Add job wckey #558

1daidai1 · 2025-07-29T01:47:35Z

添加

删除

修改默认default-wckey

提交作业带参数

提交作业不带wckey,采用默认wckey

Summary by CodeRabbit

New Features
- Workload-key (wckey) management: add, delete, query, set default via new service endpoints and APIs; persistent storage and lifecycle handling; runtime flag to enable wckey.
Behavior
- Tasks may include or inherit a default wckey; validation enforces existence and marks default usage in task attributes.
Bug Fixes
- Data wipe tools updated to clear wckey data when requested or in default wipe modes.
Documentation
- Added Wckey Management docs (add/delete/modify/show) and sample commented config lines.
Style
- New user-facing error messages for clearer wckey diagnostics.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

coderabbitai · 2025-07-29T01:47:41Z

Warning

Rate limit exceeded

@L-Xiafeng has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 15 minutes and 24 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 24a99bf and 7b56f5b.

📒 Files selected for processing (20)

docs/en/command/cacctmgr.md
docs/zh/command/cacctmgr.md
etc/config.yaml
protos/Crane.proto
protos/PublicDefs.proto
scripts/wipe_data.py
scripts/wipe_data.sh
src/CraneCtld/AccountManager.cpp
src/CraneCtld/AccountManager.h
src/CraneCtld/CraneCtld.cpp
src/CraneCtld/CtldPreCompiledHeader.h
src/CraneCtld/CtldPublicDefs.cpp
src/CraneCtld/CtldPublicDefs.h
src/CraneCtld/DbClient.cpp
src/CraneCtld/DbClient.h
src/CraneCtld/RpcService/CtldGrpcServer.cpp
src/CraneCtld/RpcService/CtldGrpcServer.h
src/CraneCtld/TaskScheduler.cpp
src/Utilities/PublicHeader/include/crane/PublicHeader.h
src/Utilities/PublicHeader/include/crane/String.h

📝 Walkthrough

Walkthrough

Adds end-to-end "wckey" support: protobufs and gRPC RPCs; AccountManager in-memory + transactional Wckey CRUD and default management; DbClient persistence and document mapping to new wckey_table; TaskScheduler wckey handling; config parsing flag, wipe scripts, error strings, and docs.

Changes

Cohort / File(s)	Change Summary
Config & Scripts `etc/config.yaml`, `scripts/wipe_data.sh`, `scripts/wipe_data.py`	Added commented TrackWCKey hint in `etc/config.yaml`; added `wckey_table` wipe options and updated default/flag-driven wipe behavior in shell and Python wipe scripts.
Protobuf & Public defs `protos/Crane.proto`, `protos/PublicDefs.proto`	Added Wckey RPCs/messages (`AddWckey`, `DeleteWckey`, `ModifyDefaultWckey`, `QueryWckeyInfo`, `WckeyInfo`, `QueryWckeyInfo`); added `TaskToCtld.wckey` and `TaskInfo.wckey`; appended ErrCode values and `ModifyField::DefaultWckey`.
Account manager `src/CraneCtld/AccountManager.h`, `src/CraneCtld/AccountManager.cpp`	Introduced Wckey type, in-memory `m_wckey_map_` + RW mutex; public APIs: `AddUserWckey`, `DeleteWckey`, `QueryAllWckeyInfo`, `ModifyDefaultWckey`, `GetExistedDefaultWckeyName`, `GetExistedWckeyInfo`; private transactional helpers and default-management.
DB client & storage `src/CraneCtld/DbClient.h`, `src/CraneCtld/DbClient.cpp`	Added `EntityType::WCKEY`, `wckey_table` collection name, `InsertWckey`/`UpdateWckey`/`SelectAllWckey`, `WckeyToDocument_`/`ViewToWckey_`; extended User/Task document mappings to include `default_wckey`/`wckey`; added `UpdateEntityOneByFields` helper and document mapping specialization.
gRPC service `src/CraneCtld/RpcService/CtldGrpcServer.h`, `src/CraneCtld/RpcService/CtldGrpcServer.cpp`	Added gRPC handlers and declarations for `AddWckey`, `DeleteWckey`, `ModifyDefaultWckey`, `QueryWckeyInfo`; handlers validate caller and delegate to AccountManager and populate replies.
Task scheduler & public defs `src/CraneCtld/TaskScheduler.cpp`, `src/CraneCtld/CtldPublicDefs.cpp`, `src/CraneCtld/CtldPublicDefs.h`	Added `Ctld::Wckey` struct and fields (`TaskInCtld.wckey`, `User.default_wckey`, `Ctld::Config.WckeyValid`); TaskScheduler assigns/validates task wckey, marks default usage with `*`, and returns ERR_INVALID_WCKEY when invalid; TaskInfo.wckey populated.
Precompiled header & strings `src/CraneCtld/CtldPreCompiledHeader.h`, `src/Utilities/PublicHeader/include/crane/PublicHeader.h`, `src/Utilities/PublicHeader/include/crane/String.h`	Added `#include <absl/hash/hash.h>`; appended five wckey-related error strings (indices 85–89) to error catalog; minor whitespace formatting change.
Docs / CLI `docs/en/command/cacctmgr.md`, `docs/zh/command/cacctmgr.md`	Added "Wckey Management" section covering Add/Delete/ModifyDefault/Show commands with syntax and examples.

Sequence Diagram(s)

sequenceDiagram
    autonumber
    participant Client
    participant Ctld as Ctld gRPC
    participant AM as AccountManager
    participant DB as DbClient
    participant Mongo as MongoDB

    Client->>Ctld: AddWckeyRequest(uid, WckeyInfo)
    Ctld->>AM: AddUserWckey(uid, Wckey)
    AM->>DB: InsertWckey(wckey)
    DB->>Mongo: insert into wckey_table
    Mongo-->>DB: ack
    DB-->>AM: success / error
    AM-->>Ctld: result (ok / ErrCode)
    Ctld-->>Client: AddWckeyReply

    Client->>Ctld: QueryWckeyInfoRequest(uid, optional list)
    Ctld->>AM: QueryAllWckeyInfo(uid, filter_set)
    AM->>DB: SelectAllWckey()
    DB->>Mongo: query wckey_table
    Mongo-->>DB: documents
    DB-->>AM: wckey list
    AM-->>Ctld: populated WckeyInfo list
    Ctld-->>Client: QueryWckeyInfoReply

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Focus areas:
- AccountManager: transactional flows for Add/Update/Delete, default is_default transitions, lock ordering and concurrency around m_wckey_map_ and user.default_wckey.
- DbClient: BSON filter/update correctness, UpdateEntityOneByFields template, collection routing and document field ordering consistency (task/user wckey slots).
- Protos & enums: tag numbering and ErrCode append alignment with error strings and generated code.
- TaskScheduler and ParseConfig: correct gating by WckeyValid and error propagation.
- gRPC handlers: validation of permissions/cert UID and mapping of internal errors to reply fields.

