Skip to content

fix: clean up worker claims during shutdown#1694

Draft
MuncleUscles wants to merge 1 commit into
v0.123-devfrom
codex/fix-worker-shutdown-claims
Draft

fix: clean up worker claims during shutdown#1694
MuncleUscles wants to merge 1 commit into
v0.123-devfrom
codex/fix-worker-shutdown-claims

Conversation

@MuncleUscles

Copy link
Copy Markdown
Member

Summary

  • remove the worker service's custom SIGTERM/SIGINT handler so Uvicorn can run ASGI lifespan shutdown
  • on shutdown, stop claiming work, terminate validators/GenVM subprocesses quickly, cancel active tasks, then release/reset this worker's owned transaction claims
  • preserve finalization-ready transaction state while resetting in-progress consensus statuses back to retryable PENDING, with recovery-count exhaustion still canceling repeated failures
  • add DB coverage for owned claim reset, finalization-state preservation, and recovery exhaustion during shutdown cleanup

Context

Rally prod canary evidence showed the worker received /stop and SIGTERM, the worker supervisor stopped quickly, but the process stayed alive until Kubernetes killed it with exit 137. This PR makes termination deterministic and prevents a terminating worker from stranding owned transaction claims when GenVM or active work does not complete inside the pod grace period.

Verification

  • python3 -m py_compile backend/consensus/worker.py backend/consensus/worker_service.py tests/db-sqlalchemy/test_worker_shutdown_claim_cleanup.py
  • pytest tests/db-sqlalchemy/test_worker_shutdown_claim_cleanup.py could not run locally because this environment is missing alembic (ModuleNotFoundError: No module named 'alembic').
  • commit hooks passed: trailing whitespace, large files, JSON/YAML checks, merge conflict check, branch check, autoflake, black, eslint/prettier skips for no frontend files

@coderabbitai

coderabbitai Bot commented Jun 25, 2026

Copy link
Copy Markdown
Contributor

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: a1b3ee68-fbad-47c6-bf80-837f85fa57ea

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch codex/fix-worker-shutdown-claims

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@github-actions github-actions Bot changed the base branch from main to v0.123-dev June 25, 2026 15:50
@github-actions

Copy link
Copy Markdown
Contributor

This PR targeted main, which is only the default/static branch.

I retargeted it to v0.123-dev, the active development branch. Pushes to v0.123-dev automatically fast-forward main.

@sonarqubecloud

Copy link
Copy Markdown

Quality Gate Failed Quality Gate failed

Failed conditions
11 Security Hotspots
79.1% Coverage on New Code (required ≥ 80%)
C Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant