feat: improve agent startup time

cmd/api-server/commons/commons.go

@@ -9,18 +9,19 @@ import (
 	"os/signal"
 	"strings"
 	"syscall"
-	"time"
 
 	"github.com/nats-io/nats.go"
 	"github.com/pkg/errors"
 	"go.mongodb.org/mongo-driver/mongo"
+	"google.golang.org/grpc"
 	"google.golang.org/grpc/metadata"
 	"google.golang.org/protobuf/types/known/emptypb"
 	corev1 "k8s.io/api/core/v1"
 
 	"github.com/kubeshop/testkube/internal/config"
 	dbmigrations "github.com/kubeshop/testkube/internal/db-migrations"
 	parser "github.com/kubeshop/testkube/internal/template"
+	"github.com/kubeshop/testkube/pkg/agent"
 	"github.com/kubeshop/testkube/pkg/api/v1/testkube"
 	"github.com/kubeshop/testkube/pkg/cache"
 	"github.com/kubeshop/testkube/pkg/cloud"
@@ -43,7 +44,7 @@ import (
 func ExitOnError(title string, err error) {
 	if err != nil {
 		log.DefaultLogger.Errorw(title, "error", err)
-		os.Exit(1)
+		panic(err)
 	}
 }
 
@@ -280,7 +281,7 @@ func ReadDefaultExecutors(cfg *config.Config) (executors []testkube.ExecutorDeta
 	return next, images, nil
 }
 
-func ReadProContext(ctx context.Context, cfg *config.Config, grpcClient cloud.TestKubeCloudAPIClient) config.ProContext {
+func ReadProContext(ctx context.Context, cfg *config.Config, grpcClient cloud.TestKubeCloudAPIClient) (config.ProContext, error) {
 	proContext := config.ProContext{
 		APIKey:                           cfg.TestkubeProAPIKey,
 		URL:                              cfg.TestkubeProURL,
@@ -297,17 +298,16 @@ func ReadProContext(ctx context.Context, cfg *config.Config, grpcClient cloud.Te
 	}
 
 	if cfg.TestkubeProAPIKey == "" || grpcClient == nil {
-		return proContext
+		return proContext, nil
 	}
 
-	ctx, cancel := context.WithTimeout(ctx, time.Second*3)
+	ctx, cancel := context.WithTimeout(ctx, agent.InitialTimeout)
 	md := metadata.Pairs("api-key", cfg.TestkubeProAPIKey)
 	ctx = metadata.NewOutgoingContext(ctx, md)
 	defer cancel()
-	foundProContext, err := grpcClient.GetProContext(ctx, &emptypb.Empty{})
+	foundProContext, err := grpcClient.GetProContext(ctx, &emptypb.Empty{}, grpc.WaitForReady(true))
 	if err != nil {
-		log.DefaultLogger.Warnf("cannot fetch pro-context from cloud: %s", err)
-		return proContext
+		return proContext, err
 	}
 
 	if proContext.EnvID == "" {
@@ -318,7 +318,7 @@ func ReadProContext(ctx context.Context, cfg *config.Config, grpcClient cloud.Te
 		proContext.OrgID = foundProContext.OrgId
 	}
 
-	return proContext
+	return proContext, nil
 }
 
 func MustCreateSlackLoader(cfg *config.Config, envs map[string]string) *slack.SlackLoader {

cmd/api-server/main.go

@@ -8,14 +8,15 @@
 	"strings"
 
