Wrap exceptions that occur in state machine transitions with a custom exception type which is
then handled inside of the flow hospital. As part of this change, a number of side negative side
effects have been addressed.
General summary:
- `StateTransitionException` wraps exceptions caught in `TransitionExecutorImpl`
- `StateTransitionExceptions` are handled in the flow hospital, retried 3 times and then kept in
for observation if errors persist (assuming conditions below are false)
- Exceptions that occur in `FlowAsyncOperation` events are wrapped in
`AsyncOperationTransitionException` and ignored by the flow hospital transition staff member
- `InterruptException`s are given a `TERMINAL` diagnosis by the flow hospital transition staff
member (can occur due to `killFlow`)
- Allow flows which have not persisted their original checkpoint to still retry by replaying their
start flow messages
- Swallow exceptions in `AcknowledgeMessages` actions
Detailed summary:
* CORDA-3194 Add state machine transition error handling to flow hospital
Wrap exceptions that are caught in `TransitionExecutorImpl` (coming from
new errors) with `StateTransitionException`. This exception is then
handled explicitly by the flow hospital.
Add `TransitionErrorGeneralPractitioner` to `StaffedFlowHospital`. This
staff member handles errors that mention `StateTransitionException`.
Errors are retried and then kept in the hospital if the errors persist.
* CORDA-3194 Remove a fiber from the `hospitalisedFlows` if its previous state was clean
If the fiber's previous state was clean then remove it from
`HospitalisingInterceptor.hospitalisedFlows`. This allows flows that are
being retried to clean themselves. Doing this allows them to re-enter
the flow hospital after executing the fiber's transition (if an error
occurs).
This is important for retrying a flow that has errored during a
transition.
* CORDA-3194 Set `isAnyCheckpointPersisted` to true when retrying a flow
Added to prevent a single flow from creating multiple checkpoints when
a failure occurs during `Action.AcknowledgeMessages`.
More specifically, to `isAnyCheckpointPersisted` is false when retrying
the flow, even though a checkpoint has actually been saved. Due to this
a brand new flow is started with a new flow id (causing duplication).
Setting `isAnyCheckpointPersisted` to true specifically when retrying a
flow resolves this issue.
* CORDA-3194 Add Byteman test to verify transition error handling
Add `StatemachineErrorHandlingTest` to verify transition error handling.
Byteman allows exceptions to be injected at certain points in the code's
execution. Therefore exceptions can be thrown when needed inside of the
state machine.
The current tests check errors in events:
- `InitiateFlow`
- `AcknowledgeMessages`
* CORDA-3194 Swallow all exceptions in `ActionExecutorImpl.executeAcknowledgeMessages`
Swallow the exceptions that occur in the `DeduplicationHandler`s when
inside of `ActionExecutorImpl.executeAcknowledgeMessages`.
The side effects of the failures that can happen in the handlers are
not serious enough to put the transition into a failure state.
Therefore they are now caught. This allows the transition to continue
as normal, even if an error occurs in one any of the handlers.
* CORDA-3194 Wrap unexpected exceptions thrown in async operation transitions
Exceptions thrown inside of `FlowAsyncOperation.execute` implementations
that are not returned as part of the future, are caught, wrapped and
rethrown. This prevents unexpected exceptions thrown by (most likely)
user code from being handled by the hospital by the transition
staff member.
This handling might change moving forward, but it allows the async
operation to continue working as it was before transition error handling
was added.
* CORDA-3194 Verify that errors inside of `AcknowledgeMessages` work as expected
Update `StatemachineErrorHandlingTest` to correctly test errors that
occur when executing the `AcknowledgeMessages` action.
* CORDA-3194 Retry flows that failed to persist their original checkpoint
Allow a flow that failed when creating their original checkpoint (for
example - failing to commit the db transaction) to retry.
The flow will create a brand new checkpoint (as the original did not
saved).
This required adding `flowId` to `ExternalStartFlowEvent` to allow the
event to keep a record of the flow's id. When the flow is retried, the
events are replayed which trigger a flow to be started that has the
id stored in the event.
To allow this change, code was removed from `retryFlowFromSafePoint` to
allow the function to continue, even if no checkpoint matches the passed
in flow id.
* CORDA-3194 Correct `FlowFrameworkTests` test due to error handling
Test assumed that errors in transitions are not retried, this has now
been updated so the test passes with the flow succeeding after an
exception is thrown.
* CORDA-3194 Remove unneeded import
* CORDA-3194 Make the state transition exceptions extend `CordaException`
`StateTransitionException` and `AsyncOperationTransitionException` now
extend `CordaException` instead of `Exception`.
* CORDA-3194 Improve log messages
* CORDA-3194 Remove unneeded code in `HospitalisingInterceptor`
Due to a previous change, a section of code that removes a flow id
from the `hospitalisedFlows` map is no longer required. This code has
been removed.
* CORDA-3194 Constraint violations are given `TERMINAL` diagnosis
Add `Diagnosis.TERMINAL` to `StaffedFlowHospital` to allow an error
to be ignored and left to die a quick and painful death.
`StateTransitionException` changed so it does not cause serialisation
errors when propagated from a flow.
* CORDA-3194 `InterruptedExceptions` are given `TERMINAL` diagnosis
* Add GP to flow hospital, and start working on a list of things the GP knows to be incurable.
* Only hospitalise SQL and Persistence Exceptions (let's see if that is enough?), also rename to DatabaseDentist.
