Skip to content

[TT-16336] Warn if policy ID duplicated in single Org #7680

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
shults wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[TT-16336] Warn if policy ID duplicated in single Org #7680

shults wants to merge 1 commit into from
+26 −22

Conversation

@shults
Copy link
Contributor

@shults shults commented Jan 20, 2026
edited by github-actions bot
Loading

Description

Related Issue

Motivation and Context

How This Has Been Tested

Screenshots (if appropriate)

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Refactoring or add test (improvements in base code or adds test coverage to functionality)

Checklist

  • I ensured that the documentation is up to date
  • I explained why this PR updates go.mod in detail with reasoning why it's required
  • I would like a code coverage CI quality gate exception and have explained why

Ticket Details

TT-16336
Status In Code Review
Summary Warn if policy ID duplicated in single Org

Generated at: 2026-01-30 09:09:09
@probelabs
Copy link

probelabs bot commented Jan 20, 2026
edited
Loading

This PR introduces a warning mechanism to detect and log when multiple policies within the same organization share an identical ID. This helps administrators identify configuration issues that could otherwise lead to unpredictable behavior.

Files Changed Analysis

  • gateway/server.go: Modified to pass a collision handler function to model.NewPolicies during gateway initialization. This is the sole change, focused on adding the warning log.

Architecture & Impact Assessment

  • What this PR accomplishes: The PR enhances configuration validation by adding a runtime warning for duplicated policy IDs, improving system observability and maintainability.
  • Key technical changes introduced: The core change is the introduction of a collision handler callback during the initialization of the gateway's policy store. This is achieved by using the model.WithInternalCollision functional option with the model.NewPolicies constructor.
  • Affected system components: The change affects the Gateway's policy loading and initialization process. The impact is low, as it only introduces a warning and does not alter the core policy enforcement logic.
graph TD
    A[Gateway Initialization] --> B{model.NewPolicies};
    B -- WithInternalCollision option --> C[Policies Store];
    D[Policy Reload] --> C;
    C -- Duplicated Policy ID detected --> E{Collision Handler Callback};
    E --> F[Log Warning];
Loading

Scope Discovery & Context Expansion

  • The change in gateway/server.go is the consumer of a new capability within the internal/model package.
  • The underlying logic for detecting duplicate policy IDs resides within the Policies.Reload method (not shown in the diff), which now identifies policies with the same ID and OrgID.
  • The model.WithInternalCollision functional option provides the hook for the gateway to react to these detected collisions by logging a warning, decoupling the detection logic from the action taken.
Metadata
  • Review Effort: 2 / 5
  • Primary Label: enhancement

Powered by Visor from Probelabs

Last updated: 2026-01-30T09:12:50.759Z | Triggered by: pr_updated | Commit: fc2f4ba

💡 TIP: You can chat with Visor using /visor ask <your question>
@probelabs
Copy link

probelabs bot commented Jan 20, 2026
edited
Loading

✅ Security Check Passed

No security issues found – changes LGTM.

✅ Architecture Check Passed

No architecture issues found – changes LGTM.

✅ Performance Check Passed

No performance issues found – changes LGTM.

Quality Issues (1)

Severity Location Issue
🟡 Warning gateway/server.go:242-250
The new functionality to log a warning for duplicate policy IDs is not covered by tests. The SonarQube report shows a coverage of only 28.6% for the new code, which indicates a significant testing gap. Without tests, this warning mechanism is susceptible to regressions during future refactoring.
💡 SuggestionAdd a unit test that verifies the policy collision warning is logged correctly. This can be achieved by creating a test for `NewGateway` that uses a mock policy loader to simulate a scenario with duplicate policy IDs and then asserts that the expected warning message is written to the log.

Powered by Visor from Probelabs

Last updated: 2026-01-30T09:12:54.167Z | Triggered by: pr_updated | Commit: fc2f4ba

💡 TIP: You can chat with Visor using /visor ask <your question>
@github-actions
Copy link
Contributor

github-actions bot commented Jan 20, 2026
edited
Loading

API Changes

no api changes detected
@shults shults force-pushed the TT-16336-warn-if-policy-id-duplicated-in-single-org branch 2 times, most recently from 741e87e to bd84aaa Compare January 29, 2026 11:06
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 29, 2026

Quality Gate Failed Quality Gate failed

Failed conditions
28.6% Coverage on New Code (required ≥ 80%)

See analysis details on SonarQube Cloud
@shults shults force-pushed the TT-16336-warn-if-policy-id-duplicated-in-single-org branch from 8b2a91c to fc2f4ba Compare January 30, 2026 09:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

3 participants

@shults @MaciekMis