Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix events based cache issues introduced in 1.11.0 #5842

Merged
merged 2 commits into from
Feb 6, 2025
Merged

Fix events based cache issues introduced in 1.11.0 #5842

merged 2 commits into from
Feb 6, 2025

Conversation

sorindumitru
Copy link
Collaborator

Pull Request check list

  • Commit conforms to CONTRIBUTING.md?
  • Proper tests/regressions included?
  • Documentation updated?

Affected functionality
spire-server events based cache

Description of change

Which issue this PR fixes
fixes #5771

amartinezfayo
amartinezfayo reviewed Feb 4, 2025
View reviewed changes
pkg/server/endpoints/authorized_entryfetcher_attested_nodes.go
@@ -215,7 +215,7 @@ func (a *attestedNodes) updateCachedNodes(ctx context.Context) error {
for spiffeId := range a.fetchNodes {
node, err := a.ds.FetchAttestedNode(ctx, spiffeId)
if err != nil {
return err
continue
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Having an error here is really an expected situation?
The FetchAttestedNode function will not return an error if the record was not found (https://github.com/spiffe/spire/blob/main/pkg/server/datastore/sqlstore/sqlstore.go#L1577), so it would only return an error if there was an SQL error. Are there other error situations that we expect as normal behavior?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, this would be SQL errors, either the something wrong with the request (which wouldn't be a problem) or likely transient errors which we should retry at some point.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It will retry next iteration so this should be ok.

@faisal-memon
Copy link
Contributor

i can help review

faisal-memon
faisal-memon reviewed Feb 5, 2025
View reviewed changes
pkg/server/endpoints/authorized_entryfetcher_registration_entries.go
@@ -40,9 +40,6 @@ type registrationEntries struct {
}

func (a *registrationEntries) captureChangedEntries(ctx context.Context) error {
// first, reset the entries we might fetch.
a.fetchEntries = make(map[string]struct{})
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Where is this map being allocated now?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's allocated in buildRegistrationEntriesCache, which is how the structure is created.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks.

faisal-memon
faisal-memon approved these changes Feb 6, 2025
View reviewed changes
Copy link
Contributor

@faisal-memon faisal-memon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks better now.

amartinezfayo
amartinezfayo approved these changes Feb 6, 2025
View reviewed changes
Copy link
Member

@amartinezfayo amartinezfayo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @sorindumitru!

@amartinezfayo amartinezfayo added this to the 1.11.2 milestone Feb 6, 2025
@sorindumitru
First capture last and skipped events before loading cache
6d257c9 
Signed-off-by: Sorin Dumitru <[email protected]>
@sorindumitru
events cache: don't drop entries that were not fetched
9226490 
If we encounter issues fetching any of the entries we need
to fetch we should retry later.

Signed-off-by: Sorin Dumitru <[email protected]>
@sorindumitru sorindumitru merged commit 5f2eb42 into spiffe:main Feb 6, 2025
35 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@faisal-memon faisal-memon faisal-memon approved these changes

@amartinezfayo amartinezfayo amartinezfayo approved these changes

@evan2645 evan2645 Awaiting requested review from evan2645 evan2645 is a code owner

@MarcosDY MarcosDY Awaiting requested review from MarcosDY MarcosDY is a code owner

@rturner3 rturner3 Awaiting requested review from rturner3 rturner3 is a code owner

Assignees

@faisal-memon faisal-memon

Labels
None yet
Projects
None yet
Milestone
1.11.2
Development

Successfully merging this pull request may close these issues.

Events based cache issues in SPIRE 1.11
3 participants
@sorindumitru @faisal-memon @amartinezfayo