* Disabled hospitalisation of SQL exceptions in flow retry tests
* Fix RPC exception handling test by not using PersistenceException
* Ignore flaky integration test
* Code review: Rename staff member and add testing annotation
* Revert compiler.xml
* adding one point to whitelist contract constraints migration - signed CorDapp JAR must be registered with the CZ network operator
* 1. Removing later releases section
2. Changing 4.0 to 4.3
* Changing 4.3 to |corda_version|
* TM-68 reenabling persistent volume claims using azure files
* TM-68 jenkins stackstracee
* TM-68 removing duplicate volume
* TM-68 pushing storage class yaml file
* TM-68 writing all results to the new persistent volume
* TM-68 fix wrong directory
* TM-68 fix wrong directory
* reapply lost merge commit
* investigate missing POD from test results
* more investigations around pods not executing their tests
* make Pod command line more strict with regards to sub command failure
* make logs an artifact within jenkins
* tidy up command line
* use zulu for jdk
add some parallel groups
* port kubesTest to Java
remove asterix from tests listed by ListTests, instead add after allocation
* attempt to setup unit test builds with correct github integrations
# Conflicts:
# .ci/dev/unit/Jenkinsfile
* fix issue with github context
* add credentials block
* start pre-allocating pods for builds
* test
* add blocks for reporting build stages
* add logic to preallocate pods during image building
* tidy up Jenkinsfile for unit tests
* add magic command line flag to enable preallocation of pods
* make docker tag deterministic
* fix issue concatenating docker tag inputs
* add build type specific Jenkinsfile
* try new preallocation approach
* make pre-allocation prefix group specific
* force deAllocator to wait for pods to be actually deleted
* revert jenkinsfiles in .ci
* use smarter waiting logic to address review comments
* add --stacktrace to builds to help debugging
* fix issue with closed stream
* add some logging around preallocation
* tidy up by refactoring (de)allocate task generation into method
* change default from 20 pods to 5 pods
* fix issue where docker tag was unstable between building and running tests
* more documentation
* add some infrastructure around setting the log level for a given build
* change preallocation pod duration to 5min
* see if fast enough if using combined unit and integration tests
* disable unit tests
* print out test summaries
* try and make the kubes client a per-use object, rather than a long lived object. This is step one of making GKE use possible
* add log line about what command is executed in the pod
A ConfigException$Parse would be thrown at CordaCaplet#parseConfigFile.
com.typesafe.config.ConfigFactory needs ':' to be included in a double quoted and not in a single quoted string.
* CORDA-3081 warn that flow ID passed to flow kill is malformed as due to JDK8 doesn't fully validate it (JDK8 bug https://bugs.java.com/bugdatabase/view_bug.do?bug_id=8159339)
* CORDA-3335 Corda Shell flow kill - better warning for misformatted flow ID - exit earlier and don't RPC to node, refactoring for detekt
* Added a new way for environment variables to be loaded, which allows for underscore based separation.
* Moved test to its own kotlin file.
* Added case insensitivity support.
* The corda. prefix is now case insensitive too.
* Removed unused variable.
* Added env variables support for driverDSL. Shadowing corda. properties raises an exception.
* Driver api stability fix.
* Changed type of cordapps param to reflect the real one, rather than what IntelliJ auto completed.
* Some detekt issue fixes. Spread operator removed, baselined api stability constructors and buggy line.
* Fixed misspelled variable.
* Reverted unintentional changes.
* Added suppress instead of changing baseline.
* Reworked logic to handle previously defined CORDA_ starting properties and handle accordingly. Fixed a bug where wrong class was used for reflection walking.
* Fix for detekt issues.
* Changed message to a more understandable one.
* Changelog + doc note, console error grammar.
* Changes according to PR review.
* TM-67 converting ImageBuilding from groovy to java
* TM-67 wrong way to set properties
* TM-67 do first does not seem to work
* TM-67 setting credentials first
* TM-67 small logic fix
* TM-67 adding stacktrace
* TM-67 addressing PR comments
* TM-67 fixed normal builds that don't require docker
* TM-67 adding guard rails to the code
* TM-67 removing stacktrace
* TM-67 addressing pr comments
* TM-41 writing test completions to file to keep track of what was finished. to be used in the case that a pod terminates abruptly
* TM-41 addressing PR comments
* TM-41 addressing PR comments
* TM-41 adding exclusion list to guard against tests being passes as a group
* TM-41 trying to find the jenkins breakpoint
* TM-41 debugging jenkins
* TM-41 revert debugging change
* TM-41 revert debugging changes
* TM-41 revert debugging changes
* TM-41 fixing merge conflicts
* TM-41 now that TM-40 is merged static needs to be updated
* TM-41 refactor constant
* TM-41 fixing jenkins failure
* TM-41 trying new path
* TM-41 moving the file reading to the task that will be executed by the workers as the master does not have a persistent volume
* TM-41 moving the after test as well
* Simplify
* Mount shared dir to worker
* format
* podnames with separators
* refactor parameters
* Use PVC for storage
* pvc in namespace
* KubesTest simplify
* no tolowercase
* no private
* lowercase
* RetryStrategy
* minor changes
* wait forever
* undo .idea
* elvis
* add comment
* regcred
* use correct ConfigBuilder
* delete java, will migrate later
* Revert "delete java, will migrate later"
This reverts commit e3bab1f3
* Merging changes in groovy to new java file
* format
* rename variable
* fix log
* private
* remove bak
* move java files
* Revert "move java files"
This reverts commit 89aa4c35