tasker-orchestration 0.1.7

Orchestration system for tasker workflow coordination
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392

//! # Web Database Circuit Breaker Helpers
//!
//! Helper functions for circuit breaker operations in the web API.
//! The core circuit breaker types are in `api_common::circuit_breaker`.

use crate::web::state::AppState;
use opentelemetry::KeyValue;
use tasker_shared::metrics::orchestration::api_requests_rejected_total;
use tasker_shared::types::web::{ApiError, ApiResult};
use tracing::warn;

// Re-export types from api_common for backward compatibility
pub use crate::api_common::circuit_breaker::{CircuitState, WebDatabaseCircuitBreaker};

/// Execute a database operation with circuit breaker protection and error mapping
///
/// This function provides a standardized way to wrap database operations with
/// circuit breaker protection and automatic error handling for web API endpoints.
///
/// # Features
/// - **Circuit Breaker Protection**: Checks database health before execution
/// - **Automatic Success/Failure Recording**: Records operation results for circuit breaker state
/// - **Error Mapping**: Converts database errors to appropriate API errors
/// - **Comprehensive Logging**: Logs errors with context for debugging
/// - **Metrics Recording**: Records circuit breaker rejections (TAS-75)
///
/// # Arguments
/// * `state` - Application state containing the circuit breaker
/// * `operation` - Async closure that performs the database operation
///
/// # Returns
/// `ApiResult<T>` - Success result or mapped API error
///
/// # Example
/// ```rust,no_run
/// use tasker_orchestration::web::circuit_breaker::execute_with_circuit_breaker;
/// use tasker_orchestration::web::state::AppState;
/// use tasker_shared::models::core::task::Task;
/// use tasker_shared::types::web::ApiResult;
///
/// async fn get_task_handler(state: &AppState, task_id: uuid::Uuid) -> ApiResult<Option<Task>> {
///     execute_with_circuit_breaker(state, || async {
///         Task::find_by_id(&state.orchestration_db_pool(), task_id).await
///     }).await
/// }
/// ```
pub async fn execute_with_circuit_breaker<T, E, F, Fut>(
    state: &AppState,
    operation: F,
) -> ApiResult<T>
where
    F: FnOnce() -> Fut,
    Fut: std::future::Future<Output = Result<T, E>>,
    E: std::error::Error + Send + Sync + 'static,
{
    use tracing::error;

    // Check circuit breaker before executing operation
    if !state.is_database_healthy() {
        // TAS-75: Record circuit breaker rejection metric
        record_circuit_breaker_rejection("unknown");
        return Err(ApiError::CircuitBreakerOpen);
    }

    match operation().await {
        Ok(result) => {
            state.record_database_success();
            Ok(result)
        }
        Err(e) => {
            state.record_database_failure();
            error!(error = %e, "Database operation failed");
            Err(ApiError::database_error(format!("Operation failed: {e}")))
        }
    }
}

/// TAS-75: Execute an operation with comprehensive backpressure checking
///
/// This function checks all backpressure conditions before executing an operation:
/// 1. Circuit breaker state
/// 2. Command channel saturation
///
/// Returns 503 with Retry-After header when any backpressure condition is active.
///
/// # Features
/// - **Comprehensive Backpressure**: Checks circuit breaker AND channel saturation
/// - **Retry-After Headers**: Returns appropriate wait time based on condition severity
/// - **Metrics Recording**: Records backpressure rejections for monitoring
///
/// # Arguments
/// * `state` - Application state containing backpressure monitoring
/// * `endpoint` - Endpoint name for metrics (e.g., "/v1/tasks")
/// * `operation` - Async closure that performs the operation
///
/// # Returns
/// `ApiResult<T>` - Success result or `ApiError::Backpressure` with Retry-After
///
/// # Example
/// ```rust,ignore
/// use tasker_orchestration::web::circuit_breaker::execute_with_backpressure_check;
///
/// async fn create_task_handler(state: &AppState, request: CreateTaskRequest) -> ApiResult<Task> {
///     execute_with_backpressure_check(state, "/v1/tasks", || async {
///         // Task creation logic
///         Ok(task)
///     }).await
/// }
/// ```
pub async fn execute_with_backpressure_check<T, E, F, Fut>(
    state: &AppState,
    endpoint: &str,
    operation: F,
) -> ApiResult<T>
where
    F: FnOnce() -> Fut,
    Fut: std::future::Future<Output = Result<T, E>>,
    E: std::error::Error + Send + Sync + 'static,
{
    use tracing::error;

