Skip to content

fix(runner): handle multiple resps in GetLazyAuthFetchCallback #6449

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 2 commits into
base: dev
Choose a base branch
from
Draft

fix(runner): handle multiple resps in GetLazyAuthFetchCallback #6449

wants to merge 2 commits into from

Conversation

@dwisiswant0
Copy link
Member

Proposed changes

the callback logic does not properly accumulate
results from multiple responses

Fixes #6231

Checklist

  • Pull request is created against the dev branch
  • All checks passed (lint, unit/integration/regression tests etc.) with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Sep 2, 2025
edited
Loading

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing Touches
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch dwisiswant0/fix/runner/handle-multiple-resps-in-GetLazyAuthFetchCallback

Comment @coderabbitai help to get the list of available commands and usage tips.

@dwisiswant0 dwisiswant0 mentioned this pull request Sep 2, 2025
Open
1 task
@dwisiswant0 dwisiswant0 force-pushed the dwisiswant0/fix/runner/handle-multiple-resps-in-GetLazyAuthFetchCallback branch 2 times, most recently from 405a285 to 3f7647d Compare September 10, 2025 06:00
@dwisiswant0
fix(runner): handle multiple resps in GetLazyAuthFetchCallback
5ef37da 
the callback logic does not properly accumulate
results from multiple responses

Signed-off-by: Dwi Siswanto <[email protected]>
@dwisiswant0
fix(authx): prevent deadlock in dynamic auth fetching
e7968de 
resolve deadlock that occurs when dynamic auth
templates trigger recursive auth requests during
execution.

RCA:
1. `GetStrategies()` calls `Fetch()` to retrieve
   auth creds.
2. `Fetch()` executes auth template via cb.
3. template exec triggers HTTP requests requiring
   auth.
4. recursive calls `GetStrategies()` → `Fetch()`
   cause deadlock on mutex.

notable changes:
* add `fetching` flag to `Dynamic` struct to track
  fetch-in-progress state.
* modify `GetStrategies()` to return empty
  strategies if already fetching.
* update `Fetch()` method with proper recursive
  call prevention.
* use mutex-protected flag reads to ensure thread
  safety.
* refactor `GetStrategies()` with local function
  for code reuse.

this prevents infinite recursion during auth
template execution while maintaining proper sync
and err handling.

fixes goroutine deadlocks in auth system when
using dynamic secrets with templates that require
auth.

Signed-off-by: Dwi Siswanto <[email protected]>
@dwisiswant0 dwisiswant0 force-pushed the dwisiswant0/fix/runner/handle-multiple-resps-in-GetLazyAuthFetchCallback branch from 3f7647d to e7968de Compare September 10, 2025 06:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[BUG] Authenticated scans fail when redirects are enabled

2 participants

@dwisiswant0