When handling multiple requests for the same token, it's unnecessary to send several requests to the ZTS server in short span. To optimize this, we can utilize the singleflight feature from the golang.org/x/sync/singleflight package, which ensures that for a given token, only one request is made to the ZTS server, and its result is shared across all the requests.
Also, to effectively monitor whether a specific requestID has been processed using singleflight or not, loggers that allow us to determine whether a request was handled directly or if its response was the result of a shared call to the ZTS serve is a must.
This is the expected log for single request:
Attempting to fetch role token due to a cache miss from Athenz ZTS server: target[provider.domain.name], requestID[11111]
Successfully updated role token cache after a cache miss: target[provider.domain.name], requestID[11111]
This is expected log for multiple requests in a short span:
Attempting to fetch role token due to a cache miss from Athenz ZTS server: target[provider.domain.name], requestID[11111]
Attempting to fetch role token due to a cache miss from Athenz ZTS server: target[provider.domain.name], requestID[22222]
Attempting to fetch role token due to a cache miss from Athenz ZTS server: target[provider.domain.name], requestID[33333]
Successfully updated role token cache after a cache miss: target[provider.domain.name], requestID[11111]
Successfully updated role token cache by coalescing requests to a leader request: target[yby.jekim.provirder], leaderRequestID[11111], requestID[22222]
Successfully updated role token cache by coalescing requests to a leader request: target[yby.jekim.provide], leaderRequestID[11111], requestID[33333]
This is expected log for multiple requests in a short span but fails:
Attempting to fetch role token due to a cache miss from Athenz ZTS server: target[provider.domain.name], requestID[11111]
Attempting to fetch role token due to a cache miss from Athenz ZTS server: target[provider.domain.name], requestID[22222]
Attempting to fetch role token due to a cache miss from Athenz ZTS server: target[provider.domain.name], requestID[33333]
Failed to fetch role token from Athenz ZTS server after a cache miss: target[provider.domain.name], requestID[11111]
Failed to fetch role token from Athenz ZTS server as a leader request has failed: target[provider.domain.name], leaderRequestID[11111], requestID[22222]
Failed to fetch role token from Athenz ZTS server as a leader request has failed: target[provider.domain.name], leaderRequestID[11111], requestID[33333]
Description
When handling multiple requests for the same token, it's unnecessary to send several requests to the ZTS server in short span. To optimize this, we can utilize the singleflight feature from the golang.org/x/sync/singleflight package, which ensures that for a given token, only one request is made to the ZTS server, and its result is shared across all the requests.
Also, to effectively monitor whether a specific requestID has been processed using singleflight or not, loggers that allow us to determine whether a request was handled directly or if its response was the result of a shared call to the ZTS serve is a must.
This is the expected log for single request:
This is expected log for multiple requests in a short span:
This is expected log for multiple requests in a short span but fails:
TODOs