Possibly related PRs

refactor: Change CgroupManager to stateless, add jobmanager. #461 — overlaps in ParseConfig modifications for TrackWCKey; may touch same config parsing area.

Suggested labels

enhancement

Suggested reviewers

L-Xiafeng
NamelessOIer
RileyWen

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 6.90% which is insufficient. The required threshold is 80.00%.	You can run `@coderabbitai generate docstrings` to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Add job wckey' directly and clearly describes the main change—introducing wckey (wallet key) support for jobs throughout the codebase.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

coderabbitai

Actionable comments posted: 9

🧹 Nitpick comments (8)

src/CraneCtld/CraneCtld.cpp (1)
551-555: Consider explicit initialization for consistency.

The logic correctly parses the comma-separated values and sets MustNeedWckey to true when "wckeys" is present. However, consider explicitly setting it to false when "wckeys" is not present to ensure consistent behavior during configuration reloads.

Apply this diff for explicit initialization:
 if (config["AccountingStorageEnforce"]) {
   auto val = config["AccountingStorageEnforce"].as<std::string>();
   std::unordered_set<std::string> items = util::SplitStr(val, ',');
-  if (items.contains("wckeys")) g_config.MustNeedWckey = true;
+  g_config.MustNeedWckey = items.contains("wckeys");
 }
protos/PublicDefs.proto (2)
319-320: Consider using optional for wckey field consistency

Instead of using a separate wckey_valid boolean field, consider making wckey an optional field. This would be more consistent with modern protobuf practices and the pattern used in TaskToCtld (line 168).
-  bool wckey_valid = 41;
-  string wckey = 42;
+  optional string wckey = 41;
553-557: Potential duplication between UserInfo.Wckey and WckeyInfo messages

The UserInfo.Wckey nested message and the top-level WckeyInfo message share most fields. Consider consolidating these to avoid duplication and maintain consistency.

You could either:

Reuse WckeyInfo within UserInfo instead of defining a nested Wckey message

Or extend the nested Wckey message with additional fields when needed

This would reduce code duplication and ensure consistent field definitions across the codebase.

Also applies to: 578-583
protos/Crane.proto (1)
411-414: Clarify wckey_list format in QueryWckeyInfoRequest

The field name wckey_list is ambiguous. Based on other Query operations, this should contain identifiers to filter the query.

Consider renaming for clarity:
 message QueryWckeyInfoRequest {
   uint32 uid = 1;
-  repeated string wckey_list = 2;
+  repeated string wckey_names = 2;  // Filter by wckey names
 }
src/CraneCtld/DbClient.h (1)
232-251: Complex error message construction could be simplified

The error message construction with manual JSON-like formatting is verbose and error-prone.

Consider using a JSON library or simplifying:
-      std::string filter_str = "{";
-      for (size_t i = 0; i < filter_fields.size(); ++i) {
-        filter_str += std::visit(
-            [&](auto&& arg) -> std::string {
-              if constexpr (std::is_same_v<std::decay_t<decltype(arg)>, bool>) {
-                return std::format("{}:{}", filter_fields[i].first,
-                                   arg ? "true" : "false");
-              } else {
-                return std::format("{}:{}", filter_fields[i].first, arg);
-              }
-            },
-            filter_fields[i].second);
-        if (i != filter_fields.size() - 1) filter_str += ", ";
-      }
-      filter_str += "}";
+      std::string filter_str = bsoncxx::to_json(filter.view());
src/CraneCtld/DbClient.cpp (2)
510-518: Consider pagination for SelectAllWckey

The method loads all Wckey documents into memory at once, which could be problematic with large datasets.

Consider adding pagination support similar to FetchJobRecords:
-void MongodbClient::SelectAllWckey(std::list<Ctld::Wckey>* wckey_list) {
+void MongodbClient::SelectAllWckey(std::list<Ctld::Wckey>* wckey_list,
+                                   size_t limit = 0) {
+  mongocxx::options::find options;
+  if (limit > 0) {
+    options = options.limit(limit);
+  }
   mongocxx::cursor cursor =
-      (*GetClient_())[m_db_name_][m_wckey_collection_name_].find({});
+      (*GetClient_())[m_db_name_][m_wckey_collection_name_].find({}, options);
846-848: Consider using uint32_t for uid field consistency

The uid is cast to int64_t, but it's uint32_t in the Wckey struct. While this works, it's inconsistent with the data type.

Consider using int32_t for consistency with other entity types:
-      wckey.cluster,   static_cast<int64_t>(wckey.uid),
+      wckey.cluster,   static_cast<int32_t>(wckey.uid),
And update the corresponding read operation:
-    wckey->uid = wckey_view["uid"].get_int64().value;
+    wckey->uid = wckey_view["uid"].get_int32().value;
src/CraneCtld/AccountManager.cpp (1)

1152-1155: Address TODO for multi-cluster support.

The hardcoded cluster validation will need revision for multi-cluster support. Consider tracking this technical debt.

Would you like me to create an issue to track the multi-cluster enhancement for wckey management?

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 980704f and 787f658.

📒 Files selected for processing (16)

etc/config.yaml (1 hunks)
protos/Crane.proto (5 hunks)
protos/PublicDefs.proto (6 hunks)
scripts/wipe_data.sh (2 hunks)
src/CraneCtld/AccountManager.cpp (11 hunks)
src/CraneCtld/AccountManager.h (10 hunks)
src/CraneCtld/CraneCtld.cpp (1 hunks)
src/CraneCtld/CtldPreCompiledHeader.h (1 hunks)
src/CraneCtld/CtldPublicDefs.h (4 hunks)
src/CraneCtld/DbClient.cpp (15 hunks)
src/CraneCtld/DbClient.h (7 hunks)
src/CraneCtld/RpcService/CtldGrpcServer.cpp (4 hunks)
src/CraneCtld/RpcService/CtldGrpcServer.h (4 hunks)
src/CraneCtld/TaskScheduler.cpp (1 hunks)
src/Utilities/PublicHeader/String.cpp (1 hunks)
src/Utilities/PublicHeader/include/crane/String.h (1 hunks)

🧰 Additional context used

🧠 Learnings (8)

src/CraneCtld/CtldPreCompiledHeader.h (3)

Learnt from: L-Xiafeng
PR: #496
File: src/Craned/TaskManager.cpp:1509-1517
Timestamp: 2025-05-09T01:54:39.465Z
Learning: The CraneSched project uses C++23, which supports Class Template Argument Deduction (CTAD) for standard containers like std::set and includes ranges support, making std::ranges::views::keys valid without additional headers.

