Issue #269 new

KALLITHEA_EXTRAS has race conditions

André Klitzing
created an issue

Hi there,

we use KALLITHEA_EXTRAS to fetch authenticated data for a hook. It seems that there is race condition if multiple people push at the same time.

Sometimes the hook is called with the anonymous "default" user even it is not possible to push to that repository as "anonymous". Also if two people push at the same time it is possible that the KALLITHEA_EXTRAS of both pushes are the SAME eben it is another user and another repository. This is really rarely and looks like a race condition.

Example: User A and B pushes the same time to REPO_1 and REPO_2.

Push of A has KALLITHEA_EXTRAS with user A and REPO_1. Push of B has KALLITHEA_EXTRAS with user A and REPO_1, too. But this should be B and REPO_2.

Version: 0.3.2

Comments (9)

  1. André Klitzing reporter

    We use Debian Jessie with Apache2 (2.4.10-10+deb8u7) and a virtualhost with mod_wsgi for kallithea.

            SSLEngine on
            SSLCertificateFile    /etc/apache2/ssl/kallithea.cer
            SSLCertificateKeyFile /etc/apache2/ssl/kallithea.key
    
            WSGIPassAuthorization On
            WSGIScriptAlias "/" "/opt/kallithea/dispatch.wsgi/"
            WSGIDaemonProcess kallithea threads=4 python-path=/opt/kallithea/lib/python2.7/site-packages/
            WSGIProcessGroup kallithea
    

    Do we need to set "threads=4" to 1?

  2. André Klitzing reporter

    just for information....

    There was no race condition since we reported and adjust it.

    We used "processes=5" ... and saw another problem: Sometimes someone pushed new changesets. If you look with the browser to the WebUI there is a new changeset. If you refresh the page... the changeset isn't there. Another refresh... it is there. So the different processes seems to use an invalid cache here.

  3. Mads Kiilerich

    Do you follow the documentation in setup.html:

    .. note::
       If running Kallithea in multiprocess mode,
       make sure you set ``instance_id = *`` in the configuration so each process
       gets it's own cache invalidation key.
    

    ?

  4. Log in to comment