Add semgrep rule to catch non-determinism in FSM

See `message:` in rule for details.
hashicorp · Jul 12, 2022 · f8f7fbc · f8f7fbc
1 parent 7b55f7a
commit f8f7fbc
Showing 1 changed file with 21 additions and 0 deletions.
diff --git a/.semgrep/fsm_time.yml b/.semgrep/fsm_time.yml
@@ -0,0 +1,21 @@
+rules:
+  - id: "no-time-in-fsm"
+    patterns:
+      - pattern: time.Now()
+      - pattern-not-inside: |
+          defer metrics.MeasureSince(..., time.Now())
+      - pattern-not-inside: |
+          $N.timetable.Witness(log.Index, time.Now().UTC())
+    message: |
+      time.Now() should not be called from within the Server's FSM. Apply Raft
+      log messages to the State Store must be deterministic so that each server
+      contains exactly the same state. Since time drifts between nodes, it must
+      be set before the Raft log message is applied so that all Raft members
+      see the same timestamp.
+    languages:
+      - "go"
+    severity: "WARNING"
+    paths:
+      include:
+        - "nomad/fsm.*"
+        - "nomad/state/state_store.*"