Learnt from: RileyWen
PR: #456
File: src/CraneCtld/Tls/VaultClientWrapper.cpp:116-137
Timestamp: 2025-03-31T09:29:40.388Z
Learning: In CraneSched, phmap::parallel_flat_hash_set from the Parallel Hashmap library (parallel_hashmap/phmap.h) is used for thread-safe containers. This container implements internal sharding with separate locks for different parts of the hash table, making it inherently thread-safe for concurrent operations without requiring external synchronization.

Learnt from: RileyWen
PR: #456
File: src/CraneCtld/Tls/VaultClientWrapper.cpp:116-137
Timestamp: 2025-03-31T09:29:40.388Z
Learning: The phmap::parallel_flat_hash_set used in CraneSched's VaultClientWrapper is from the Parallel Hashmap library, which provides thread-safe containers for concurrent access. It uses internal partitioning to reduce contention, making it safe for use in multithreaded environments without external synchronization.

src/Utilities/PublicHeader/include/crane/String.h (1)

Learnt from: L-Xiafeng
PR: #496
File: src/Craned/TaskManager.cpp:1509-1517
Timestamp: 2025-05-09T01:54:39.465Z
Learning: The CraneSched project uses C++23, which supports Class Template Argument Deduction (CTAD) for standard containers like std::set and includes ranges support, making std::ranges::views::keys valid without additional headers.

src/CraneCtld/CtldPublicDefs.h (10)

Learnt from: RileyWen
PR: #475
File: src/CraneCtld/CtldGrpcServer.cpp:113-118
Timestamp: 2025-05-02T07:06:36.103Z
Learning: In CraneSched, gRPC methods should generally return Status::OK even when handling error conditions, as non-OK statuses cause the connection to terminate. Error information should be communicated within the RPC response payload instead.

Learnt from: huerni
PR: #537
File: src/Craned/TaskManager.cpp:145-147
Timestamp: 2025-06-30T08:43:44.470Z
Learning: In the CraneSched codebase, src/Craned/Craned.cpp guarantees that g_config.CranedRes.contains(g_config.CranedIdOfThisNode) through explicit validation during startup. The code checks if g_config.CranedRes.contains(g_config.Hostname) and exits the process if not found, then sets g_config.CranedIdOfThisNode = g_config.Hostname. TaskManager constructor is called after this validation, so g_config.CranedRes[g_config.CranedIdOfThisNode] is guaranteed to be valid.

Learnt from: L-Xiafeng
PR: #496
File: src/CraneCtld/CranedKeeper.cpp:51-53
Timestamp: 2025-05-09T01:54:21.256Z
Learning: The ConfigureCraned function in src/CraneCtld/CranedKeeper.cpp is called from a thread pool, so there's no need to worry about it blocking the gRPC completion queue thread.

Learnt from: 1daidai1
PR: #458
File: src/CraneCtld/CtldPublicDefs.h:0-0
Timestamp: 2025-05-23T02:32:43.952Z
Learning: In the CraneSched project, allocated_res_view is handled/updated separately before calling SetAllocatedRes, so it does not need to be updated again within the method itself.

Learnt from: 1daidai1
PR: #458
File: src/CraneCtld/CtldPublicDefs.h:0-0
Timestamp: 2025-05-23T02:32:43.952Z
Learning: In the CraneSched project, allocated_res_view is updated before calling SetAllocatedRes, so it doesn't need to be updated again within the method itself.

Learnt from: huerni
PR: #469
File: src/Craned/TaskManager.cpp:1162-1175
Timestamp: 2025-05-08T07:39:29.207Z
Learning: In CraneSched, when a task fails in the LaunchTaskInstanceMt_ method after PMIx registration, ActivateTaskStatusChangeAsync_ does not automatically release PMIx resources or cgroup resources. Explicit cleanup is required by calling g_pmix_server->DeregisterTask() and g_cg_mgr->ReleaseCgroupByTaskIdOnly() before returning from the function.

Learnt from: huerni
PR: #469
File: src/Craned/TaskManager.cpp:1162-1175
Timestamp: 2025-05-08T07:39:29.207Z
Learning: In CraneSched, when a task fails in the LaunchTaskInstanceMt_ method, ActivateTaskStatusChangeAsync_ does not automatically release PMIx resources or cgroup. Explicit cleanup is required by calling g_pmix_server->DeregisterTask() and g_cg_mgr->ReleaseCgroupByTaskIdOnly().

Learnt from: RileyWen
PR: #456
File: src/CraneCtld/Tls/VaultClientWrapper.cpp:116-137
Timestamp: 2025-03-31T09:29:40.388Z
Learning: In the CraneSched project, the m_allowed_certs_ in VaultClientWrapper is implemented as a phmap::parallel_flat_hash_set<std::string>, which is a thread-safe container designed for concurrent access, making it safe to use in multithreaded contexts without additional synchronization.

Learnt from: huerni
PR: #499
File: src/CraneCtld/AccountMetaContainer.cpp:249-276
Timestamp: 2025-05-30T02:09:41.625Z
Learning: In CraneSched's AccountMetaContainer class, m_user_meta_map_ and m_account_meta_map_ are thread-safe containers that do not require external synchronization for access.

src/CraneCtld/RpcService/CtldGrpcServer.h (3)

Learnt from: L-Xiafeng
PR: #520
File: src/Craned/CranedServer.cpp:50-51
Timestamp: 2025-06-23T07:53:30.513Z
Learning: In the CraneSched codebase, g_ctld_client is a guaranteed global variable that is always initialized before any gRPC service methods are called, so null pointer checks are not necessary when calling methods on it.

Learnt from: L-Xiafeng
PR: #496
File: src/CraneCtld/CranedKeeper.cpp:51-53
Timestamp: 2025-05-09T01:54:21.256Z
Learning: The ConfigureCraned function in src/CraneCtld/CranedKeeper.cpp is called from a thread pool, so there's no need to worry about it blocking the gRPC completion queue thread.

Learnt from: RileyWen
PR: #475
File: src/CraneCtld/CtldGrpcServer.cpp:113-118
Timestamp: 2025-05-02T07:06:36.103Z
Learning: In CraneSched, gRPC methods should generally return Status::OK even when handling error conditions, as non-OK statuses cause the connection to terminate. Error information should be communicated within the RPC response payload instead.

src/CraneCtld/AccountManager.h (10)

Learnt from: huerni
PR: #499
File: src/CraneCtld/AccountMetaContainer.cpp:249-276
Timestamp: 2025-05-30T02:09:41.625Z
Learning: In CraneSched's AccountMetaContainer class, m_user_meta_map_ and m_account_meta_map_ are thread-safe containers that do not require external synchronization for access.

