Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

maint(pam/integration-tests): Run all the tests with a shared authd when possible #593

Draft
wants to merge 17 commits into
base: main
Choose a base branch
from

Conversation

3v1n0
Copy link
Collaborator

@3v1n0 3v1n0 commented Oct 17, 2024

Run by default all the tests using an unique instance of authd daemon running so that we can test better that all the codepaths work well with lots of concurrency.

Leaving this as a draft for now because it has dependencies on some commits of #583

UDENG-5377

@codecov-commenter
Copy link

codecov-commenter commented Oct 17, 2024

Codecov Report

Attention: Patch coverage is 85.18519% with 4 lines in your changes missing coverage. Please review.

Project coverage is 83.23%. Comparing base (e9cc1e9) to head (1493b08).
Report is 6 commits behind head on main.

Files with missing lines Patch % Lines
internal/brokers/manager.go 33.33% 3 Missing and 1 partial ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##             main     #593      +/-   ##
==========================================
- Coverage   83.28%   83.23%   -0.06%     
==========================================
  Files          80       80              
  Lines        8617     8630      +13     
  Branches       75       75              
==========================================
+ Hits         7177     7183       +6     
- Misses       1112     1118       +6     
- Partials      328      329       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.


🚨 Try these New Features:

@3v1n0 3v1n0 force-pushed the pam-tests-shared-authd branch 2 times, most recently from 0f3f9c6 to 4bd8ec9 Compare November 21, 2024 23:24
3v1n0 added 17 commits November 22, 2024 12:10
We can then expose these cleanly
Use const variables to build expected example broker user names so that
we can be more reliable when testing them
…er names

This is valid for the standard case, while on specific cases we still
rely on manual names
… tests

So that we won't clash with other test in the suite
…l tests

So we can run a shared authd for everything
We removed the temporary dir on test cleanup but we may want to keep the
lifecycle of the daemon bound to the daemon itself instead
The user name now has only to contain the pre-check value prefix
while we don't care about its location to allow more combination of
cases (such as pre-check MFA users).
… daemon

The daemon is ref-counted in order to decide when killing it, so that
multiple tests can share the same daemon if they want to
…nces

It can be useful for debugging purposes
In case of issues it allows easier debugging
@3v1n0 3v1n0 force-pushed the pam-tests-shared-authd branch from 4bd8ec9 to 1493b08 Compare November 22, 2024 15:37
@3v1n0 3v1n0 marked this pull request as ready for review November 22, 2024 15:48
@3v1n0 3v1n0 requested a review from a team as a code owner November 22, 2024 15:48
Copy link
Member

@denisonbarbosa denisonbarbosa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not going to lie, I'm a bit worried... I like the idea of using a single instance as much as possible, but it will be handling an insane amount of requests (which is not a real use case [how many users do we expect to authenticate in the "same" moment?]).

This feels like it would be a pain to debug and fix if it starts going wrong, no? I'm just wondering if we might not be shooting ourselves in the foot here...

@adombeck, @didrocks any opinions regarding the above?

Despite the rambling: changes look good to me but a comment about naming, easy to fix.

Comment on lines +39 to +40
gPasswd string
groups string
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These are a bit vague... Do you mind updating them to indicate better what they mean or add a comment for them?

@3v1n0
Copy link
Collaborator Author

3v1n0 commented Nov 27, 2024

Indeed it's not meant to respect a real scenario, but experience taught me that the more we stress a system, the more potential issues can arise.

So, in case we can also make this opt-in and just happen in the race job though.

@didrocks
Copy link
Member

I agree that as we don’t have a context ID, this could make things difficult.

How hard would it be to only run in this mode if we are in race mode?

@3v1n0
Copy link
Collaborator Author

3v1n0 commented Nov 29, 2024

I agree that as we don’t have a context ID, this could make things difficult.

How hard would it be to only run in this mode if we are in race mode?

Not much, it's just about inverting the logic, so it should be doable.

@3v1n0
Copy link
Collaborator Author

3v1n0 commented Dec 11, 2024

Blocked by #661 for now, let's wait to reconsider

@3v1n0 3v1n0 marked this pull request as draft December 11, 2024 05:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants