Migrate session manager to DataStorage and add RestoreSession#4464
Migrate session manager to DataStorage and add RestoreSession#4464
Conversation
yrobla
requested review from
ChrisJBurns,
JAORMX,
amirejaz,
blkt,
jerm-dro and
jhrozek
as code owners
![github-actions[bot]](https://cdn.statically.io/img/avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Large PR Detected
This PR exceeds 1000 lines of changes and requires justification before it can be reviewed.
How to unblock this PR:
Add a section to your PR description with the following format:
## Large PR Justification
[Explain why this PR must be large, such as:]
- Generated code that cannot be split
- Large refactoring that must be atomic
- Multiple related changes that would break if separated
- Migration or data transformationAlternative:
Consider splitting this PR into smaller, focused changes (< 1000 lines each) for easier review and reduced risk.
See our Contributing Guidelines for more details.
This review will be automatically dismissed once you add the justification section.
github-actions
bot
added
size/XL
github-actions
bot
dismissed
their stale review
Large PR justification has been provided. Thank you!
|
✅ Large PR justification has been provided. The size review has been dismissed and this PR can now proceed with normal review. |
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #4464 +/- ##
==========================================
- Coverage 69.60% 69.47% -0.13%
==========================================
Files 494 495 +1
Lines 50445 50733 +288
==========================================
+ Hits 35111 35249 +138
- Misses 12638 12777 +139
- Partials 2696 2707 +11 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
There was a problem hiding this comment.
Pull request overview
This PR refactors vMCP session lifecycle management to decouple live MultiSession state from persisted session metadata by migrating sessionmanager.Manager to the new transportsession.DataStorage interface, and adds a RestoreSession flow to reconstruct sessions on cache misses (e.g., after restart or cross-pod routing when using Redis-backed metadata).
Changes:
- Replace
*transportsession.Managerusage insessionmanager.ManagerwithDataStorage, introducing a node-localsync.Mapcache plussingleflight-deduped restore on cache miss and a background eviction loop driven bystorage.Exists(). - Extend
MultiSessionFactorywithRestoreSession()and addsecurity.RestoreHijackPrevention()to rebuild the hijack-prevention decorator from persisted token hash/salt. - Update discovery middleware to depend on a
MultiSessionGetter(backed by the session manager) and allow unknown sessions to fall through so the SDK can return404viaValidate()(tests updated accordingly).
Reviewed changes
Copilot reviewed 17 out of 17 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| pkg/vmcp/session/mocks/mock_factory.go | Updates gomock factory to include RestoreSession. |
| pkg/vmcp/session/internal/security/security.go | Adds RestoreHijackPrevention to rebuild decorator from stored hash/salt. |
| pkg/vmcp/session/factory.go | Adds MultiSessionFactory.RestoreSession and refactors makeSession → makeBaseSession. |
| pkg/vmcp/session/decorating_factory.go | Adds decorator-aware RestoreSession implementation. |
| pkg/vmcp/server/testfactory_test.go | Updates minimal test factory to satisfy new interface. |
| pkg/vmcp/server/telemetry_integration_test.go | Updates test factory to support RestoreSession. |
| pkg/vmcp/server/sessionmanager/session_manager.go | Major rewrite: DataStorage + node-local cache + restore + eviction loop + adapted prompts. |
| pkg/vmcp/server/sessionmanager/session_manager_test.go | Migrates tests to DataStorage and new behaviors. |
| pkg/vmcp/server/session_management_realbackend_integration_test.go | Updates expected status code after termination (401 → 404). |
| pkg/vmcp/server/session_management_integration_test.go | Updates expected status code after termination (401 → 404). |
| pkg/vmcp/server/server.go | Wires server to create LocalSessionDataStorage and pass it to session manager; updates shutdown/handler wiring. |
| pkg/vmcp/discovery/middleware.go | Switches dependency to MultiSessionGetter; removes 401-on-missing-session behavior. |
| pkg/vmcp/discovery/middleware_test.go | Reworks tests to use a stub MultiSessionGetter. |
| pkg/transport/session/storage.go | Adds Exists() to the session-object Storage interface. |
| pkg/transport/session/storage_redis.go | Implements Storage.Exists() via Redis EXISTS (no TTL refresh). |
| pkg/transport/session/storage_local.go | Implements Storage.Exists() without refreshing last-access timestamp. |