Learnt from: RileyWen
PR: #456
File: src/CraneCtld/Tls/VaultClientWrapper.cpp:116-137
Timestamp: 2025-03-31T09:29:40.388Z
Learning: In the CraneSched project, the m_allowed_certs_ in VaultClientWrapper is implemented as a phmap::parallel_flat_hash_set<std::string>, which is a thread-safe container designed for concurrent access, making it safe to use in multithreaded contexts without additional synchronization.

Learnt from: huerni
PR: #499
File: src/CraneCtld/AccountMetaContainer.cpp:310-316
Timestamp: 2025-05-30T02:08:41.798Z
Learning: The CraneSched project uses thread-safe phmap (parallel hashmap) for user and account metadata maps, making individual container operations thread-safe without requiring explicit locking for simple operations like erase().

Learnt from: RileyWen
PR: #475
File: src/CraneCtld/CranedKeeper.cpp:503-506
Timestamp: 2025-05-02T07:05:49.032Z
Learning: In CraneCtld/CranedKeeper.cpp, using m_unavail_craned_set_.at() is intentional as the key is guaranteed to exist by design, and crashing on missing key is preferred to silently handling it (fail-fast approach).

Learnt from: L-Xiafeng
PR: #496
File: src/Craned/TaskManager.cpp:1509-1517
Timestamp: 2025-05-09T01:54:39.465Z
Learning: The CraneSched project uses C++23, which supports Class Template Argument Deduction (CTAD) for standard containers like std::set and includes ranges support, making std::ranges::views::keys valid without additional headers.

Learnt from: L-Xiafeng
PR: #496
File: src/CraneCtld/CranedKeeper.cpp:51-53
Timestamp: 2025-05-09T01:54:21.256Z
Learning: The ConfigureCraned function in src/CraneCtld/CranedKeeper.cpp is called from a thread pool, so there's no need to worry about it blocking the gRPC completion queue thread.

Learnt from: huerni
PR: #528
File: src/CraneCtld/AccountManager.cpp:190-192
Timestamp: 2025-06-18T07:13:23.464Z
Learning: The UserHasTask() method in AccountMetaContainer does not attempt to acquire any locks, so there is no deadlock risk when calling it while holding other locks like m_rw_user_mutex_ and m_rw_account_mutex_.

Learnt from: RileyWen
PR: #456
File: src/CraneCtld/Tls/VaultClientWrapper.cpp:116-137
Timestamp: 2025-03-31T09:29:40.388Z
Learning: The phmap::parallel_flat_hash_set used in CraneSched's VaultClientWrapper is from the Parallel Hashmap library, which provides thread-safe containers for concurrent access. It uses internal partitioning to reduce contention, making it safe for use in multithreaded environments without external synchronization.

Learnt from: RileyWen
PR: #456
File: src/CraneCtld/Tls/VaultClientWrapper.cpp:116-137
Timestamp: 2025-03-31T09:29:40.388Z
Learning: In CraneSched, phmap::parallel_flat_hash_set from the Parallel Hashmap library (parallel_hashmap/phmap.h) is used for thread-safe containers. This container implements internal sharding with separate locks for different parts of the hash table, making it inherently thread-safe for concurrent operations without requiring external synchronization.

Learnt from: RileyWen
PR: #475
File: src/CraneCtld/CranedKeeper.cpp:601-602
Timestamp: 2025-05-02T07:05:26.012Z
Learning: In the CraneCtld codebase, the variables m_disconnected_ and m_registered_ in CranedStub class are already defined as std::atomic_bool, making them thread-safe for concurrent access without additional synchronization.

src/CraneCtld/TaskScheduler.cpp (7)

Learnt from: huerni
PR: #537
File: src/Craned/TaskManager.cpp:145-147
Timestamp: 2025-06-30T08:43:44.470Z
Learning: In the CraneSched codebase, src/Craned/Craned.cpp guarantees that g_config.CranedRes.contains(g_config.CranedIdOfThisNode) through explicit validation during startup. The code checks if g_config.CranedRes.contains(g_config.Hostname) and exits the process if not found, then sets g_config.CranedIdOfThisNode = g_config.Hostname. TaskManager constructor is called after this validation, so g_config.CranedRes[g_config.CranedIdOfThisNode] is guaranteed to be valid.

Learnt from: huerni
PR: #469
File: src/Craned/TaskManager.cpp:1162-1175
Timestamp: 2025-05-08T07:39:29.207Z
Learning: In CraneSched, when a task fails in the LaunchTaskInstanceMt_ method, ActivateTaskStatusChangeAsync_ does not automatically release PMIx resources or cgroup. Explicit cleanup is required by calling g_pmix_server->DeregisterTask() and g_cg_mgr->ReleaseCgroupByTaskIdOnly().

Learnt from: huerni
PR: #469
File: src/Craned/TaskManager.cpp:1162-1175
Timestamp: 2025-05-08T07:39:29.207Z
Learning: In CraneSched, when a task fails in the LaunchTaskInstanceMt_ method after PMIx registration, ActivateTaskStatusChangeAsync_ does not automatically release PMIx resources or cgroup resources. Explicit cleanup is required by calling g_pmix_server->DeregisterTask() and g_cg_mgr->ReleaseCgroupByTaskIdOnly() before returning from the function.

Learnt from: L-Xiafeng
PR: #496
File: src/CraneCtld/CranedKeeper.cpp:51-53
Timestamp: 2025-05-09T01:54:21.256Z
Learning: The ConfigureCraned function in src/CraneCtld/CranedKeeper.cpp is called from a thread pool, so there's no need to worry about it blocking the gRPC completion queue thread.

Learnt from: L-Xiafeng
PR: #399
File: src/Craned/Supervisor/TaskManager.cpp:396-396
Timestamp: 2025-05-25T04:11:27.740Z
Learning: In TaskManager.cpp, GetCrunMeta() calls don't need null checks because they're only called in contexts where the task is guaranteed to be a CRUN task (e.g., SetupChildProcessCrunX11_ is only called when step->IsCrun() && x11() conditions are met), ensuring the metadata will always be valid.

Learnt from: huerni
PR: #537
File: src/CraneCtld/CtldGrpcServer.cpp:1662-1669
Timestamp: 2025-06-30T08:38:18.748Z
Learning: In CraneSched's CPU frequency feature, validation is split between controller and compute nodes: CtldGrpcServer only validates governor against configuration (g_config.CpuFreqGovernors), while detailed validation of low/high frequency values is deferred to TaskManager.cpp via CpuFreqValidateAndSet() where actual hardware capabilities can be checked.

