Skip to content

feat: prevent HTTPs outcalls when stopping #76

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
gregorydemay merged 6 commits into from
Feb 5, 2026
Merged

feat: prevent HTTPs outcalls when stopping #76

gregorydemay merged 6 commits into from
Feb 5, 2026

Conversation

@gregorydemay
Copy link
Contributor

@gregorydemay gregorydemay commented Feb 4, 2026
edited
Loading

Sometimes a canister needs to make a dynamic number of HTTPs outcalls (e.g. scraping Ethereum logs) and this can prevent the canister from being stopped and hence upgraded. This is because when canister_stop is called, the canister is first entering the stopping state, which does prevent new calls to that canister, but does not prevent the canister itself from issuing new calls (see the specification on stop_canister).

This PR therefore introduces a new middleware CanisterReadyService that synchronously checks that the canister is running before delegating to the inner service.

@gregorydemay gregorydemay marked this pull request as ready for review February 4, 2026 10:00
@gregorydemay gregorydemay requested a review from a team as a code owner February 4, 2026 10:00
@gregorydemay gregorydemay requested a review from lpahlavi February 4, 2026 10:01
lpahlavi
lpahlavi approved these changes Feb 4, 2026
View reviewed changes
Copy link
Contributor

@lpahlavi lpahlavi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR @gregorydemay, LGTM! Just some very minor nits for the tests from me.

@mbjorkqvist
Copy link

mbjorkqvist commented Feb 4, 2026
edited by atlassian bot
Loading

Thanks @gregorydemay! The ticket DEFI-2566 suggests adding a configuration option to the library, but I don't see that in this PR. I am thinking of potential use cases where a canister has some higher-level logic regarding HTTP outcalls that it may want to complete before stopping, in which case a configuration option would be useful for situations where the canister can be trusted to make the decision on whether or not to make HTTP outcalls while in the Stopping state.

@gregorydemay
Copy link
Contributor Author

gregorydemay commented Feb 4, 2026
edited by atlassian bot
Loading

Good question @mbjorkqvist !

The ticket DEFI-2566 suggests adding a configuration option to the library, but I don't see that in this PR.

I had thought about this (initial commit had some new configuration field in Client) but my impression is that tower works best when having thin/modular layers that can be stacked on each other. Note that was you suggested is possible by using something like option_layer when instantiating the client or implementing one's own layer (possible wrapping the one from this PR). Does that make sense?

@gregorydemay gregorydemay merged commit 6185b5f into main Feb 5, 2026
10 checks passed
@gregorydemay gregorydemay deleted the gdemay/DEFI-2566-prevent-calls-when-stopping branch February 5, 2026 10:33
@gregorydemay gregorydemay mentioned this pull request Feb 10, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lpahlavi lpahlavi lpahlavi approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@gregorydemay @mbjorkqvist @lpahlavi