Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DCMAW-10829: Enhances http request retry strategy #344

Draft
wants to merge 10 commits into
base: main
Choose a base branch
from
Draft

DCMAW-10829: Enhances http request retry strategy #344

wants to merge 10 commits into from

Conversation

jmooney-dd
Copy link
Contributor

@jmooney-dd jmooney-dd commented Jan 17, 2025
edited
Loading

DCMAW-10829

What changed

  • sendHttpRequest:
    • Updates retry policy with exponential backoff and full jitter
    • Updates interface to use Result pattern after discussion with Chris
  • Updates functions that consume sendHttpRequest as interface has changed:
    • getBiometricToken
    • publicKeyGetter
      • I also updated publicKeyGetter to use the Result pattern here. If we want as minimal changes to publicKeyGetter in this PR as possible, we can revert commit cb1e74c2c47ae5847b9ca6db848c01bebd040a33

Why did it change

Exponential backoff is the preferred strategy when retrying httpRequests

Sonar security hotspot

Link to hotspot

I have commented on the relevant line of code this is regarding. This was lifted directly from STS's backend so I assume it's okay but will ask a for a review

​Evidence

Deployed stack and ran api tests - all passing

Checklists

  • There is a ticket raised for this PR that is present in the branch name
  • No PII data logged. See guidance here
  • Demo to a BA, TA, and the team.
  • Update README with any new instructions or tasks

@jmooney-dd jmooney-dd changed the title Dcmaw 10829 retry delay DCMAW-10829: Enhances http request retry strategy Jan 17, 2025
@jmooney-dd jmooney-dd force-pushed the DCMAW-10829-retry-delay branch from 7a11773 to cb1e74c Compare January 17, 2025 18:18
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
1 Security Hotspot

See analysis details on SonarQube Cloud

jmooney-dd
jmooney-dd commented Jan 17, 2025
View reviewed changes
backend-api/src/functions/services/http/sendHttpRequest.ts
const exponentialDelayWithoutJitter =
Math.pow(2, attempt - 1) * baseDelayMillis;
const exponentialDelayWithFullJitter = Math.floor(
Math.random() * exponentialDelayWithoutJitter,
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Security hotspot using this 'weak' cryptographic function.

"Make sure that using this pseudorandom number generator is safe here."

Hotspot link

Lifted from STS backend so assume this is fine, we're just using it to calc a httpRequest delay, nothing sensitive.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jmooney-dd