dohertj2/mxaccessgw
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(worker): implement Ping/GetSessionState/GetWorkerInfo/DrainEvents/ShutdownWorker control commands

Browse Source 
Answer the five worker control/lifecycle commands at the WorkerPipeSession
message-loop layer instead of the STA-bound MxAccessCommandExecutor. These
replies are built from process-level state (worker pid, assembly version,
worker lifecycle, the runtime session's event queue) the executor cannot see,
and ShutdownWorker must emit its OK reply before the graceful shutdown joins
the STA thread - dispatching it onto the STA would deadlock.

- Ping: OK reply, echoes message into diagnostic_message.
- GetSessionState: maps WorkerState to proto SessionState.
- GetWorkerInfo: pid, worker version, MXAccess ProgID/CLSID.
- DrainEvents: drains the runtime event queue into DrainEventsReply.
- ShutdownWorker: OK reply, then graceful shutdown, then stops the loop.

Tests added in WorkerPipeSessionTests; FakeRuntimeSession gains a
batch-size drain suppressor so DrainEvents does not race the background
drain loop.
This commit is contained in:
Joseph Doherty
2026-06-15 10:20:51 -04:00
parent 5a7f8ace77
commit bf72cd8961
3 changed files with 440 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/ZB.MOM.WW.MxGateway.Worker/Ipc/WorkerPipeSession.cs
+185
View File
@@ -378,6 +378,22 @@ public sealed class WorkerPipeSession
switch (envelope.BodyCase)
{
case WorkerEnvelope.BodyOneofCase.WorkerCommand:
// Worker control/lifecycle commands (Ping, GetSessionState,
// GetWorkerInfo, DrainEvents, ShutdownWorker) are answered here
// on the message-loop thread instead of being dispatched onto
// the STA. Their replies are built from process-level state
// (worker process id, assembly version, _state, the runtime
// session's event queue) that the STA-bound
// MxAccessCommandExecutor cannot see, and ShutdownWorker must
// return its OK reply BEFORE the graceful shutdown joins the
// STA thread — running it on the STA would deadlock. Returning
// false from the ShutdownWorker arm stops the read loop exactly
// as a WorkerShutdown envelope would.
if (IsControlCommand(envelope.WorkerCommand?.Command?.Kind ?? MxCommandKind.Unspecified))
{
return await HandleControlCommandAsync(envelope, cancellationToken).ConfigureAwait(false);
}
TryStartCommandTask(envelope, cancellationToken);
return true;
case WorkerEnvelope.BodyOneofCase.WorkerShutdown:
@@ -393,6 +409,175 @@ public sealed class WorkerPipeSession
}
}
private static bool IsControlCommand(MxCommandKind kind)
{
return kind switch
{
MxCommandKind.Ping => true,
MxCommandKind.GetSessionState => true,
MxCommandKind.GetWorkerInfo => true,
MxCommandKind.DrainEvents => true,
MxCommandKind.ShutdownWorker => true,
_ => false,
};
}
/// <summary>
/// Answers a worker control/lifecycle command on the message-loop
/// thread (never on the STA). Returns <c>false</c> only for
/// <see cref="MxCommandKind.ShutdownWorker"/> — after writing its OK
/// reply this drives the same graceful-shutdown path a
/// <c>WorkerShutdown</c> envelope would, then signals the read loop to
/// stop. All other control commands return <c>true</c> to keep reading.
/// </summary>
private async Task<bool> HandleControlCommandAsync(
WorkerEnvelope envelope,
CancellationToken cancellationToken)
{
WorkerCommand workerCommand = envelope.WorkerCommand;
MxCommand command = workerCommand.Command;
string correlationId = envelope.CorrelationId;
if (command.Kind == MxCommandKind.ShutdownWorker)
{
// Build and emit the OK reply BEFORE triggering shutdown so the
// gateway's correlation-id wait is satisfied even though the
// graceful shutdown below tears the session (and pipe) down.
MxCommandReply shutdownReply = CreateControlOkReply(correlationId, command.Kind);
await WriteControlReplyAsync(shutdownReply, cancellationToken).ConfigureAwait(false);
