-
Notifications
You must be signed in to change notification settings - Fork 135
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow supplying MONGO_SERVER_URL via chains-config #1113
Conversation
The following is the coverage report on the affected files.
|
4082944
to
2d7c733
Compare
The following is the coverage report on the affected files.
|
2d7c733
to
43c7e4a
Compare
The following is the coverage report on the affected files.
|
ffb7649
to
7cc40f5
Compare
The following is the coverage report on the affected files.
|
31aeeb0
to
b4230b7
Compare
The following is the coverage report on the affected files.
|
The following is the coverage report on the affected files.
|
e76e64a
to
ca0580f
Compare
The following is the coverage report on the affected files.
|
59efc83
to
c11bbb4
Compare
The following is the coverage report on the affected files.
|
/assign @wlynch @lcarva @PuneetPunamiya |
@concaf: GitHub didn't allow me to assign the following users: PuneetPunamiya. Note that only tektoncd members, repo collaborators and people who have commented on this issue/PR can be assigned. Additionally, issues/PRs can only have 10 assignees at the same time. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/assign @wlynch |
922593d
to
6ebd8f1
Compare
#1119 needs to be merged for tests to pass |
The following is the coverage report on the affected files.
|
8336375
to
fd62c7e
Compare
The following is the coverage report on the affected files.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One small readability comment, otherwise LGTM!
} | ||
} else if cfg.Storage.DocDB.MongoServerURL != "" { | ||
logger.Infof("setting %s from storage.docdb.mongo-server-url", mongoEnv) | ||
if err := os.Setenv(mongoEnv, cfg.Storage.DocDB.MongoServerURL); err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
bleh it'd be nicer if we could pass it through the URL or the context. I guess this is fine for now though 😅
pkg/chains/storage/docdb/docdb.go
Outdated
if event.Has(fsnotify.Create) || event.Has(fsnotify.Write) || event.Has(fsnotify.Remove) { | ||
// event.Name captures the path that is updated | ||
if slices.Contains(pathsToWatch, event.Name) { | ||
// Do not reconfigure backend if env var has not changed | ||
updatedEnv, err := getMongoServerURLFromDir(cfg.Storage.DocDB.MongoServerURLDir) | ||
if err != nil { | ||
logger.Error(err) | ||
backendChan <- nil | ||
} | ||
if updatedEnv != os.Getenv("MONGO_SERVER_URL") { | ||
logger.Infof("directory %s has been updated, reconfiguring backend...", cfg.Storage.DocDB.MongoServerURLDir) | ||
|
||
// Now that MONGO_SERVER_URL has been updated, we should update docdb backend again | ||
newDocDBBackend, err := NewStorageBackend(ctx, cfg) | ||
if err != nil { | ||
logger.Error(err) | ||
backendChan <- nil | ||
} else { | ||
// Storing the backend in the signer so everyone has access to the up-to-date backend | ||
backendChan <- newDocDBBackend | ||
} | ||
} else { | ||
logger.Infof("MONGO_SERVER_URL has not changed in path: %s, backend will not be reconfigured", cfg.Storage.DocDB.MongoServerURLDir) | ||
} | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If there are short circuit conditions, break these out early with returns so the reader doesn't need to keep stack state in their head. e.g. this can be rewritten as:
if event.Has(fsnotify.Create) || event.Has(fsnotify.Write) || event.Has(fsnotify.Remove) { | |
// event.Name captures the path that is updated | |
if slices.Contains(pathsToWatch, event.Name) { | |
// Do not reconfigure backend if env var has not changed | |
updatedEnv, err := getMongoServerURLFromDir(cfg.Storage.DocDB.MongoServerURLDir) | |
if err != nil { | |
logger.Error(err) | |
backendChan <- nil | |
} | |
if updatedEnv != os.Getenv("MONGO_SERVER_URL") { | |
logger.Infof("directory %s has been updated, reconfiguring backend...", cfg.Storage.DocDB.MongoServerURLDir) | |
// Now that MONGO_SERVER_URL has been updated, we should update docdb backend again | |
newDocDBBackend, err := NewStorageBackend(ctx, cfg) | |
if err != nil { | |
logger.Error(err) | |
backendChan <- nil | |
} else { | |
// Storing the backend in the signer so everyone has access to the up-to-date backend | |
backendChan <- newDocDBBackend | |
} | |
} else { | |
logger.Infof("MONGO_SERVER_URL has not changed in path: %s, backend will not be reconfigured", cfg.Storage.DocDB.MongoServerURLDir) | |
} | |
} | |
} | |
if !(event.Has(fsnotify.Create) || event.Has(fsnotify.Write) || event.Has(fsnotify.Remove)) { | |
// Files have not been modified | |
