Skip to content

fix(core): deprecate policy WithValue selector not utilized by RPC #2794

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 9, 2025
Merged

fix(core): deprecate policy WithValue selector not utilized by RPC #2794

merged 2 commits into from
Oct 9, 2025

Conversation

@jakedoublev
Copy link
Contributor

Proposed Changes

  • This proto field has not been utilized by the service RPC in some time, so we can deprecate it in consumer code.

Checklist

  • I have added or updated unit tests
  • I have added or updated integration tests (if appropriate)
  • I have added or updated documentation

Testing Instructions

@jakedoublev jakedoublev requested review from a team as code owners October 9, 2025 15:55
@gemini-code-assist
Copy link
Contributor

Summary of Changes

Hello @jakedoublev, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on a targeted cleanup of the codebase by deprecating and removing a specific field, WithValue, from policy.AttributeValueSelector that is no longer used by the service's RPC. The changes involve systematically eliminating this unused parameter from various GetAttributeValuesByFqnsRequest calls throughout the application, including core SDK components, service implementations, and associated integration tests. This effort aims to reduce technical debt, improve code clarity, and ensure that the codebase accurately reflects current operational requirements.

Highlights

  • Deprecation of Unused Field: The WithValue selector within policy.AttributeValueSelector has been deprecated as it is no longer utilized by the service's RPC.
  • Codebase Cleanup: Removed the now-unused WithValue field from all calls to attributes.GetAttributeValuesByFqnsRequest across the SDK, service logic, and integration tests.
  • Improved Code Clarity: Streamlined the GetAttributeValuesByFqnsRequest calls by removing a redundant parameter, enhancing readability and maintainability.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Unused code removed, Cleaner paths for RPC, System breathes anew.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

@jakedoublev jakedoublev enabled auto-merge October 9, 2025 15:56
@github-actions github-actions bot added comp:sdk A software development kit, including library, for client applications and inter-service communicati comp:authorization labels Oct 9, 2025
@jakedoublev jakedoublev mentioned this pull request Oct 9, 2025
Merged
3 tasks
gemini-code-assist[bot]
gemini-code-assist bot reviewed Oct 9, 2025
View reviewed changes
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request removes the usage of the deprecated WithValue selector from GetAttributeValuesByFqnsRequest across the codebase. The changes are consistent and correct, cleaning up unused code as preparation for its eventual removal from the protobuf definition. The implementation confirms that this field was not being used by the service RPC. The changes look good and improve code clarity by removing dead code.

@github-actions
Copy link
Contributor

github-actions bot commented Oct 9, 2025

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 160.831375ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 100.557152ms

Standard Benchmark Metrics Skipped or Failed

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 350.303273ms
Throughput 285.47 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 38.435112958s
Average Latency 382.778963ms
Throughput 130.09 requests/second

NANOTDF Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 26.556790235s
Average Latency 264.505722ms
Throughput 188.28 requests/second

@github-actions
Copy link
Contributor

github-actions bot commented Oct 9, 2025

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 170.776555ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 124.210621ms

Standard Benchmark Metrics Skipped or Failed

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 360.228664ms
Throughput 277.60 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 39.998712571s
Average Latency 398.394034ms
Throughput 125.00 requests/second

NANOTDF Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 27.992006837s
Average Latency 278.887895ms
Throughput 178.62 requests/second

@jakedoublev jakedoublev added this pull request to the merge queue Oct 9, 2025
Merged via the queue into main with commit c573595 Oct 9, 2025
32 checks passed
@jakedoublev jakedoublev deleted the fix/DSPX-1614-selector branch October 9, 2025 17:04
This was referenced Oct 8, 2025
Merged
Merged
github-merge-queue bot pushed a commit that referenced this pull request Oct 10, 2025
@opentdf-automation
chore(main): release sdk 0.9.0 (#2766)
8058b82 
🤖 I have created a release *beep* *boop*
---


##
[0.9.0](sdk/v0.8.0...sdk/v0.9.0)
(2025-10-09)


### Features

* **sdk:** DSPX-1465 refactor TDF architecture with streaming support
and segment-based writing
([#2785](#2785))
([ea9b278](ea9b278))
* **sdk:** Experimental zipstream lib, add segment-based streaming ZIP
writer, ZIP64 modes
([#2782](#2782))
([b381179](b381179))
* **sdk:** sdk should optionally take in a logger
([#2754](#2754))
([f40d05f](f40d05f))