 	"github.com/gofiber/fiber/v2/middleware/cors"
-	"google.golang.org/grpc"
 
 	executorsclientv1 "github.com/kubeshop/testkube-operator/pkg/client/executors/v1"
 	testkubeclientset "github.com/kubeshop/testkube-operator/pkg/clientset/versioned"
 	"github.com/kubeshop/testkube/cmd/api-server/commons"
 	"github.com/kubeshop/testkube/cmd/api-server/services"
 	"github.com/kubeshop/testkube/internal/app/api/debug"
 	"github.com/kubeshop/testkube/internal/app/api/oauth"
+	"github.com/kubeshop/testkube/internal/common"
+	"github.com/kubeshop/testkube/pkg/api/v1/testkube"
 	cloudartifacts "github.com/kubeshop/testkube/pkg/cloud/data/artifact"
 	cloudtestworkflow "github.com/kubeshop/testkube/pkg/cloud/data/testworkflow"
 	"github.com/kubeshop/testkube/pkg/event/kind/cdevent"
@@ -30,9 +31,6 @@
 	"github.com/kubeshop/testkube/pkg/tcl/schedulertcl"
 	"github.com/kubeshop/testkube/pkg/testworkflows/executionworker/executionworkertypes"
 	"github.com/kubeshop/testkube/pkg/testworkflows/testworkflowprocessor/presets"
-
-	"github.com/kubeshop/testkube/internal/common"
-	"github.com/kubeshop/testkube/pkg/api/v1/testkube"
 	"github.com/kubeshop/testkube/pkg/version"
 
 	"golang.org/x/sync/errgroup"
@@ -126,16 +124,32 @@
 
 	inspector := commons.CreateImageInspector(cfg, configMapClient, secretClient)
 
+	// Connect to NATS
+	nc := commons.MustCreateNATSConnection(cfg)
+	eventBus := bus.NewNATSBus(nc)
+	if cfg.Trace {
+		eventBus.TraceEvents()
+	}
+	eventsEmitter := event.NewEmitter(eventBus, cfg.TestkubeClusterName)
+
 	var testWorkflowsClient testworkflowsclientv1.Interface
 	var testWorkflowTemplatesClient testworkflowsclientv1.TestWorkflowTemplatesInterface
 
-	var grpcClient cloud.TestKubeCloudAPIClient
-	var grpcConn *grpc.ClientConn
 	// Use local network for local access
 	controlPlaneUrl := cfg.TestkubeProURL
 	if strings.HasPrefix(controlPlaneUrl, fmt.Sprintf("%s:%d", cfg.APIServerFullname, cfg.GRPCServerPort)) {
 		controlPlaneUrl = fmt.Sprintf("127.0.0.1:%d", cfg.GRPCServerPort)
 	}
+
+	log.DefaultLogger.Infow("Connecting to control plane", "server", controlPlaneUrl, "insecure", cfg.TestkubeProTLSInsecure, "skipVerify", cfg.TestkubeProSkipVerify, "certFile", cfg.TestkubeProCertFile, "keyFile", cfg.TestkubeProKeyFile, "caFile", cfg.TestkubeProCAFile)
+	grpcConn, err := agent.NewClient(controlPlaneUrl, cfg.TestkubeProTLSInsecure, cfg.TestkubeProSkipVerify, cfg.TestkubeProCertFile, cfg.TestkubeProKeyFile, cfg.TestkubeProCAFile)
+	grpcClient := cloud.NewTestKubeCloudAPIClient(grpcConn)
+	defer grpcConn.Close()
+
+	// First request will 'wait for ready' with a timeout of agent.InitialTimeout.
+	proContext, err := commons.ReadProContext(ctx, cfg, grpcClient)
+	commons.ExitOnError("cannot retrieve pro context from control plane", err)
+
 	grpcConn, err = agent.NewGRPCConnection(
 		ctx,
 		cfg.TestkubeProTLSInsecure,
@@ -148,8 +162,6 @@
 	)
 	commons.ExitOnError("error creating gRPC connection", err)
 