    // TAS-75: Check comprehensive backpressure status
    if let Some(backpressure_error) = state.check_backpressure_status() {
        // Record backpressure rejection metric
        record_backpressure_rejection(endpoint, &backpressure_error);
        return Err(backpressure_error);
    }

    match operation().await {
        Ok(result) => {
            state.record_database_success();
            Ok(result)
        }
        Err(e) => {
            state.record_database_failure();
            error!(error = %e, endpoint = endpoint, "Operation failed");
            Err(ApiError::database_error(format!("Operation failed: {e}")))
        }
    }
}

/// TAS-75: Record a backpressure rejection metric
///
/// Tracks API requests rejected due to any backpressure condition.
///
/// # Arguments
/// * `endpoint` - The API endpoint that was rejected
/// * `error` - The backpressure error (for extracting reason)
pub fn record_backpressure_rejection(endpoint: &str, error: &ApiError) {
    let reason = match error {
        ApiError::Backpressure { reason, .. } => reason.as_str(),
        ApiError::CircuitBreakerOpen => "circuit_breaker",
        _ => "unknown",
    };

    let counter = api_requests_rejected_total();
    counter.add(
        1,
        &[
            KeyValue::new("endpoint", endpoint.to_string()),
            KeyValue::new("reason", reason.to_string()),
        ],
    );

    warn!(
        endpoint = endpoint,
        reason = reason,
        "API request rejected due to backpressure"
    );
}

/// Record a circuit breaker rejection metric
///
/// TAS-75: Tracks API requests rejected due to circuit breaker being open.
///
/// # Arguments
/// * `endpoint` - The API endpoint that was rejected (e.g., "/v1/tasks")
pub fn record_circuit_breaker_rejection(endpoint: &str) {
    // Get the counter from the static or create a new one
    // Note: api_requests_rejected_total() returns a new counter each time,
    // but OpenTelemetry will aggregate them by the same metric name
    let counter = api_requests_rejected_total();

    counter.add(
        1,
        &[
            KeyValue::new("endpoint", endpoint.to_string()),
            KeyValue::new("reason", "circuit_breaker"),
        ],
    );

    warn!(
        endpoint = endpoint,
        reason = "circuit_breaker",
        "API request rejected due to circuit breaker open"
    );
}

#[cfg(test)]
mod tests {
    use super::*;
    use std::time::Duration;

    #[test]
    fn test_circuit_breaker_starts_closed() {
        let cb = WebDatabaseCircuitBreaker::new(3, Duration::from_secs(5), "test");
        assert!(!cb.is_circuit_open());
        assert_eq!(cb.current_state(), CircuitState::Closed);
    }

    #[test]
    fn test_circuit_opens_after_threshold_failures() {
        let cb = WebDatabaseCircuitBreaker::new(3, Duration::from_secs(5), "test");

        // Record failures below threshold
        cb.record_failure();
        cb.record_failure();
        assert!(!cb.is_circuit_open());
        assert_eq!(cb.current_state(), CircuitState::Closed);

        // Record failure that exceeds threshold
        cb.record_failure();
        assert!(cb.is_circuit_open());
        assert_eq!(cb.current_state(), CircuitState::Open);
    }

    #[test]
    fn test_circuit_closes_on_success_via_half_open() {
        let cb = WebDatabaseCircuitBreaker::new(
            2,
            Duration::ZERO, // instant recovery timeout for testing
            "test",
        );

        // Open the circuit
        cb.record_failure();
        cb.record_failure();
        assert_eq!(cb.current_state(), CircuitState::Open);

        // With zero timeout, is_circuit_open() calls should_allow() which
        // transitions to half-open immediately, returning "not open" (allows call)
        assert!(!cb.is_circuit_open()); // transitions to HalfOpen

        // Record success_threshold (2) successes to close
        cb.record_success();
        cb.record_success();
        assert_eq!(cb.current_state(), CircuitState::Closed);
        assert_eq!(cb.current_failures(), 0);
    }

    // Note: Recovery timeout tests are timing-sensitive and can be flaky in CI environments.
    // The core circuit breaker functionality (open/close/threshold) is tested above.

