feat: add a reconnect to the initial ldap connection#928
Conversation
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (2)
📝 WalkthroughWalkthroughLdapService now carries an injected context and NewLdapService requires ctx. Initial connect failure triggers reconnect(10s); heartbeat failures call reconnect(5s). reconnect(interval) uses ldap.ctx, sets backoff.InitialInterval from interval, and only closes non-nil connections before reconnecting. ChangesLDAP reconnect & context wiring
Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@internal/service/ldap_service.go`:
- Around line 66-70: The startup blocking retry in ldap_service.go (the call to
ldap.reconnect(...) inside the error branch after connection attempt) causes
~47.5s delay; either remove this startup reconnect entirely so setup continues
on LDAP failure (relying on existing heartbeat reconnect logic), or drastically
shorten it (e.g., call ldap.reconnect with a single short interval / 1–2 second
attempts or implement max 1-2 retries) and update the comment to reflect the
actual delay; locate the error handling around ldap.reconnect and adjust the
call and/or comment accordingly so BootstrapApp.setupServices will not block for
~47.5s when LDAP is unavailable.
- Around line 67-69: The logic in NewLdapService incorrectly returns nil even
when ldap.reconnect succeeds: adjust the error handling in the initial connect
branch (where err != nil) to call ldap.reconnect(10 * time.Second) and check its
return error; if reconnect returns nil then return the ldap pointer and nil
error, otherwise return nil and the wrapped reconnect error (fmt.Errorf("failed
to connect to ldap server: %w", err)). Ensure you reference the ldap variable
created in NewLdapService and only return nil when reconnect actually fails.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro Plus
Run ID: 90ca0a54-2e80-4d2f-8a87-9283a697d90d
📒 Files selected for processing (1)
internal/service/ldap_service.go
| // Warn: This will hang the tinyauth startup for a good 45 seconds until it fails | ||
| if err != nil { | ||
| err = ldap.reconnect(10 * time.Second) | ||
| return nil, fmt.Errorf("failed to connect to ldap server: %w", err) | ||
| } |
There was a problem hiding this comment.
Startup now blocks for ~47.5 seconds when LDAP is unavailable.
The startup reconnect logic introduces a significant delay. With a 10-second initial interval, 1.5× multiplier, and 3 max tries, the total wait is approximately 47.5 seconds before failing. This blocks application startup whenever LDAP is unreachable.
Impact: Based on the upstream caller (BootstrapApp.setupServices), the application is designed to tolerate LDAP initialization failure and continue without it. The new blocking retry degrades startup time from immediate to ~47.5 seconds in environments where LDAP is down or misconfigured. This affects deployment, development, and testing workflows.
Suggestions:
- Consider removing the startup reconnect entirely and rely only on the heartbeat reconnect (which already handles connection recovery after startup).
- If startup reconnect is essential, use a much shorter total timeout (e.g., 1-2 tries with 2-3 second intervals) to fail faster.
- Update or remove the "45 seconds" comment to reflect the actual ~47.5-second delay.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@internal/service/ldap_service.go` around lines 66 - 70, The startup blocking
retry in ldap_service.go (the call to ldap.reconnect(...) inside the error
branch after connection attempt) causes ~47.5s delay; either remove this startup
reconnect entirely so setup continues on LDAP failure (relying on existing
heartbeat reconnect logic), or drastically shorten it (e.g., call ldap.reconnect
with a single short interval / 1–2 second attempts or implement max 1-2 retries)
and update the comment to reflect the actual delay; locate the error handling
around ldap.reconnect and adjust the call and/or comment accordingly so
BootstrapApp.setupServices will not block for ~47.5s when LDAP is unavailable.
| if err != nil { | ||
| err = ldap.reconnect(10 * time.Second) | ||
| return nil, fmt.Errorf("failed to connect to ldap server: %w", err) |
There was a problem hiding this comment.
Critical logic error: successful reconnect still returns nil service.
If the initial connection fails but reconnect succeeds, this code still returns a nil service pointer and an error. Line 69 executes unconditionally when the initial connect fails, regardless of whether the reconnect succeeded.
Impact: When reconnect succeeds, the LDAP connection is established (ldap.conn is valid and ldap pointer exists), but NewLdapService returns nil to the caller. Downstream code (like AuthService.GetLDAPUser) will report "ldap service not configured" even though the connection is active.
🐛 Proposed fix
if err != nil {
err = ldap.reconnect(10 * time.Second)
- return nil, fmt.Errorf("failed to connect to ldap server: %w", err)
+ if err != nil {
+ return nil, fmt.Errorf("failed to connect to ldap server: %w", err)
+ }
}📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| if err != nil { | |
| err = ldap.reconnect(10 * time.Second) | |
| return nil, fmt.Errorf("failed to connect to ldap server: %w", err) | |
| if err != nil { | |
| err = ldap.reconnect(10 * time.Second) | |
| if err != nil { | |
| return nil, fmt.Errorf("failed to connect to ldap server: %w", err) | |
| } | |
| } |
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@internal/service/ldap_service.go` around lines 67 - 69, The logic in
NewLdapService incorrectly returns nil even when ldap.reconnect succeeds: adjust
the error handling in the initial connect branch (where err != nil) to call
ldap.reconnect(10 * time.Second) and check its return error; if reconnect
returns nil then return the ldap pointer and nil error, otherwise return nil and
the wrapped reconnect error (fmt.Errorf("failed to connect to ldap server: %w",
err)). Ensure you reference the ldap variable created in NewLdapService and only
return nil when reconnect actually fails.
Summary by CodeRabbit