Skip to content

fix: empty user email on grpc metrics ingest #9608

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
uddhavdave wants to merge 2 commits into
base: main
Choose a base branch
from
Open

fix: empty user email on grpc metrics ingest #9608

uddhavdave wants to merge 2 commits into from

Conversation

@uddhavdave
Copy link
Contributor

@uddhavdave uddhavdave commented Dec 11, 2025

check auth can return req without populating metadata, this pr fixes the case and adds an IngestUser type to mark all system initiated ingestion calls and user initiated ingestion calls

@github-actions github-actions bot added the ☢️ Bug Something isn't working label Dec 11, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Dec 11, 2025

Failed to generate code suggestions for PR

@greptile-apps
Copy link
Contributor

greptile-apps bot commented Dec 11, 2025

Greptile Overview

Greptile Summary

This PR fixes a critical auth bug where gRPC metrics ingestion could result in empty user emails in usage reporting, and introduces a type-safe IngestUser enum to distinguish between user-initiated and system-initiated ingestion calls.

Key Changes:

  • Fixed bug in src/handler/grpc/auth/mod.rs where user_id metadata wasn't being populated when token authentication succeeded, causing empty emails in downstream usage tracking
  • Added IngestUser enum with two variants: User(String) for real user requests and SystemJob(SystemJobType) for automated backend processes
  • Added SystemJobType enum to categorize system jobs: LogPatterns, SelfMetricsPromql, ServiceGraph, SelfReporting, and InternalGrpc
  • System jobs are now tracked with identifiers like log_patterns@system.local instead of empty strings
  • Updated 23 files across handlers, services, and jobs to use the new type system consistently

Impact:

  • Prevents empty user emails in usage reporting for both authenticated requests and system jobs
  • Makes it explicit whether ingestion was user-initiated or system-initiated
  • Improves observability by providing meaningful identifiers for all ingestion sources

Confidence Score: 5/5

  • This PR is safe to merge with no issues found
  • The changes are well-structured, type-safe, and comprehensively applied across the codebase. The auth bug fix is straightforward and correct. The new IngestUser type provides better type safety and prevents empty email issues. All handlers and services have been updated consistently to use the new type system.
  • No files require special attention

Important Files Changed

File Analysis

Filename Score Overview
src/common/meta/ingestion.rs 5/5 Added IngestUser enum and SystemJobType to distinguish between user-initiated and system-initiated ingestion calls
src/handler/grpc/auth/mod.rs 5/5 Fixed bug where user_id metadata wasn't being populated when token authentication succeeded
src/handler/grpc/request/metrics/ingester.rs 5/5 Added warning log when user_id not found in metadata, and wraps email in IngestUser type
src/service/logs/ingest.rs 5/5 Updated logs ingestion signature to accept IngestUser and calls to_email() only when needed
src/service/metrics/otlp.rs 5/5 Updated OTLP metrics handlers to accept IngestUser and call to_email() for usage reporting

Sequence Diagram

sequenceDiagram
    participant C as Client
    participant A as Auth Module
    participant H as Handler
    participant S as Service
    participant R as Reporter
    
    Note over C,R: User Flow
    C->>A: Request
    A->>A: Check auth
    A->>H: Add metadata
    H->>H: Create IngestUser
    H->>S: Call service
    S->>R: Report usage
    
    Note over C,R: System Flow
    participant J as Job
    J->>H: Request
    H->>H: Create IngestUser
    H->>S: Call service
    S->>R: Report usage
Loading

greptile-apps[bot]
greptile-apps bot reviewed Dec 11, 2025
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

17 files reviewed, no comments

Edit Code Review Agent Settings | Greptile

YashodhanJoshi1
YashodhanJoshi1 approved these changes Dec 11, 2025
View reviewed changes
Copy link
Contributor

@YashodhanJoshi1 YashodhanJoshi1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm.
Few nits, but can be ignored.

src/handler/grpc/request/metrics/ingester.rs
.unwrap_or_default();
.unwrap_or_else(|| {
log::warn!("[gRPC Metrics] user_id not found in metadata, using empty string");
""
Copy link
Contributor

@YashodhanJoshi1 YashodhanJoshi1 Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: instead of empty string should we use "unknown" ? Not a strong reason, but for some reason that feels better to me. Fine even if kept as is.

src/handler/http/request/metrics/ingest.rs

let org_id = org_id.into_inner();
let user_email = &user_email.user_id;
let user = IngestUser::from_user_email(&user_email.user_id);
Copy link
Contributor

@YashodhanJoshi1 YashodhanJoshi1 Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

any particular reason here we use this method, but some places directly use IngestUser::User ?
nit: if possible let's use the same thing everywhere

src/service/metrics/json.rs
Comment on lines +512 to 513
req_stats.user_email = if email_str.is_empty() {
None
Copy link
Contributor

@YashodhanJoshi1 YashodhanJoshi1 Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In this case instead of None, should we put "unknown" instead?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@YashodhanJoshi1 YashodhanJoshi1 YashodhanJoshi1 approved these changes

@oasisk oasisk Awaiting requested review from oasisk

+1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

☢️ Bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@uddhavdave @YashodhanJoshi1