lukaszraczylo/traefikoidc
1
0
Fork 0
mirror of https://github.com/lukaszraczylo/traefikoidc.git synced 2026-06-05 22:44:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8c5df82dcf01f2f7b86cb862c6a1a3a777703eca
traefikoidc/memory_leak_fixes.go
T
lukaszraczylo 2d1b04c637 review fixes apr 2026 (#130) 
* Multiple fixes

- refresh coordinator dedup + memory pressure wire
- middleware sse consolidation + timer leak + claim cache
- universal cache sync backfill + isDebug gate
- lazy background task race
- memory monitor stw cached + refresh() api

* fix(auth): suppress OIDC redirects on non-navigation requests

- [x] Add isNonNavigationRequest using Sec-Fetch-Mode and Accept headers
- [x] Add comprehensive TestIsNonNavigationRequest
- [x] Update ServeHTTP to 401 non-navigation and AJAX requests

Fixes #129

* feat(config): add custom CA and insecure skip verify for OIDC TLS

- [x] Add CACertPath, CACertPEM, InsecureSkipVerify to Config
- [x] Implement loadCACertPool for CA bundle loading
- [x] Update HTTPClientConfig with RootCAs and InsecureSkipVerify
- [x] Apply CA pool and skip verify to pooled HTTP clients
- [x] Enhance configKey to distinguish TLS configs
- [x] Add comprehensive ca_cert_test.go

Fixes #125

* feat(oidc): add custom CA certificate support for private OIDC providers

- [x] Add caCertPath, caCertPEM, insecureSkipVerify config options
- [x] Update traefik.yml with new OIDC client config fields
- [x] Add configuration schema descriptions for new options
- [x] Update README table and add Custom CA Certificates section

* Fix the documentation.

* test(redis): add oversized argument rejection test

- [x] Add TestRedisConn_RejectOversizedArgumentBytes
- [x] Import strings package

* Dependencies cleanup
2026-04-19 10:12:00 +01:00

127 lines
4.3 KiB
Go
Raw Blame History

package traefikoidc
import (
"net/http"
"sync"
"time"
)
// LazyBackgroundTask wraps BackgroundTask to provide delayed initialization.
// This prevents memory leaks from unnecessary background tasks by starting
// them only when actually needed, reducing resource usage in idle scenarios.
//
// Lifecycle is one-shot: once Stop has been called the task cannot be
// restarted. The underlying BackgroundTask uses sync.Once for Start and
// refuses to re-run after Stop, so restart is not supported by design.
type LazyBackgroundTask struct {
// BackgroundTask is the underlying task implementation
*BackgroundTask
// mu guards the started flag against concurrent StartIfNeeded / Stop calls.
mu sync.Mutex
// started tracks whether the task has been activated.
// Only mutated while holding mu.
started bool
}
// NewLazyBackgroundTask creates a background task that doesn't start immediately.
// The task will only start when explicitly activated, preventing unnecessary
// resource usage for tasks that may never be needed.
func NewLazyBackgroundTask(name string, interval time.Duration, taskFunc func(), logger *Logger, wg ...*sync.WaitGroup) *LazyBackgroundTask {
return &LazyBackgroundTask{
BackgroundTask: NewBackgroundTask(name, interval, taskFunc, logger, wg...),
started: false,
}
}
// StartIfNeeded starts the background task only if it hasn't been started yet.
// Safe to call concurrently. After Stop has been called this is a no-op;
// the task is not restartable.
func (lt *LazyBackgroundTask) StartIfNeeded() {
lt.mu.Lock()
defer lt.mu.Unlock()
if lt.started {
return
}
lt.BackgroundTask.Start()
lt.started = true
}
// Stop stops the background task if it was started.
// Once stopped, the task cannot be restarted (see type doc).
func (lt *LazyBackgroundTask) Stop() {
lt.mu.Lock()
defer lt.mu.Unlock()
if !lt.started {
return
}
lt.BackgroundTask.Stop()
lt.started = false
}
// NewLazyCacheWithLogger creates a cache that doesn't start cleanup until first use.
// This reduces memory overhead by avoiding unnecessary cleanup goroutines
// for caches that may remain empty or be used infrequently.
func NewLazyCacheWithLogger(logger *Logger) CacheInterface {
if logger == nil {
logger = GetSingletonNoOpLogger()
}
config := DefaultUnifiedCacheConfig()
config.Logger = logger
config.CleanupInterval = 10 * time.Minute
unifiedCache := NewUniversalCache(config)
return NewCacheAdapter(unifiedCache)
}
// NewLazyCache creates a cache with delayed cleanup initialization.
// Uses the default no-op logger and defers cleanup task creation.
func NewLazyCache() CacheInterface {
return NewLazyCacheWithLogger(nil)
}
// CleanupIdleConnections periodically closes idle HTTP connections to prevent memory leaks.
// Runs in a background goroutine and can be stopped via the stop channel.
// This is crucial for long-running applications to prevent connection pool exhaustion.
func CleanupIdleConnections(client *http.Client, interval time.Duration, stopChan <-chan struct{}) {
ticker := time.NewTicker(interval)
defer ticker.Stop()
for {
select {
case <-ticker.C:
if transport, ok := client.Transport.(*http.Transport); ok {
transport.CloseIdleConnections()
}
case <-stopChan:
if transport, ok := client.Transport.(*http.Transport); ok {
transport.CloseIdleConnections()
}
return
}
}
}
// OptimizedMiddlewareConfig provides configuration options for memory-optimized middleware.
// These settings help reduce memory usage and prevent leaks in resource-constrained environments.
type OptimizedMiddlewareConfig struct {
// DelayBackgroundTasks defers starting background tasks until needed
DelayBackgroundTasks bool
// ReducedCleanupIntervals uses longer intervals to reduce CPU/memory overhead
ReducedCleanupIntervals bool
// AggressiveConnectionCleanup closes idle connections more frequently
AggressiveConnectionCleanup bool
// MinimalCacheSize uses smaller cache limits to reduce memory footprint
MinimalCacheSize bool
}
// DefaultOptimizedConfig returns a configuration optimized for low memory usage.
// All optimization features are enabled to minimize memory footprint and prevent leaks.
func DefaultOptimizedConfig() *OptimizedMiddlewareConfig {
return &OptimizedMiddlewareConfig{
DelayBackgroundTasks: true,
ReducedCleanupIntervals: true,
AggressiveConnectionCleanup: true,
MinimalCacheSize: true,
}
}
Reference in New Issue View Git Blame Copy Permalink