Return message to queue between retry attempts (#1913)

awright18 · bording · web-flow · commit 9536b3464ecd · 2023-02-08T11:16:08.000-05:00
* Return message to queue between retry attempts

* Tweaks

---------

Co-authored-by: Brandon Ording &lt;bording@gmail.com&gt;
diff --git a/src/NServiceBus.Transport.SQS/FailureInfoStorage.cs b/src/NServiceBus.Transport.SQS/FailureInfoStorage.cs
@@ -0,0 +1,79 @@
+﻿namespace NServiceBus.Transport.SQS
+{
+    using System.Collections.Generic;
+
+    // The data structure has fixed maximum size. When the data structure reaches its maximum size,
+    // the least recently used (LRU) message processing failure is removed from the storage.
+    class FailureInfoStorage
+    {
+        public FailureInfoStorage(int maxElements)
+        {
+            this.maxElements = maxElements;
+        }
+
+        public void RecordFailureInfoForMessage(string messageId)
+        {
+            lock (lockObject)
+            {
+                if (failureInfoPerMessage.TryGetValue(messageId, out var node))
+                {
+                    // We have seen this message before, just update the counter
+                    node.Attempts++;
+
+                    // Maintain invariant: leastRecentlyUsedMessages.First contains the LRU item.
+                    leastRecentlyUsedMessages.Remove(node.LeastRecentlyUsedEntry);
+                    leastRecentlyUsedMessages.AddLast(node.LeastRecentlyUsedEntry);
+                }
+                else
+                {
+                    if (failureInfoPerMessage.Count == maxElements)
+                    {
+                        // We have reached the maximum allowed capacity. Remove the LRU item.
+                        var leastRecentlyUsedEntry = leastRecentlyUsedMessages.First;
+                        failureInfoPerMessage.Remove(leastRecentlyUsedEntry.Value);
+                        leastRecentlyUsedMessages.RemoveFirst();
+                    }
+
+                    var newNode = new FailureInfoNode(messageId, 1);
+
+                    failureInfoPerMessage[messageId] = newNode;
+
+                    // Maintain invariant: leastRecentlyUsedMessages.First contains the LRU item.
+                    leastRecentlyUsedMessages.AddLast(newNode.LeastRecentlyUsedEntry);
+                }
+            }
+        }
+
+        public bool TryGetFailureInfoForMessage(string messageId, out int attempts)
+        {
+            lock (lockObject)
+            {
+                if (failureInfoPerMessage.TryGetValue(messageId, out var node))
+                {
+                    attempts = node.Attempts;
+                    return true;
+                }
+                attempts = 0;
+                return false;
+            }
+        }
+
+        readonly Dictionary<string, FailureInfoNode> failureInfoPerMessage = new Dictionary<string, FailureInfoNode>();
+        readonly LinkedList<string> leastRecentlyUsedMessages = new LinkedList<string>();
+        readonly object lockObject = new object();
+        readonly int maxElements;
+
+        class FailureInfoNode
+        {
+            public FailureInfoNode(string messageId, int attempts)
+            {
+                Attempts = attempts;
+                LeastRecentlyUsedEntry = new LinkedListNode<string>(messageId);
+            }
+
+            public int Attempts { get; set; }
+
+            public LinkedListNode<string> LeastRecentlyUsedEntry { get; }
+        }
+    }
+}
diff --git a/src/NServiceBus.Transport.SQS/InputQueuePump.cs b/src/NServiceBus.Transport.SQS/InputQueuePump.cs
@@ -136,7 +136,18 @@ async Task ConsumeMessages(CancellationToken token)
                             return;
                         }
 
-                        _ = ProcessMessage(receivedMessage, maxConcurrencySemaphore, token);
+                        try
+                        {
+                            _ = ProcessMessage(receivedMessage, maxConcurrencySemaphore, token);
+                        }
+                        catch (Exception ex)
+                        {
+                            Logger.Debug("Returning message to queue...", ex);
+
+                            await ReturnMessageToQueue(receivedMessage).ConfigureAwait(false);
+
+                            throw;
+                        }
                     }
                 }
                 catch (OperationCanceledException)
@@ -161,6 +172,12 @@ internal async Task ProcessMessage(Message receivedMessage, SemaphoreSlim proces
                 string messageId = null;
                 var isPoisonMessage = false;
 
+                if (messagesToBeDeletedStorage.TryGetFailureInfoForMessage(nativeMessageId, out _))
+                {
+                    await DeleteMessage(receivedMessage, null).ConfigureAwait(false);
+                    return;
+                }
+
                 try
                 {
                     if (receivedMessage.MessageAttributes.TryGetValue(Headers.MessageId, out var messageIdAttribute))
@@ -230,81 +247,126 @@ internal async Task ProcessMessage(Message receivedMessage, SemaphoreSlim proces
                     return;
                 }
 
