Skip to content

Eng 1740 fallback to database identities if identities have expired from redis #6896

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
JadeCara merged 18 commits into from
Nov 5, 2025
Merged

Eng 1740 fallback to database identities if identities have expired from redis #6896

JadeCara merged 18 commits into from
Nov 5, 2025

Conversation

@JadeCara
Copy link
Contributor

@JadeCara JadeCara commented Oct 30, 2025
edited
Loading

Ticket ENG-1740

Description Of Changes

🎯 Whenever we try to read identities or custom privacy request fields from Redis, fallback to getting the data from the database if the values have already expired.

Refer to the updates to get_cached_identity_data and get_cached_custom_privacy_request_fields in this closed PR Privacy request cache refresh by galvana · Pull Request #4610 · ethyca/fides

Code Changes

  • Added fallback query for identities and custom fields to privacy request
  • Added new function to verify if identity is cached for existing endpoint call
  • Added some tests for this fallback functionality.

Steps to Confirm

  1. Run fidesplus pointed at this branch.
  2. To allow us to manipulate the cache before our privacy request completes - Set auto approve to false using PATCH /api/v1/config with:
{
  "execution": {
    "require_manual_request_approval": true
  }
}
  1. Create a privacy request and grab the id
  2. using the local redis login redis-cli -a your_password
  3. delete the identity keys DEL id-<<privacy_request_id here>>-identity-email
  4. Verify its gone by running KEYS * to verify that key is gone
  5. approve the privacy request and verify it runs and that the logs contain:
fidesplus-worker-generic-1  | 2025-11-04 03:14:02.788 | DEBUG    | fides.api.models.privacy_request.privacy_request:get_cached_identity_data:710 - Cache miss for request pri_08f0df9c-6cb7-44aa-9228-3f662e19657c, falling back to DB | {'privacy_request_id': 'pri_08f0df9c-6cb7-44aa-9228-3f662e19657c', 'privacy_request_source': 'Request Manager'}

Pre-Merge Checklist

  • Issue requirements met
  • All CI pipelines succeeded
  • CHANGELOG.md updated
    • Add a db-migration This indicates that a change includes a database migration label to the entry if your change includes a DB migration
    • Add a high-risk This issue suggests changes that have a high-probability of breaking existing code label to the entry if your change includes a high-risk change (i.e. potential for performance impact or unexpected regression) that should be flagged
    • Updates unreleased work already in Changelog, no new entry necessary
  • UX feedback:
    • All UX related changes have been reviewed by a designer
    • No UX review needed
  • Followup issues:
    • Followup issues created
    • No followup issues
  • Database migrations:
    • Ensure that your downrev is up to date with the latest revision on main
    • Ensure that your downgrade() migration is correct and works
      • If a downgrade migration is not possible for this change, please call this out in the PR description!
    • No migrations
  • Documentation:
    • Documentation complete, PR opened in fidesdocs
    • Documentation issue created in fidesdocs
    • If there are any new client scopes created as part of the pull request, remember to update public-facing documentation that references our scope registry
    • No documentation updates required

@vercel
Copy link

vercel bot commented Oct 30, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
fides-plus-nightly Ready Ready Preview Comment Nov 5, 2025 3:25pm
1 Skipped Deployment
Project Deployment Preview Comments Updated (UTC)
fides-privacy-center Ignored Ignored Nov 5, 2025 3:25pm

JadeCara
JadeCara commented Oct 31, 2025
View reviewed changes
Jade Wibbels and others added 2 commits October 31, 2025 15:12
@codecov
Copy link

codecov bot commented Oct 31, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 87.28%. Comparing base (951dbbe) to head (f9bd0c0).
⚠️ Report is 3 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #6896   +/-   ##
=======================================
  Coverage   87.27%   87.28%           
=======================================
  Files         523      523           
  Lines       34251    34267   +16     
  Branches     3943     3945    +2     
=======================================
+ Hits        29893    29909   +16     
  Misses       3499     3499           
  Partials      859      859

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@JadeCara JadeCara marked this pull request as ready for review November 4, 2025 01:16
@JadeCara JadeCara requested a review from a team as a code owner November 4, 2025 01:16
@JadeCara JadeCara requested review from erosselli and removed request for a team November 4, 2025 01:16
greptile-apps[bot]
greptile-apps bot reviewed Nov 4, 2025
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Greptile Overview

Greptile Summary

Implements fallback logic to retrieve identity and custom privacy request fields from the database when Redis cache expires, preventing privacy requests from failing when cached data is no longer available.

Key changes:

  • Added verify_cache_for_identity_data() method to check if identity data exists in cache without triggering fallback
  • Enhanced get_cached_identity_data() to automatically fetch from DB and re-cache when cache miss occurs
  • Enhanced get_cached_custom_privacy_request_fields() with similar fallback behavior
  • Updated restart endpoint to use verification method instead of retrieval method for cache checking
  • Added comprehensive test coverage for fallback scenarios

Test improvements:

  • Removed manual cache deletion in test fixtures, following best practices (f4371da8)
  • Added tests for both successful fallback and edge cases (no persisted identity)

Confidence Score: 5/5

  • This PR is safe to merge with minimal risk
  • The implementation is straightforward and defensive - adding fallback logic that prevents failures when cache expires. The changes are well-tested with multiple test cases covering edge cases. No breaking changes or risky refactoring. The endpoint change correctly delegates to a new verification method that doesn't trigger side effects.
  • No files require special attention

Important Files Changed

File Analysis

Filename Score Overview
src/fides/api/models/privacy_request/privacy_request.py 4/5 Added fallback logic to retrieve identity and custom fields from DB when Redis cache expires, plus helper method to verify cache presence
src/fides/api/api/v1/endpoints/privacy_request_endpoints.py 5/5 Updated restart endpoint to use new verify_cache_for_identity_data() method instead of get_cached_identity_data() for cache verification
tests/ops/models/privacy_request/test_privacy_request.py 5/5 Added comprehensive tests for cache fallback behavior for identity and custom privacy request fields

4 files reviewed, no comments

Edit Code Review Agent Settings | Greptile

erosselli
erosselli reviewed Nov 4, 2025
View reviewed changes
src/fides/api/models/privacy_request/privacy_request.py
Comment on lines 697 to 699
prefix = f"id-{self.id}-identity-*"
cache: FidesopsRedis = get_cache()
keys = cache.keys(prefix)
Copy link
Contributor

@erosselli erosselli Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe we can move these 3 lines to a private method that we can reuse in this verify_cache_for_identity_data function and also in get_cached_identity_data ?

@JadeCara JadeCara requested a review from erosselli November 4, 2025 20:58
erosselli
erosselli approved these changes Nov 5, 2025
View reviewed changes
Copy link
Contributor

@erosselli erosselli left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ship it!

@JadeCara JadeCara enabled auto-merge November 5, 2025 15:40
@JadeCara JadeCara added this pull request to the merge queue Nov 5, 2025
Merged via the queue into main with commit a53def2 Nov 5, 2025
69 checks passed
@JadeCara JadeCara deleted the ENG-1740-fallback-to-database-identities-if-identities-have-expired-from-redis branch November 5, 2025 16:35
@galvana galvana mentioned this pull request Jan 9, 2026
Open
18 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@erosselli erosselli erosselli approved these changes

+1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@JadeCara @erosselli