feat: new event-based decisions log buffer implementation (#7446)

This new event-based buffer provides a performance improvement over
the existing buffer by reducing locks and allowing concurrent writes and uploads.
The buffer size is managed by number of individual events opposed to total bytes.

Signed-off-by: sspaink <[email protected]>

Author: sspaink

docs/content/configuration.md

@@ -779,22 +779,24 @@ included in the actual bundle gzipped tarball.
 
 ## Decision Logs
 
-| Field                                              | Type | Required | Description |
-|----------------------------------------------------| -- | --- | --- |
-| `decision_logs.service`                            | `string` | No | Name of the service to use to contact remote server. If no `plugin` is specified, and `console` logging is disabled, this will default to the first `service` name defined in the Services configuration. |
-| `decision_logs.partition_name`                     | `string` | No | Deprecated: Use `resource` instead. Path segment to include in status updates. |
-| `decision_logs.resource`                           | `string` | No (default: `/logs`) | Full path to use for sending decision logs to a remote server. |
-| `decision_logs.reporting.buffer_size_limit_bytes`  | `int64` | No | Decision log buffer size limit in bytes. OPA will drop old events from the log if this limit is exceeded. By default, no limit is set. Only one of `buffer_size_limit_bytes`, `max_decisions_per_second` may be set. |
-| `decision_logs.reporting.max_decisions_per_second` | `float64` | No | Maximum number of decision log events to buffer per second. OPA will drop events if the rate limit is exceeded. Only one of `buffer_size_limit_bytes`, `max_decisions_per_second` may be set. |
-| `decision_logs.reporting.upload_size_limit_bytes`  | `int64` | No (default: `32768`) | Decision log upload size limit in bytes. OPA will chunk uploads to cap message body to this limit. |
-| `decision_logs.reporting.min_delay_seconds`        | `int64` | No (default: `300`) | Minimum amount of time to wait between uploads. |
-| `decision_logs.reporting.max_delay_seconds`        | `int64` | No (default: `600`) | Maximum amount of time to wait between uploads. |
-| `decision_logs.reporting.trigger`                  | `string` | No (default: `periodic`) | Controls how decision logs are reported to the remote server. Allowed values are `periodic` and `manual` (`manual` triggers are only possible when using OPA as a Go package). |
-| `decision_logs.mask_decision`                      | `string` | No (default: `/system/log/mask`) | Set path of masking decision. |
-| `decision_logs.drop_decision`                      | `string` | No (default: `/system/log/drop`) | Set path of drop decision. |
-| `decision_logs.plugin`                             | `string` | No | Use the named plugin for decision logging. If this field exists, the other configuration fields are not required. |
-| `decision_logs.console`                            | `boolean` | No (default: `false`) | Log the decisions locally to the console. When enabled alongside a remote decision logging API the `service` must be configured, the default `service` selection will be disabled. |
-| `decision_logs.request_context.http.headers`       | `array` | No | List of HTTP headers to include in the decision log. OPA will include the values for these headers in the decision log if they exist in the incoming HTTP request. |
+| Field                                              | Type      | Required                          | Description                                                                                                                                                                                                                                              |
+|----------------------------------------------------|-----------|-----------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `decision_logs.service`                            | `string`  | No                                | Name of the service to use to contact remote server. If no `plugin` is specified, and `console` logging is disabled, this will default to the first `service` name defined in the Services configuration.                                                |
+| `decision_logs.partition_name`                     | `string`  | No                                | Deprecated: Use `resource` instead. Path segment to include in status updates.                                                                                                                                                                           |
+| `decision_logs.resource`                           | `string`  | No (default: `/logs`)             | Full path to use for sending decision logs to a remote server.                                                                                                                                                                                           |
+| `decision_logs.reporting.buffer_type`              | `string`  | No (default: `size`)              | Toggles the type of buffer to use. The two available options are "size" or "event". Refer to the [Decision Log Plugin README](https://github.com/open-policy-agent/opa/tree/main/v1/plugins/logs/README.md) for for a detailed comparison.               |
+| `decision_logs.reporting.buffer_size_limit_events` | `int64`   | No (default: `10000`)             | Decision log buffer size limit by events. OPA will drop old events from the log if this limit is exceeded. By default, 100 events are held. This number has to be greater than zero. Only works with "event" buffer type.                                |
+| `decision_logs.reporting.buffer_size_limit_bytes`  | `int64`   | No (default: `unlimited`)         | Decision log buffer size limit in bytes. OPA will drop old events from the log if this limit is exceeded. By default, no limit is set. Only one of `buffer_size_limit_bytes`, `max_decisions_per_second` may be set. Only works with "size" buffer type. |
+| `decision_logs.reporting.max_decisions_per_second` | `float64` | No                                | Maximum number of decision log events to buffer per second. OPA will drop events if the rate limit is exceeded. Only one of `buffer_size_limit_bytes`, `max_decisions_per_second` may be set.                                                            |
+| `decision_logs.reporting.upload_size_limit_bytes`  | `int64`   | No (default: `32768`)             | Decision log upload size limit in bytes. OPA will chunk uploads to cap message body to this limit.                                                                                                                                                       |
+| `decision_logs.reporting.min_delay_seconds`        | `int64`   | No (default: `300`)               | Minimum amount of time to wait between uploads.                                                                                                                                                                                                          |
+| `decision_logs.reporting.max_delay_seconds`        | `int64`   | No (default: `600`)               | Maximum amount of time to wait between uploads.                                                                                                                                                                                                          |
+| `decision_logs.reporting.trigger`                  | `string`  | No (default: `periodic`)          | Controls how decision logs are reported to the remote server. Allowed values are `periodic` and `manual` (`manual` triggers are only possible when using OPA as a Go package).                                                                           |
+| `decision_logs.mask_decision`                      | `string`  | No (default: `/system/log/mask`)  | Set path of masking decision.                                                                                                                                                                                                                            |
+| `decision_logs.drop_decision`                      | `string`  | No (default: `/system/log/drop`)  | Set path of drop decision.                                                                                                                                                                                                                               |
+| `decision_logs.plugin`                             | `string`  | No                                | Use the named plugin for decision logging. If this field exists, the other configuration fields are not required.                                                                                                                                        |
+| `decision_logs.console`                            | `boolean` | No (default: `false`)             | Log the decisions locally to the console. When enabled alongside a remote decision logging API the `service` must be configured, the default `service` selection will be disabled.                                                                       |
+| `decision_logs.request_context.http.headers`       | `array`   | No                                | List of HTTP headers to include in the decision log. OPA will include the values for these headers in the decision log if they exist in the incoming HTTP request.                                                                                       |
 
