Skip to content

Cdn cache improvements 3#2860

Merged
david-a-wheeler merged 2 commits into
mainfrom
cdn_cache_improvements_3
Jun 26, 2026
Merged

Cdn cache improvements 3#2860
david-a-wheeler merged 2 commits into
mainfrom
cdn_cache_improvements_3

Conversation

@david-a-wheeler

Copy link
Copy Markdown
Collaborator

No description provided.

david-a-wheeler and others added 2 commits June 26, 2026 09:24
Section 9.3 honestly noted that purging is wired into the controller
update/destroy actions and the bulk recalculation, but not a model callback,
so a future write path that changes a displayed project field could leave the
cached anonymous show page stale until Surrogate-Control max-age expires.

Add Section 11 recording, as a deliberate (not-yet-implemented) proposal, an
after_commit model callback that purges on any project change. Includes the
exact callback, the implementation details that keep it correct (notably
gating on skip_callbacks so the bulk recalc's single purge_all is not turned
into thousands of per-project purges, after_commit vs after_save, enqueue vs
synchronous purge, scope to update/destroy, removing the now-redundant
controller purges, and purge-on-any-update over a fragile column allowlist),
the pros and cons, the residual cross-model (user_display_name) limitation,
and tests.

Doc-only; no behavior change.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
projects#update previously scheduled the delayed re-purge only inside the
"@project.save succeeded" branch. But update_additional_rights writes the
AdditionalRight table (rendered on the anonymous /permissions page) in its
own transaction, which commits independently of @project.save and is not
rolled back if the save later fails. On a save-fails-after-rights-changed
path, only the early immediate purge fired -- losing the delayed re-purge
that closes the TCP-reorder race, so the CDN could hold obsolete collaborator
data until max-age.

Schedule the delayed re-purge unconditionally on entry to update (after the
request is authorized), alongside the early immediate purge, and drop the now
-redundant post-save delayed purge (keeping the post-save immediate purge for
freshest-data eviction). Extra purges are harmless and the request is already
authorized by that point.

Apply the same immediate+delayed pair to destroy, which previously did only
an immediate purge: a stale re-cache of a deleted project's page is exactly
the case worth the extra re-purge.

Also correct an outdated comment: ActiveJob is backed by solid_queue (a
database queue) in production, so the delayed purge is durable and survives a
restart mid-wait -- it is not "stored in RAM" as the old comment claimed.

Add a regression test (CdnCachingTest): a permissions-only update (changing
only additional_rights, project row unchanged) must enqueue PurgeCdnProjectJob
with the project's record_key. Guards against re-gating the purge on
@project.saved_changes?, which would silently serve stale rights.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
@codecov

codecov Bot commented Jun 26, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (441e7f4) to head (a0ddac8).

Additional details and impacted files
@@            Coverage Diff            @@
##              main     #2860   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           79        79           
  Lines         4331      4332    +1     
=========================================
+ Hits          4331      4332    +1     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@david-a-wheeler david-a-wheeler merged commit c060a97 into main Jun 26, 2026
8 checks passed
@david-a-wheeler david-a-wheeler deleted the cdn_cache_improvements_3 branch June 26, 2026 15:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant