Skip to content

api key sleep drift#443

Open
Dipro-cyber wants to merge 1 commit into
chaoss:mainfrom
Dipro-cyber:fix/api-key-sleep-drift-410
Open

api key sleep drift#443
Dipro-cyber wants to merge 1 commit into
chaoss:mainfrom
Dipro-cyber:fix/api-key-sleep-drift-410

Conversation

@Dipro-cyber

Copy link
Copy Markdown
Contributor

Description
time.sleep() uses the monotonic clock which does not advance when a machine
is suspended (laptop sleep). This caused API key expiry drift — collection
workers would continue waiting the full original duration even after waking up,
even if the rate-limited key had already reset.

Adds a sleep_until(epoch) helper that wakes up every 60 seconds to check the
actual wall clock time (time.time()), matching keyman's own wall-clock-based
key expiry logic.

Bonus: workers will now also pick up newly added API keys within 60 seconds
of them being published to keyman, rather than waiting out the full sleep.

This PR fixes #410

Notes for Reviewers
Change is in keyman/KeyClient.py only. The sleep_until function is placed
at module level so it can potentially be reused elsewhere. The two
time.sleep(0.1) calls in expire() and invalidate() are tiny fixed
delays (not key-expiry waits) and were left unchanged.

Signed commits

  • Yes, I signed my commits.

Generative AI disclosure

  • This contribution was assisted or created by Generative AI tools.
  • What tools were used? Kiro
  • How were these tools used? Helped locate the relevant code and draft the implementation
  • Did you review these outputs before submitting this PR? Yes

@Dipro-cyber Dipro-cyber requested a review from MoralCode as a code owner July 11, 2026 20:31
@Dipro-cyber Dipro-cyber changed the title Fix/api key sleep drift 410 api key sleep drift Jul 11, 2026
time.sleep() uses the monotonic clock which does not advance when a
machine is suspended (e.g. a laptop going to sleep). This caused API
key expiry time drift: collection workers would still wait the full
original duration even after the machine woke up and the key had
already reset.

Adds a sleep_until(epoch) helper that uses wall clock time (time.time())
with periodic 60-second wakeups to check if the target time has passed.
This also means workers will pick up newly added API keys within
60 seconds rather than waiting out the full original sleep duration.

Fixes chaoss#410

Signed-off-by: Diptesh Roy <droy88333@gmail.com>
@Dipro-cyber Dipro-cyber force-pushed the fix/api-key-sleep-drift-410 branch from b0fc87d to 0aff114 Compare July 11, 2026 20:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

API key expiry time drift on laptops due to mismatching sleep methods

1 participant