Learnt from: L-Xiafeng
PR: #520
File: src/Craned/CranedServer.cpp:50-51
Timestamp: 2025-06-23T07:53:30.513Z
Learning: In the CraneSched codebase, g_ctld_client is a guaranteed global variable that is always initialized before any gRPC service methods are called, so null pointer checks are not necessary when calling methods on it.

src/CraneCtld/RpcService/CtldGrpcServer.cpp (3)

Learnt from: L-Xiafeng
PR: #496
File: src/CraneCtld/CranedKeeper.cpp:51-53
Timestamp: 2025-05-09T01:54:21.256Z
Learning: The ConfigureCraned function in src/CraneCtld/CranedKeeper.cpp is called from a thread pool, so there's no need to worry about it blocking the gRPC completion queue thread.

Learnt from: L-Xiafeng
PR: #520
File: src/Craned/CranedServer.cpp:50-51
Timestamp: 2025-06-23T07:53:30.513Z
Learning: In the CraneSched codebase, g_ctld_client is a guaranteed global variable that is always initialized before any gRPC service methods are called, so null pointer checks are not necessary when calling methods on it.

Learnt from: RileyWen
PR: #475
File: src/CraneCtld/CtldGrpcServer.cpp:113-118
Timestamp: 2025-05-02T07:06:36.103Z
Learning: In CraneSched, gRPC methods should generally return Status::OK even when handling error conditions, as non-OK statuses cause the connection to terminate. Error information should be communicated within the RPC response payload instead.

src/CraneCtld/AccountManager.cpp (8)

Learnt from: huerni
PR: #499
File: src/CraneCtld/AccountMetaContainer.cpp:249-276
Timestamp: 2025-05-30T02:09:41.625Z
Learning: In CraneSched's AccountMetaContainer class, m_user_meta_map_ and m_account_meta_map_ are thread-safe containers that do not require external synchronization for access.

Learnt from: huerni
PR: #499
File: src/CraneCtld/AccountMetaContainer.cpp:310-316
Timestamp: 2025-05-30T02:08:41.798Z
Learning: The CraneSched project uses thread-safe phmap (parallel hashmap) for user and account metadata maps, making individual container operations thread-safe without requiring explicit locking for simple operations like erase().

Learnt from: RileyWen
PR: #475
File: src/CraneCtld/CranedKeeper.cpp:503-506
Timestamp: 2025-05-02T07:05:49.032Z
Learning: In CraneCtld/CranedKeeper.cpp, using m_unavail_craned_set_.at() is intentional as the key is guaranteed to exist by design, and crashing on missing key is preferred to silently handling it (fail-fast approach).

Learnt from: RileyWen
PR: #456
File: src/CraneCtld/Tls/VaultClientWrapper.cpp:116-137
Timestamp: 2025-03-31T09:29:40.388Z
Learning: In the CraneSched project, the m_allowed_certs_ in VaultClientWrapper is implemented as a phmap::parallel_flat_hash_set<std::string>, which is a thread-safe container designed for concurrent access, making it safe to use in multithreaded contexts without additional synchronization.

Learnt from: huerni
PR: #537
File: src/Craned/TaskManager.cpp:145-147
Timestamp: 2025-06-30T08:43:44.470Z
Learning: In the CraneSched codebase, src/Craned/Craned.cpp guarantees that g_config.CranedRes.contains(g_config.CranedIdOfThisNode) through explicit validation during startup. The code checks if g_config.CranedRes.contains(g_config.Hostname) and exits the process if not found, then sets g_config.CranedIdOfThisNode = g_config.Hostname. TaskManager constructor is called after this validation, so g_config.CranedRes[g_config.CranedIdOfThisNode] is guaranteed to be valid.

Learnt from: L-Xiafeng
PR: #461
File: src/Craned/JobManager.cpp:136-149
Timestamp: 2025-05-06T08:09:07.755Z
Learning: The AtomicHashMap::operator[] implementation in the CraneSched project does not create elements when keys don't exist, unlike standard C++ map behavior. It returns a ValueExclusivePtr that will be empty if the key is not found.

Learnt from: huerni
PR: #528
File: src/CraneCtld/AccountManager.cpp:190-192
Timestamp: 2025-06-18T07:13:23.464Z
Learning: The UserHasTask() method in AccountMetaContainer does not attempt to acquire any locks, so there is no deadlock risk when calling it while holding other locks like m_rw_user_mutex_ and m_rw_account_mutex_.

Learnt from: RileyWen
PR: #456
File: src/CraneCtld/Tls/VaultClientWrapper.cpp:116-137
Timestamp: 2025-03-31T09:29:40.388Z
Learning: In the CraneSched project, the m_allowed_certs_ is an std::unordered_set<std::string> which is not inherently thread-safe. The IsCertAllowed method in VaultClientWrapper involves both read and write operations on this container and could cause race conditions when called from multiple threads.

🧬 Code Graph Analysis (6)

scripts/wipe_data.sh (1)

scripts/wipe_data.py (1)

wipe_collection (49-57)

src/Utilities/PublicHeader/include/crane/String.h (1)

src/Utilities/PublicHeader/String.cpp (4)

SplitStr (414-427)

SplitStr (414-414)

ToLower (429-434)

ToLower (429-429)

src/CraneCtld/CraneCtld.cpp (2)

src/Utilities/PublicHeader/String.cpp (4)

SplitStr (414-427)

SplitStr (414-414)

ToLower (429-434)

ToLower (429-429)

src/Craned/CranedPublicDefs.h (1)

g_config (107-107)

src/CraneCtld/CtldPublicDefs.h (2)

src/Craned/CranedPublicDefs.h (1)

g_config (107-107)

src/CraneCtld/DbClient.h (2)

string (323-348)

string (324-332)

src/CraneCtld/RpcService/CtldGrpcServer.h (2)

src/CraneCtld/RpcService/CtldGrpcServer.cpp (8)

AddWckey (546-570)

AddWckey (546-548)

ModifyWckey (796-814)

ModifyWckey (796-799)

QueryWckeyInfo (987-1020)

QueryWckeyInfo (987-990)

DeleteWckey (1151-1172)

DeleteWckey (1151-1154)

src/CraneCtld/AccountManager.cpp (4)

ModifyWckey (1136-1164)

ModifyWckey (1136-1139)

DeleteWckey (272-300)

DeleteWckey (272-275)

src/CraneCtld/DbClient.h (1)

src/CraneCtld/DbClient.cpp (14)

InsertWckey (414-426)

InsertWckey (414-414)

SelectAllWckey (510-518)

SelectAllWckey (510-510)

GetClient_ (728-734)

GetClient_ (728-728)

GetSession_ (736-744)

GetSession_ (736-736)

UpdateWckey (557-575)

UpdateWckey (557-557)

WckeyToDocument_ (840-850)

WckeyToDocument_ (840-841)

ViewToWckey_ (852-864)

ViewToWckey_ (852-853)

🔇 Additional comments (34)

src/Utilities/PublicHeader/include/crane/String.h (1)

93-96: LGTM! Clean utility function additions.

