Temp - dennisholee/notes GitHub Wiki

Scenario 1: Successful Extraction and Persistence of Trace Headers Given an incoming HTTP request contains valid tracing headers (e.g., traceparent, x-request-id, and client-id) And the application is configured to whitelist these specific attributes When the request is processed by the API middleware Then the system should extract these attributes and create a trace document And the document must be persisted asynchronously to the MongoDB request_traces collection And the trace_id in MongoDB must perfectly match the ID provided in the traceparent header. Scenario 2: Handling Requests Without Existing Trace Headers Given an incoming HTTP request does not contain any tracing or correlation headers When the request enters the system Then the application must generate a new, unique correlation_id using the OpenTelemetry standard And the system must persist this new ID and metadata to MongoDB to initiate a new trace chain. Scenario 3: Security and Data Masking Given an incoming HTTP request contains sensitive headers such as Authorization, Cookie, or X-Api-Key When the header extraction logic runs for persistence Then these sensitive keys must be excluded or masked in the MongoDB document And only the non-sensitive metadata specified in the whitelist should be stored in plain text. Scenario 4: Performance and Non-Blocking Writes Given the system is under high concurrent load When a request metadata persistence event is triggered Then the write operation to MongoDB must be executed via a non-blocking background thread And the primary HTTP response time (latency) must not increase by more than 2ms due to the tracing logic. Scenario 5: Automatic Data Retention (TTL) Given a trace document has been persisted in the request_traces collection When the document age exceeds the defined retention period (e.g., 30 days) Then the MongoDB TTL (Time-To-Live) index must automatically remove the record to optimize storage costs and maintain data privacy compliance.