`b4c53a7`

actions/logstream: isolate SSE transport cleanup

Authored by mfwolffe <wolffemf@dukes.jmu.edu> yesterday

SHA: b4c53a7c75afc2e31b1bb19d4cb39e36448db112
Parents: 50f04e8
Tree: fad643c

8 changed files

Status	File	+	-
M	`docs/internal/runbooks/actions.md`	5	0
M	`internal/actions/logstream/logstream.go`	5	0
M	`internal/actions/logstream/logstream_test.go`	3	0
M	`internal/web/handlers/handlers.go`	16	1
M	`internal/web/handlers/handlers_test.go`	42	0
M	`internal/web/handlers/repo/actions_log_stream.go`	7	0
M	`internal/web/handlers/repo/repo.go`	6	1
M	`internal/web/server.go`	1	0

docs/internal/runbooks/actions.mdmodified

  `?after=<seq>` for the first connection from a rendered log page. A terminal
  step sends `event: done` and closes the stream.
 +In `shithubd`, this route is mounted outside the normal app compression and
 +30-second timeout middleware. If a future route move puts live logs back under
 +either middleware, EventSource clients will churn and logs can buffer despite
 +the Caddy flush setting.
++
  Log chunks are never sent through Postgres `NOTIFY`. Runner log writes append
  to `workflow_step_log_chunks`, then `NOTIFY step_log_<step_id>` with only the
  sequence number. Step completion notifies `done`.

internal/actions/logstream/logstream.gomodified

  	return "LISTEN " + pgx.Identifier{Channel(stepID)}.Sanitize()
+ }
 +// UnlistenSQL returns a quoted UNLISTEN statement for the per-step channel.
 +func UnlistenSQL(stepID int64) string {
 +	return "UNLISTEN " + pgx.Identifier{Channel(stepID)}.Sanitize()
 +}
++
  // NotifyChunk wakes log tailers for a newly-persisted chunk.
  func NotifyChunk(ctx context.Context, db DBTX, stepID int64, seq int32) error {
  	return notify(ctx, db, stepID, strconv.FormatInt(int64(seq), 10))

internal/actions/logstream/logstream_test.gomodified


 	if got := ListenSQL(42); got != `LISTEN "step_log_42"` {
 		t.Fatalf("ListenSQL=%q", got)
 	}
+	if got := UnlistenSQL(42); got != `UNLISTEN "step_log_42"` {
+		t.Fatalf("UnlistenSQL=%q", got)
+	}
 }
 
 func TestParsePayload(t *testing.T) {

internal/web/handlers/handlers.gomodified

  	// workflow_dispatch endpoint (S41b). Auth-required + per-handler
  	// repo-write check.
  	RepoActionsAPIMounter func(chi.Router)
 +	// RepoActionsStreamMounter registers long-lived Actions log-stream
 +	// routes. It MUST bypass response compression and request timeout;
 +	// the handler still runs the normal repo-read policy gate.
 +	RepoActionsStreamMounter func(chi.Router)
  	// RepoSettingsGeneralMounter registers the General/Access tabs and
  	// the deferred-tab placeholders (webhooks, keys, notifications,
  	// tags) under /{owner}/{repo}/settings/* (S32). Auth-required.
  		})
+ 	}
 +	// Actions step-log SSE also streams for minutes. Keep it out of the
 +	// app group's timeout/compression stack so EventSource receives each
 +	// event as the handler flushes it. Browser CSRF protection is not
 +	// needed for this GET-only route; repo visibility is enforced inside
 +	// the handler through policy.ActionRepoRead.
 +	if deps.RepoActionsStreamMounter != nil {
 +		r.Group(func(r chi.Router) {
 +			deps.RepoActionsStreamMounter(r)
 +		})
 +	}
++
  	// Application routes — CSRF protected. Compress + Timeout live in
  	// this group (and the static one above) rather than globally so the
 -	// git-HTTP group can opt out.
 +	// streaming groups can opt out.
  	r.Group(func(r chi.Router) {
  		r.Use(middleware.Compress)
  		r.Use(middleware.Timeout(30 * time.Second))