-	grpcClient = cloud.NewTestKubeCloudAPIClient(grpcConn)
-
 	if mode == common.ModeAgent && cfg.WorkflowStorage == "control-plane" {
 		testWorkflowsClient = cloudtestworkflow.NewCloudTestWorkflowRepository(grpcClient, grpcConn, cfg.TestkubeProAPIKey)
 		testWorkflowTemplatesClient = cloudtestworkflow.NewCloudTestWorkflowTemplateRepository(grpcClient, grpcConn, cfg.TestkubeProAPIKey)
@@ -167,15 +179,7 @@
 	triggerLeaseBackend := triggers.NewAcquireAlwaysLeaseBackend()
 	artifactStorage := cloudartifacts.NewCloudArtifactsStorage(grpcClient, grpcConn, cfg.TestkubeProAPIKey)
 
-	nc := commons.MustCreateNATSConnection(cfg)
-	eventBus := bus.NewNATSBus(nc)
-	if cfg.Trace {
-		eventBus.TraceEvents()
-	}
-	eventsEmitter := event.NewEmitter(eventBus, cfg.TestkubeClusterName)
-
 	// Check Pro/Enterprise subscription
-	proContext := commons.ReadProContext(ctx, cfg, grpcClient)
 	subscriptionChecker, err := checktcl.NewSubscriptionChecker(ctx, proContext, grpcClient, grpcConn)
 	commons.ExitOnError("Failed creating subscription checker", err)
 

pkg/agent/agent.go

@@ -31,7 +31,8 @@ import (
 )
 
 const (
-	timeout                = 10 * time.Second
+	InitialTimeout         = 30 * time.Second
+	Timeout                = 10 * time.Second
 	apiKeyMeta             = "api-key"
 	clusterIDMeta          = "cluster-id"
 	cloudMigrateMeta       = "migrate"
@@ -44,6 +45,50 @@ const (
 // buffer up to five messages per worker
 const bufferSizePerWorker = 5
 
+func NewClient(server string, isInsecure, skipVerify bool,
+	certFile, keyFile, caFile string) (*grpc.ClientConn, error) {
+	creds, err := newTransportCredentials(isInsecure, skipVerify, certFile, keyFile, caFile)
+	if err != nil {
+		return nil, err
+	}
+
+	userAgentStr := version.Version + "/" + version.Commit
+	keepAlive := keepalive.ClientParameters{
+		Time:                10 * time.Second,
+		Timeout:             5 * time.Second,
+		PermitWithoutStream: true,
+	}
+
+	return grpc.NewClient(server, grpc.WithUserAgent(userAgentStr), grpc.WithKeepaliveParams(keepAlive), grpc.WithTransportCredentials(creds))
+}
+
+func newTransportCredentials(
+	isInsecure, skipVerify bool,
+	certFile, keyFile, caFile string,
+) (credentials.TransportCredentials, error) {
+	if isInsecure {
+		return insecure.NewCredentials(), nil
+	}
+
+	tlsConfig := &tls.Config{MinVersion: tls.VersionTLS12}
+	if skipVerify {
+		tlsConfig = &tls.Config{InsecureSkipVerify: true}
+		return credentials.NewTLS(tlsConfig), nil
+	}
+
+	if certFile != "" && keyFile != "" {
+		if err := clientCert(tlsConfig, certFile, keyFile); err != nil {
+			return nil, err
+		}
+	}
+	if caFile != "" {
+		if err := rootCAs(tlsConfig, caFile); err != nil {
+			return nil, err
+		}
+	}
+	return credentials.NewTLS(tlsConfig), nil
+}
+
 func NewGRPCConnection(
 	ctx context.Context,
 	isInsecure bool,
@@ -52,7 +97,7 @@ func NewGRPCConnection(
 	certFile, keyFile, caFile string,
 	logger *zap.SugaredLogger,
 ) (*grpc.ClientConn, error) {
-	ctx, cancel := context.WithTimeout(ctx, timeout)
+	ctx, cancel := context.WithTimeout(ctx, Timeout)
 	defer cancel()
 	tlsConfig := &tls.Config{MinVersion: tls.VersionTLS12}
 	if skipVerify {