cano 0.14.0

High-performance orchestration engine for building resilient, self-healing systems in Rust. Uses Finite State Machines (FSM) for strict, type-safe transitions.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305

//! Shared task fixtures and test doubles for the `workflow` module's unit tests.
//!
//! `TestState` and the three trivial tasks below are used by the test modules in
//! `workflow.rs`, `workflow/execution.rs` and `workflow/compensation.rs`. They
//! live here so each of those `#[cfg(test)] mod tests` can `use` them rather than
//! redefining the same fixtures three times.
//!
//! `MemCheckpoints` lives here for the same reason — both the saga/recovery test
//! modules and the metrics test modules need an in-memory `CheckpointStore`
//! double, and prior to consolidation each defined its own identical copy.

use std::collections::HashMap;
use std::sync::Arc;
use std::sync::atomic::{AtomicU32, Ordering};

use cano_macros::task;

use crate::error::CanoError;
use crate::recovery::{CheckpointRow, CheckpointStore};
use crate::resource::Resources;
use crate::store::MemoryStore;
use crate::task::{Task, TaskResult};

/// Test workflow states
#[derive(Debug, Clone, PartialEq, Eq, Hash)]
pub(crate) enum TestState {
    Start,
    Process,
    Split,
    Join,
    Complete,
    #[allow(dead_code)]
    Error,
}

/// Simple task that returns a single state
#[derive(Clone)]
pub(crate) struct SimpleTask {
    next_state: TestState,
    counter: Arc<AtomicU32>,
}

impl SimpleTask {
    pub(crate) fn new(next_state: TestState) -> Self {
        Self {
            next_state,
            counter: Arc::new(AtomicU32::new(0)),
        }
    }

    #[allow(dead_code)]
    pub(crate) fn count(&self) -> u32 {
        self.counter.load(Ordering::SeqCst)
    }
}

#[task]
impl Task<TestState> for SimpleTask {
    async fn run_bare(&self) -> Result<TaskResult<TestState>, CanoError> {
        self.counter.fetch_add(1, Ordering::SeqCst);
        Ok(TaskResult::Single(self.next_state.clone()))
    }
}

/// Task that stores data using a `MemoryStore` from resources
#[derive(Clone)]
pub(crate) struct DataTask {
    key: String,
    value: String,
    next_state: TestState,
}

impl DataTask {
    pub(crate) fn new(key: &str, value: &str, next_state: TestState) -> Self {
        Self {
            key: key.to_string(),
            value: value.to_string(),
            next_state,
        }
    }
}

#[task]
impl Task<TestState> for DataTask {
    async fn run(&self, res: &Resources) -> Result<TaskResult<TestState>, CanoError> {
        let store: Arc<MemoryStore> = res.get("store")?;
        store.put(&self.key, self.value.clone())?;
        Ok(TaskResult::Single(self.next_state.clone()))
    }
}

/// Task that fails on demand
#[derive(Clone)]
pub(crate) struct FailTask {
    should_fail: bool,
}

impl FailTask {
    pub(crate) fn new(should_fail: bool) -> Self {
        Self { should_fail }
    }
}

#[task]
impl Task<TestState> for FailTask {
    async fn run_bare(&self) -> Result<TaskResult<TestState>, CanoError> {
        if self.should_fail {
            Err(CanoError::task_execution("Task intentionally failed"))
        } else {
            Ok(TaskResult::Single(TestState::Complete))
        }
    }
}

/// In-memory [`CheckpointStore`] test double. `live` is the real store state
/// (`clear` empties it); `audit` records every row ever appended, in order, and
/// is *never* cleared — so tests can inspect what was written even after a
/// successful run cleared the live log. Linear scans; fine for the tiny test
/// scenarios here, not for scale.
#[derive(Default)]
pub(crate) struct MemCheckpoints {
    live: std::sync::Mutex<HashMap<String, Vec<CheckpointRow>>>,
    audit: std::sync::Mutex<Vec<(String, CheckpointRow)>>,
}

#[cano_macros::checkpoint_store]
impl CheckpointStore for MemCheckpoints {
    async fn append(&self, workflow_id: &str, row: CheckpointRow) -> Result<(), CanoError> {
        let mut live = self.live.lock().unwrap();
        let rows = live.entry(workflow_id.to_string()).or_default();
        if rows.iter().any(|r| r.sequence == row.sequence) {
            return Err(CanoError::checkpoint_store(format!(
                "checkpoint conflict: {workflow_id:?} already has sequence {}",
                row.sequence
            )));
        }
        self.audit
            .lock()
            .unwrap()
            .push((workflow_id.to_string(), row.clone()));
        rows.push(row);
        Ok(())
    }
    async fn load_run(&self, workflow_id: &str) -> Result<Vec<CheckpointRow>, CanoError> {
        Ok(self.rows(workflow_id))
    }
    async fn clear(&self, workflow_id: &str) -> Result<(), CanoError> {
        self.live.lock().unwrap().remove(workflow_id);
        Ok(())
    }
}

