support. The changes ensure that HTTP response writers behave correctly when headers are written multiple times and add support for flushing and connection hijacking.
- Added header tracking to prevent multiple
WriteHeadercalls - Implemented
http.Flusherandhttp.Hijackerinterfaces for better HTTP compatibility - Enhanced response writer with proper state management
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
|
@claude please review this |
|
Claude finished @JAORMX's task —— View job Code ReviewSummaryThis PR correctly addresses HTTP response writer issues in the telemetry middleware by preventing duplicate Positive Changes
Issues & Suggestions1. Missing Logging on Duplicate WriteHeader (copilot suggestion is valid) The existing review comment from copilot is correct - silently returning on duplicate func (rw *responseWriter) WriteHeader(statusCode int) {
if rw.wroteHeader {
logger.Warnf("WriteHeader called multiple times: attempted status %d, already wrote status %d",
statusCode, rw.statusCode)
return
}
rw.statusCode = statusCode
rw.wroteHeader = true
rw.ResponseWriter.WriteHeader(statusCode)
}2. Test Coverage (15 lines missing) The codecov report shows only 11.76% patch coverage. Consider adding unit tests for:
Example test structure: func TestResponseWriter_WriteHeaderIdempotent(t *testing.T) {
// Test that multiple WriteHeader calls don't panic
}
func TestResponseWriter_WriteCallsWriteHeader(t *testing.T) {
// Test that Write() automatically calls WriteHeader(200)
}
func TestResponseWriter_Flush(t *testing.T) {
// Test Flush with mock ResponseWriter that implements http.Flusher
}
func TestResponseWriter_Hijack(t *testing.T) {
// Test Hijack with mock ResponseWriter that implements http.Hijacker
}3. Error Message in Hijack (line 444) The error message return nil, nil, fmt.Errorf("underlying http.ResponseWriter does not implement http.Hijacker")Minor Observations
VerdictThe core logic is correct and solves the stated problem. The main gaps are:
These are both addressable in follow-up work if needed. The PR is functional as-is and fixes issue #2114. |
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
This sets content length correctly when `tool/call` requests are modified by the Tool Config middleware. The issue manifests only when `pkg/transport/proxy/transparent` is used, which makes it a bit trickier to test. I manually tested the fix, but I've yet to find a decent way to test it. Fixes #2056
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: JAORMX <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* docs for MCP registry CRD Signed-off-by: Daniele Martinoli <[email protected]> * Update cmd/thv-operator/REGISTRY.md Co-authored-by: Copilot <[email protected]> * Update cmd/thv-operator/REGISTRY.md Co-authored-by: Copilot <[email protected]> * updated docs from latest changes Signed-off-by: Daniele Martinoli <[email protected]> * integrated comments Signed-off-by: Daniele Martinoli <[email protected]> * rebased Signed-off-by: Daniele Martinoli <[email protected]> --------- Signed-off-by: Daniele Martinoli <[email protected]> Co-authored-by: Copilot <[email protected]>
…2113) * Add middleware to swap the downstream ticket for the upstream ticket Implements HTTP middleware that automatically exchanges downstream authentication tokens for backend-specific tokens using RFC 8693 OAuth 2.0 Token Exchange. The middleware extracts subject tokens from authenticated requests and replaces them with exchanged tokens, supporting two injection strategies: replacing the Authorization header or adding a custom header while preserving the original. Fixes: #2065 * review feedback: Change scopes in Config to []strings * review feedback: Make the strategy selection a closure called by the middleware handler * review feedback: move exhcnageConfig outside the handler to CreateTokenExchangeMiddlewareFromClaims * throw an error instead of nil in case the middleware is misconfigured * Review feedback: Make CreateTokenExchangeMiddlewareFromClaims return middleware, err
| if !rw.wroteHeader { | ||
| rw.WriteHeader(http.StatusOK) | ||
| } |
There was a problem hiding this comment.
question: sending an HTTP 200 is the default behavior when no calls to WriteHeader are issued before the first Write call. Specifically
If WriteHeader is not called explicitly, the first call to Write
will trigger an implicit WriteHeader(http.StatusOK).
Thus explicit calls to WriteHeader are mainly used to
send error codes or 1xx informational responses.
Additionally
1xx headers are sent immediately, but 2xx-5xx
headers may be buffered. Use the Flusher interface to send
buffered data.
I see you added the Flusher interface. 👍
Excluding the sending of 1xx status codes (which we don't send, IIRC), I don't understand how preventing WriteHeader from running twice fixes the issue. Could you explain me what was the root cause of the bug?
| // Hijack implements http.Hijacker interface | ||
| func (rw *responseWriter) Hijack() (net.Conn, *bufio.ReadWriter, error) { | ||
| if hijacker, ok := rw.ResponseWriter.(http.Hijacker); ok { | ||
| return hijacker.Hijack() | ||
| } | ||
| return nil, nil, fmt.Errorf("underlying http.ResponseWriter does not implement http.Hijacker") | ||
| } | ||
|
|
There was a problem hiding this comment.
nit: I don't think this is necessary, is it?
Added a field to track if headers had been written already and prevent multiple calls. Add flush for managing response flushing when needed.
|
having some issues with pr. it's not picking latest code, not picking rebases... |
|
@yrobla Yes, GitHub was having a lot of issues today, but looks like everything has recovered |
Added a field to track if headers had been written already and prevent multiple calls. Add flush for managing response flushing when needed.