The function declarations are well-defined and match their implementations. These utilities will support the wckey configuration parsing functionality introduced in this PR.

src/CraneCtld/CtldPreCompiledHeader.h (1)

64-64: LGTM! Necessary include for hash functionality.

The addition of absl/hash/hash.h is properly placed with other Abseil includes and supports the WckeyKey hashing functionality introduced in this PR.

scripts/wipe_data.sh (2)

3-3: LGTM! Usage message correctly updated.

The usage message accurately reflects that modes 4 and 6 now include wiping the wckey_table alongside existing tables.

55-55: LGTM! Consistent wiping logic for wckey_table.

The addition of wckey_table wiping follows the existing pattern and is appropriately included in modes 4, 5, and 6 where user-related data is cleared.

etc/config.yaml (1)

125-128: LGTM! Helpful configuration documentation.

The commented configuration options provide clear examples for users wanting to enable wckey tracking and enforcement. Keeping them commented prevents unintended activation while serving as documentation.

src/Utilities/PublicHeader/String.cpp (2)

414-427: LGTM! Well-implemented string splitting with proper trimming.

The SplitStr function correctly handles:

String splitting by delimiter using stringstream

Whitespace trimming from both ends

Automatic deduplication via unordered_set

Edge cases where trimmed strings are empty

429-434: LGTM! Modern and correct lowercase conversion.

The ToLower function uses std::ranges::transform with proper unsigned char casting in the lambda, which is the correct approach for std::tolower to avoid undefined behavior with signed char values.

src/CraneCtld/CraneCtld.cpp (1)

556-567: LGTM! Well-implemented configuration parsing with proper error handling.

The implementation correctly handles case-insensitive parsing of boolean values with clear error messaging. The explicit boolean assignment and consistent error handling align well with the existing codebase patterns.

src/CraneCtld/TaskScheduler.cpp (1)

3112-3129: LGTM! Well-structured wckey validation and assignment logic.

The implementation correctly handles wckey requirements based on configuration:

Proper validation: Validates user-provided wckeys against the account manager database

Fallback mechanism: Assigns default wckey with "*" prefix when none provided

Clean separation: Clears wckey when not required by configuration

Error handling: Returns appropriate error codes (ERR_INVALID_WCKEY) with descriptive logging

The integration with g_account_manager follows the established patterns in the codebase and aligns well with the comprehensive wckey support introduced in this PR.

src/CraneCtld/RpcService/CtldGrpcServer.h (4)

101-103: LGTM - Wckey management method declarations are consistent.

The new AddWckey method declaration follows the established pattern of other CRUD operations in the service interface.

118-120: LGTM - ModifyWckey method declaration follows conventions.

The method signature is consistent with other modify operations in the service.

132-135: LGTM - QueryWckeyInfo method declaration is well-structured.

The method follows the established query pattern used by other info query methods.

154-156: LGTM - DeleteWckey method declaration completes the CRUD interface.

The method signature is consistent with other delete operations in the service.

src/CraneCtld/RpcService/CtldGrpcServer.cpp (5)

546-570: LGTM - AddWckey implementation follows established patterns.

The implementation correctly:

Checks server readiness

Constructs a Wckey object from the request

Calls g_account_manager->AddUserWckey with proper parameters

Sets response fields based on the result

Returns grpc::Status::OK as required by the learned conventions

796-814: LGTM - ModifyWckey implementation is consistent.

The method properly handles the modify operation by calling g_account_manager->ModifyWckey and setting appropriate response fields based on the result.

987-1020: LGTM - QueryWckeyInfo implementation is well-structured.

The implementation correctly:

Calls g_account_manager->QueryAllWckeyInfo

Handles error cases by populating rich_error_list

Iterates through results to populate wckey_list in the response

Sets response status based on error presence

1151-1172: LGTM - DeleteWckey implementation follows conventions.

The method properly calls g_account_manager->DeleteWckey and handles both success and error cases appropriately.

967-980: LGTM - QueryUserInfo enhancement for Wckey support.

The code properly iterates through the user's wckey_map and populates the wckey_list in the response. It correctly checks the default_wckey_map to set the is_def flag for default wckeys.

src/CraneCtld/CtldPublicDefs.h (7)

169-170: LGTM - Configuration flags for Wckey validation and enforcement.

The two boolean flags MustNeedWckey and WckeyValid provide appropriate control over Wckey functionality, with sensible default values of false.

399-399: LGTM - Wckey field addition to TaskInCtld.

The wckey string field is appropriately placed in the task structure and will be used to associate wckeys with tasks.

866-867: LGTM - WckeyMap type alias is well-defined.

The type alias clearly represents the mapping from cluster names to sets of wckey names.

873-873: LGTM - Default wckey mapping addition.

The default_wckey_map field appropriately maps cluster names to default wckey names for each user.

877-877: LGTM - Wckey map integration in User struct.

The wckey_map field of type WckeyMap properly stores user-associated wckeys organized by cluster.

880-892: LGTM - Wckey struct definition is comprehensive.

The struct includes all necessary fields:

deleted flag for soft deletion

name, cluster, uid, user_name for identification

is_def flag for default wckey indication

Equality operator for comparisons

The structure follows patterns established by other entity structs in the codebase.

713-718: LGTM - Wckey validation logic in SetFieldsOfTaskInfo.

The code correctly sets the wckey_valid field based on the configuration flags (WckeyValid or MustNeedWckey) and populates the wckey field from the task's wckey member. This provides proper integration between configuration and task information.

src/CraneCtld/AccountManager.h (1)

409-428: Well-implemented composite key structure

The WckeyKey struct with custom hash support is well-designed for the three-field composite key requirement.

src/CraneCtld/DbClient.cpp (2)

374-378: Good defensive programming for wckey field handling

The code properly checks for field existence and type before accessing the wckey value, providing good backward compatibility.

661-671: Template specialization for string maps looks correct

The template specialization properly handles serialization of std::unordered_map<std::string, std::string> to BSON subdocuments.

src/CraneCtld/AccountManager.cpp (6)

287-290: Good defensive check for default wckey deletion.

The check prevents deletion of default wckeys, which is essential for maintaining data consistency.

454-462: Consider aligning wckey query permissions with user query model.

Unlike QueryAllUserInfo which allows non-operators to query users within their account hierarchy, this method completely restricts non-operators. Consider whether wckey visibility should follow account boundaries for consistency.

