Add internal api to sync machines before purging cdn cache

Author: Seldaek

config/services.yaml

@@ -13,6 +13,7 @@ parameters:
     trusted_ip_header: ''
     github.webhook_secret: '%env(APP_GITHUB_WEBHOOK_SECRET)%'
     fallback_gh_tokens: []
+    replica_ips: []
 
 services:
     # default configuration for services in *this* file
@@ -44,6 +45,7 @@ services:
             $mailFromName: "%env(APP_MAILER_FROM_NAME)%"
             $fallbackGhTokens: "%fallback_gh_tokens%"
             $configDir: '%kernel.project_dir%/config/'
+            $internalSecret: '%env(APP_SECRET)%'
 
     # makes classes in src/ available to be used as services
     # this creates a service per class whose id is the fully-qualified class name
@@ -130,3 +132,7 @@ services:
             $metadataPublicEndpoint: '%env(default::CDN_METADATA_PUBLIC_ENDPOINT)%'
             $metadataApiKey: '%env(default::CDN_METADATA_API_KEY)%'
             $cdnApiKey: '%env(default::CDN_API_KEY)%'
+
+    App\Service\ReplicaClient:
+        arguments:
+            $replicaIps: '%replica_ips%'

src/Controller/InternalController.php

@@ -0,0 +1,61 @@
+<?php declare(strict_types=1);
+
+/*
+ * This file is part of Packagist.
+ *
+ * (c) Jordi Boggiano <[email protected]>
+ *     Nils Adermann <[email protected]>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace App\Controller;
+
+use Psr\Log\LoggerInterface;
+use Symfony\Component\HttpFoundation\IpUtils;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Attribute\Route;
+
+class InternalController extends Controller
+{
+    public function __construct(
+        private string $internalSecret,
+        private string $metadataDir,
+        private LoggerInterface $logger,
+    ) {
+    }
+
+    #[Route(path: '/internal/update-metadata', name: 'internal_update_metadata', defaults: ['_format' => 'json'], methods: ['POST'])]
+    public function updateMetadataAction(Request $req): Response
+    {
+        if ($req->getClientIp() === null || !IpUtils::isPrivateIp($req->getClientIp())) {
+            $this->logger->error('Non-internal IP on internal IP');
+            throw $this->createAccessDeniedException();
+        }
+
+        $path = $req->request->getString('path');
+        $contents = $req->request->getString('contents');
+        $filemtime = $req->request->getInt('filemtime');
+        $sig = (string) $req->headers->get('Internal-Signature');
+
+        $expectedSig = hash_hmac('sha256', $path.$contents.$filemtime, $this->internalSecret);
+        if (!hash_equals($expectedSig, $sig)) {
+            $this->logger->error('Invalid signature', ['contents' => $contents, 'path' => $path, 'filemtime' => $filemtime, 'sig' => $sig]);
+            throw $this->createAccessDeniedException();
+        }
+
+        $gzipped = gzencode($contents, 7);
+        if (false === $gzipped) {
+            throw new \RuntimeException('Failed gzencoding '.$contents);
+        }
+
+        $path = $this->metadataDir . '/' . $path;
+        file_put_contents($path.'.tmp', $gzipped);
+        touch($path.'.tmp', $filemtime);
+        rename($path.'.tmp', $path);
+
+        return new Response('OK', Response::HTTP_ACCEPTED);
+    }
+}

src/Package/V2Dumper.php

@@ -17,6 +17,7 @@
 use App\Entity\PackageFreezeReason;
 use App\Entity\SecurityAdvisory;
 use App\Service\CdnClient;
+use App\Service\ReplicaClient;
 use Composer\Pcre\Preg;
 use Doctrine\DBAL\ArrayParameterType;
 use Symfony\Component\Filesystem\Filesystem;
@@ -54,6 +55,7 @@ public function __construct(
         private ProviderManager $providerManager,
         private Logger $logger,
         private readonly CdnClient $cdnClient,
+        private readonly ReplicaClient $replicaClient,
         private readonly UrlGeneratorInterface $router,
     ) {
         $webDir = realpath($webDir);
@@ -384,7 +386,24 @@ private function writeV2File(Package $package, string $name, string $path, strin
 
         assert(isset($filemtime));
 
