Skip to content

fix(envd): use WithoutCancel for CA cleanup goroutine ctx#3207

Merged
arkamar merged 1 commit into
mainfrom
fix/envd-ca-cleanup-ctx
Jul 4, 2026
Merged

fix(envd): use WithoutCancel for CA cleanup goroutine ctx#3207
arkamar merged 1 commit into
mainfrom
fix/envd-ca-cleanup-ctx

Conversation

@arkamar

@arkamar arkamar commented Jul 4, 2026

Copy link
Copy Markdown
Member

The background CA cleanup goroutine acquired the lock with context.Background() (since 83ee89f, "fix(envd): make CA install lock ctx-aware (#2690)"), discarding any values (trace/span, request-scoped data) from the caller's ctx. Use context.WithoutCancel(ctx) instead so the goroutine still outlives the request's cancellation but inherits its values.

The background CA cleanup goroutine acquired the lock with
context.Background() (since 83ee89f, "fix(envd): make CA install lock
ctx-aware (#2690)"), discarding any values (trace/span, request-scoped
data) from the caller's ctx. Use context.WithoutCancel(ctx) instead so the
goroutine still outlives the request's cancellation but inherits its
values.
@chatgpt-codex-connector

Copy link
Copy Markdown

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

@cla-bot cla-bot Bot added the cla-signed label Jul 4, 2026
@cursor

cursor Bot commented Jul 4, 2026

Copy link
Copy Markdown

PR Summary

Low Risk
Narrow context-handling change in background CA cleanup; behavior for cancellation and cleanup timing should stay the same aside from observability.

Overview
The async CA install cleanup goroutine was taking the install mutex with context.Background(), which dropped everything from the caller's context (e.g. trace/span) even though the work must keep running after the request is cancelled. It now uses context.WithoutCancel(ctx) for that lock acquire, matching the same "outlive cancellation, keep values" pattern used elsewhere in envd.

Reviewed by Cursor Bugbot for commit d9a7327. Bugbot is set up for automated code reviews on this repo. Configure here.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the background goroutine in cacerts.go to use context.WithoutCancel(ctx) instead of context.Background(). The review feedback suggests extracting this detached context into a variable to ensure that request-scoped values, such as logging or tracing context, are properly propagated throughout the goroutine's execution.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread packages/envd/internal/host/cacerts.go
@codecov

codecov Bot commented Jul 4, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ All tests successful. No failed tests found.

📢 Thoughts on this report? Let us know!

@claude claude Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM — swapping context.Background() for context.WithoutCancel(ctx) is the right idiom to preserve trace/values while keeping the goroutine detached from cancellation.

Extended reasoning...

Overview

Single-file, two-line change in packages/envd/internal/host/cacerts.go. The background CA cleanup goroutine now acquires the semaphore using context.WithoutCancel(ctx) instead of context.Background(). This is the standard Go 1.21+ idiom for detaching cancellation while inheriting context values (trace/span, request-scoped data). The associated //nolint:contextcheck comment is removed since the derived context now formally carries the parent lineage.

Security risks

None. This does not touch authentication, TLS verification, or the actual cert bundle write logic — it only affects how the background goroutine's context is derived for lock acquisition. The invariant that the goroutine outlives the caller's cancellation is preserved because WithoutCancel explicitly ignores parent cancellation.

Level of scrutiny

Low. This is a mechanical, well-understood idiom fix that improves observability (trace context propagation into the cleanup goroutine) without altering behavior. The semaphore acquisition semantics are unchanged since WithoutCancel cannot be canceled, so Acquire will only return on success — matching the prior behavior with Background().

Other factors

The PR description clearly identifies the regression (#2690 introduced the ctx-aware lock but lost values by using Background()). No outstanding reviewer comments. The bug hunting system found no issues. Change is minimal, targeted, and reversible.

@arkamar arkamar merged commit ee7bf84 into main Jul 4, 2026
43 checks passed
@arkamar arkamar deleted the fix/envd-ca-cleanup-ctx branch July 4, 2026 16:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants