gnodet commented on code in PR #22282:
URL: https://github.com/apache/camel/pull/22282#discussion_r2995074652
##########
components/camel-pqc/src/main/java/org/apache/camel/component/pqc/PQCStatefulKeyHealthCheck.java:
##########
@@ -78,24 +65,35 @@ protected void doCall(HealthCheckResultBuilder builder,
Map<String, Object> opti
return;
}
+ long totalCapacity = index + remaining;
+
builder.detail("stateful_key", true);
builder.detail("algorithm", algorithm);
builder.detail("remaining_signatures", remaining);
builder.detail("signatures_used", index);
- builder.detail("total_capacity", index + remaining);
+ builder.detail("total_capacity", totalCapacity);
- if (remaining <= 0) {
+ if (remaining == 0) {
builder.message("Stateful key (" + algorithm + ") is exhausted
with 0 remaining signatures");
builder.down();
return;
}
- double threshold = configuration.getStatefulKeyWarningThreshold();
- long totalCapacity = index + remaining;
+ double threshold =
endpoint.getConfiguration().getStatefulKeyWarningThreshold();
if (threshold > 0 && totalCapacity > 0) {
double fractionRemaining = (double) remaining / totalCapacity;
builder.detail("fraction_remaining", String.format("%.4f",
fractionRemaining));
builder.detail("warning_threshold", String.valueOf(threshold));
+
+ if (fractionRemaining <= threshold) {
+ builder.message(
+ "Stateful key (" + algorithm + ") is approaching
exhaustion: " + remaining
+ + " signatures remaining out of " +
totalCapacity + " total ("
+ + String.format("%.1f%%", fractionRemaining *
100) + " remaining)");
+ builder.detail("warning", true);
+ builder.down();
+ return;
Review Comment:
The Camel `HealthCheck.State` enum has `UP`, `DOWN`, and `UNKNOWN` — no
`DEGRADED` state. Using `DOWN` here means a key that still has remaining
signatures is treated the same as an exhausted key by monitoring/readiness
probes.
Since this is a *warning* (the key still works), it should report `UP` with
the warning details. Operators can alert on the detail fields without tripping
readiness checks.
The `return` is also removed so the method falls through to the existing
`builder.up()` on line 99. If we kept `return` without `builder.down()`, the
method would exit without setting any state — no `up()`, `down()`, or
`unknown()` — which is incorrect.
```suggestion
if (fractionRemaining <= threshold) {
builder.message(
"Stateful key (" + algorithm + ") is approaching
exhaustion: " + remaining
+ " signatures remaining out of " +
totalCapacity + " total ("
+ String.format("%.1f%%", fractionRemaining
* 100) + " remaining)");
builder.detail("warning", true);
// Stay UP — the key still has capacity. Operators can alert
on the "warning" detail.
}
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
