Fix #2514 - Use optimistic concurrency to prevent multiple UpdateIsLatest calls on same package

[chenriksson]

Approach is same as discussed, but implementation is more complex due to our need to restrict the optimistic concurrency check to CUD operations only on specific columns - which EF doesn't support.

[joelverhagen]

This should be xmldoc so callers actually see it. Put it on the interface.

[joelverhagen]

What is altEntitiesContext.GetDatabase(); throws? Won't this static stay true? In these cases, I like making an IDisposable which toggles the static on and off.

Another concern -- won't this effect other threads?

[chenriksson]

Shouldn't affect other threads. SuspendExecutionStrategy uses CallContext which is similar to thread local storage. Note that this is also used in PackageDeleteService, which also uses custom transactions.

I wasn't thinking about GetDatabase throwing, but perhaps it could if the connection was somehow closed. I'll just expand the scope of the try/finally, which I think will be less work than introducing a disposable.

[joelverhagen]

Please increment on a separate line. This is less readable.

[joelverhagen]

This case is really bad, right? What will the playbook be if we encounter one of these exceptions?

[chenriksson]

We'd hit this block if the request detected 3 concurrency conflicts in a row, in which case it would not update the flags.

This is unlikely to be a problem, since the real package CUD was already committed in a separate request. More than likely a concurrent request has already updated isLatest/isLatestStable, and the retry would detect that no changes are necessary.

This trace would at least give us monitoring if there are multiple concurrency conflicts in a row. Playbook would be to just check the package to see if the latest is set correctly... but more than likely it corrected itself.

[joelverhagen]

I'm interested in what a functional test on this change would look like. Before the change, could we have written a test to consistently reproduce the issue (by mocking out as much as possible and throwing enough threads at it)?

[skofman1]

nit: capital letter in the beginning of the comment to match the rest of the file

[skofman1]

we use the connection string from web.config: https://github.com/NuGet/NuGetGallery/blob/master/src/NuGetGallery.Core/Entities/EntitiesContext.cs#L25

return new EntitiesContext() should do the trick

[skofman1]

please use named parameters, for readability

[skofman1]

                // a release version and set it to IsLatest.

isLatestStable.

---

Refers to: src/NuGetGallery/Services/PackageService.cs:835 in 7f861cd. [](commit_id = 7f861cd, deletion_comment = False)

[chenriksson]

Need to remove conditional around MergeUpdateIsLatestClearsWithSets. Originally I had bug where retry was calling back into UpdateIsLatestInDatabaseAsync without refresh and recalculating the latest.

[cristinamanum]

It would be great to add few comments about this class.

[cristinamanum]

nit: line too long.

[cristinamanum]

Maybe PackagesVersionMatch instead of the PackagesMatch?

[cristinamanum]

It would be great to have few comments. Also the line length seems to be large.

[skofman1]

int [](start = 27, length = 3)

returning true/false will make the code more readable.

[skofman1]

500 [](start = 62, length = 3)

const

[skofman1]

UpdateIsLatestAsync [](start = 38, length = 19)

this code could be simpler if the retries were done in UpdateIsLatestAsync. In this case UpdateIsLatestInDatabaseAsync calls the method that called it (UpdateIsLatestAsync), that calls it again, creating a recursion..
If UpdateIsLatestInDatabaseAsync returned a failure, UpdateIsLatestAsync can call it again until retries are exhausted.

[skofman1]

        public async Task WillUpdateIsLatest1()

This naming is extremely confusing. Could you rename those?

---

Refers to: tests/NuGetGallery.Facts/Services/PackageServiceFacts.cs:1074 in 7f861cd. [](commit_id = 7f861cd, deletion_comment = False)

[skofman1]

Regarding functional tests: Scott wrote a test that pushes a bunch of packages and verified timestamps:

NuGetGallery/tests/NuGetGallery.FunctionalTests/ODataFeeds/V2FeedExtendedTests.cs

Line 64 in ce6c5d6

public async Task PackagesAppearInFeedInOrderTest()

You could do something similar

[cristinamanum]

Is the retryCount used in this method?

[chenriksson]

Yes, on retry of concurrency conflict in UpdateIsLatestInDatabaseAsync

[scottbommarito]

Might be more concise and readable if you changed this to...

if (first == null || second == null)
{
    return first != second;
}

return first.Version.Equals(second.Version, StringComparison.OrdinalIgnoreCase);

[scottbommarito]

This and OriginalIsLatestStable should have a private set because they should not be changed after being initialized.

[chenriksson]

These may change in MergeUpdateIsLatestClearsWithSets

[scottbommarito]

Can we merge this function with UpdateIsLatestInDatabaseWithConcurrencyCheckAsync? The code should fit inside one function just fine since we don't use it anywhere else.

[scottbommarito]

Capitalize this comment just like you did this one and also add a period to the end (if the rest of the file does that).