| pkg/transport/session/manager.go | Exposes TTL() and adds Manager.Exists() wrapper. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
yrobla
force-pushed
the
issue-4420-sm-migration
branch
from
758fe0c to
c1d0cbc
Compare
github-actions
bot
added
size/XL
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 17 out of 17 changed files in this pull request and generated 5 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
yrobla
force-pushed
the
issue-4420-sm-migration
branch
from
c1d0cbc to
31f14c9
Compare
github-actions
bot
added
size/XL
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 17 out of 17 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
yrobla
force-pushed
the
issue-4420-sm-migration
branch
from
31f14c9 to
bcfbcd7
Compare
github-actions
bot
added
size/XL
yrobla
force-pushed
the
issue-4420-sm-migration
branch
from
8cdfffd to
70d1c4f
Compare
github-actions
bot
added
size/XL
yrobla
force-pushed
the
issue-4420-sm-migration
branch
from
70d1c4f to
a568a9f
Compare
github-actions
bot
added
size/XL
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 23 out of 23 changed files in this pull request and generated 5 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
yrobla
force-pushed
the
issue-4420-sm-migration
branch
from
a568a9f to
d133cc2
Compare
Replace the *transportsession.Manager dependency in sessionmanager.Manager with the DataStorage interface (introduced in split PR 1), enabling pluggable session metadata storage (local or Redis) without coupling live session state to the serialization layer. Key changes: - Add Exists() to the Storage interface with implementations for LocalStorage and RedisStorage; expose TTL() and Exists() on transportsession.Manager - Add RestoreSession() to MultiSessionFactory (and decorating/mock impls); refactor makeSession → makeBaseSession so RestoreSession can reconstruct a live session from stored metadata without a bearer token - Add RestoreHijackPrevention() in pkg/vmcp/session/internal/security to recreate the hijack-prevention decorator from stored hash/salt - Rewrite sessionmanager.Manager to use DataStorage: node-local multiSessions sync.Map for hot-path lookups, singleflight-deduplicated RestoreSession on cache miss, and a background eviction loop that probes storage.Exists() to clean up expired MultiSession objects whose Redis TTL fired silently - Replace *transportsession.Manager in discovery.Middleware with a MultiSessionGetter interface backed by the session manager; remove the 401 for unknown sessions — the SDK now responds 404 via Validate() - Wire server.go to create LocalSessionDataStorage and pass it to sessionmanager.New; route discovery middleware through vmcpSessionMgr Closes: #4220
github-actions
bot
added
size/XL
yrobla
force-pushed
the
issue-4420-sm-migration
branch
from
d133cc2 to
e033710
Compare
github-actions
bot
added
size/XL
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 19 out of 19 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
yrobla
force-pushed
the
issue-4420-sm-migration
branch
from
e033710 to
8796f90
Compare
github-actions
bot
added
size/XL
github-actions
bot
added
size/XL
Summary
Replace the
*transportsession.Managerdependency insessionmanager.Managerwith theDataStorageinterface (introduced in split PR 1), enabling pluggable session metadata storage (local or Redis) without coupling live session state to the serialization layer.Key changes:
RestoreSession()toMultiSessionFactory(and decorating/mock impls); refactormakeSession→makeBaseSessionsoRestoreSessioncan reconstruct a live session from stored metadata without a bearer tokenRestoreHijackPrevention()inpkg/vmcp/session/internal/securityto recreate the hijack-prevention decorator from stored hash/saltsessionmanager.Managerto useDataStorage: node-localRestorableCache[string, MultiSession]for hot-path lookups with singleflight-deduplicatedRestoreSessionon cache miss and lazy liveness validation viastorage.Load()on cache hitsRestorableCache[K,V]generic type (sync.Map + singleflight + check/evict callbacks) intocache.goserver.goto createLocalSessionDataStorageand pass it tosessionmanager.New; the discovery middleware continues to use the existing*transportsession.Manager(unchanged in this PR)Fixes #4220
Type of change
Test plan
Does this introduce a user-facing change?
No. The discovery middleware and its 401 behaviour for unknown/expired sessions are unchanged. Redis wiring and the 401→404 migration are deferred to a follow-up PR.
Special notes for reviewers
Large PR Justification
This is a PR that is part of multiple. It is completely isolated, cannot be split.