[PR] Fix/graphql client token refresh [incubator-devlake]

Sat, 21 Mar 2026 22:12:23 -0700 


Ke-vin-S opened a new pull request, #8791:
URL: https://github.com/apache/incubator-devlake/pull/8791

   ### Summary
   This PR fixes two issues in the GitHub GraphQL client related to stability 
and authentication during long-running pipelines:
   
   1. **Prevent process crash on rate-limit polling errors**
      - Replaces `panic` in `GraphqlAsyncClient` background goroutine with 
graceful error handling.
      - On failure, errors are logged and the system retries in the next 
polling cycle while retaining the last known rate limit.
   
   2. **Enable automatic token refresh for GraphQL requests**
      - Replaces `oauth2.StaticTokenSource`-based HTTP client with the 
underlying `http.Client` from `ApiAsyncClient`.
      - This allows GraphQL requests to reuse the `RefreshRoundTripper`, 
enabling automatic token refresh for GitHub App installation tokens.
   
   ---
   
   ### Does this close any open issues?
   Closes #8788
   
   ---
   
   ### Screenshots
   N/A
   
   ---
   
   ### Other Information
   
   #### Design decisions
   
   - **Avoid panic in background goroutines**  
     Rate-limit polling is non-critical and should not crash the entire 
pipeline. Errors are now handled gracefully.
   
   - **Separate handling of initial vs runtime failures**
     - Initial rate-limit fetch failure → fallback to default (`5000`) to 
prevent deadlock.
     - Runtime failure → retain last known `rateRemaining` to preserve 
correctness.
   
   - **Use eventual consistency for rate limiting**  
     Rate-limit polling is best-effort; failures should not block or terminate 
execution.
   
   - **Reuse transport layer for consistency**  
     GraphQL now uses `apiClient.GetClient()` to share authentication, proxy, 
and retry behavior with REST.
   
   - **Avoid `StaticTokenSource`**  
     Static tokens break long-running pipelines due to expiration. Using 
`RefreshRoundTripper` ensures seamless token rotation.
   
   ---
   
   This change ensures:
   - No crashes due to transient GraphQL rate-limit polling errors
   - Stable execution of long-running pipelines
   - Proper support for GitHub App authentication in GraphQL workflows


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to