If the current restriction is intentional, consider adding a comment explaining why wckeys have stricter visibility rules than users.

1771-1771: Proper initialization of wckey data with consistent lock ordering.

The wckey initialization follows the established pattern and maintains consistent lock ordering to prevent deadlocks.

Also applies to: 1791-1796

1970-2053: Well-structured transaction handling for wckey creation.

The implementation correctly handles all edge cases including updating existing deleted entries and managing default wckey transitions.

Consider defining constants for the map key patterns (e.g., "wckey_map." + cluster) to avoid string concatenation errors.

2260-2284: Correct implementation of wckey soft deletion.

The method properly maintains consistency between wckey and user collections using transactions, and follows the established soft-delete pattern.

2404-2458: Efficient default wckey update with proper state management.

The implementation correctly handles the transition of default wckeys, including the optimization to skip unnecessary updates when the wckey is already default.

protos/Crane.proto

src/CraneCtld/AccountManager.cpp

src/CraneCtld/AccountManager.h

src/CraneCtld/DbClient.cpp

src/CraneCtld/DbClient.h

coderabbitai

Actionable comments posted: 0

🧹 Nitpick comments (2)

src/CraneCtld/AccountManager.cpp (2)

1152-1155: TODO: Multi-cluster support needs implementation.

The current implementation only supports a single cluster. This limitation should be addressed for multi-cluster deployments.

Would you like me to help implement multi-cluster support or create an issue to track this enhancement?

1970-2046: Robust implementation with proper transaction handling.

The function correctly manages default wckey state and ensures data consistency. Consider extracting the transaction callback into a separate named function for better readability given its complexity.

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 787f658 and e13cc26.

📒 Files selected for processing (5)

protos/PublicDefs.proto (4 hunks)
src/CraneCtld/AccountManager.cpp (11 hunks)
src/CraneCtld/CtldPublicDefs.h (4 hunks)
src/CraneCtld/DbClient.cpp (15 hunks)
src/CraneCtld/RpcService/CtldGrpcServer.cpp (4 hunks)

🚧 Files skipped from review as they are similar to previous changes (3)

protos/PublicDefs.proto
src/CraneCtld/CtldPublicDefs.h
src/CraneCtld/RpcService/CtldGrpcServer.cpp

🧰 Additional context used

🧠 Learnings (2)

src/CraneCtld/DbClient.cpp (1)

Learnt from: RileyWen
PR: #475
File: src/CraneCtld/CranedKeeper.cpp:503-506
Timestamp: 2025-05-02T07:05:49.032Z
Learning: In CraneCtld/CranedKeeper.cpp, using m_unavail_craned_set_.at() is intentional as the key is guaranteed to exist by design, and crashing on missing key is preferred to silently handling it (fail-fast approach).

src/CraneCtld/AccountManager.cpp (11)

Learnt from: huerni
PR: #499
File: src/CraneCtld/AccountMetaContainer.cpp:249-276
Timestamp: 2025-05-30T02:09:41.625Z
Learning: In CraneSched's AccountMetaContainer class, m_user_meta_map_ and m_account_meta_map_ are thread-safe containers that do not require external synchronization for access.

Learnt from: huerni
PR: #499
File: src/CraneCtld/AccountMetaContainer.cpp:310-316
Timestamp: 2025-05-30T02:08:41.798Z
Learning: The CraneSched project uses thread-safe phmap (parallel hashmap) for user and account metadata maps, making individual container operations thread-safe without requiring explicit locking for simple operations like erase().

Learnt from: RileyWen
PR: #456
File: src/CraneCtld/Tls/VaultClientWrapper.cpp:116-137
Timestamp: 2025-03-31T09:29:40.388Z
Learning: In the CraneSched project, the m_allowed_certs_ is an std::unordered_set<std::string> which is not inherently thread-safe. The IsCertAllowed method in VaultClientWrapper involves both read and write operations on this container and could cause race conditions when called from multiple threads.

Learnt from: RileyWen
PR: #475
File: src/CraneCtld/CranedKeeper.cpp:503-506
Timestamp: 2025-05-02T07:05:49.032Z
Learning: In CraneCtld/CranedKeeper.cpp, using m_unavail_craned_set_.at() is intentional as the key is guaranteed to exist by design, and crashing on missing key is preferred to silently handling it (fail-fast approach).

Learnt from: huerni
PR: #528
File: src/CraneCtld/AccountManager.cpp:190-192
Timestamp: 2025-06-18T07:13:23.464Z
Learning: The UserHasTask() method in AccountMetaContainer does not attempt to acquire any locks, so there is no deadlock risk when calling it while holding other locks like m_rw_user_mutex_ and m_rw_account_mutex_.

Learnt from: L-Xiafeng
PR: #399
File: src/Craned/Supervisor/TaskManager.cpp:1-1809
Timestamp: 2025-07-01T08:00:05.383Z
Learning: In TaskManager.cpp, the security model relies on administrator-configured command templates in ParseOCICmdPattern_ and system-provided usernames in ParseFilePathPattern_, with file permissions using the user's own uid/gid for privilege isolation. The user L-Xiafeng considers this security boundary sufficient and chooses not to fix job name-related path issues at this location.

Learnt from: huerni
PR: #537
File: src/Craned/TaskManager.cpp:145-147
Timestamp: 2025-06-30T08:43:44.470Z
Learning: In the CraneSched codebase, src/Craned/Craned.cpp guarantees that g_config.CranedRes.contains(g_config.CranedIdOfThisNode) through explicit validation during startup. The code checks if g_config.CranedRes.contains(g_config.Hostname) and exits the process if not found, then sets g_config.CranedIdOfThisNode = g_config.Hostname. TaskManager constructor is called after this validation, so g_config.CranedRes[g_config.CranedIdOfThisNode] is guaranteed to be valid.

Learnt from: L-Xiafeng
PR: #520
File: src/CraneCtld/CranedKeeper.cpp:416-417
Timestamp: 2025-06-07T10:47:59.071Z
Learning: In src/CraneCtld/CranedKeeper.h, the m_shutting_down_ member in CranedStub class is declared as std::atomic_bool, making it thread-safe for concurrent access without additional synchronization.

Learnt from: RileyWen
PR: #456
File: src/CraneCtld/Tls/VaultClientWrapper.cpp:116-137
Timestamp: 2025-03-31T09:29:40.388Z
Learning: In the CraneSched project, the m_allowed_certs_ in VaultClientWrapper is implemented as a phmap::parallel_flat_hash_set<std::string>, which is a thread-safe container designed for concurrent access, making it safe to use in multithreaded contexts without additional synchronization.

