Add a sample that uses a workflow to lock resources

[nagl-temporal]

What was changed

Adds a new sample that demonstrates how to use a workflow to mediate access to a small pool of resources.

Why?

A customer asked for an example of how to do this kind of thing. We ruled out worker-specific task queues and sessions - those work best when you can run the worker in/near the protected resource. They cannot, for security reasons, which leaves us with:

• non-temporal approaches to resource locking, or
• something like this

Checklist

1. How was this tested:
   Ran the worker and starter per the readme. New unit test passes.

2. Any docs updates needed?
   No - it's just a sample.

[CLAassistant]

All committers have signed the CLA.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[cretz]

There is a pattern for doing this with signal-with-start. You can see a sample in .NET, Go, and TypeScript.

Would totally support such a sample in Python. Needs to be a simple Lock class usable in a workflow with similar semantics to https://docs.python.org/3/library/asyncio-sync.html#asyncio.Lock but does signal with start and such. Also make sure we have a test or two. Feel free to adapt this PR (or close it and I can make an issue tracking that we need such a sample).

[nagl-temporal]

Blah. I want there to be a way to tell whether the workflow code is CAN'ing here, but I believe there isn't one.

[cretz]

I think you should always release it if a user is using async with. It will be very confusing if I as a user use async with and the resource remains when that exits. If we need to let callers keep the resource across continue as new, they should "detach" it (e.g. can offer a helper for this that returns some type) and "reattach" it on next workflow use. Granted I also think including continue as new from the caller side in this sample is a bit confusing, but maybe it's needed.

[nagl-temporal]

@cretz LMK what you think about the async with abstraction and how it's rough around the edges re: continue-as-new. I also didn't code .lock() and .unlock()... could do if needed.

[nagl-temporal]

I don't like this, but... (thought finished after ⭐)

[nagl-temporal]

⭐ ...I had to have some way of handling the case where my CAN-predecessor already locked the resource. It was either an optional param to acquire_resource or branching around the async with, which felt much more awkward.

[cretz]

Not sure this sample needs to complication of including continue as new support for this workflow using the resource manager. This workflow isn't large enough to ever need to continue as new, so including support for it is a bit confusing (people aren't going to understand why it is here, but think they need to do the same).

However, if you do keep this, I would call this reattach= and have it accept an typed object that came from detach in the pre-CAN workflow.

[cretz]

Added a bunch of comments, can take em or leave em, some of which are self-contradictory. Now that I've seen the full use case, I would think of this as a ResourcePool (with a ResourcePoolWorkflow and a ResourcePoolClient)

[cretz]

This would usually be a good opportunity to use our new update-with-start functionality, but if you must span continue-as-new on the lock manager workflow, you have to stay with signals for now

[nagl-temporal]

I do think it's important to keep CAN in. Without CAN, the sample can't demonstrate how to detach/reattach so it seems incomplete to me.

[cretz]

I think you should always release it if a user is using async with. It will be very confusing if I as a user use async with and the resource remains when that exits. If we need to let callers keep the resource across continue as new, they should "detach" it (e.g. can offer a helper for this that returns some type) and "reattach" it on next workflow use. Granted I also think including continue as new from the caller side in this sample is a bit confusing, but maybe it's needed.

[nagl-temporal]

Thank you - I like the new names. I'll take most of the comments. I want to leave CAN in, because that's the only thing that makes this tricky - sample feels incomplete without it. However, if I add .lock() and .unlock() and use those, the awkwardness goes away. reattach seems fairly natural now, under the new names.

[cretz]

Looks great, only a few minor things

[cretz]

Suggested change

	await handle.signal(
	"acquire_resource", AcquireRequest(workflow.info().workflow_id)
	)
	await handle.signal(
	ResourcePoolWorkflow.acquire_resource, AcquireRequest(workflow.info().workflow_id)
	)

To be more type safe. Same everywhere

[nagl-temporal]

Almost everywhere - the pool workflow should signal the requester in an un-typesafe way (since it can't know what kind of workflow the requester is).

[nagl-temporal]

There's no race here, right? Imagine the release signal arrives immediately. The fix is obvious if there is a race, but the code smells nicer this way.

Why I think there's no race: I believe that this handler must run to completion before the handler for the release signal can start.

[cretz]

Correct, there is no race here because this is only called in one place, serially, in the primary loop. However, this can show the dangers of overly extracting/modularizing single-use methods - it can be hard to see the constraints they expect of the callers. Can technically add a "Not safe for concurrent use" docstring if concerned.

[cretz]

Only minor, non-blocking things, LGTM. Merge at will or let me know when done and I can.

[cretz]

Correct, there is no race here because this is only called in one place, serially, in the primary loop. However, this can show the dangers of overly extracting/modularizing single-use methods - it can be hard to see the constraints they expect of the callers. Can technically add a "Not safe for concurrent use" docstring if concerned.