Skip to content

Fix Access List Members cache and eventing.#32619

Merged
mdwn merged 2 commits intomasterfrom
mike.wilson/fix-access-list-events-and-cache
Sep 27, 2023
Merged

Fix Access List Members cache and eventing.#32619
mdwn merged 2 commits intomasterfrom
mike.wilson/fix-access-list-events-and-cache

Conversation

@mdwn
Copy link
Copy Markdown
Contributor

@mdwn mdwn commented Sep 27, 2023
edited
Loading

Two things were happening that were shadowing the Access List members cache and eventing.

  1. In the cache collections, the wrong reader was being assigned to the lookup map. The correct reader was being used elsewhere, however, so the caching tests appear to have still been working.
  2. The watcher in lib/services/local/events.go apparently collapses prefixes if they overlap. Prefix access_list_members is encompassed by access_list, so the access list members prefix was eliminated from the watcher. As a result, access list member events were being processed by the access list parser, which resulted in non-critical warnings.

Local testing and dogfooding has yielded that this has had no apparent impact, at least in situations without cache propagation. However, I've got a feeling that this could affect situations with multiple auth servers.

Thanks to @jakule for finding this, as it was hidden in the debug logs and had no apparent impact on tests.

Fix Access List Members cache and eventing.
1ed3d1b 
Two things were happening that were shadowing the Access List members cache
and eventing.

1. In the cache collections, the wrong reader was being assigned to the
   lookup map. The correct reader was being used elsewhere, however, so the
   caching tests appear to have still been working.
2. The watcher in lib/services/local/events.go apparently collapses prefixes
   if they overlap. Prefix `access_list_members` is encompassed by
   `access_list`, so the access list members prefix was eliminated from the
   watcher. As a result, access list member events were being processed by
   the access list parser, which resulted in non-critical warnings.

Local testing and dogfooding has yielded that this has had no apparent impact,
at least in situations without cache propagation. However, I've got a feeling
that this could affect situations with multiple auth servers.

While I'm here, I've eliminated the pointer-to-pointer logic in the access
list unmarshaling, which was excised elsewhere and should be excised here as
well.
@mdwn mdwn requested a review from jakule September 27, 2023 03:24
@github-actions github-actions Bot requested review from espadolini and lxea September 27, 2023 03:24
@mdwn mdwn enabled auto-merge September 27, 2023 03:47
espadolini
espadolini reviewed Sep 27, 2023
View reviewed changes
Comment thread lib/services/local/events.go Outdated
@public-teleport-github-review-bot public-teleport-github-review-bot Bot removed the request for review from lxea September 27, 2023 13:04
@mdwn mdwn added this pull request to the merge queue Sep 27, 2023
Merged via the queue into master with commit bccb25b Sep 27, 2023
@mdwn mdwn deleted the mike.wilson/fix-access-list-events-and-cache branch September 27, 2023 13:33
@public-teleport-github-review-bot
Copy link
Copy Markdown

public-teleport-github-review-bot Bot commented Sep 27, 2023

@mdwn See the table below for backport results.

Branch Result
branch/v13 Failed
branch/v14 Create PR

This was referenced Sep 27, 2023
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@espadolini espadolini espadolini approved these changes

+1 more reviewer

@jakule jakule jakule approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

size/sm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mdwn @espadolini @jakule