Thanks Chris.<div><br></div><div>The exception catching and re-raising code is an approach we have used elsewhere effectively. This is a case where it wouldn't work because of the need to do something else if it fails.</div>
<div><br></div><div>If risky_thing.success?</div><div> plan_a</div><div>else</div><div> plan_b</div><div>end</div><div><br></div><div>Whilst passing enough info up to the controller or route level to execute plan_b would be possible it doesn't feel like a clean way to encapsulate things.</div>
<div><br></div><div>The queue probably sounds like it would solve this issue the most cleanly and is something I'd forgotten about as (for time constraints reasons) we opted for the plan a/b solution. Now it feels like the best way to not complicate our code further and to even make it more robust would be to revisit queuing. </div>
<div><br></div>Introducing yet another moving part would increase our debugging complexity a step further though and highlight even more the need for improved cross-service logging, etc.<div><span></span><br><div><br>On Wednesday, 10 April 2013, Chris Parsons wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">How about posting the call to the external API providers to a queue?<div><br></div><div>
You can then return from the request with a good level of surety, and track the progress of the external API call, handling any failures and retrying as appropriate.</div><div><br></div><div>If a queue isn't an option, I tend to use different kinds of Exceptions:</div>
<div><br></div><div>* only catch very specific exceptions from the API calls</div><div>* re-raise my own Exception objects </div><div>* specifically catch my own Exception objects in the top level request code and handle as appropriate.</div>
<div><br></div><div>HTH,</div><div>Chris</div><div><br></div><div>--<br>Chris Parsons<br><a href="javascript:_e({}, 'cvml', 'chris.p@rsons.org');" target="_blank">chris.p@rsons.org</a><br><a href="http://twitter.com/chrismdp" target="_blank">http://twitter.com/chrismdp</a><br>
<a href="http://chrismdp.com" target="_blank">http://chrismdp.com</a><br></div><div><br></div><div>BDD Kickstart London, May 22-24, <a href="http://bddkickstart.com/dates#london" target="_blank">http://bddkickstart.com/dates#london</a></div>
<div><br><div><br><div><div>On 10 Apr 2013, at 21:01, Mark Burns <<a href="javascript:_e({}, 'cvml', 'markthedeveloper@gmail.com');" target="_blank">markthedeveloper@gmail.com</a>> wrote:</div><br><blockquote type="cite">
<div dir="ltr">I get the impression there is a pattern for doing this and probably someone on this list has some good input into it.<div><br></div><div>We've been thinking about how to handle failures in internal services, whilst integrating with third party services and trading off robustness and ability to debug complex requests and yet still notice actual genuine errors in our codebase. (e.g. avoiding things like 'try' and 'rescue nil' or 'rescue Exception')<div>
<br><div>Let's say we have three internal services A,B,C and some external API providers X,Y, Z.</div><div><br></div><div>Some object may be responsible for communicating with Z, but this object doesn't have access to the original incoming request.</div>
</div><div>Also it's absolutely critical that if this request to Z fails, the rest of the request can complete and the our external API user is hidden from the failure and some manual or separate automated process resolves the issue.</div>
<div><br><span style="font-family:arial,helvetica,sans-serif">To emphasise the criticality of such a system it would be where a user has paid for a service and one part of the fulfilment of the customer's purchase is achieved by an API call to an external provider Z. If this doesn't occur then we'd have angry customers and so we make sure the request is fulfilled by any means possible (manual if necessary), but still assure the customer we have fulfilled their order.</span><br>
</div><div><br></div><div>We've been toying with the idea of generating unique identifiers for our incoming requests and sending these in to all other internal services, then we'd be able to log these ids in all our log statements. We'd also ideally use these ids in communications to airbrake.</div>
</div><div><br></div><div>We could pretty easily create middleware that can generate the ids and send/receive them in headers to our other services, but the issue comes with having access to this info in our models. </div>
<div><br></div><div><font face="courier new, monospace">sinatra route/rails controller code</font></div><div><font face="courier new, monospace"> -- some long</font></div><div><font face="courier new, monospace"> -- stack frame</font></div>
<div><font face="courier new, monospace"> -- model code communicating with Z</font></div><div><font face="courier new, monospace"><br></font></div><div><font face="arial, helvetica, sans-serif">One solution that would get us to our controller/route code where we can access the request info would be throwing or raising</font></div>
<div><font face="arial, helvetica, sans-serif">exceptions, but this then prevents us continuing the request in the normal way and completing the required tasks after a call to Z fails. Also it's horrendous goto flow control.</font></div>
<div><font face="arial, helvetica, sans-serif"><br></font></div><div><font face="arial, helvetica, sans-serif">Other undesirable hacks would be sticking something on the thread itself, or a global variable.</font></div>
<div><font face="arial, helvetica, sans-serif"><br></font></div><div><font face="arial, helvetica, sans-serif">The other thing is to actually ensure we can pass down request info all the way through a stack, but this completely breaks single responsibility and is going to result in complex spaghetti.</font></div>
<div><font face="arial, helvetica, sans-serif"><br></font></div><div><font face="arial, helvetica, sans-serif">There has to be some kind of intelligent solution to this that is elegant, readable and maintainable and isn't any of the things I've mentioned.</font></div>
<div><font face="arial, helvetica, sans-serif"><br></font></div><div><font face="arial, helvetica, sans-serif">Oh and another idea is to only swallow all exceptions in our protective blocks around API calls in production mode, and to not do this in dev or test. I.e. surface programming errors, but give as cast iron a guarantee as we can that no failure of Z can possibly result in non-completion of the rest of the request in production. </font></div>
<div><br></div><div>Will appreciate hearing your thoughts,</div><div><br></div><div>Mark</div></div>
_______________________________________________<br>Chat mailing list<br><a href="javascript:_e({}, 'cvml', 'Chat@lists.lrug.org');" target="_blank">Chat@lists.lrug.org</a><br><a href="http://lists.lrug.org/listinfo.cgi/chat-lrug.org" target="_blank">http://lists.lrug.org/listinfo.cgi/chat-lrug.org</a><br>
</blockquote></div><br><div>
<span style="border-collapse:separate;border-spacing:0px"><div style="word-wrap:break-word"><br><br><br></div></span>
</div>
<br></div></div></div></blockquote></div></div>