    #[test]
    fn test_default_circuit_breaker_configuration() {
        let cb = WebDatabaseCircuitBreaker::default();

        // Default values: 5 failures, 30s recovery, "web_database" component
        assert_eq!(cb.component_name(), "web_database");
        assert_eq!(cb.current_state(), CircuitState::Closed);
        assert_eq!(cb.current_failures(), 0);
        assert!(!cb.is_circuit_open());
    }

    #[test]
    fn test_component_name_accessor() {
        let cb = WebDatabaseCircuitBreaker::new(5, Duration::from_secs(30), "custom_component");
        assert_eq!(cb.component_name(), "custom_component");
    }

    #[test]
    fn test_failure_count_increments_correctly() {
        let cb = WebDatabaseCircuitBreaker::new(10, Duration::from_secs(30), "test");

        assert_eq!(cb.current_failures(), 0);
        cb.record_failure();
        assert_eq!(cb.current_failures(), 1);
        cb.record_failure();
        assert_eq!(cb.current_failures(), 2);
        cb.record_failure();
        assert_eq!(cb.current_failures(), 3);
    }

    #[test]
    fn test_success_resets_failure_count() {
        let cb = WebDatabaseCircuitBreaker::new(10, Duration::from_secs(30), "test");

        // Accumulate some failures (but not enough to open)
        cb.record_failure();
        cb.record_failure();
        cb.record_failure();
        assert_eq!(cb.current_failures(), 3);

        // Success should reset count
        cb.record_success();
        assert_eq!(cb.current_failures(), 0);
    }

    #[test]
    fn test_success_failure_success_sequence() {
        let cb = WebDatabaseCircuitBreaker::new(3, Duration::from_secs(30), "test");

        // Start with failures
        cb.record_failure();
        cb.record_failure();
        assert_eq!(cb.current_failures(), 2);
        assert_eq!(cb.current_state(), CircuitState::Closed);

        // Success resets
        cb.record_success();
        assert_eq!(cb.current_failures(), 0);

        // More failures
        cb.record_failure();
        assert_eq!(cb.current_failures(), 1);

        // Another success
        cb.record_success();
        assert_eq!(cb.current_failures(), 0);
    }

    #[test]
    fn test_circuit_breaker_exact_threshold() {
        // Test that circuit opens at exactly the threshold, not before
        let cb = WebDatabaseCircuitBreaker::new(5, Duration::from_secs(30), "test");

        // 1 through 4 failures - should stay closed
        for i in 1..5 {
            cb.record_failure();
            assert!(
                !cb.is_circuit_open(),
                "Circuit should be closed at {} failures (threshold is 5)",
                i
            );
        }

        // 5th failure - should open
        cb.record_failure();
        assert!(
            cb.is_circuit_open(),
            "Circuit should be open at threshold (5 failures)"
        );
    }

    #[test]
    fn test_multiple_successes_keep_circuit_closed() {
        let cb = WebDatabaseCircuitBreaker::new(3, Duration::from_secs(30), "test");

        // Multiple successes when healthy
        cb.record_success();
        cb.record_success();
        cb.record_success();

        assert_eq!(cb.current_state(), CircuitState::Closed);
        assert_eq!(cb.current_failures(), 0);
    }

    #[test]
    fn test_open_circuit_stays_open_without_recovery() {
        let cb = WebDatabaseCircuitBreaker::new(2, Duration::from_secs(3600), "test"); // 1 hour recovery

        // Open the circuit
        cb.record_failure();
        cb.record_failure();
        assert!(cb.is_circuit_open());

        // Additional calls should still show open
        assert!(cb.is_circuit_open());
        assert_eq!(cb.current_state(), CircuitState::Open);
    }

    // =========================================================================
    // TAS-75: Backpressure Recording Tests
    // =========================================================================

    #[test]
    fn test_record_backpressure_rejection_runs_without_panic() {
        // Smoke test: verify the function completes without panic
        // Note: We can't easily verify OpenTelemetry metrics in unit tests,
        // but test completion without panic confirms the function works
        let error = tasker_shared::types::web::ApiError::backpressure("test", 5);
        record_backpressure_rejection("/v1/tasks", &error);
        // Test passes if we reach here without panicking
    }

    #[test]
    fn test_record_circuit_breaker_rejection_runs_without_panic() {
        // Smoke test: verify the function completes without panic
        record_circuit_breaker_rejection("/v1/tasks");
        // Test passes if we reach here without panicking
    }
}