-                if (!IsMessageExpired(receivedMessage, transportMessage.Headers, messageId, CorrectClockSkew.GetClockCorrectionForEndpoint(awsEndpointUrl)))
+                if (IsMessageExpired(receivedMessage, transportMessage.Headers, messageId, CorrectClockSkew.GetClockCorrectionForEndpoint(awsEndpointUrl)))
                 {
-                    // here we also want to use the native message id because the core demands it like that
-                    await ProcessMessageWithInMemoryRetries(transportMessage.Headers, nativeMessageId, messageBody, receivedMessage, token).ConfigureAwait(false);
+                    await DeleteMessage(receivedMessage, transportMessage.S3BodyKey).ConfigureAwait(false);
                 }
+                else
+                {
+                    // here we also want to use the native message id because the core demands it like that
+                    var messageProcessed = await InnerProcessMessage(transportMessage.Headers, nativeMessageId, messageBody, receivedMessage, token).ConfigureAwait(false);
 
-                // Always delete the message from the queue.
-                // If processing failed, the onError handler will have moved the message
-                // to a retry queue.
-                await DeleteMessage(receivedMessage, transportMessage.S3BodyKey).ConfigureAwait(false);
+                    if (messageProcessed)
+                    {
+                        await DeleteMessage(receivedMessage, transportMessage.S3BodyKey).ConfigureAwait(false);
+                    }
+                }
             }
             finally
             {
                 processingSemaphoreSlim.Release();
             }
         }
 
-        async Task ProcessMessageWithInMemoryRetries(Dictionary<string, string> headers, string nativeMessageId, byte[] body, Message nativeMessage, CancellationToken token)
+        async Task<bool> InnerProcessMessage(Dictionary<string, string> headers, string nativeMessageId, byte[] body, Message nativeMessage, CancellationToken token)
         {
-            var immediateProcessingAttempts = 0;
-            var messageProcessedOk = false;
-            var errorHandled = false;
-
-            while (!errorHandled && !messageProcessedOk)
+            // set the native message on the context for advanced usage scenario's
+            var context = new ContextBag();
+            context.Set(nativeMessage);
+            // We add it to the transport transaction to make it available in dispatching scenario's so we copy over message attributes when moving messages to the error/audit queue
+            var transportTransaction = new TransportTransaction();
+            transportTransaction.Set(nativeMessage);
+            transportTransaction.Set("IncomingMessageId", headers[Headers.MessageId]);
+
+            using (var messageContextCancellationTokenSource = new CancellationTokenSource())
             {
-                // set the native message on the context for advanced usage scenario's
-                var context = new ContextBag();
-                context.Set(nativeMessage);
-                // We add it to the transport transaction to make it available in dispatching scenario's so we copy over message attributes when moving messages to the error/audit queue
-                var transportTransaction = new TransportTransaction();
-                transportTransaction.Set(nativeMessage);
-                transportTransaction.Set("IncomingMessageId", headers[Headers.MessageId]);
-
                 try
                 {
-                    using (var messageContextCancellationTokenSource = new CancellationTokenSource())
-                    {
-                        var messageContext = new MessageContext(
-                            nativeMessageId,
-                            new Dictionary<string, string>(headers),
-                            body,
-                            transportTransaction,
-                            messageContextCancellationTokenSource,
-                            context);
 
-                        await onMessage(messageContext).ConfigureAwait(false);
+                    var messageContext = new MessageContext(
+                        nativeMessageId,
+                        new Dictionary<string, string>(headers),
+                        body,
+                        transportTransaction,
+                        messageContextCancellationTokenSource,
+                        context);
+
+                    await onMessage(messageContext).ConfigureAwait(false);
 
-                        messageProcessedOk = !messageContextCancellationTokenSource.IsCancellationRequested;
-                    }
                 }
-                catch (Exception ex)
-                    when (!(ex is OperationCanceledException && token.IsCancellationRequested))
+                catch (Exception ex) when (!(ex is OperationCanceledException && token.IsCancellationRequested))
                 {
-                    immediateProcessingAttempts++;
-                    var errorHandlerResult = ErrorHandleResult.RetryRequired;
+                    var deliveryAttempts = GetDeliveryAttempts(nativeMessageId);
 
