Skip to content

Update credential watcher to allow second credential watcher #1132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 8 commits into
base: add-read-only-file-plugin
Choose a base branch
from
Open

Update credential watcher to allow second credential watcher #1132

wants to merge 8 commits into from

Conversation

aphralG
Copy link
Contributor

@aphralG aphralG commented Jun 17, 2025

Proposed changes

Updated credential watcher to allow a second credential watcher to be started to monitor auxiliary command sever.

  • Credential watcher now takes a sever type to be used to determine if it is aux or command sever
  • Removed sending of CredentialUpdatedTopic from watcher plugin
  • Moved creation of new GRPC connection from watcher plugin into credential watcher when update is detected
  • CredentialUpdateMessage now has Server Type and GRPC connection

Checklist

Before creating a PR, run through this checklist and mark each as complete.

  • I have read the CONTRIBUTING document
  • I have run make install-tools and have attached any dependency changes to this pull request
  • If applicable, I have added tests that prove my fix is effective or that my feature works
  • If applicable, I have checked that any relevant tests pass after adding my changes
  • If applicable, I have updated any relevant documentation (README.md)
  • If applicable, I have tested my cross-platform changes on Ubuntu 22, Redhat 8, SUSE 15 and FreeBSD 13

@aphralG aphralG self-assigned this Jun 17, 2025
@aphralG aphralG requested a review from a team as a code owner June 17, 2025 09:29
@github-actions github-actions bot added the chore Pull requests for routine tasks label Jun 17, 2025
@dhurley dhurley added the v3.x Issues and Pull Requests related to the major version v3 label Jun 19, 2025
sean-breen
sean-breen reviewed Jun 19, 2025
View reviewed changes
internal/watcher/credentials/credential_watcher_service.go Outdated
@@ -29,55 +32,74 @@ var emptyEvent = fsnotify.Event{

type CredentialUpdateMessage struct {
CorrelationID slog.Attr
Conn *grpc.GrpcConnection
SeverType command.ServerType
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ServerType

dhurley
dhurley reviewed Jun 20, 2025
View reviewed changes
internal/watcher/credentials/credential_watcher_service.go Outdated
ch <- CredentialUpdateMessage{CorrelationID: logger.CorrelationIDAttr(newCtx)}
ch <- CredentialUpdateMessage{
CorrelationID: logger.CorrelationIDAttr(newCtx),
SeverType: cws.serverType, Conn: conn,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
SeverType: cws.serverType, Conn: conn,
SeverType: cws.serverType,
Conn: conn,

internal/watcher/credentials/credential_watcher_service.go Outdated
@@ -29,55 +32,74 @@ var emptyEvent = fsnotify.Event{

type CredentialUpdateMessage struct {
CorrelationID slog.Attr
Conn *grpc.GrpcConnection
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Conn *grpc.GrpcConnection
grpcConnection *grpc.GrpcConnection

john-david3
john-david3 reviewed Jun 23, 2025
View reviewed changes
internal/watcher/credentials/credential_watcher_service.go Outdated
commandSever := cws.agentConfig.Command

if cws.serverType == model.Auxiliary {
commandSever = cws.agentConfig.AuxiliaryCommand
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this be commandServer?

internal/watcher/credentials/credential_watcher_service.go Outdated
return
}

cws.watcher = watcher

cws.watchFiles(ctx, credentialPaths(cws.agentConfig))
cws.watcherMutex.Lock()
commandSever := cws.agentConfig.Command
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this be commandServer?

internal/watcher/credentials/credential_watcher_service.go Outdated
commandSever = cws.agentConfig.AuxiliaryCommand
}

cws.watchFiles(newCtx, credentialPaths(commandSever))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above

internal/watcher/credentials/credential_watcher_service.go Outdated
commandSever = cws.agentConfig.AuxiliaryCommand
}

conn, err := grpc.NewGrpcConnection(newCtx, cws.agentConfig, commandSever)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above

dhurley
dhurley reviewed Jun 27, 2025
View reviewed changes
pkg/files/file_helpers.go
@@ -122,11 +122,13 @@ func FileMode(mode string) os.FileMode {
func GenerateConfigVersion(fileSlice []*mpi.File) string {
var hashes string

slices.SortFunc(fileSlice, func(a, b *mpi.File) int {
files := make([]*mpi.File, len(fileSlice))
copy(files, fileSlice)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Whats the reason for the copy?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Race condition, files were being sorted while the other file plugin was reading them. I could use a lock but wasn't sure if locaking the nginxConfigContext files for everything was the best idea so thought copy would be better. Can change it though

internal/watcher/watcher_plugin.go
case message := <-w.credentialUpdatesChannel:
slog.DebugContext(ctx, "Received credential update event")
newCtx := context.WithValue(ctx, logger.CorrelationIDContextKey, message.CorrelationID)
case message := <-w.commandCredentialUpdatesChannel:
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this code being duplicated here?
Seems like the same code can be used for both messages coming from commandCredentialUpdatesChannel or auxiliaryCredentialUpdatesChannel.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dhurley dhurley dhurley left review comments

@john-david3 john-david3 john-david3 approved these changes

@sean-breen sean-breen Awaiting requested review from sean-breen

Assignees

@aphralG aphralG

Labels
chore Pull requests for routine tasks v3.x Issues and Pull Requests related to the major version v3
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@aphralG @dhurley @sean-breen @john-david3