Skip to content

[Client encryption] Add distributed cache support to DEK caching #5428

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 13 commits into
base: master
Choose a base branch
from
Open

[Client encryption] Add distributed cache support to DEK caching #5428

wants to merge 13 commits into from

Conversation

@adamnova
Copy link
Contributor

@adamnova adamnova commented Oct 1, 2025

Introduces distributed cache integration in DekCache for cross-process/cross-instance caching of Data Encryption Key (DEK) properties. Adds proactive refresh capability and updates constructors to support distributed cache and refresh threshold options. Includes new tests for distributed cache scenarios and updates project dependencies for distributed caching.

#4678

@adamnova
Add distributed cache support to DEK caching
b478fc7 
Introduces distributed cache integration in DekCache for cross-process/cross-instance caching of Data Encryption Key (DEK) properties. Adds proactive refresh capability and updates constructors to support distributed cache and refresh threshold options. Includes new tests for distributed cache scenarios and updates project dependencies for distributed caching.
@adamnova
Rename L1/L2 cache references to memory/distributed cache
a85fd6f 
Updated code and tests to replace terminology referring to L1 and L2 cache with memory cache and distributed cache for clarity. Refactored method and variable names accordingly in DekCache and related test cases.
@adamnova
Refactor DEK cache to improve distributed cache usage
a289f96 
Reworked DekCache to separate memory and distributed cache logic, ensuring distributed cache is used before fetching from source and updating all caches. Added best-effort distributed cache update and removal, and improved error handling to avoid failures if distributed cache operations fail. Updated tests to clear only memory cache for distributed cache validation.
@adamnova
Fix fire-and-forget async call and add telemetry to DekCache
8987e04 
- Changed SetDekProperties to use Task.Run for proper fire-and-forget pattern
- Added Debug.WriteLine logging for distributed cache operations
- Added null check in DeserializeCachedDekProperties to prevent NullReferenceException
- Added exception handling with diagnostic logging in all catch blocks
@adamnova adamnova marked this pull request as ready for review October 2, 2025 07:13
@adamnova
Merge branch 'master' into feature/introduce-distributed-cache
31b3dd7
@adamnova
Merge branch 'master' into feature/introduce-distributed-cache
f398ba6
@adamnova
Merge branch 'Azure:master' into feature/introduce-distributed-cache
a99613d
@adamnova
Merge branch 'master' into feature/introduce-distributed-cache
e32d0dd
@adamnova
Merge branch 'master' into feature/introduce-distributed-cache
224666c
@adamnova
Merge branch 'master' into feature/introduce-distributed-cache
4bf8fba
@adamnova
Add distributed cache enhancements: telemetry, configurable prefix, a…
2476884 
…nd validation

- Add ActivitySource telemetry with OpenTelemetry-compatible semantic tags
  - Track cache operations: hit/miss, latency, errors
  - Operations: GetOrAddProperties, FetchProperties, DistributedCacheRead, UpdateDistributedCache
  - Tags: cache.system, cache.key, cache.hit, cache.miss, cache.latency_ms, etc.

- Add configurable cache key prefix parameter (default: 'dek')
  - Enables multi-tenant scenarios with shared distributed cache
  - Non-breaking change with sensible default
  - Validated using ArgumentValidation.ThrowIfNullOrWhiteSpace

- Add ArgumentValidation helper methods for TimeSpan
  - ThrowIfNegative(TimeSpan) - validates non-negative TimeSpan values
  - ThrowIfGreaterThanOrEqual(TimeSpan, TimeSpan) - validates TimeSpan comparison
  - Consistent with existing int overloads
  - 15 new unit tests for TimeSpan validation methods

- Document race condition in SetDekProperties with comprehensive XML comments
  - Explains fire-and-forget pattern and eventual consistency
  - Details mitigation strategies and when it matters
  - Provides guidance for strict consistency scenarios

- All validation using ArgumentValidation helpers for consistency
  - Replaced inline validation with helper methods
  - Updated exception types: ArgumentException -> ArgumentOutOfRangeException where appropriate

Test coverage:
- 32/32 DekCache tests passing (16 unique × 2 frameworks)
- 94/94 ArgumentValidation tests passing (47 unique × 2 frameworks)
- All builds successful across netstandard2.0, net6.0, net8.0
@adamnova
Update API contracts for distributed cache constructor
9623566
@adamnova
Merge branch 'master' into feature/introduce-distributed-cache
3f8250b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kirankumarkolli kirankumarkolli Awaiting requested review from kirankumarkolli kirankumarkolli is a code owner

@FabianMeiswinkel FabianMeiswinkel Awaiting requested review from FabianMeiswinkel FabianMeiswinkel is a code owner

@sboshra sboshra Awaiting requested review from sboshra sboshra is a code owner

@Pilchie Pilchie Awaiting requested review from Pilchie Pilchie is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@adamnova