Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(auth): Add unit tests for auth failures in gax layer #1394

Merged
merged 2 commits into from
Mar 3, 2025
Merged

feat(auth): Add unit tests for auth failures in gax layer #1394

merged 2 commits into from
Mar 3, 2025

Conversation

nakayamaryo0731
Copy link
Contributor

@nakayamaryo0731 nakayamaryo0731 commented Feb 27, 2025
edited by dbolduc
Loading

Description

Fixes: #1350

I implemented the following two unit tests for CredentialError:

  • auth_error_retryable() { ... }
  • auth_error_non_retryable() { ... }

I tried to extend the existing retry_loop to implement the authentication loop process, but I couldn't get it to work properly. So, I implemented auth_retry_loop instead.

If you think it should be unified, please suggest an implementation approach.

Test

cargo test -p google-cloud-gax --test auth

@nakayamaryo0731 nakayamaryo0731 marked this pull request as draft February 27, 2025 23:54
@nakayamaryo0731 nakayamaryo0731 marked this pull request as ready for review February 27, 2025 23:56
@nakayamaryo0731 nakayamaryo0731 changed the title feat(auth): enhance retry logic for authentication errors feat(auth): Add unit tests for auth failures in gax layer Feb 28, 2025
dbolduc
dbolduc reviewed Feb 28, 2025
View reviewed changes
Copy link
Member

@dbolduc dbolduc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/gcbrun

dbolduc
dbolduc requested changes Feb 28, 2025
View reviewed changes
Copy link
Member

@dbolduc dbolduc left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The tests look great! Thanks!

If you think it should be unified, please suggest an implementation approach.

I do think we need to unify the loops. Let's move the call to get the auth headers inside request_attempt(). I think that should achieve what we want and avoid duplication.

google-cloud-rust/src/gax/src/http_client/mod.rs

Line 177 in 5bf2f63

async fn request_attempt<O: serde::de::DeserializeOwned>(

Something like:

@@ -258,6 +242,14 @@ impl ReqwestClient {
         {
             builder = builder.timeout(timeout);
         }
+        let auth_headers = self
+            .cred
+            .get_headers()
+            .await
+            .map_err(Error::authentication)?;
+        for header in auth_headers.into_iter() {
+            builder = builder.header(header.0, header.1);
+        }
         let response = builder.send().await.map_err(Error::io)?;
         if !response.status().is_success() {
             return Self::to_http_error(response).await;

And we might want to run all of the tests for gax, to make sure we are not breaking existing retry loop tests:

cargo test -p google-cloud-gax

src/auth/src/errors.rs
@@ -63,7 +63,7 @@ impl CredentialError {
/// # Arguments
/// * `is_retryable` - A boolean indicating whether the error is retryable.
/// * `message` - The underlying error that caused the auth failure.
pub(crate) fn from_str<T: Into<String>>(is_retryable: bool, message: T) -> Self {
pub fn from_str<T: Into<String>>(is_retryable: bool, message: T) -> Self {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

comment: As I suspected, this was a necessary change to use CredentialError outside of the google-cloud-auth crate. Thanks.

@nakayamaryo0731 nakayamaryo0731 force-pushed the add-unit-tests-for-auth-failures-in-gax-layer branch from d9ea025 to f08f72f Compare March 2, 2025 01:59
@nakayamaryo0731
Copy link
Contributor Author

The tests look great! Thanks!

If you think it should be unified, please suggest an implementation approach.

I do think we need to unify the loops. Let's move the call to get the auth headers inside request_attempt(). I think that should achieve what we want and avoid duplication.

google-cloud-rust/src/gax/src/http_client/mod.rs

Line 177 in 5bf2f63

async fn request_attempt<O: serde::de::DeserializeOwned>(

Something like:

@@ -258,6 +242,14 @@ impl ReqwestClient {
         {
             builder = builder.timeout(timeout);
         }
+        let auth_headers = self
+            .cred
+            .get_headers()
+            .await
+            .map_err(Error::authentication)?;
+        for header in auth_headers.into_iter() {
+            builder = builder.header(header.0, header.1);
+        }
         let response = builder.send().await.map_err(Error::io)?;
         if !response.status().is_success() {
             return Self::to_http_error(response).await;

And we might want to run all of the tests for gax, to make sure we are not breaking existing retry loop tests:

cargo test -p google-cloud-gax

Thank you for the review!
I've applied your suggestions in the following commit:
f08f72f

I also confirmed that the GAX tests pass by running:

cargo test -p google-cloud-gax

@nakayamaryo0731 nakayamaryo0731 requested a review from dbolduc March 2, 2025 02:07
@dbolduc
Copy link
Member

dbolduc commented Mar 2, 2025

/gcbrun

@codecov Codecov
Copy link

codecov bot commented Mar 2, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 83.33333% with 2 lines in your changes missing coverage. Please review.

Project coverage is 96.00%. Comparing base (5bf2f63) to head (f08f72f).
Report is 12 commits behind head on main.

Files with missing lines Patch % Lines
src/gax/src/http_client/mod.rs 83.33% 1 Missing ⚠️
src/gax/src/retry_policy.rs 80.00% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1394      +/-   ##
==========================================
+ Coverage   95.93%   96.00%   +0.07%     
==========================================
  Files          37       37              
  Lines        1475     1477       +2     
==========================================
+ Hits         1415     1418       +3     
+ Misses         60       59       -1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

dbolduc
dbolduc approved these changes Mar 2, 2025
View reviewed changes
Copy link
Member

@dbolduc dbolduc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great, thanks!

@dbolduc dbolduc merged commit d0e6464 into googleapis:main Mar 3, 2025
20 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coryan coryan coryan approved these changes

@dbolduc dbolduc dbolduc approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add unit tests for auth failures in gax layer
3 participants
@nakayamaryo0731 @dbolduc @coryan