internal/web/handlers/handlers_test.gomodified

  	"net/http/httptest"
  	"strings"
  	"testing"
++
 +	"github.com/go-chi/chi/v5"
+ )
  func TestHandlers(t *testing.T) {
  		t.Fatalf("HEAD /healthz: status %d, want 200", rec.Code)
+ 	}
+ }
++
 +func TestActionsLogStreamRouteBypassesCompressAndTimeout(t *testing.T) {
 +	t.Parallel()
++
 +	mux := http.NewServeMux()
 +	logger := slog.New(slog.NewTextHandler(io.Discard, nil))
 +	if err := Register(mux, Deps{
 +		Logger:      logger,
 +		TemplatesFS: testTemplatesFS(t),
 +		StaticFS:    testStaticFS(t),
 +		LogoSVG:     `<svg xmlns="http://www.w3.org/2000/svg"><title>shithub</title></svg>`,
 +		RepoActionsStreamMounter: func(r chi.Router) {
 +			r.Get("/{owner}/{repo}/actions/runs/{runIndex}/jobs/{jobIndex}/steps/{stepIndex}/log/stream", func(w http.ResponseWriter, r *http.Request) {
 +				w.Header().Set("Content-Type", "text/event-stream; charset=utf-8")
 +				if _, ok := r.Context().Deadline(); ok {
 +					_, _ = io.WriteString(w, "deadline")
 +					return
 +				}
 +				_, _ = io.WriteString(w, "no-deadline")
 +			})
 +		},
 +	}); err != nil {
 +		t.Fatalf("Register: %v", err)
 +	}
++
 +	req := httptest.NewRequest(http.MethodGet, "/octo/demo/actions/runs/1/jobs/0/steps/0/log/stream", nil)
 +	req.Header.Set("Accept-Encoding", "gzip")
 +	rec := httptest.NewRecorder()
 +	mux.ServeHTTP(rec, req)
++
 +	if rec.Code != http.StatusOK {
 +		t.Fatalf("status: got %d, want %d body=%q", rec.Code, http.StatusOK, rec.Body.String())
 +	}
 +	if got := rec.Header().Get("Content-Encoding"); got != "" {
 +		t.Fatalf("Content-Encoding: got %q, want empty", got)
 +	}
 +	if got := rec.Body.String(); got != "no-deadline" {
 +		t.Fatalf("body: got %q, want no-deadline", got)
 +	}
 +}

internal/web/handlers/repo/actions_log_stream.gomodified

  		h.d.Render.HTTPError(w, r, http.StatusInternalServerError, "")
  		return
+ 	}
 +	defer func() {
 +		ctx, cancel := context.WithTimeout(context.Background(), actionsLogStreamReleaseTimeout)
 +		defer cancel()
 +		if _, err := conn.Exec(ctx, logstream.UnlistenSQL(step.ID)); err != nil && h.d.Logger != nil {
 +			h.d.Logger.WarnContext(ctx, "repo actions: unlisten log stream", "step_id", step.ID, "error", err)
 +		}
 +	}()
  	w.Header().Set("Content-Type", "text/event-stream; charset=utf-8")
  	w.Header().Set("Cache-Control", "no-cache, no-transform")

internal/web/handlers/repo/repo.gomodified

  	r.Post("/{owner}/{repo}/actions/workflows/{file}/dispatches", h.repoActionsDispatch)
+ }
 +// MountRepoActionsStreams registers long-lived Actions streaming routes.
 +// Caller must mount this outside compression and request-timeout middleware.
 +func (h *Handlers) MountRepoActionsStreams(r chi.Router) {
 +	r.Get("/{owner}/{repo}/actions/runs/{runIndex}/jobs/{jobIndex}/steps/{stepIndex}/log/stream", h.repoActionStepLogStream)
 +}
++
  // MountRepoHome registers the root repository route plus product-tab shells
  // that are intentionally public and read-gated like the Code tab. The
  // two-segment route doesn't collide with the /{username} catch-all from S09;
  // caller is responsible for ordering this BEFORE /{username}.
  func (h *Handlers) MountRepoHome(r chi.Router) {
 -	r.Get("/{owner}/{repo}/actions/runs/{runIndex}/jobs/{jobIndex}/steps/{stepIndex}/log/stream", h.repoActionStepLogStream)
  	r.Get("/{owner}/{repo}/actions/runs/{runIndex}/jobs/{jobIndex}/steps/{stepIndex}", h.repoActionStepLog)
  	r.Get("/{owner}/{repo}/actions/runs/{runIndex}/status", h.repoActionRunStatus)
  	r.Get("/{owner}/{repo}/actions/runs/{runIndex}", h.repoActionRun)

internal/web/server.gomodified

  			})
+ 		}
  		deps.RepoHomeMounter = repoH.MountRepoHome
 +		deps.RepoActionsStreamMounter = repoH.MountRepoActionsStreams
  		deps.RepoCodeMounter = repoH.MountCode
  		deps.RepoHistoryMounter = repoH.MountHistory
  		deps.RepoRefsMounter = repoH.MountRefs

`@@ -12,6 +12,9 @@` func TestChannelAndListenSQL(t *testing.T) {
12	12	if got := ListenSQL(42); got != `LISTEN "step_log_42"` {
13	13	t.Fatalf("ListenSQL=%q", got)
14	14	}
	15	+ if got := UnlistenSQL(42); got != `UNLISTEN "step_log_42"` {
	16	+ t.Fatalf("UnlistenSQL=%q", got)
	17	+ }
15	18	}
16	19
17	20	func TestParsePayload(t *testing.T) {