feat(cache): add 100MB MaxSize and sets Discard MaxBytes limit to NATS KV cache buckets#3014
Merged
migmartri merged 2 commits intochainloop-dev:mainfrom Apr 9, 2026
Merged
Conversation
Cap both attestation bundle and policy evaluation bundle NATS KV buckets to 100MB to prevent unbounded memory growth. When the limit is reached, NATS automatically evicts the oldest entries. Also cleans up the unused maxSize config field by moving the defaultMaxSize constant directly into the in-memory backend where it is actually used. Signed-off-by: Miguel Martinez Trivino <migmartri@gmail.com> Signed-off-by: Miguel Martinez Trivino <miguel@chainloop.dev>
jiparis
approved these changes
Apr 9, 2026
javirln
approved these changes
Apr 9, 2026
NATS KV hardcodes DiscardNew on the backing stream, which rejects writes when MaxBytes is reached. For cache use-cases, update the backing stream to DiscardOld so oldest entries are evicted automatically to make room for new ones. Signed-off-by: Miguel Martinez Trivino <migmartri@gmail.com> Signed-off-by: Miguel Martinez Trivino <miguel@chainloop.dev>
jiparis
approved these changes
Apr 9, 2026
migmartri
changed the title
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
1 issue found across 2 files (changes from recent commits).
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="pkg/cache/natskv.go">
<violation number="1" location="pkg/cache/natskv.go:81">
P1: Cache init now hard-fails on backing stream info/update errors when MaxBytes is enabled, introducing a new startup compatibility/availability regression.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review, or fix all with cubic.
| // the oldest entries are evicted automatically to make room for new ones. | ||
| if c.cfg.maxBytes > 0 { | ||
| streamName := fmt.Sprintf("KV_%s", c.bucket) | ||
| stream, err := js.Stream(context.Background(), streamName) |
There was a problem hiding this comment.
P1: Cache init now hard-fails on backing stream info/update errors when MaxBytes is enabled, introducing a new startup compatibility/availability regression.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At pkg/cache/natskv.go, line 81:
<comment>Cache init now hard-fails on backing stream info/update errors when MaxBytes is enabled, introducing a new startup compatibility/availability regression.</comment>
<file context>
@@ -72,6 +73,22 @@ func (c *natsKVCache[T]) initBucket() error {
+ // the oldest entries are evicted automatically to make room for new ones.
+ if c.cfg.maxBytes > 0 {
+ streamName := fmt.Sprintf("KV_%s", c.bucket)
+ stream, err := js.Stream(context.Background(), streamName)
+ if err != nil {
+ return fmt.Errorf("cache: failed to get backing stream %s: %w", streamName, err)
</file context>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Improves behavior of Nats Cache implementation to leverage DiscardOld capabilities, to do that we needed to
MaxBytescap to both NATS KV cache buckets (attestation bundles and policy evaluation bundles) to prevent unbounded memory growth. When the limit is reached, NATS evicts the oldest entries automatically.