[ 
https://issues.apache.org/jira/browse/NIFI-16060?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18092954#comment-18092954
 ] 

ASF subversion and git services commented on NIFI-16060:
--------------------------------------------------------

Commit 62964f0cdba91c5b9d84c51d0317e3d1f1b92177 in nifi's branch 
refs/heads/main from Kevin Doran
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=62964f0cdba ]

NIFI-16060 Tolerate connector configuration load failures on read (#11380)

* NIFI-16060 Tolerate connector configuration load failures on read

When a connector's stored configuration cannot be loaded or parsed (e.g. a
corrupt config left behind by a failed commit), the 
ConnectorConfigurationProvider
throws ConnectorConfigurationProviderException. On the SYNC_WITH_PROVIDER read
path this exception previously propagated uncaught and surfaced as an HTTP 500
from the connector REST endpoints. Because the delete flow reads the connector
(for its revision, and to snapshot it before deletion), a corrupt connector
became impossible to read or delete.

Make the two read retrieval methods (getConnector and getConnectors with
SYNC_WITH_PROVIDER) tolerate a configuration-load failure: log a warning, mark
the connector invalid so the failure remains visible to clients via the DTO's
validation status, and return the in-memory node instead of propagating. The
connector therefore stays readable and deletable.

Write paths (addConnector, applyUpdate) call syncFromProvider directly and
continue to propagate the exception, so create/apply-config still fail on a bad
configuration rather than proceeding silently.

* NIFI-16060 Do not mark connector invalid on read-time config load failure

A read-time configuration-load failure may be transient (e.g. a provider/network
blip), not a corrupt configuration. markInvalid sets a sticky INVALID validation
state that is only cleared on a config/update lifecycle event, not by a later
successful read, so marking invalid on a tolerated read would leave a healthy
connector permanently invalid after the underlying issue resolves.

Drop the markInvalid call from the tolerant read path: log the failure and 
return
the connector with its existing state untouched, so it recovers on the next
successful read. Update the tests to assert the connector is never marked 
invalid.

* NIFI-16060 Log connector config load failure on read at error level

A configuration that cannot be loaded during a read is an operational problem
worth surfacing prominently (the connector's working configuration is stale or
unavailable), so log it at ERROR rather than WARN.

> StandardConnectorRepository should handle exceptions from 
> ConnectorConfigurationProvider gracefully
> ---------------------------------------------------------------------------------------------------
>
>                 Key: NIFI-16060
>                 URL: https://issues.apache.org/jira/browse/NIFI-16060
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Core Framework
>            Reporter: Kevin Doran
>            Assignee: Kevin Doran
>            Priority: Major
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to