Adding cmd experimental, cleaning cmd main (#1352)

This PR:
-  cleans up main.go, removing commented or experimental code.
- adds an experimental module with a few copied dependent files.

<!-- A note on testing your PR -->
<!-- Basic unit test run is executed against each commit in the PR.
If you want to run a full integration test suite, you can trigger it by
commenting
     with '/run-integration-tests' -->

Author: pdelewski

cmd/experimental/auth_middleware.go

@@ -0,0 +1,99 @@
+// Copyright Quesma, licensed under the Elastic License 2.0.
+// SPDX-License-Identifier: Elastic-2.0
+package main
+
+import (
+	"github.com/QuesmaOrg/quesma/platform/config"
+	"github.com/QuesmaOrg/quesma/platform/elasticsearch"
+	"github.com/QuesmaOrg/quesma/platform/logger"
+	"github.com/QuesmaOrg/quesma/platform/util"
+	"net/http"
+	"sync"
+	"time"
+)
+
+const cacheWipeInterval = 10 * time.Minute
+
+// authMiddleware a simple implementation of an authentication middleware,
+// which checks the Authorization header and validates it against Elasticsearch.
+//
+// If the validation is positive, the Authorization header is stored in a cache to avoid unnecessary calls to Elasticsearch preceding each request.
+// The cache is wiped every 10 minutes - all items at once, perhaps this could be revisited in the future.
+type authMiddleware struct {
+	nextHttpHandler   http.Handler
+	authHeaderCache   sync.Map
+	cacheWipeInterval time.Duration
+	esClient          elasticsearch.SimpleClient
+	v2                bool
+}
+
+func NewAuthMiddleware(next http.Handler, esConf config.ElasticsearchConfiguration) http.Handler {
+	esClient := elasticsearch.NewSimpleClient(&esConf)
+	middleware := &authMiddleware{nextHttpHandler: next, esClient: *esClient, cacheWipeInterval: cacheWipeInterval, v2: false}
+	go middleware.startCacheWipeScheduler()
+	return middleware
+}
+
+func (a *authMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	auth := r.Header.Get("Authorization")
+	if auth == "" {
+		logger.Warn().Msgf("[AUTH] [%s] called without authorisation header, consider applying `disableAuth` option to the frontend connector to enable unauthorized access", r.URL)
+		http.Error(w, "Unauthorized", http.StatusUnauthorized)
+		return
+	}
+
+	var userName string
+	if user, err := util.ExtractUsernameFromBasicAuthHeader(auth); err == nil {
+		userName = user
+	} else {
+		logger.Warn().Msgf("Failed to extract username from auth header: %v", err)
+	}
+	if _, ok := a.authHeaderCache.Load(auth); ok {
+		logger.Debug().Msgf("[AUTH] [%s] called by [%s] - credentials loaded from cache", r.URL, userName)
+		if !a.v2 {
+			a.nextHttpHandler.ServeHTTP(w, r)
+		}
+		return
+	}
+
+	if authenticated := a.esClient.Authenticate(r.Context(), auth); authenticated {
+		logger.DebugWithCtx(r.Context()).Msgf("[AUTH] [%s] called by [%s] - authenticated against Elasticsearch, storing in cache", r.URL, userName)
+		a.authHeaderCache.Store(auth, struct{}{})
+	} else {
+		logger.DebugWithCtx(r.Context()).Msgf("[AUTH] [%s] called by [%s] - authentication against Elasticsearch failed", r.URL, userName)
+		http.Error(w, "Unauthorized", http.StatusUnauthorized)
+		return
+	}
+	if !a.v2 {
+		a.nextHttpHandler.ServeHTTP(w, r)
+	}
+}
+
+func (a *authMiddleware) startCacheWipeScheduler() {
+	defer func() {
+		if r := recover(); r != nil {
+			logger.Error().Msgf("Recovered from panic during auth middleware cache wiping: [%v]", r)
+		}
+	}()
+	ticker := time.NewTicker(a.cacheWipeInterval)
+	defer ticker.Stop()
+	for {
+		<-ticker.C
+		a.wipeCache()
+	}
+}
+
+func (a *authMiddleware) wipeCache() {
+	logger.Debug().Msgf("[AUTH] wiping auth header cache")
+	a.authHeaderCache.Range(func(key, value interface{}) bool {
+		a.authHeaderCache.Delete(key)
+		return true
+	})
+}
+
+func NewAuthMiddlewareV2(esConf config.ElasticsearchConfiguration) http.Handler {
+	esClient := elasticsearch.NewSimpleClient(&esConf)
+	middleware := &authMiddleware{esClient: *esClient, cacheWipeInterval: cacheWipeInterval, v2: true}
+	go middleware.startCacheWipeScheduler()
+	return middleware
+}