[scottbommarito]

I would suggest putting UpdateIsLatestAsync back inside MarkPackageListedAsync but after the commit. You always call the two together.

[chenriksson]

See comment for MarkPackageUnlistedAsync. While this method also supports not committing changes, only test code does it. So, I could remove that option and move UpdateIsLatestAsync back inside, but I'm inclined to keep these methods consistent. Let me know if you disagree.

[scottbommarito]

I think it would be better if this comment were more specific. We want better control BECAUSE we were having issues with multiple requests operating on the isLatest fields of the package simultaneously and leading to multiple packages being marked as the latest or the latest prerelease.

[scottbommarito]

Capitalize please.

[scottbommarito]

Could we move the declaration of altEntitiesContext inside the try-finally and then use a using statement instead of having this in the finally statement?

[dtivel]

Yes, and you don't need to cast. DbContext implements IDisposable.

[chenriksson]

This was to support the Mock object used by tests, which wasn't IDisposable. Will see if there's another way.

[scottbommarito]

I suggest renaming this to AlwaysCommitsChanges because the commit changes option was removed from the function.

[scottbommarito]

We should add some unit tests that test the behavior when transactions fail, and enumerate different possible scenarios. You can do this by mocking the UpdateIsLatestInDatabaseWithConcurrencyCheckAsync method and performing different behaviors based on the UpdateIsLatestPackageEdit object supplied.

[skofman1]

RetriableExecutionStrategySuspension

[skofman1]

Looks great!

[dtivel]

You can use nameof(UseRetriableExecutionStrategy).

Also, as part of the logic inversion, the fallback value here should be true not false.

[dtivel]

Does Task.CompletedTask also work? I think it's more clear than Task.FromResult(0).

[dtivel]

Task.CompletedTask?

[dtivel]

SameNewLatestAndLatestStableVersions sounds more clear than SameLatestAndLatestStableVersionsWithClear.

[chenriksson]

@scottbommarito look ok to you?

[dtivel]

Why not just use XmlDocument or XDocument to read the XML?

[scottbommarito]

Note that using XmlDocument or XDocument would also remove the potential for the regex to take an extremely long time as @blowdart noted.

[blowdart]

Ensure there's a timeout on all regexs

[scottbommarito]

a couple nitpicks

[scottbommarito]

thanks for doing this...so much cleaner

[scottbommarito]

Task.CompletedTask?

[chenriksson]

I only switched to Task.CompletedTask for async methods w/o return values. Since TryUpdateIsLatestInDatabase returns Task<bool>, I want to return true to look like the db update was successful.

[scottbommarito]

Note that using XmlDocument or XDocument would also remove the potential for the regex to take an extremely long time as @blowdart noted.

[scottbommarito]

I would prefer that you had these values in a variable instead of copying them here.

var latestVersion = "7.0.2-abc"
var latestStable = "7.0.1"

var latestVersionHalf = "3.0.2-abc"
var latestStableHalf = "3.0.1"

var packageVersions = new List<string>()
{
    "1.0.0-a",  "1.0.0-b",  "1.0.0",  "1.0.1",  "1.0.2-abc",
    "2.0.0-a",  "2.0.0-b",  "2.0.0",  "2.0.1",  "2.0.2-abc",
    "3.0.0-a",  "3.0.0-b",  "3.0.0",  latestStableHalf,  latestVersionHalf,
    "4.0.0-a",  "4.0.0-b",  "4.0.0",  "4.0.1",  "4.0.2-abc",
    "6.0.0-a",  "6.0.0-b",  "6.0.0",  "6.0.1",  "6.0.2-abc",
    "7.0.0-a",  "7.0.0-b",  "7.0.0",  latestStable,  latestVersion
};
...
await CheckPackageLatestVersions(packageId, packageVersions, latestVersion, latestStable);
...
// unlist last half and verify; ~1-2 concurrency conflicts seen in testing
for (int i = concurrentTasks.Length - 1; i > concurrentTasks.IndexOf(latestVersionHalf); i--)
...
await CheckPackageLatestVersions(packageId, packageVersions, latestVersionHalf, latestStableHalf);

// unlist remaining and verify; ~1-2 concurrency conflicts seen in testing
for (int i = concurrentTasks.IndexOf(latestVersionHalf); i >= 0; i--)

[scottbommarito]

I like that you're adding this to my test as well as yours, but this parameter is unnecessary because you can determine whether or not the packages are listed based on the feed itself. If the package has a Published property that is greater than DateTime.MinValue (pretty sure it's January 1st 1900) then it is listed. You can parse this and then determine whether or not it should be latest or latest stable. I tried to do this initially but didn't realize that Published represented the listed status in the feed.

You could of course change this into a "expectListed" parameter that verifies that the listed status from the feed is identical to what we expect.

[skofman1]

to reduce the chance of retry collisions, I would recommend introducing randomization into the sleep duration