Learnt from: RileyWen
PR: #475
File: src/CraneCtld/CranedKeeper.cpp:601-602
Timestamp: 2025-05-02T07:05:26.012Z
Learning: In the CraneCtld codebase, the variables m_disconnected_ and m_registered_ in CranedStub class are already defined as std::atomic_bool, making them thread-safe for concurrent access without additional synchronization.

Learnt from: L-Xiafeng
PR: #461
File: src/Craned/JobManager.cpp:136-149
Timestamp: 2025-05-06T08:09:07.755Z
Learning: The AtomicHashMap::operator[] implementation in the CraneSched project does not create elements when keys don't exist, unlike standard C++ map behavior. It returns a ValueExclusivePtr that will be empty if the key is not found.

🔇 Additional comments (17)

src/CraneCtld/DbClient.cpp (12)

374-378: LGTM! Defensive null check for wckey field.

Good defensive programming by checking if the field exists and has the correct type before accessing it, with a sensible default empty string fallback.

414-426: LGTM! Consistent implementation with other entity insertion methods.

The InsertWckey method follows the established pattern for entity insertion with proper session handling and creation timestamp.

469-471: The missing break statement issue has been resolved.

The switch case for EntityType::WCKEY now correctly includes a break statement at line 471.

510-518: LGTM! Consistent implementation with other entity selection methods.

The SelectAllWckey method follows the established pattern for retrieving all entities of a specific type.

557-575: LGTM! Appropriate use of composite key for Wckey updates.

The use of a composite filter (name + cluster + user_name) is appropriate for uniquely identifying Wckey entities across users and clusters.

661-685: LGTM! Well-structured template specializations for map serialization.

The template specializations correctly handle the serialization of both simple string-to-string maps and the more complex WckeyMap (string to set of strings) structure.

781-791: LGTM! Robust deserialization with proper type checking.

The implementation properly validates field existence and types before deserialization, preventing potential runtime errors.

799-819: LGTM! User document structure properly extended.

The field array and tuple are correctly updated to include the new default_wckey_map field.

821-831: LGTM! Consistent Wckey serialization implementation.

The WckeyToDocument_ method properly serializes all Wckey fields with appropriate type conversions.

833-845: LGTM! Proper Wckey deserialization with error handling.

The ViewToWckey_ method correctly deserializes all fields with appropriate type conversions and exception handling.

1062-1123: LGTM! Task document structure properly extended for embedded DB.

The fields array and tuple are correctly updated to include the wckey field from the task's gRPC message.

1152-1205: LGTM! Task document structure properly extended for in-memory tasks.

The fields array and tuple are correctly updated to include the wckey field from the TaskInCtld object.

src/CraneCtld/AccountManager.cpp (5)

272-300: Well-structured deletion logic with proper validation checks.

The implementation correctly prevents deletion of default wckeys and follows the established locking patterns.

443-465: Clean implementation with proper permission checks.

The function correctly restricts wckey queries to operators and filters out deleted entries appropriately.

2253-2274: Clean soft-delete implementation.

The function correctly implements soft deletion with proper transaction handling and maintains consistency between database and in-memory state.

2394-2448: Efficient implementation with proper state management.

The function correctly handles default wckey transitions and includes an optimization to skip unnecessary updates when the wckey is already default.

1771-1796: Proper initialization of wckey data structures.

The changes correctly integrate wckey loading into the initialization sequence with appropriate locking.

coderabbitai

Actionable comments posted: 0

♻️ Duplicate comments (4)

src/CraneCtld/AccountManager.h (1)
157-159: Rename method to clarify its purpose

The method name ModifyDefaultWckey is misleading as it only sets the default Wckey without general modification capabilities.
-  CraneExpected<void> ModifyDefaultWckey(uint32_t uid, const std::string& name,
-                                  const std::string& cluster,
-                                  const std::string& user_name);
+  CraneExpected<void> SetDefaultWckey(uint32_t uid, const std::string& name,
+                                      const std::string& cluster,
+                                      const std::string& user_name);
src/CraneCtld/DbClient.h (1)
181-254: Fix debug logging level

The method implementation is solid, but the debug logging uses an inappropriate error level.

Remove or change the log level at lines 247-250:
-      CRANE_ERROR(
-          "Update date in database fail(filter:{}, opt:{}, key:{}, value:{}, "
-          "{})",
-          filter_str, opt, key, value, result ? result->modified_count() : -1);
+      CRANE_ERROR(
+          "Update data in database failed (filter:{}, opt:{}, key:{}, value:{}, "
+          "modified_count:{})",
+          filter_str, opt, key, value, result ? result->modified_count() : -1);
Also note the typo "date" should be "data".
src/CraneCtld/AccountManager.cpp (2)

379-392: RAII locking pattern correctly implemented.

The method now uses util::read_lock_guard for proper RAII-style mutex management, which addresses the previous concern about manual lock/unlock operations.

1854-1860: Deletion flag check is properly implemented.

The GetExistedWckeyInfoNoLock_ method correctly checks both existence and the deleted flag before returning the wckey.

🧹 Nitpick comments (2)

src/CraneCtld/AccountManager.h (1)
409-428: Fix naming inconsistency

There's an inconsistency between WckeyKey and WcKeyHash. Use consistent naming throughout.
-  struct WcKeyHash {
+  struct WckeyKeyHash {
     std::size_t operator()(const WckeyKey& key) const {
       return absl::Hash<WckeyKey>{}(key);
     }
   };
Also update the usage in line 438:
-  std::unordered_map<WckeyKey, std::unique_ptr<Wckey>, WcKeyHash> m_wckey_map_;
+  std::unordered_map<WckeyKey, std::unique_ptr<Wckey>, WckeyKeyHash> m_wckey_map_;
src/CraneCtld/AccountManager.cpp (1)

1156-1159: Track the multi-cluster TODO.

The current implementation correctly validates the cluster name, but the TODO comment indicates future work is needed for multi-cluster support.

Would you like me to create an issue to track the multi-cluster support enhancement?

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e13cc26 and 9acba49.

📒 Files selected for processing (7)

protos/Crane.proto (5 hunks)
src/CraneCtld/AccountManager.cpp (11 hunks)
src/CraneCtld/AccountManager.h (10 hunks)
src/CraneCtld/DbClient.cpp (15 hunks)
src/CraneCtld/DbClient.h (7 hunks)
src/CraneCtld/RpcService/CtldGrpcServer.cpp (4 hunks)
src/CraneCtld/RpcService/CtldGrpcServer.h (4 hunks)

🚧 Files skipped from review as they are similar to previous changes (3)

src/CraneCtld/RpcService/CtldGrpcServer.h
src/CraneCtld/RpcService/CtldGrpcServer.cpp
protos/Crane.proto

🧰 Additional context used

🧠 Learnings (4)