scrabble-game

developer/scrabble-game

Fork 0

Commit Graph

Author	SHA1	Message	Date
Ilia Denisov	8878711cf3	R3: gateway edge hardening — body cap, h2c sizing, rate-limit observability - GATEWAY_MAX_BODY_BYTES (1 MiB): connect WithReadMaxBytes + http.MaxBytesReader on the public mux; explicit http2.Server MaxConcurrentStreams/IdleTimeout and an http.Server ReadHeaderTimeout (R2 report follow-up). - gateway_rate_limited_total{class} counter, Debug per rejection, a rejection tracker drained every 30 s into a Warn summary per key and a report POST to /api/v1/internal/ratelimit/report (feeds the admin view + auto-flag). - The dead AdminPerMinute/AdminBurst policy now guards the /_gm mount (429), ahead of its Basic-Auth. - resolve() logs the cause of infra session-resolve failures at Warn (the transient unauthenticated dips from the R2 run); unknown tokens stay silent.	2026-06-10 01:58:48 +02:00
Ilia Denisov	dcd8de8b00	Stage 12: observability & performance (OTel/OTLP, domain metrics, guest GC) Tests · Go / test (push) Successful in 11s Details Tests · Integration / integration (push) Successful in 12s Details Tests · Go / test (pull_request) Successful in 10s Details Tests · Integration / integration (pull_request) Successful in 11s Details - pkg/telemetry: shared OTel provider bootstrap (none/stdout/otlp + W3C propagators + Go runtime metrics); backend/internal/telemetry becomes a thin facade keeping its gin middleware. - Telemetry parity: gateway and the Telegram connector gain telemetry runtimes and config (GATEWAY_/TELEGRAM_ SERVICE_NAME + OTEL_*); otelgrpc instruments the backend push server, the gateway's backend+connector clients and the connector server. Default exporter stays none (collector/dashboards are Stage 14). - Operational metrics (variant attribute on game-scoped ones): game_replay_duration, game_move_validate_duration, games_started_total, games_abandoned_total, game_cache_active, chat_messages_total{kind}, gateway edge_request_duration. Wired via the SetMetrics setter pattern (default no-op meter). - TODO-3: account.GuestReaper deletes guests with no game seat past BACKEND_GUEST_RETENTION (default 30d, swept every BACKEND_GUEST_REAP_INTERVAL). - Tests: pkg/telemetry exporter selection; game/social/edge metric recording via a manual reader; config (otlp accepted, guest knobs); inttest guest reaper. - Docs: PLAN.md re-scopes Stage 12 and adds Stage 13 (alphabet-on-wire) + Stage 14 (CI/deploy) with the agreed dictionary-versioning resolution; ARCHITECTURE 11/13, TESTING, the three READMEs and FUNCTIONAL(+ru) updated.	2026-06-04 14:22:15 +02:00

Author

SHA1

Message

Date

Ilia Denisov

8878711cf3

R3: gateway edge hardening — body cap, h2c sizing, rate-limit observability

- GATEWAY_MAX_BODY_BYTES (1 MiB): connect WithReadMaxBytes + http.MaxBytesReader
  on the public mux; explicit http2.Server MaxConcurrentStreams/IdleTimeout and
  an http.Server ReadHeaderTimeout (R2 report follow-up).
- gateway_rate_limited_total{class} counter, Debug per rejection, a rejection
  tracker drained every 30 s into a Warn summary per key and a report POST to
  /api/v1/internal/ratelimit/report (feeds the admin view + auto-flag).
- The dead AdminPerMinute/AdminBurst policy now guards the /_gm mount (429),
  ahead of its Basic-Auth.
- resolve() logs the cause of infra session-resolve failures at Warn (the
  transient unauthenticated dips from the R2 run); unknown tokens stay silent.

2026-06-10 01:58:48 +02:00

Ilia Denisov

dcd8de8b00

Stage 12: observability & performance (OTel/OTLP, domain metrics, guest GC)

Tests · Go / test (push) Successful in 11s

Details

Tests · Integration / integration (push) Successful in 12s

Details

Tests · Go / test (pull_request) Successful in 10s

Details

Tests · Integration / integration (pull_request) Successful in 11s

Details

- pkg/telemetry: shared OTel provider bootstrap (none/stdout/otlp + W3C
  propagators + Go runtime metrics); backend/internal/telemetry becomes a thin
  facade keeping its gin middleware.
- Telemetry parity: gateway and the Telegram connector gain telemetry runtimes
  and config (GATEWAY_/TELEGRAM_ SERVICE_NAME + OTEL_*); otelgrpc instruments the
  backend push server, the gateway's backend+connector clients and the connector
  server. Default exporter stays none (collector/dashboards are Stage 14).
- Operational metrics (variant attribute on game-scoped ones): game_replay_duration,
  game_move_validate_duration, games_started_total, games_abandoned_total,
  game_cache_active, chat_messages_total{kind}, gateway edge_request_duration.
  Wired via the SetMetrics setter pattern (default no-op meter).
- TODO-3: account.GuestReaper deletes guests with no game seat past
  BACKEND_GUEST_RETENTION (default 30d, swept every BACKEND_GUEST_REAP_INTERVAL).
- Tests: pkg/telemetry exporter selection; game/social/edge metric recording via
  a manual reader; config (otlp accepted, guest knobs); inttest guest reaper.
- Docs: PLAN.md re-scopes Stage 12 and adds Stage 13 (alphabet-on-wire) + Stage 14
  (CI/deploy) with the agreed dictionary-versioning resolution; ARCHITECTURE 11/13,
  TESTING, the three READMEs and FUNCTIONAL(+ru) updated.

2026-06-04 14:22:15 +02:00

2 Commits