WorkerShutdown shutdown = new();
if (command.ShutdownWorker?.GracePeriod is not null)
{
shutdown.GracePeriod = command.ShutdownWorker.GracePeriod;
}
shutdown.Reason = "ShutdownWorker command";
await ShutdownAsync(shutdown, cancellationToken).ConfigureAwait(false);
return false;
}
MxCommandReply reply = command.Kind switch
{
MxCommandKind.Ping => CreatePingReply(correlationId, command),
MxCommandKind.GetSessionState => CreateSessionStateReply(correlationId, command.Kind),
MxCommandKind.GetWorkerInfo => CreateWorkerInfoReply(correlationId, command.Kind),
MxCommandKind.DrainEvents => CreateDrainEventsReply(correlationId, command),
_ => CreateControlOkReply(correlationId, command.Kind),
};
await WriteControlReplyAsync(reply, cancellationToken).ConfigureAwait(false);
return true;
}
private Task WriteControlReplyAsync(
MxCommandReply reply,
CancellationToken cancellationToken)
{
return _writer.WriteAsync(
CreateEnvelope(new WorkerCommandReply
{
Reply = reply,
CompletedTimestamp = Timestamp.FromDateTime(DateTime.UtcNow),
}),
cancellationToken);
}
private MxCommandReply CreatePingReply(string correlationId, MxCommand command)
{
MxCommandReply reply = CreateControlOkReply(correlationId, command.Kind);
// Echo the ping message back through the base reply's diagnostic
// message field (there is no dedicated PingReply payload). An empty
// message leaves the diagnostic field at its proto3 default.
string? message = command.Ping?.Message;
if (!string.IsNullOrEmpty(message))
{
reply.DiagnosticMessage = message;
}
return reply;
}
private MxCommandReply CreateSessionStateReply(string correlationId, MxCommandKind kind)
{
MxCommandReply reply = CreateControlOkReply(correlationId, kind);
reply.SessionState = new SessionStateReply
{
State = MapWorkerStateToSessionState(_state),
};
return reply;
}
private MxCommandReply CreateWorkerInfoReply(string correlationId, MxCommandKind kind)
{
MxCommandReply reply = CreateControlOkReply(correlationId, kind);
reply.WorkerInfo = new WorkerInfoReply
{
WorkerProcessId = _processIdProvider(),
WorkerVersion = typeof(WorkerPipeSession).Assembly.GetName().Version?.ToString() ?? string.Empty,
MxaccessProgid = MxAccessInteropInfo.ProgId,
MxaccessClsid = MxAccessInteropInfo.Clsid,
};
return reply;
}
private MxCommandReply CreateDrainEventsReply(string correlationId, MxCommand command)
{
MxCommandReply reply = CreateControlOkReply(correlationId, command.Kind);
DrainEventsReply drainReply = new();
IWorkerRuntimeSession? runtimeSession = _runtimeSession;
if (runtimeSession is not null)
{
uint maxEvents = command.DrainEvents?.MaxEvents ?? 0;
foreach (WorkerEvent workerEvent in runtimeSession.DrainEvents(maxEvents))
{
if (workerEvent.Event is not null)
{
drainReply.Events.Add(workerEvent.Event);
}
}
}
reply.DrainEvents = drainReply;
return reply;
}
private MxCommandReply CreateControlOkReply(string correlationId, MxCommandKind kind)
{
return new MxCommandReply
{
SessionId = _options.SessionId,
CorrelationId = correlationId,
Kind = kind,
Hresult = 0,
ProtocolStatus = new ProtocolStatus
{
Code = ProtocolStatusCode.Ok,
Message = "OK",
},
};
}
private static SessionState MapWorkerStateToSessionState(WorkerState state)
{
return state switch
{
WorkerState.Starting => SessionState.StartingWorker,
WorkerState.Handshaking => SessionState.Handshaking,
WorkerState.InitializingSta => SessionState.InitializingWorker,
WorkerState.Ready => SessionState.Ready,
// A control command is being served, so the STA is alive and
// ready — the busy state is incidental, not a distinct lifecycle.
WorkerState.ExecutingCommand => SessionState.Ready,
WorkerState.ShuttingDown => SessionState.Closing,
WorkerState.Stopped => SessionState.Closed,
WorkerState.Faulted => SessionState.Faulted,
_ => SessionState.Unspecified,
};
}
private async Task ProcessCommandAsync(
WorkerEnvelope envelope,
CancellationToken cancellationToken)