-        $this->writeFileAtomic($path, $contents, intval(ceil($filemtime/10000)));
+        $timeUnix = intval(ceil($filemtime/10000));
+        $this->writeFileAtomic($path, $contents, $timeUnix);
+
+        $retries = 3;
+        do {
+            try {
+                $this->replicaClient->uploadMetadata($relativePath, $contents, $timeUnix);
+                break;
+            } catch (TransportExceptionInterface $e) {
+                if ($retries === 0) {
+                    throw $e;
+                }
+                $this->logger->debug('Retrying due to failure', ['exception' => $e]);
+                sleep(1);
+            }
+        } while ($retries-- > 0);
+
+        $this->cdnClient->purgeMetadataCache($relativePath);
 
         $this->redis->zadd('metadata-dumps', [$pkgWithDevFlag => $filemtime]);
         $this->statsd->increment('packagist.metadata_dump_v2');

src/Service/CdnClient.php

@@ -42,17 +42,20 @@ public function uploadMetadata(string $path, string $contents): int
         ]);
         $time = strtotime($resp->getHeaders()['last-modified'][0]) * 10000;
 
+        return $time;
+    }
+
+    public function purgeMetadataCache(string $path): void
+    {
         $resp = $this->httpClient->request('POST', 'https://api.bunny.net/purge?'.http_build_query(['url' => $this->metadataPublicEndpoint.$path, 'async' => 'true']), [
             'headers' => [
                 'AccessKey' => $this->cdnApiKey,
             ],
         ]);
         // wait for status code at least
         if ($resp->getStatusCode() !== 200) {
-            $this->logger->error('Failed purging '.$path.' from CDN while writing an update to it', ['filemtime' => $time/10000]);
+            $this->logger->error('Failed purging '.$path.' from CDN');
         }
-
-        return $time;
     }
 
     public function sendUploadMetadataRequest(string $path, string $contents): ResponseInterface

src/Service/ReplicaClient.php

@@ -0,0 +1,45 @@
+<?php
+
+namespace App\Service;
+
+use Symfony\Component\HttpClient\Exception\TransportException;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Contracts\HttpClient\HttpClientInterface;
+
+class ReplicaClient
+{
+    public function __construct(
+        private HttpClientInterface $httpClient,
+        /**
+         * @var list<string>
+         */
+        private array $replicaIps,
+        private string $internalSecret,
+    ) {}
+
+    public function uploadMetadata(string $path, string $contents, int $filemtime): void
+    {
+        $sig = hash_hmac('sha256', $path.$contents.$filemtime, $this->internalSecret);
+
+        $resps = [];
+        foreach ($this->replicaIps as $ip) {
+            $resps[] = $this->httpClient->request('POST', 'http://'.$ip.'/internal/update-metadata', [
+                'headers' => [
+                    'Internal-Signature' => $sig,
+                    'Host' => 'packagist.org',
+                ],
+                'body' => [
+                    'path' => $path,
+                    'contents' => $contents,
+                    'filemtime' => $filemtime,
+                ],
+            ]);
+        }
+
+        foreach ($resps as $resp) {
+            if ($resp->getStatusCode() !== Response::HTTP_ACCEPTED) {
+                throw new TransportException('Invalid response code', $resp->getStatusCode());
+            }
+        }
+    }
+}

tests/Controller/UserControllerTest.php

@@ -17,7 +17,7 @@
 
 class UserControllerTest extends ControllerTestCase
 {
-    public function testEnableTwoFactoCode(): void
+    public function testEnableTwoFactorCode(): void
     {
         $user = self::createUser();
         $this->store($user);