profit/golangLAKEHOUSE
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
golangLAKEHOUSE/internal/gateway/proxy.go
root b1d52306ad G0 D6: gateway reverse proxy fronting all 4 backing services · 2 scrum fixes · G0 COMPLETE 
Last day of Phase G0. Gateway promotes the D1 stub endpoints into
real reverse-proxies on :3110 fronting storaged + catalogd + ingestd
+ queryd. /v1 prefix lives at the edge — internal services route on
/storage, /catalog, /ingest, /sql, with the prefix stripped by a
custom Director per Kimi K2's D1-plan finding.

Routes:
  /v1/storage/*  → storaged
  /v1/catalog/*  → catalogd
  /v1/ingest     → ingestd
  /v1/sql        → queryd

Acceptance smoke 6/6 PASS — every assertion goes through :3110, none
direct to backing services. Full ingest → storage → catalog → query
round-trip verified end-to-end. The smoke's "rows[0].name=Alice"
assertion is the architectural payoff: five binaries, six HTTP
routes, one round-trip through one edge.

Cross-lineage scrum on shipped code:
  - Opus 4.7 (opencode):                      1 BLOCK + 2 WARN + 2 INFO
  - Kimi K2-0905 (openrouter):                1 BLOCK + 3 WARN + 1 INFO (3 false positives, all from one wrong TrimPrefix theory)
  - Qwen3-coder (openrouter):                 5 completion tokens — "No BLOCKs."

Fixed (2, both Opus single-reviewer):
  O-BLOCK: Director path stripping fails if upstream URL has a
    non-empty path. The default Director's singleJoiningSlash runs
    BEFORE the custom code, so an upstream like http://host/api
    produces /api/v1/storage/... after the join — then TrimPrefix("/v1")
    is a no-op because the string starts with /api. Fix: strip /v1
    BEFORE calling origDirector. New TestProxy_SubPathUpstream regression
    locks this in. Today: bare-host URLs only, dormant — but moving
    gateway behind a sub-path in prod would have silently 404'd.
  O-WARN2: url.Parse is permissive — typo "127.0.0.1:3211" (no scheme)
    parses fine, produces empty Host, every request 502s. mustParseUpstream
    fail-fast at startup with a clear message naming the offending
    config field.

Dismissed (3, all Kimi, same false TrimPrefix theory):
  K-BLOCK "TrimPrefix loops forever on //v1storage" — false, single
    check-and-trim, no loop
  K-WARN "no upper bound on repeated // removal" — same false theory
  K-WARN "goroutines leak if upstream parse fails while binaries
    running" — confused scope; binaries are separate OS processes
    launched by the smoke script

D1 smoke updated (post-D6): the 501 stub probes are gone (gateway no
longer stubs /v1/ingest and /v1/sql). Replaced with proxy probes that
verify gateway forwards malformed requests to ingestd and queryd. Launch
order changed from parallel to dep-ordered (storaged → catalogd →
ingestd → queryd → gateway) since catalogd's rehydrate now needs
storaged, queryd's initial Refresh needs catalogd.

All six G0 smokes (D1 through D6) PASS end-to-end after every fix
round. Phase G0 substrate is complete: 5 binaries, 6 routes, 25 fixes
applied across 6 days from cross-lineage review.

G1+ next: gRPC adapters, Lance/HNSW vector indices, Go MCP SDK port,
distillation rebuild, observer + Langfuse integration.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-29 00:21:54 -05:00

50 lines
2.0 KiB
Go
Raw Blame History

// Package gateway holds the reverse-proxy glue that fronts all four
// backing services on a single bind. The /v1 prefix lives at the
// edge — internal services route on `/storage`, `/catalog`, `/ingest`,
// `/sql`. Per D1-plan Kimi K2 finding: httputil.NewSingleHostReverseProxy
// preserves the inbound path by default, so the Director must strip
// `/v1` before forwarding or the backend gets a 404.
package gateway
import (
"net/http"
"net/http/httputil"
"net/url"
"strings"
)
// V1Prefix is the public API version namespace. Stripped before
// requests are forwarded to backing services.
const V1Prefix = "/v1"
// NewProxyHandler builds an http.Handler that reverse-proxies every
// request to upstream, with the V1Prefix stripped from req.URL.Path
// (and RawPath, if present). Query string is preserved. Host header
// is rewritten so the backing service's chi router sees its expected
// host string, not the gateway's.
//
// The returned handler is intentionally minimal — connection pooling
// (via http.DefaultTransport), error responses (502 on upstream
// unreachable), and request logging (via shared.Run middleware) are
// all inherited from sane defaults.
func NewProxyHandler(upstream *url.URL) http.Handler {
p := httputil.NewSingleHostReverseProxy(upstream)
origDirector := p.Director
p.Director = func(req *http.Request) {
// Per scrum O-BLOCK (Opus): strip /v1 BEFORE origDirector
// runs. The default Director joins target.Path + req.URL.Path
// via singleJoiningSlash, so an upstream like
// "http://host/api" produces "/api/v1/storage/..." after the
// join — then TrimPrefix("/v1") is a no-op because the string
// starts with "/api". Stripping first means the join sees the
// already-clean path and produces "/api/storage/...".
req.URL.Path = strings.TrimPrefix(req.URL.Path, V1Prefix)
if req.URL.RawPath != "" {
req.URL.RawPath = strings.TrimPrefix(req.URL.RawPath, V1Prefix)
}
origDirector(req)
req.Host = upstream.Host
}
return p
}
Reference in New Issue View Git Blame Copy Permalink