Neo metaphysics

[alloy]

This bootstraps schema stitching inside MP. In the below example you’ll see the use of MP’s and Convection’s schemas combined and used.

{
  # This root field comes from MP’s schema.
  artist(id: "marina-abramovic-1") {
    name
  }
  # This root field comes from Convection’s schema.
  submission(id: 186) {
    # This field exists in Convection’s schema
    artist_id
    # This field is generated in the `mergedSchema` module by fetching
    # an `Artist` from MP’s schema using the above `artist_id` field.
    artist {
      name
    }
  }
}

{
  "data": {
    "artist": {
      "name": "Marina Abramović"
    },
    "submission": [
      {
        "artist_id": "marina-abramovic-1",
        "artist": {
          "name": "Marina Abramović"
        }
      }
    ]
  }
}

TODO

• Neo metaphysics #809 (comment)

---

[alloy]

I think that, if we feel this works well, we should start removing types from MP’s schema that are expressed in service’s own GraphQL schemas and stitch them in. The end goal would be to have pretty much nothing left in MP but stitching code.

[alloy]

Here’s a few issues I’ve written up previously about other (long term) things to consider in this new stitching world:

• Global Object Identification
• Persisted queries
• Address performance/security concerns
• Performance insights

[alloy]

Maybe all of the app setup should just move inside this promise and then schema can just be a const.

[alloy]

This is basically at runtime generating a query like:

{
  artist(id: "<result of artist_id>") {
    # ...
  }
}

[alloy]

Interesting note is that we may not want to have root fields for each type that we stitch into other types. Maybe we can use the node root field for this? 🤔

[alloy]

The mergeSchemas author explained to me that this should be done in a few steps:

1. Add the required root field to the original schema.
2. Merge the schemas and setup the delegator to use the root field.
3. Transform the merged schema to remove the root field (the delegator refers to the original schema).

[alloy]

This uses my fork ardatan/graphql-tools#484

[alloy]

@orta There’s currently a bunch of consignments related type name conflicts, presumably because you’ve manually added these to MP’s schema before:

19:04:06 web.1       |  [!] Type collision ID
19:04:06 web.1       |  [!] Type collision Submission
19:04:06 web.1       |  [!] Type collision String
19:04:06 web.1       |  [!] Type collision Asset
19:04:06 web.1       |  [!] Type collision JSON
19:04:06 web.1       |  [!] Type collision Boolean
19:04:06 web.1       |  [!] Type collision Int

The ID, String, Boolean, and Int ones are built-in though, it seems weird that graphql-tools would trigger this callback for those 🤔

[orta]

Yeah, that's tricky, to remove Submission entirely in metaphysics - I'd have to recreate a bunch of mutations on convection, feasible, but time consuming

[orta]

That said, the submission type should be the exact same object - so maybe it's fine to return the convection one

[orta]

WRT the JSON type - I would assume they have the same behavior in terms of representing an any - I bet we get these primitives for every Ruby GraphQL

[sweir27]

The mutations already exist in convection-- might need some updating but the basic functionality is there.

[alloy]

Ah, and indeed the mutations are already automatically available in the stitched schema, I haven’t tried them yet, though.

[alloy]

@sweir27 I guess this actually needs to be specified by the client at runtime, as it differs per user, right? I think that should be easy using the ‘link’ API.

[orta]

Yeah, the convection loaders have the ability to convert a grav token into a convection token. We'll need something like this for at least convection / impulse

[alloy]

Ooohhh, we can probably just access those data loaders (including the token loader) during stitching resolving. Will take a look 👍

[alloy]

@sweir27 Does this look like what you had in mind (to allow MP to fetch Convection’s schema on startup)?

[orta]

We chatted about this - it's a hard one, maybe looking into giving Metaphysics 2 client apps, one for the APIs we forward onwards and another for the server to server access. Then the server2server one can have privileged access for getting the schema.

[alloy]

Just read the discussion in #platform-humans and that makes sense to me. My only question is how easy it is for MP to identify on each incoming request if the user has access to the more privileged app role? cc @mzikherman

[alloy]

But once we have that we can just load 2 stitches schemas and execute against the correct one depending on the access the authenticated user has.

[alloy]

Hmm, one thing that comes to mind is that in the more privileged stitched schema we would probably have stitching code that refers to the more privileged fields and thus leak schema details through MP being OSS 🤔

One solution I can think of is to have another app that imports all of MP and then extends the schema with privileged details and make that closed source? Probably only slightly more cumbersome, mostly in having to remember to add fields to the right app.

[alloy]

Filed a new issue to discuss further #810

[alloy]

Note to self, this is wrong, it needs to add all headers to the below object instead.