cmd/experimental/dual_write_proxy_v2.go

@@ -0,0 +1,143 @@
+// Copyright Quesma, licensed under the Elastic License 2.0.
+// SPDX-License-Identifier: Elastic-2.0
+package main
+
+import (
+	"context"
+	"github.com/QuesmaOrg/quesma/platform/ab_testing"
+	"github.com/QuesmaOrg/quesma/platform/async_search_storage"
+	"github.com/QuesmaOrg/quesma/platform/backend_connectors"
+	"github.com/QuesmaOrg/quesma/platform/clickhouse"
+	"github.com/QuesmaOrg/quesma/platform/config"
+	"github.com/QuesmaOrg/quesma/platform/frontend_connectors"
+	"github.com/QuesmaOrg/quesma/platform/ingest"
+	"github.com/QuesmaOrg/quesma/platform/logger"
+	"github.com/QuesmaOrg/quesma/platform/parsers/elastic_query_dsl"
+	"github.com/QuesmaOrg/quesma/platform/schema"
+	"github.com/QuesmaOrg/quesma/platform/table_resolver"
+	"github.com/QuesmaOrg/quesma/platform/util"
+	quesma_api "github.com/QuesmaOrg/quesma/platform/v2/core"
+	"net/http"
+	"strconv"
+	"sync/atomic"
+)
+
+const concurrentClientsLimitV2 = 100 // FIXME this should be configurable
+
+type simultaneousClientsLimiterV2 struct {
+	counter atomic.Int64
+	limit   int64
+}
+
+func newSimultaneousClientsLimiterV2(limit int64) *simultaneousClientsLimiterV2 {
+	return &simultaneousClientsLimiterV2{
+		limit: limit,
+	}
+}
+
+func (c *simultaneousClientsLimiterV2) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+
+	current := c.counter.Load()
+	// this is hard limit, we should not allow to go over it
+	if current >= c.limit {
+		logger.ErrorWithCtx(r.Context()).Msgf("Too many requests. current: %d, limit: %d", current, c.limit)
+		http.Error(w, "Too many requests", http.StatusTooManyRequests)
+		return
+	}
+
+	c.counter.Add(1)
+	defer c.counter.Add(-1)
+}
+
+type dualWriteHttpProxyV2 struct {
+	quesmaV2            quesma_api.QuesmaBuilder
+	logManager          *clickhouse.LogManager
+	publicPort          util.Port
+	asyncQueriesEvictor *async_search_storage.AsyncQueriesEvictor
+	queryRunner         *frontend_connectors.QueryRunner
+	schemaRegistry      schema.Registry
+	schemaLoader        clickhouse.TableDiscovery
+}
+
+func (q *dualWriteHttpProxyV2) Stop(ctx context.Context) {
+	q.Close(ctx)
+}
+
+func newDualWriteProxyV2(dependencies quesma_api.Dependencies, schemaLoader clickhouse.TableDiscovery, logManager *clickhouse.LogManager, registry schema.Registry, config *config.QuesmaConfiguration, ingestProcessor *ingest.IngestProcessor, resolver table_resolver.TableResolver, abResultsRepository ab_testing.Sender) *dualWriteHttpProxyV2 {
+
+	queryProcessor := frontend_connectors.NewQueryRunner(logManager, config, dependencies.DebugInfoCollector(), registry, abResultsRepository, resolver, schemaLoader)
+
+	// not sure how we should configure our query translator ???
+	// is this a config option??
+
+	queryProcessor.DateMathRenderer = elastic_query_dsl.DateMathExpressionFormatLiteral
+
+	// tests should not be run with optimization enabled by default
