Add headerbp integration

[pacejackson]

💸 TL;DR

Add integrations to automatically propagate baseplate headers received from other services and forbids sending new baseplate headers in client calls.

✅ Checks

• CI tests (if present) are passing
• Adheres to code style for repo
• Contributor License Agreement (CLA) completed if not a Reddit employee

[pacejackson]

Since we don't have a distinct "internal vs non-internal" client type, I was thinking it would probably be good to have some sort of flag that you have to manually set to have HTTP clients automatically propagate headers?

[fishy]

the test passed for go 1.22 but failed for go 1.23, I think that just means the test is flaky? I don't think you used anything that will cause a difference between go 1.22 and 1.23.

[fishy]

nit: just use:

Suggested change

	if len(key) < len(headerPrefixLower) {
	return false
	}
	prefix := key[:len(headerPrefixLower)]
	return prefix == headerPrefixLower || prefix == headerPrefixCanonicalHTTP
	return strings.HasPrefix(key, headerPrefixLower) || strings.HasPrefix(key, headerPrefixCanonicalHTTP)

?

this way you no longer rely on headerPrefixCanonicalHTTP and headerPrefixLower being the same length.

[pacejackson]

the strings.HasPrefix approach is significantly slower (relatively speaking)

func BenchmarkIsBaseplateHeader(b *testing.B) {
	// the question of using string.HasPrefix has come up a couple of times, benchmark the two approaches to see if there
	// is a significant enough differenc between the two.
	isBaseplateHeader_startswith := func(key string) bool {
		return strings.HasPrefix(key, HeaderPrefixLower) || strings.HasPrefix(key, HeaderPrefixCanonicalHTTP)
	}
	b.Run("startswith", func(b *testing.B) {
		for i := 0; i < b.N; i++ {
			isBaseplateHeader_startswith("X-Bp-Header")
		}
	})

	b.Run("==", func(b *testing.B) {
		for i := 0; i < b.N; i++ {
			IsBaseplateHeader("X-Bp-Header")
		}
	})
}

BenchmarkIsBaseplateHeader
BenchmarkIsBaseplateHeader/startswith
BenchmarkIsBaseplateHeader/startswith-16 299018905 3.799 ns/op
BenchmarkIsBaseplateHeader/==
BenchmarkIsBaseplateHeader/==-16 1000000000 0.2518 ns/op
PASS

[pacejackson]

this way you no longer rely on headerPrefixCanonicalHTTP and headerPrefixLower being the same length.

They must always be the same since they are just the same string with different cases

[fishy]

nit: _rejected_headers_total, the last word before total should be the unit in plural form ("headers")

[fishy]

same comment here, _sent_headers_total.

[fishy]

_sent_size_bytes, _total is only for counters (this is a histogram), and there the unit is bytes.

[fishy]

_received_headers_total.

[fishy]

_received_size_bytes.

[fishy]

I wonder if we should add a x-bp- version of the deadline propagation header, so that we can still propagate deadline even in a untrusted chain of calls?

[pacejackson]

I wonder if we should add a x-bp- version of the deadline propagation header, so that we can still propagate deadline even in a untrusted chain of calls?

I'm not sure I understand, this specifically would discard that header if the request was marked as untrusted? 😅

[fishy]

nit: for readability:

Suggested change

	headerbp.WithThriftService("", name),
	headerbp.WithThriftService("" /* service */, name),

(and I assume we use "" for service because we don't really have a notion of service name in thrift servers?)

[pacejackson]

the test passed for go 1.22 but failed for go 1.23, I think that just means the test is flaky? I don't think you used anything that will cause a difference between go 1.22 and 1.23.

It does seem like the test is flaky, but I think it's flaky because it can't call the test service I'm setting up. Is there something I'm missing there?

[fishy]

you can probably add a small sleep after this go to give it time to actually start the server, not sure if it's worth it though 🤷 looks like the failed test is just very unlucky.

[konradreiche]

Suggested change

	func ClientHeaderBPMiddleware(client string) ClientMiddleware {
	func ClientHeaderBaseplateMiddleware(client string) ClientMiddleware {

🔕 maybe best spelled out since we have Baseplate more often in function or method names than BP.

[pacejackson]

headerbp is the name of the actual library so I figured it was better to keep it consistent with that?

[konradreiche]

Suggested change

	for k := range req.Header {
	if err := headerbp.CheckClientHeader(k,
	headerbp.WithHTTPClient("", client, ""),
	); err != nil {
	return nil, err
	}
	for key := range req.Header {
	if err := headerbp.CheckClientHeader(
	key,
	headerbp.WithHTTPClient("", client, ""),
	); err != nil {
	return nil, err
	}

🔕 I find this slightly more readable 🙂

[konradreiche]

I'm a big fan of always checking if the assertion was successful, though I got the impression that if we tightly control it, it's okay to not check to make the API more user-friendly 🤔

[pacejackson]

I don't think that really does anything here though

[konradreiche]

One thing I noticed with our internal2compat primarily sets on structs local to this package but then makes it accessible through a separate getter. Would it make sense to define this locally here too and then call V2Context() to get the function outside of this package?

[pacejackson]

I see, that makes sense, updated.

[konradreiche]

Only requesting changes for the open internal2compat question/discussion since it seems like it won't clear my review queue unless I approve or request changes 😅

[konradreiche]