hypercall/startup/

journal.rs

use crate::backend_config::BackendRuntime;
use crate::db_handler::DbAuthConfig;
use crate::journal::{
    EngineJournalBatcher, EngineJournalWriter, JournalBatchSender, JournalBatcherConfig,
    SharedEngineJournalWriter,
};
use crate::shared::shutdown::Shutdown;
use crate::shared::task_group::TaskGroup;
use anyhow::Context;
#[cfg(feature = "rsm-state")]
use std::str::FromStr;
use std::sync::Arc;
use tracing::info;

pub struct JournalResources {
    pub engine_journal_writer: Option<SharedEngineJournalWriter>,
    pub journal_batch_sender: Option<JournalBatchSender>,
}

pub fn build_journal_resources(
    runtime: &BackendRuntime,
    db_auth: &DbAuthConfig,
    shutdown: &Shutdown,
    task_group: &mut TaskGroup,
) -> anyhow::Result<JournalResources> {
    // Journal + batcher enable durable ACK and async PostgreSQL replication.
    // Enabled when ENGINE_JOURNAL_ENABLED is set (all deployments set this).
    // When not set (tests, local dev without WAL), the engine falls back to mock journal below.
    //
    // Construction happens before replay because `EngineJournalBatcher::new`
    // runs WAL recovery synchronously, writing any unreplicated WAL tail into
    // Postgres (`engine_commands`, `engine_events`, `fills`, audit tables).
    // Engine cash recovery is snapshot + journal replay-bound.
    let journal_enabled = std::env::var("ENGINE_JOURNAL_ENABLED")
        .map(|v| v == "true" || v == "1")
        .unwrap_or(false);

    let (engine_journal_writer, journal_batch_sender) = if journal_enabled {
        // Create journal writer, always use the read-write URL so the journal is
        // ready to persist entries as soon as orders arrive after promote. During
        // standby the journal is idle, so having an RW pool here is harmless.
        let journal_writer = match EngineJournalWriter::from_auth_config(
            db_auth,
            runtime.config.database.pool.journal_max,
            &runtime.config.engine.persistence.journal,
        ) {
            Ok(writer) => {
                info!("✓ EngineJournalWriter enabled - durable ACK + idempotency active");
                Some(Arc::new(writer) as SharedEngineJournalWriter)
            }
            Err(error) => {
                return Err(anyhow::anyhow!(
                    "Failed to create EngineJournalWriter: {}",
                    error
                ));
            }
        };

        // Create journal batcher, constructor runs WAL recovery inline. Like the
        // journal writer above, the batcher always uses the read-write URL so
        // replication inserts succeed after promote.
        let batcher_config =
            JournalBatcherConfig::from_config(&runtime.config.engine.persistence.journal);
        let batcher_shutdown_rx = shutdown.subscribe();
        #[cfg(feature = "rsm-state")]
        let block_signer = runtime
            .secrets
            .transaction_submitter_private_key
            .as_deref()
            .map(alloy::signers::local::PrivateKeySigner::from_str)
            .transpose()
            .map_err(|error| {
                anyhow::anyhow!(
                    "Failed to parse TRANSACTION_SUBMITTER_PRIVATE_KEY for block signing: {}",
                    error
                )
            })?;
        #[cfg(not(feature = "rsm-state"))]
        let block_signer = None;
        #[cfg(feature = "rsm-state")]
        if block_signer.is_some() {
            info!("Block signing enabled (transaction submitter key loaded)");
        }
        let journal_rw_pool = hypercall_db_diesel::build_db_pool(db_auth, 2, 30_000, 10_000)
            .context("Failed to create RW pool for journal batcher")?;
        let (batcher, batch_sender) = EngineJournalBatcher::new(
            journal_rw_pool,
            batcher_config.clone(),
            batcher_shutdown_rx,
            block_signer,
        );

        task_group.spawn("EngineJournalBatcher", async move {
            batcher.run().await;
            Ok(())
        });

        info!(
            "✓ EngineJournalBatcher enabled (wal_first=true, group_commit=true, batch_size={})",
            batcher_config.max_batch_size,
        );

        (journal_writer, Some(batch_sender))
    } else {
        info!("Journal disabled (ENGINE_JOURNAL_ENABLED not set)");
        crate::journal::mock_journal_backends()
    };

    Ok(JournalResources {
        engine_journal_writer,
        journal_batch_sender,
    })
}

#[cfg(test)]
mod tests {
    use super::*;
    use serial_test::serial;

    #[test]
    #[serial]
    fn disabled_journal_uses_mock_writer_without_batch_sender() {
        let previous = std::env::var("ENGINE_JOURNAL_ENABLED").ok();
        std::env::remove_var("ENGINE_JOURNAL_ENABLED");

        let runtime = BackendRuntime {
            config: crate::backend_config::BackendConfig::default(),
            secrets: crate::backend_config::BackendSecrets::default(),
        };
        let db_auth = DbAuthConfig::password("postgres://user:pass@localhost/hypercall_test");
        let shutdown = Shutdown::new();
        let mut task_group = TaskGroup::new();

        let resources =
            build_journal_resources(&runtime, &db_auth, &shutdown, &mut task_group).unwrap();

        assert!(resources.engine_journal_writer.is_some());
        assert!(resources.journal_batch_sender.is_none());
        assert!(task_group.is_empty());

        match previous {
            Some(value) => std::env::set_var("ENGINE_JOURNAL_ENABLED", value),
            None => std::env::remove_var("ENGINE_JOURNAL_ENABLED"),
        }
    }
}