+	queryProcessor.EnableQueryOptimization(config)
+	esConn := backend_connectors.NewElasticsearchBackendConnector(config.Elasticsearch)
+
+	ingestRouter := frontend_connectors.ConfigureIngestRouterV2(config, dependencies, ingestProcessor, resolver, esConn)
+	searchRouter := frontend_connectors.ConfigureSearchRouterV2(config, dependencies, registry, logManager, queryProcessor, resolver)
+
+	elasticHttpIngestFrontendConnector := frontend_connectors.NewElasticHttpIngestFrontendConnector(":"+strconv.Itoa(int(config.PublicTcpPort)),
+		logManager, registry, config, ingestRouter)
+
+	elasticHttpQueryFrontendConnector := frontend_connectors.NewElasticHttpQueryFrontendConnector(":"+strconv.Itoa(int(config.PublicTcpPort)),
+		logManager, registry, config, searchRouter)
+
+	quesmaBuilder := quesma_api.NewQuesma(dependencies)
+	ingestPipeline := quesma_api.NewPipeline()
+	ingestPipeline.AddFrontendConnector(elasticHttpIngestFrontendConnector)
+
+	queryPipeline := quesma_api.NewPipeline()
+	queryPipeline.AddFrontendConnector(elasticHttpQueryFrontendConnector)
+	quesmaBuilder.AddPipeline(queryPipeline)
+	quesmaBuilder.AddPipeline(ingestPipeline)
+
+	quesmaV2, err := quesmaBuilder.Build()
+	if err != nil {
+		logger.Fatal().Msgf("Error building Quesma: %v", err)
+	}
+	if config.DisableAuth {
+		elasticHttpIngestFrontendConnector.AddMiddleware(newSimultaneousClientsLimiterV2(concurrentClientsLimitV2))
+		elasticHttpQueryFrontendConnector.AddMiddleware(newSimultaneousClientsLimiterV2(concurrentClientsLimitV2))
+	} else {
+		elasticHttpQueryFrontendConnector.AddMiddleware(newSimultaneousClientsLimiterV2(concurrentClientsLimitV2))
+		elasticHttpQueryFrontendConnector.AddMiddleware(NewAuthMiddlewareV2(config.Elasticsearch))
+		elasticHttpIngestFrontendConnector.AddMiddleware(newSimultaneousClientsLimiterV2(concurrentClientsLimitV2))
+		elasticHttpIngestFrontendConnector.AddMiddleware(NewAuthMiddlewareV2(config.Elasticsearch))
+	}
+
+	return &dualWriteHttpProxyV2{
+		schemaRegistry: registry,
+		schemaLoader:   schemaLoader,
+		quesmaV2:       quesmaV2,
+		logManager:     logManager,
+		publicPort:     config.PublicTcpPort,
+		asyncQueriesEvictor: async_search_storage.NewAsyncQueriesEvictor(
+			queryProcessor.AsyncRequestStorage.(async_search_storage.AsyncSearchStorageInMemory),
+			queryProcessor.AsyncQueriesContexts.(async_search_storage.AsyncQueryContextStorageInMemory),
+		),
+		queryRunner: queryProcessor,
+	}
+}
+
+func (q *dualWriteHttpProxyV2) Close(ctx context.Context) {
+	if q.logManager != nil {
+		defer q.logManager.Close()
+	}
+	if q.queryRunner != nil {
+		q.queryRunner.Close()
+	}
+	if q.asyncQueriesEvictor != nil {
+		q.asyncQueriesEvictor.Close()
+	}
+	q.quesmaV2.Stop(ctx)
+}
+
+func (q *dualWriteHttpProxyV2) Ingest() {
+	q.schemaLoader.ReloadTableDefinitions()
+	q.logManager.Start()
+	go q.asyncQueriesEvictor.AsyncQueriesGC()
+	q.quesmaV2.Start()
+}