### Bug Fixes

* **core:** deprecate policy WithValue selector not utilized by RPC
([#2794](#2794))
([c573595](c573595))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: opentdf-automation[bot] <149537512+opentdf-automation[bot]@users.noreply.github.com>
github-merge-queue bot pushed a commit that referenced this pull request Oct 22, 2025
@opentdf-automation
chore(main): release service 0.11.0 (#2744)
e353b0b 
🤖 I have created a release *beep* *boop*
---


##
[0.11.0](service/v0.10.0...service/v0.11.0)
(2025-10-22)


### Features

* **authz:** add obligation fulfillment logic to obligation PDP
([#2740](#2740))
([2f8d30d](2f8d30d))
* **authz:** audit logs should properly handle obligations
([#2824](#2824))
([874ec7b](874ec7b))
* **authz:** defer to request auth as decision/entitlements entity
([#2789](#2789))
([feb34d8](feb34d8))
* **authz:** obligations protos within auth service
([#2745](#2745))
([41ee5a8](41ee5a8))
* **authz:** protovalidate tests for new authz obligations fields
([#2747](#2747))
([73e6319](73e6319))
* **authz:** service logic to use request auth as entity identifier in
PDP decisions/entitlements
([#2790](#2790))
([6784e88](6784e88))
* **authz:** wire up obligations enforcement in auth service
([#2756](#2756))
([11b3ea9](11b3ea9))
* **core:** propagate token clientID on configured claim via interceptor
into shared context metadata
([#2760](#2760))
([0f77246](0f77246))
* **kas:** Add required obligations to kao metadata.:
([#2806](#2806))
([16fb26c](16fb26c))
* **policy:** add FQNs to obligation defs + vals
([#2749](#2749))
([fa2585c](fa2585c))
* **policy:** Add obligation support to KAS
([#2786](#2786))
([bb1bca0](bb1bca0))
* **policy:** List obligation triggers rpc
([#2823](#2823))
([206abe3](206abe3))
* **policy:** namespace root certificates
([#2771](#2771))
([beaff21](beaff21))
* **policy:** Proto - root certificates by namespace
([#2800](#2800))
([0edb359](0edb359))
* **policy:** Protos List obligation triggers
([#2803](#2803))
([b32df81](b32df81))
* **policy:** Return built obligations fqns with triggers.
([#2830](#2830))
([e843018](e843018))
* **policy:** Return obligations from GetAttributeValue calls
([#2742](#2742))
([aa9b393](aa9b393))


### Bug Fixes

* **core:** CORS
([#2787](#2787))
([a030ac6](a030ac6))
* **core:** deprecate policy WithValue selector not utilized by RPC
([#2794](#2794))
([c573595](c573595))
* **core:** deprecated stale protos and add better upgrade comments
([#2793](#2793))
([f2678cc](f2678cc))
* **core:** Don't require known manager names
([#2792](#2792))
([8a56a96](8a56a96))
* **core:** Fix mode negation and core mode
([#2779](#2779))
([de9807d](de9807d))
* **core:** resolve environment loading issues
([#2827](#2827))
([9af3184](9af3184))
* **deps:** bump github.com/opentdf/platform/lib/ocrypto from 0.6.0 to
0.7.0 in /service
([#2812](#2812))
([a6d180d](a6d180d))
* **deps:** bump github.com/opentdf/platform/protocol/go from 0.12.0 to
0.13.0 in /service
([#2814](#2814))
([5e9c695](5e9c695))
* **deps:** bump github.com/opentdf/platform/sdk from 0.7.0 to 0.9.0 in
/service ([#2798](#2798))
([d6bc9a8](d6bc9a8))
* **deps:** bump github.com/opentdf/platform/sdk from 0.9.0 to 0.10.0 in
/service ([#2831](#2831))
([412dfd1](412dfd1))
* ECC key loading (deprecated)
([#2757](#2757))
([49990eb](49990eb))
* **policy:** Change to nil
([#2746](#2746))
([a449434](a449434))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: opentdf-automation[bot] <149537512+opentdf-automation[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@elizabethhealy elizabethhealy elizabethhealy approved these changes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

comp:authorization comp:sdk A software development kit, including library, for client applications and inter-service communicati size/xs

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jakedoublev @elizabethhealy