#[allow(dead_code)]
impl MemCheckpoints {
    /// Live rows for `workflow_id`, sorted by sequence (empty after a `clear`).
    pub(crate) fn rows(&self, workflow_id: &str) -> Vec<CheckpointRow> {
        let mut rows = self
            .live
            .lock()
            .unwrap()
            .get(workflow_id)
            .cloned()
            .unwrap_or_default();
        rows.sort_by_key(|r| r.sequence);
        rows
    }
    /// Every row ever appended for `workflow_id`, in append order — survives `clear`.
    pub(crate) fn audit_rows(&self, workflow_id: &str) -> Vec<CheckpointRow> {
        self.audit
            .lock()
            .unwrap()
            .iter()
            .filter(|(id, _)| id == workflow_id)
            .map(|(_, r)| r.clone())
            .collect()
    }
    pub(crate) fn audit_states(&self, workflow_id: &str) -> Vec<(u64, String)> {
        self.audit_rows(workflow_id)
            .into_iter()
            .map(|r| (r.sequence, r.state))
            .collect()
    }
}

/// Generic event recorder shared by every test module's mock observer.
///
/// Pre-consolidation, each test mod defined its own
/// `struct X(Mutex<Vec<EventTuple>>)` with the same `record` / `snapshot`
/// boilerplate. `Recorder<E>` parameterises over the event-tuple shape so a
/// test only has to spell out (1) the event type, and (2) a thin observer
/// impl that delegates to `record(...)`.
///
/// ```ignore
/// // Before:
/// struct CkptObserver(Mutex<Vec<(&'static str, String, u64)>>);
/// impl WorkflowObserver for CkptObserver { /* method body pushes to vec */ }
///
/// // After:
/// struct CkptObserver(Arc<Recorder<(&'static str, String, u64)>>);
/// impl WorkflowObserver for CkptObserver { /* method body calls self.0.record(...) */ }
/// ```
pub(crate) struct Recorder<E: Clone + Send + Sync + 'static> {
    events: std::sync::Mutex<Vec<E>>,
}

// Manual `Default` so the derive doesn't require `E: Default` — the bound
// would be wrong, since the Vec inside is created empty regardless of `E`.
impl<E: Clone + Send + Sync + 'static> Default for Recorder<E> {
    fn default() -> Self {
        Self {
            events: std::sync::Mutex::new(Vec::new()),
        }
    }
}

#[allow(dead_code)]
impl<E: Clone + Send + Sync + 'static> Recorder<E> {
    pub(crate) fn new() -> std::sync::Arc<Self> {
        std::sync::Arc::new(Self::default())
    }
    pub(crate) fn record(&self, event: E) {
        self.events.lock().unwrap().push(event);
    }
    pub(crate) fn snapshot(&self) -> Vec<E> {
        self.events.lock().unwrap().clone()
    }
    pub(crate) fn len(&self) -> usize {
        self.events.lock().unwrap().len()
    }
    pub(crate) fn is_empty(&self) -> bool {
        self.events.lock().unwrap().is_empty()
    }
}

/// Shared, ordered log of `(task name, output value)` for every `compensate`
/// call. Used by both saga tests in `workflow/compensation.rs::tests` and the
/// metrics counterparts; sharing the type avoids duplicate aliases.
pub(crate) type CompLog = std::sync::Arc<std::sync::Mutex<Vec<(String, u32)>>>;

/// A compensatable saga test task. The forward `run` returns `next_state` and
/// `value` (unless `fail_forward`); `compensate` records `(name, output)` onto
/// `log` (and errors if `fail_compensate`). No retries, so a forward failure
/// surfaces immediately. Used by both `compensation::tests` and
/// `compensation::metrics_tests` (R5 already lifted the sibling test double
/// `MemCheckpoints`; this finishes the consolidation for saga tests).
#[allow(dead_code)]
#[derive(Clone)]
pub(crate) struct CompTask {
    pub(crate) name: &'static str,
    pub(crate) value: u32,
    pub(crate) next_state: TestState,
    pub(crate) log: CompLog,
    pub(crate) fail_forward: bool,
    pub(crate) fail_compensate: bool,
}

#[allow(dead_code)]
impl CompTask {
    /// Default-constructed task that never fails. Most tests use this; only
    /// the ones that exercise the rollback path opt into the `fail_*` flags
    /// via the struct literal.
    pub(crate) fn ok(name: &'static str, value: u32, next_state: TestState, log: &CompLog) -> Self {
        Self {
            name,
            value,
            next_state,
            log: log.clone(),
            fail_forward: false,
            fail_compensate: false,
        }
    }
}

#[crate::saga::task]
impl crate::saga::CompensatableTask<TestState> for CompTask {
    type Output = u32;
    fn config(&self) -> crate::task::TaskConfig {
        crate::task::TaskConfig::minimal()
    }
    fn name(&self) -> std::borrow::Cow<'static, str> {
        std::borrow::Cow::Borrowed(self.name)
    }
    async fn run(&self, _res: &Resources) -> Result<(TaskResult<TestState>, u32), CanoError> {
        if self.fail_forward {
            return Err(CanoError::task_execution(format!(
                "{} forward failed",
                self.name
            )));
        }
        Ok((TaskResult::Single(self.next_state.clone()), self.value))
    }
    async fn compensate(&self, _res: &Resources, output: u32) -> Result<(), CanoError> {
        self.log
            .lock()
            .unwrap()
            .push((self.name.to_string(), output));
        if self.fail_compensate {
            return Err(CanoError::generic(format!(
                "{} compensate failed",
                self.name
            )));
        }
        Ok(())
    }
}