Codecov Report

Attention: 18 lines in your changes are missing coverage. Please review.

Comparison is base (fa76e2a) 73.54% compared to head (217c0ea) 73.48%.
Report is 251 commits behind head on develop.

❗ Current head 217c0ea differs from pull request most recent head 9399d9c. Consider uploading reports for the commit 9399d9c to get more accurate results

@@              Coverage Diff              @@
##             develop    #5290      +/-   ##
=============================================
- Coverage      73.54%   73.48%   -0.07%     
+ Complexity      4471     4463       -8     
=============================================
  Files            296      296              
  Lines          16914    16928      +14     
  Branches        1862     1865       +3     
=============================================
  Hits           12440    12440              
- Misses          3590     3597       +7     
- Partials         884      891       +7     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

In general, if the issue is that the cromwell/scala bridge code can throw Errors, shouldn't our catch clauses be closer to the Scala bridge code or just inside it? This approach seems to result in collateral damage or too much "by-catch. For example, this seems to affect updateUserWorkflows as well which has nothing to do with WDL parsing.

I do wonder since

Catching either Throwable or Error will also catch OutOfMemoryError and InternalError, from which an application should not attempt to recover.

could happen in big parts of "our" code too.

The integration test processes a similarly-recursive WDL, which it assumes will trigger a StackOverflowError. The test will break if Cromwell changes that behavior. I tried another approach wherein Errors were triggered via mocks, but it didn't work, and it'd be fragile, anyways...

Sounds ok, in general in favour of a high-level integration test approach without mocks. That said, if cromwell changes their code to avoid a stack overflow, I think I'm ok with that. Just make a code comment

Any of our code can potentially throw an Error, and we should respond to that eventuality in a reasonable way. This PR modifies the enclosing catch so that when it attempts to log an Error-related failure, it does so correctly. After that, the resource handler ends. It's not trying to recover, but rather provide the user with correct information about the failed push, because what it was reporting previously, if any Error was thrown, was wrong. If we don't change the code, it tells the user something incorrect, and if it simply exits without logging anything, the user won't know what has happened, because this endpoint is invoked behind the scenes via the webhook callback...

Similarly, the TransactionHelper mods are designed to do the same, to attempt some cleanup and to log some information before rethrowing the Error, so that we have more information about what happened. If you feel super strongly about this, I'm fine with reverting the TransactionHelper changes, they're not as essential...

And sure, we can also wrap Cromwell to translate the StackOverflowError into something else. But, I kinda feel like it's a severe enough issue that maybe we let it ripple out and terminate the thread with the other Errors. We still need the enclosing catch to make sure that the failed push is logged correctly...

Any of our code can potentially throw an Error, and we should respond to that eventuality in a reasonable way.

Yes, but my understanding of the Java documentation is that this is usually an OS problem so "we" as a platform can respond to it but not in the Java code.

For example as previously noted

An Error is a subclass of Throwable that indicates serious problems that a reasonable application should not try to catch. Most such errors are abnormal conditions. The ThreadDeath error, though a "normal" condition, is also a subclass of Error because most applications should not try to catch it.

If our belief is that the Scala libraries are indicating a serious problem incorrectly, i.e. a non-serious problem that we can deal with, then reiterating that the Error (or StackOverflowError) catch should occur "closer" to the problem and not accidentally catch Errors that may be thrown by non-Scala code.

e.g.

In particular, if we get an OOM error and catch it, I worry that this might put the web service in a indeterminate state.

If we don't change the code, it tells the user something incorrect, and if it simply exits without logging anything, the user won't know what has happened, because this endpoint is invoked behind the scenes via the webhook callback...

This seems like a little of a different problem though. For this, maybe we should log a failure first and then only overwrite it with a success afterwards. Thinking that if the whole application crashes due to a genuine error (or if Scala does have a real problem), then we would leave behind evidence of a problem in the github app logs.

test

test

❓

One other observation @svonworl I think "draft" PRs do not show up on the daily reminder, so if you wanted to keep this for inspiration/cherry-picking, that can be a route

I thought this was fixed, perhaps by a different PR/branch?

The original ticket was to address bad registration behavior due to recursive WDLs: specifically, Ash noticed that when he attempted to register a recursive WDL, no entry appeared, and nothing appeared in the app logs. In a different PR, we fixed the original problem by patching the code closer to where the corresponding StackOverflowError occurs, for that specific case.

However, the merged PR didn't address the general case of an Error thrown in the registration code. This PR was intended to remedy that, but there was pushback, and I was not able to merge. I still believe that when an Error is thrown, it is preferable for the surrounding code to attempt some basic cleanup and logging, rather than let the Error pass through, silently, unhandled. Thus, I kept this PR around, in case the team ever subscribes to that point of view.

Thus, I kept this PR around, in case the team ever subscribes to that point of view.

In the meantime, though, we get a reminder every day about it.
I'm going to put this back into draft and I think that will (may?) stop that reminder

Edit to add: ok, worked