Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Roll back package uploads on metadata failure #645

Open
thomashoneyman opened this issue Aug 1, 2023 · 4 comments
Open

Roll back package uploads on metadata failure #645

thomashoneyman opened this issue Aug 1, 2023 · 4 comments
Labels
alpha bug Something isn't working help wanted Extra attention is needed

Comments

@thomashoneyman
Copy link
Member

A recent package upload failed to upload metadata to the registry after the tarball was uploaded to storage. The author retried the publishing workflow, but publishing failed because there was already a tarball in storage. See:

purescript/registry#336 (comment)
purescript/registry#336 (comment)

Specifically, in this section of publishRegistry, the Storage.upload and Registry.writeMetadata functions can throw exceptions, and the process is aborted if so:

registry-dev/app/src/App/API.purs

Lines 644 to 647 in 8177cd3

Storage.upload manifest.name manifest.version tarballPath
Log.debug $ "Adding the new version " <> Version.print manifest.version <> " to the package metadata file."
let newMetadata = metadata { published = Map.insert manifest.version { hash, ref: payload.ref, publishedTime, bytes } metadata.published }
Registry.writeMetadata manifest.name (Metadata newMetadata)

We should probably catch the Registry.writeMetadata exception and roll back the Storage.upload (ie. issue a Storage.delete) before fully exiting the pipeline. Alternately, we could have a sort of bracket functionality built into the publish pipeline where we record what resources have been modified and on publish failure we roll back all of those modifications.
@thomashoneyman thomashoneyman added bug Something isn't working alpha help wanted Extra attention is needed labels Aug 1, 2023
@thomashoneyman
Copy link
Member Author

thomashoneyman commented Aug 1, 2023
edited
Loading

The fix for this issue should include a test that verifies a failure in one part of the pipeline rolls back other changes such that we can re-issue the publish command and succeed. The tests for that are located here:

registry-dev/app/test/App/API.purs

Lines 54 to 58 in 8177cd3

Spec.describe "API pipelines run correctly" $ Spec.around withCleanEnv do
Spec.it "Publish" \{ workdir, index, metadata, storageDir, githubDir } -> do
let testEnv = { workdir, index, metadata, username: "jon", storage: storageDir, github: githubDir }
Assert.Run.runTestEffects testEnv do
-- We'll publish effect@4.0.0

@f-f
Copy link
Member

f-f commented Aug 1, 2023

I am not convinced about rolling back storage uploads: we support multiple storage backends, so would we try to roll all of them back if the pipeline fails? That feels messy.

I wonder if we should instead ensure that the pipeline can never fail after we push to the storage backend(s).

@thomashoneyman
Copy link
Member Author

I don’t see how we could ensure the pipeline never fails — we can do our best to avoid failure, but we’re dealing with a remote git server so there’s always some possibility of failure

@f-f
Copy link
Member

f-f commented Aug 2, 2023

Yeah I see. I guess my gut feel on this is that once we have "committed" to a package publish, then the only option is to move forward with is and deletion should not be an option.
I am not quite sure what kind of infrastructure we'd need to ensure this, a few ideas:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
alpha bug Something isn't working help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@f-f @thomashoneyman