 ## Discovery
 

v1/plugins/logs/README.md

@@ -0,0 +1,88 @@
+# Decision Log Plugin
+
+The decision log plugin is responsible for gathering decision events from multiple sources and upload them to a service.
+[This plugin is highly configurable](https://www.openpolicyagent.org/docs/latest/configuration/#decision-logs), allowing 
+the user to decide when to upload, drop or proxy a logged event. Each configuration can be dynamically updated while OPA is running.
+
+Events are uploaded in gzip compressed JSON array's at a user defined interval. This can either be triggered periodically
+or manually through the SDK. The size of the gzip compressed JSON array is limited by `upload_size_limit_bytes`.
+
+There are two buffer implementations that can be selected by setting `decision_logs.reporting.buffer_type`, defaults to `size`
+
+## Event Buffer
+
+* `decision_logs.reporting.buffer_type=event`
+
+As events are logged each event is encoded and saved in a buffer. When an upload is triggered, all the events currently
+in the buffer are uploaded in chunks (limited by `upload_size_limit_bytes`). The oldest events will drop if the buffer
+is full, the limit can be configured by changing `buffer_size_limit_events`.
+
+Pros:
+* Compressing only on upload keeps the event and JSON array buffers separate so they don't have to be in sync.
+* Individual events can be dropped quicker without having to decompress the events.
+* Using a channel as a buffer allows events to be written to the buffer concurrently.
+
+Cons:
+* Upload will be slower as the events need to be compressed.
+* A buffer limit has to be set, unlimited size isn't allowed.
+
+```mermaid
+---
+title: Event Upload Flow
+---
+flowchart LR
+    1["Producer 1"] -. event .-> Buffer
+    2["Producer 2"] -. event .-> Buffer
+    3["Producer 3"] -. event .-> Buffer
+    subgraph log [Log Plugin]
+        Buffer --> package
+        subgraph package [JSON Array]
+            A["[event, event, event, event ....]"]
+        end
+    end
+    package -. POST .-> service
+    classDef large font-size:20pt;
+    
+```
+
+## Size Buffer
+
+* `decision_logs.reporting.buffer_type=size`
+
+As events are logged they are encoded and compressed into a JSON Array before being added to the buffer. When an upload 
+is triggered the current buffer is emptied, uploading each JSON Array of events as chunks. By default, the buffer is an
+unlimited size but if `buffer_size_limit_bytes` is configured the oldest events will be dropped.
+
+Pros:
+* Uploads are quicker because each event is already encoded and compressed.
+* The local memory in bytes of the buffer can be limited.
+
+Cons:
+* Events can flow between the encoder and buffer requiring a heavy use of locks.
+* Dropping an individual event requires decompressing an entire array of events.
+* Adding events to the buffer is slower as compression happens on write.
+
+```mermaid
+---
+title: Event Upload Flow
+---
+flowchart LR
+    1["Producer 1"] -. event .-> Encoder
+    2["Producer 2"] -. event .-> Encoder
+    3["Producer 3"] -. event .-> Encoder
+    subgraph log [Log Plugin]
+        Encoder --> package
+        subgraph package [JSON Array]
+            A["[event, event, ...]"]
+        end
+        subgraph Buffer [Buffer]
+            B["[[event, event, ...], [event, event, ...]]"]
+        end
+        package --> Buffer
+        Buffer --> Encoder
+        
+    end
+    Buffer -. POST .-> service
+    classDef large font-size:20pt;
+    
+```

v1/plugins/logs/encoder.go

@@ -64,6 +64,9 @@ func (enc *chunkEncoder) Write(event EventV1) (result [][]byte, err error) {
 	return enc.WriteBytes(buf.Bytes())
 }
 
+// WriteBytes attempts to write a serialized event to the current chunk.
+// If the upload limit is reached the chunk is closed and a result is returned.
+// The incoming event that didn't fit is added to the next chunk.
 func (enc *chunkEncoder) WriteBytes(bs []byte) (result [][]byte, err error) {
 	if len(bs) == 0 {
 		return nil, nil
@@ -232,7 +235,6 @@ func (dec *chunkDecoder) decode() ([]EventV1, error) {
 	if err := json.NewDecoder(gr).Decode(&events); err != nil {
 		return nil, err
 	}
-	gr.Close()
 
-	return events, nil
+	return events, gr.Close()
 }