cmd/experimental/go.mod

@@ -0,0 +1,93 @@
+module github.com/QuesmaOrg/quesma/quesma-cli-experimental
+
+go 1.24.0
+
+replace github.com/QuesmaOrg/quesma/platform => ../../platform
+
+require github.com/QuesmaOrg/quesma/platform v0.0.0-00010101000000-000000000000
+
+require (
+	filippo.io/edwards25519 v1.1.0 // indirect
+	github.com/ClickHouse/ch-go v0.65.1 // indirect
+	github.com/ClickHouse/clickhouse-go/v2 v2.32.2 // indirect
+	github.com/DATA-DOG/go-sqlmock v1.5.2 // indirect
+	github.com/DataDog/go-sqllexer v0.0.21 // indirect
+	github.com/H0llyW00dzZ/cidr v1.2.1 // indirect
+	github.com/andybalholm/brotli v1.1.1 // indirect
+	github.com/apparentlymart/go-cidr v1.1.0 // indirect
+	github.com/barkimedes/go-deepcopy v0.0.0-20220514131651-17c30cfc62df // indirect
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
+	github.com/coreos/go-semver v0.3.1 // indirect
+	github.com/fsnotify/fsnotify v1.8.0 // indirect
+	github.com/go-faster/city v1.0.1 // indirect
+	github.com/go-faster/errors v0.7.1 // indirect
+	github.com/go-ole/go-ole v1.3.0 // indirect
+	github.com/go-sql-driver/mysql v1.9.0 // indirect
+	github.com/go-viper/mapstructure/v2 v2.2.1 // indirect
+	github.com/goccy/go-json v0.10.5 // indirect
+	github.com/golang/glog v1.2.4 // indirect
+	github.com/google/go-cmp v0.7.0 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/gorilla/mux v1.8.1 // indirect
+	github.com/gorilla/securecookie v1.1.2 // indirect
+	github.com/gorilla/sessions v1.4.0 // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
+	github.com/jackc/pgpassfile v1.0.0 // indirect
+	github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
+	github.com/jackc/pgx/v5 v5.7.2 // indirect
+	github.com/jackc/puddle/v2 v2.2.2 // indirect
+	github.com/k0kubun/pp v3.0.1+incompatible // indirect
+	github.com/klauspost/compress v1.18.0 // indirect
+	github.com/knadh/koanf/maps v0.1.1 // indirect
+	github.com/knadh/koanf/parsers/json v0.1.0 // indirect
+	github.com/knadh/koanf/parsers/yaml v0.1.0 // indirect
+	github.com/knadh/koanf/providers/file v1.1.2 // indirect
+	github.com/knadh/koanf/v2 v2.1.2 // indirect
+	github.com/lufia/plan9stats v0.0.0-20240909124753-873cd0166683 // indirect
+	github.com/markbates/goth v1.80.0 // indirect
+	github.com/mattn/go-colorable v0.1.14 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mitchellh/copystructure v1.2.0 // indirect
+	github.com/mitchellh/reflectwalk v1.0.2 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/paulmach/orb v0.11.1 // indirect
+	github.com/pierrec/lz4/v4 v4.1.22 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect
+	github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 // indirect
+	github.com/prometheus/client_golang v1.21.0 // indirect
+	github.com/prometheus/client_model v0.6.1 // indirect
+	github.com/prometheus/common v0.62.0 // indirect
+	github.com/prometheus/procfs v0.15.1 // indirect
+	github.com/rs/zerolog v1.33.0 // indirect
+	github.com/segmentio/asm v1.2.0 // indirect
+	github.com/shirou/gopsutil/v3 v3.24.5 // indirect
+	github.com/shoenig/go-m1cpu v0.1.6 // indirect
+	github.com/shopspring/decimal v1.4.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/tailscale/hujson v0.0.0-20241010212012-29efb4a0184b // indirect
+	github.com/tidwall/gjson v1.18.0 // indirect
+	github.com/tidwall/match v1.1.1 // indirect
+	github.com/tidwall/pretty v1.2.1 // indirect
+	github.com/tidwall/sjson v1.2.5 // indirect
+	github.com/tklauser/go-sysconf v0.3.14 // indirect
+	github.com/tklauser/numcpus v0.9.0 // indirect
+	github.com/ucarion/urlpath v0.0.0-20200424170820-7ccc79b76bbb // indirect
+	github.com/yusufpapurcu/wmi v1.2.4 // indirect
+	go.opentelemetry.io/otel v1.34.0 // indirect
+	go.opentelemetry.io/otel/trace v1.34.0 // indirect
+	golang.org/x/crypto v0.33.0 // indirect
+	golang.org/x/exp v0.0.0-20250106191152-7588d65b2ba8 // indirect
+	golang.org/x/oauth2 v0.27.0 // indirect
+	golang.org/x/sync v0.11.0 // indirect
+	golang.org/x/sys v0.30.0 // indirect
+	golang.org/x/text v0.22.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 // indirect
+	google.golang.org/grpc v1.66.2 // indirect
+	google.golang.org/protobuf v1.36.1 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	vitess.io/vitess v0.21.2 // indirect
+)