                     try
                     {
-                        errorHandlerResult = await onError(new ErrorContext(ex,
+                        var errorHandlerResult = await onError(new ErrorContext(ex,
                             new Dictionary<string, string>(headers),
                             nativeMessageId,
                             body,
                             transportTransaction,
-                            immediateProcessingAttempts)).ConfigureAwait(false);
+                            deliveryAttempts)).ConfigureAwait(false);
+
+                        if (errorHandlerResult == ErrorHandleResult.RetryRequired)
+                        {
+                            await ReturnMessageToQueue(nativeMessage).ConfigureAwait(false);
+
+                            return false;
+                        }
                     }
                     catch (Exception onErrorEx)
                     {
                         criticalError.Raise($"Failed to execute recoverability policy for message with native ID: `{nativeMessageId}`", onErrorEx);
+
+                        await ReturnMessageToQueue(nativeMessage).ConfigureAwait(false);
+
+                        return false;
                     }
+                }
+
+                if (messageContextCancellationTokenSource.IsCancellationRequested)
+                {
+                    await ReturnMessageToQueue(nativeMessage).ConfigureAwait(false);
 
-                    errorHandled = errorHandlerResult == ErrorHandleResult.Handled;
+                    return false;
                 }
+
+                return true;
+            }
+        }
+
+        async Task ReturnMessageToQueue(Message message)
+        {
+            try
+            {
+                await sqsClient.ChangeMessageVisibilityAsync(
+                    new ChangeMessageVisibilityRequest()
+                    {
+                        QueueUrl = inputQueueUrl,
+                        ReceiptHandle = message.ReceiptHandle,
+                        VisibilityTimeout = 0
+                    },
+                    CancellationToken.None).ConfigureAwait(false);
+            }
+            catch (ReceiptHandleIsInvalidException ex)
+            {
+                Logger.Warn($"Failed to return message with native ID '{message.MessageId}' to the queue because the visibility timeout has expired. The message has already been returned to the queue.", ex);
+            }
+            catch (Exception ex)
+            {
+                Logger.Warn($"Failed to return message with native ID '{message.MessageId}' to the queue. The message will return to the queue after the visibility timeout expires.", ex);
             }
         }
 
+        int GetDeliveryAttempts(string nativeMessageId)
+        {
+            deliveryAttemptsStorage.RecordFailureInfoForMessage(nativeMessageId);
+
+            deliveryAttemptsStorage.TryGetFailureInfoForMessage(nativeMessageId, out var attempts);
+
+            return attempts;
+        }
+
         static bool IsMessageExpired(Message receivedMessage, Dictionary<string, string> headers, string messageId, TimeSpan clockOffset)
         {
             if (!headers.TryGetValue(TimeToBeReceived, out var rawTtbr))
@@ -338,16 +400,23 @@ async Task DeleteMessage(Message message, string s3BodyKey)
             {
                 // should not be cancelled
                 await sqsClient.DeleteMessageAsync(inputQueueUrl, message.ReceiptHandle, CancellationToken.None).ConfigureAwait(false);
+
+                if (!string.IsNullOrEmpty(s3BodyKey))
+                {
+                    Logger.Info($"Message body data with key '{s3BodyKey}' will be aged out by the S3 lifecycle policy when the TTL expires.");
+                }
             }
             catch (ReceiptHandleIsInvalidException ex)
             {
-                Logger.Info($"Message receipt handle {message.ReceiptHandle} no longer valid.", ex);
-                return; // if another receiver fetches the data from S3
-            }
+                Logger.Error($"Failed to delete message with native ID '{message.MessageId}' because the handler execution time exceeded the visibility timeout. Increase the length of the timeout on the queue. The message was returned to the queue.", ex);
 
-            if (!string.IsNullOrEmpty(s3BodyKey))
+                messagesToBeDeletedStorage.RecordFailureInfoForMessage(message.MessageId);
+            }
+            catch (Exception ex)
             {
-                Logger.Info($"Message body data with key '{s3BodyKey}' will be aged out by the S3 lifecycle policy when the TTL expires.");
+                Logger.Warn($"Failed to delete message with native ID '{message.MessageId}'. The message will be returned to the queue when the visibility timeout expires.", ex);
+
+                messagesToBeDeletedStorage.RecordFailureInfoForMessage(message.MessageId);
             }
         }
 
@@ -405,6 +474,8 @@ await sqsClient.DeleteMessageAsync(new DeleteMessageRequest
             // If there is a message body in S3, simply leave it there
         }
 
+        readonly FailureInfoStorage deliveryAttemptsStorage = new FailureInfoStorage(1_000);
+        readonly FailureInfoStorage messagesToBeDeletedStorage = new FailureInfoStorage(1_000);
         List<Task> pumpTasks;
         Func<ErrorContext, Task<ErrorHandleResult>> onError;
         Func<MessageContext, Task> onMessage;
