ff-engine 0.3.3

FlowFabric cross-partition dispatch and background scanners
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187

//! Cross-partition budget check helper.
//!
//! The scheduler uses `BudgetChecker` to check budget status without
//! redundant reads per scheduling cycle. The checker caches budget status
//! per cycle and clears the cache at the start of each new cycle.
//!
//! Reference: RFC-008 §Budget Admission, RFC-010 §3.2

use std::collections::HashMap;

use ff_core::partition::{budget_partition, PartitionConfig};
use ff_core::types::BudgetId;

/// Budget status for admission decisions.
#[derive(Clone, Debug, Default)]
pub struct BudgetStatus {
    /// Hard limit breached — execution must be blocked.
    pub hard_breached: bool,
    /// Soft limit breached — execution may proceed with warning.
    pub soft_breached: bool,
}

/// Cross-partition budget checker with per-cycle caching.
///
/// Created once per scheduler instance. Call `clear_cache()` at the start
/// of each scheduling cycle to invalidate stale status.
pub struct BudgetChecker {
    client: ferriskey::Client,
    partition_config: PartitionConfig,
    cycle_cache: HashMap<BudgetId, BudgetStatus>,
}

impl BudgetChecker {
    pub fn new(client: ferriskey::Client, partition_config: PartitionConfig) -> Self {
        Self {
            client,
            partition_config,
            cycle_cache: HashMap::new(),
        }
    }

    /// Check budget status, returning cached value if available.
    pub async fn check_budget(
        &mut self,
        budget_id: &BudgetId,
    ) -> Result<BudgetStatus, ferriskey::Error> {
        // Return cached status if available
        if let Some(status) = self.cycle_cache.get(budget_id) {
            return Ok(status.clone());
        }

        // Compute partition and read from Valkey
        let partition = budget_partition(budget_id, &self.partition_config);
        let tag = partition.hash_tag();

        let usage_key = format!("ff:budget:{}:{}:usage", tag, budget_id);
        let limits_key = format!("ff:budget:{}:{}:limits", tag, budget_id);

        // Read usage + limits in parallel (both on same {b:M} slot)
        let usage_raw: Vec<String> = self
            .client
            .cmd("HGETALL")
            .arg(&usage_key)
            .execute()
            .await
            .unwrap_or_default();

        let limits_raw: Vec<String> = self
            .client
            .cmd("HGETALL")
            .arg(&limits_key)
            .execute()
            .await
            .unwrap_or_default();

        let status = evaluate_budget_status(&usage_raw, &limits_raw);

        self.cycle_cache.insert(budget_id.clone(), status.clone());
        Ok(status)
    }

    /// Clear the per-cycle cache. Call at the start of each scheduling cycle.
    pub fn clear_cache(&mut self) {
        self.cycle_cache.clear();
    }

    /// Number of cached budget statuses.
    pub fn cache_size(&self) -> usize {
        self.cycle_cache.len()
    }
}

/// Evaluate budget status from raw usage and limits hashes.
fn evaluate_budget_status(usage_raw: &[String], limits_raw: &[String]) -> BudgetStatus {
    if limits_raw.is_empty() {
        return BudgetStatus::default(); // No limits = not breached
    }

    let mut hard_breached = false;
    let mut soft_breached = false;

    // Parse limits: fields are "hard:<dimension>" and "soft:<dimension>"
    let mut i = 0;
    while i + 1 < limits_raw.len() {
        let field = &limits_raw[i];
        let limit_val: i64 = limits_raw[i + 1].parse().unwrap_or(i64::MAX);
        i += 2;

        // Extract dimension name and limit type
        if let Some(dim) = field.strip_prefix("hard:") {
            let current = find_usage(usage_raw, dim);
            if current >= limit_val {
                hard_breached = true;
            }
        } else if let Some(dim) = field.strip_prefix("soft:") {
            let current = find_usage(usage_raw, dim);
            if current >= limit_val {
                soft_breached = true;
            }
        }
    }

    // Also check flat "breached_at" marker from reconciler
    for j in (0..usage_raw.len()).step_by(2) {
        if usage_raw[j] == "breached_at" {
            hard_breached = true;
            break;
        }
    }

    BudgetStatus {
        hard_breached,
        soft_breached,
    }
}

/// Find a dimension's usage value in the flat usage array.
fn find_usage(usage_raw: &[String], dimension: &str) -> i64 {
    let mut i = 0;
    while i + 1 < usage_raw.len() {
        if usage_raw[i] == dimension {
            return usage_raw[i + 1].parse().unwrap_or(0);
        }
        i += 2;
    }
    0
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn no_limits_means_not_breached() {
        let status = evaluate_budget_status(&[], &[]);
        assert!(!status.hard_breached);
        assert!(!status.soft_breached);
    }

    #[test]
    fn hard_breach_detected() {
        let usage = vec!["tokens".into(), "1000".into()];
        let limits = vec!["hard:tokens".into(), "500".into()];
        let status = evaluate_budget_status(&usage, &limits);
        assert!(status.hard_breached);
    }

    #[test]
    fn under_limit_not_breached() {
        let usage = vec!["tokens".into(), "100".into()];
        let limits = vec!["hard:tokens".into(), "500".into()];
        let status = evaluate_budget_status(&usage, &limits);
        assert!(!status.hard_breached);
    }

    #[test]
    fn soft_breach_detected() {
        let usage = vec!["cost_cents".into(), "8000".into()];
        let limits = vec![
            "hard:cost_cents".into(), "10000".into(),
            "soft:cost_cents".into(), "7500".into(),
        ];
        let status = evaluate_budget_status(&usage, &limits);
        assert!(!status.hard_breached);
        assert!(status.soft_breached);
    }
}