continue | |
} | |
// event.Name captures the path that is updated | |
if !slices.Contains(pathsToWatch, event.Name) { | |
// No file that we're interested in has been modified. | |
continue | |
} | |
// Do not reconfigure backend if env var has not changed | |
updatedEnv, err := getMongoServerURLFromDir(cfg.Storage.DocDB.MongoServerURLDir) | |
if err != nil { | |
logger.Error(err) | |
backendChan <- nil | |
} | |
if updatedEnv == os.Getenv("MONGO_SERVER_URL") { | |
logger.Infof("MONGO_SERVER_URL has not changed in path: %s, backend will not be reconfigured", cfg.Storage.DocDB.MongoServerURLDir) | |
} | |
logger.Infof("directory %s has been updated, reconfiguring backend...", cfg.Storage.DocDB.MongoServerURLDir) | |
// Now that MONGO_SERVER_URL has been updated, we should update docdb backend again | |
newDocDBBackend, err := NewStorageBackend(ctx, cfg) | |
if err != nil { | |
logger.Error(err) | |
backendChan <- nil | |
} else { | |
// Storing the backend in the signer so everyone has access to the up-to-date backend | |
backendChan <- newDocDBBackend | |
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated 👍🏻
pkg/chains/storage/docdb/docdb.go
Outdated
if os.IsNotExist(err) { | ||
// If directory does not exist, then create it. This is needed for | ||
// the fsnotify watcher. | ||
// fsnotify does not receive events if the path that it's watching | ||
// is created later. | ||
if err := os.MkdirAll(dir, 0755); err != nil { | ||
return "", err | ||
} | ||
return "", nil | ||
} else { | ||
return "", err | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To fix lint error
if os.IsNotExist(err) { | |
// If directory does not exist, then create it. This is needed for | |
// the fsnotify watcher. | |
// fsnotify does not receive events if the path that it's watching | |
// is created later. | |
if err := os.MkdirAll(dir, 0755); err != nil { | |
return "", err | |
} | |
return "", nil | |
} else { | |
return "", err | |
} | |
} | |
if os.IsNotExist(err) { | |
// If directory does not exist, then create it. This is needed for | |
// the fsnotify watcher. | |
// fsnotify does not receive events if the path that it's watching | |
// is created later. | |
if err := os.MkdirAll(dir, 0755); err != nil { | |
return "", err | |
} | |
return "", nil | |
} | |
return "", err | |
} |
pkg/chains/storage/docdb/docdb.go
Outdated
} | ||
|
||
// Set up the watcher only for mongo backends | ||
if u.Scheme != "mongo" { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if u.Scheme != "mongo" { | |
if u.Scheme != mongodocstore.Scheme { |
fd62c7e
to
220339c
Compare
The following is the coverage report on the affected files.
|
/test pull-tekton-chains-unit-tests |
/test pull-tekton-chains-integration-tests |
Currently, when using the Mongo docstore for docdb storage backend, the only way to supply MONGO_SERVER_URL environment variable (which contains the credentials to connect to MongoDB) is by adding an environment variable to the Chains controller pod. It's a farily common practice to update the MONGO_SERVER_URL at regular intervals when the credentials are rotated. To facilitate this, this commit adds 2 fields to Chains' configuration: 1. storage.docdb.mongo-server-url 2. storage.docdb.mongo-server-url-dir `storage.docdb.mongo-server-url` simply allows supplying the value of MONGO_SERVER_URL as a field. When this field is updated, the chains controller pod does not restart, unlike when the MONGO_SERVER_URL environment variable is updated. `storage.docdb.mongo-server-url-dir` allows reading MONGO_SERVER_URL from a file in the specified directory. This allows mounting the value of MONGO_SERVER_URL from a secret or other mechanisms. When the value of MONGO_SERVER_URL is updated in the path, the new value is automatically picked up and applied.
This commit bumps gocloud.dev/docstore/mongodocstore to the commit at google/go-cloud#3429 that allows MONGO_SERVER_URL rotation.
220339c
to
ffd65fd
Compare
The following is the coverage report on the affected files.
|
/test pull-tekton-chains-build-tests |
2 similar comments
/test pull-tekton-chains-build-tests |
/test pull-tekton-chains-build-tests |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: chitrangpatel, lcarva The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/lgtm |
/test pull-tekton-chains-unit-tests |
/test pull-tekton-chains-integration-tests |
Changes
Submitter Checklist
As the author of this PR, please check off the items in this checklist:
functionality, content, code)
Release Notes
Fix #1089