[ashkan18]

This basically happens once during start up of MP, so one thing to consider is, lets say Convection's GraphLQ schema got updated and there was a new field, we'd ONLY get that update if we restart MP, right?

For now we might be fine with manual restarts of MP, but eventually if this became more problematic (as we add more and more services) it might make sense to use event stream for reloading schema. Each time an app updated it schema we'd refresh this.

[alloy]

Correct 👍 And that sounds like a good solution to keep in mind.

[alloy]

Maybe we don’t even really want to pass on (all) headers that a client specifies? I can imagine that we do want e.g. the request ID that @sweir27 had been working on.

[orta]

Yeah, we'd want the request ID - but that's probably it (at least in convection I've not seen any header handling outside of auth)

[orta]

Note: with #818 there's more headers we want to pass through

[craigspaeth]

Nice! Wasn't aware of GraphQL depth limit.

[alloy]

I… dislike it so much 😞 It’s such an arbitrary 🔨

Of course I understand why we’d want it at the moment, but in the long term I see only allowing persisted queries in production (or limiting depth query for not persisted queries) as a better solution.

[craigspaeth]

Seems like this uri might be the main piece of convection-unique code here. I wonder if there's an opportunity to wrap this boilerplate in a way that'd make it easy to do just point to the urls we're stitching.

[alloy]

The other Convection specific code is using the convectionTokenLoader. I agree that this can probably be made more generic, but was punting on that until we add another service.

[craigspaeth]

Very exciting stuff 👏 I think bootstrapping stitching inside MP with the intent to whittle it down to mostly just stitching code and having logic in downstream GraphQL APIs is a great strategy. This is a very exciting step towards a beautiful microservice story where MP is a single orchestrator of downstream GraphQL APIs and we can eliminate redundant fields/logic/caching layers. It'd also be cool to consider writing a HAL > GraphQL stitching library that could introspect the Hypermedia links (and JSON schemas?) and generate GraphQL schemas + resolvers for it 🤔 💥 .

One general comment not to block this PR is that I'm noticing a lot of code that I struggle to follow in these glue code layers. e.g. There's a lot of factory/dependency-injection-like patterns being used in the loader/stitching layers and I wonder if there're simpler ways to organize these modules. It seems like the tools encourage this as well, so maybe they're partly responsible. In any case, just a general comment—not sure how to make it better myself.

👏 amazing work!

[orta]

artsy/convection#122 is pretty close to being ready

[stubailo]

Hey, just found this from the PR here: ardatan/graphql-tools#484

Can you help me figure out how that function existing is messing things up? I see the PR just deletes it, but wanted to learn more.

[alloy]

@stubailo The test in that PR should illustrate it well if you comment out the deletion change.

In short, the problem is that after selecting a subset of fields from the original schema the function in the merged schema may not return true if the selection doesn’t satisfy the data it’s looking for.

For example, a isTypeOf implementation for the Artist type in the merged schema that looks for the data to contain name and birthday keys will fail to pass data returned from the original schema with the following query:

{
  artist(id: “banksy”) {
    name
  }
}

[alloy]

@saolsen Did a bit of refactoring re tracer work ff4083f and I also pass these IDs along to Convection a3c3c13

[alloy]

@saolsen I noticed that these last two are not strings. I’m sure that all entries in response.headers get coerced to strings by Express before the response is sent to the client, but it was slightly unexpected to see these objects in there. Do you think we can add toString() calls here?

[alloy]

@craigspaeth

It'd also be cool to consider writing a HAL > GraphQL stitching library that could introspect the Hypermedia links (and JSON schemas?) and generate GraphQL schemas + resolvers for it 🤔 💥 .

I don’t know how well that would work when we want to design the schema without necessarily following the same shape in which these endpoints return data. Maybe an example of what you have in mind could help?

One general comment not to block this PR is that I'm noticing a lot of code that I struggle to follow in these glue code layers. e.g. There's a lot of factory/dependency-injection-like patterns being used in the loader/stitching layers and I wonder if there're simpler ways to organize these modules. It seems like the tools encourage this as well, so maybe they're partly responsible. In any case, just a general comment—not sure how to make it better myself.

It’s true and I agree that it can be a bit much when reading for the first few times. It does work nicely with how graphql-js works and especially testing, though (no more need for rewiring). I’m on the fence, because thus far everybody ended up understanding how it works.

[damassi]

@alloy - can you explain how adding in additional schemas will work in relation to the above line? Is this a namespace?

[alloy]

No this is not a namespace, it’s the way in which schemas are created using graphql-tools https://github.com/apollographql/graphql-tools/blob/master/README.md. In this case the code you’re referring to is the implementation for the schema extension just above (in IDL).

[orta]

OK, it's time - let's give this a shot.