Both Supergraph and LatestSchema resolvers recomputed their result on
every request. The work is non-trivial:
- Supergraph: sdlmerge.MergeSDLs() runs AST validation + normalization
+ custom merge walkers over all subgraph SDLs.
- LatestSchema: CosmoGenerator.Generate() shells out to wgc router
compose (Node via npx), spending 100-300m CPU per call.
Because the output is fully determined by the set of subgraph SDLs and
their lastUpdate timestamp, the result can be cached and reused across
requests until a SubGraphUpdated event bumps the lastUpdate for the
(orgId, ref) key.
Add two precomputation caches to cache.Cache, both versioned by the
existing lastUpdate map so a single timestamp comparison invalidates
stale entries implicitly:
- mergedSDLs: cached MergeSDLs output for Supergraph
- schemaUpdates: cached SchemaUpdate (subgraphs + cosmo config) for
LatestSchema
The UpdateSubGraph debounce already computes the cosmo config to
publish through PubSub; it now also stores the SchemaUpdate so the
next LatestSchema query is warm. OrganizationRemoved evicts both
caches alongside lastUpdate.
This eliminates the per-request CPU bursts that were tripping the
HPA into TooManyReplicas territory.
- Update git remote to git.unbound.se
- Add Gitea workflows: ci.yaml, pre-commit.yaml, release.yaml, goreleaser.yaml
- Delete .gitlab-ci.yml
- Update Go module path to gitea.unbound.se/unboundsoftware/schemas
- Update all imports to new module path
- Update Docker registry to oci.unbound.se
- Update .goreleaser.yml for Gitea releases with internal cluster URL
- Remove GitLab CI linter from pre-commit config
- Use shared release workflow with tag_only for versioning
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Update test setup to leverage legacy hash for API keys in order
to avoid the performance impact of bcrypt. Replace the API key
based test with a user subscription-based test to enhance
concurrency and reliability. Replace `OrganizationByAPIKey`
with `OrganizationsByUser` to optimize the retrieval process.
Remove bcrypt hashing for API keys to speed up concurrent tests and
replace it with a legacy hashing function. Reduce the number of
concurrent readers and writers in the test to improve performance
while retaining essential functionality checks. Use a more efficient
method to fetch organizations within the concurrency test block.
Introduce `AddUserToOrganization`, `RemoveAPIKey`, and
`RemoveOrganization` commands to enhance organization
management. Implement validation for user addition and
API key removal. Update GraphQL schema to support new
mutations and add caching for the new events, ensuring
that organizations and their relationships are accurately
represented in the cache.
Decrease the number of goroutines in concurrent read and write tests to
minimize race conditions during testing. This ensures more reliable
test results and makes it easier to identify concurrency issues.
Implement read-write mutex locks for cache functions to ensure
concurrency safety. Add debug logging for cache updates to enhance
traceability of operations. Optimize user addition logic to prevent
duplicates. Introduce a new test file for comprehensive cache
functionality testing, ensuring reliable behavior.
Adds a new hashed key storage mechanism for API keys in the cache.
Replaces direct mapping to API keys with composite keys based on
organizationId and name. Implements searching of API keys using
hash comparisons for improved security. Updates related tests to
ensure correct functionality and validate the hashing. Also,
adds support for a new dependency `golang.org/x/crypto`.
Add a context with timeout to handle graceful shutdown of the HTTP
server. Update error handling during the server's close to include
context-aware shutdown. Ensure that the server properly logs only
non-closed errors when listening.
argoyle
