{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":292606346,"defaultBranch":"main","name":"cloud-sql-go-connector","ownerLogin":"GoogleCloudPlatform","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2020-09-03T15:18:32.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/2810941?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1717625394.0","currentOid":""},"activityList":{"items":[{"before":"b307d94f44f467a37a7c82526d055dbbca428d33","after":"924696315a80afaa15001c98fd603534cf519a83","ref":"refs/heads/release-please--branches--main--components--cloud-sql-go-connector","pushedAt":"2024-06-05T22:10:11.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"release-please[bot]","name":null,"path":"/apps/release-please","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/40688?s=80&v=4"},"commit":{"message":"chore(main): release 1.11.0","shortMessageHtmlLink":"chore(main): release 1.11.0"}},{"before":"2a3257d403f8d685e487032a545fa186876a8442","after":"b286049a7ade2a9e3cf44ea36f56946cfa58f60a","ref":"refs/heads/main","pushedAt":"2024-06-05T22:09:54.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"},"commit":{"message":"fix: ensure connection count is correctly reported (#824)\n\nA recent refactor broke the open connections metric and caused all\r\ncounts to be reported as either 1 or 0. This commit updates the test to\r\nprotect against making the same mistake and fixes the original problem\r\n(using value semanatics and not pointer semantics).","shortMessageHtmlLink":"fix: ensure connection count is correctly reported (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2336902112\" data-permission-text=\"Title is private\" data-url=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/issues/824\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/GoogleCloudPlatform/cloud-sql-go-connector/pull/824/hovercard\" href=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/pull/824\">#824</a>)"}},{"before":"1de6468496ba8ddd5625dd4de2d4db506095e855","after":null,"ref":"refs/heads/metrics-fix","pushedAt":"2024-06-05T22:09:54.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"}},{"before":null,"after":"1de6468496ba8ddd5625dd4de2d4db506095e855","ref":"refs/heads/metrics-fix","pushedAt":"2024-06-05T22:00:28.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"},"commit":{"message":"fix: ensure connection count is correctly reported\n\nA recent refactor broke the open connections metric and caused all\ncounts to be reported as either 1 or 0. This commit updates the test to\nprotect against making the same mistake and fixes the original problem\n(using value semanatics and not pointer semantics).","shortMessageHtmlLink":"fix: ensure connection count is correctly reported"}},{"before":"31f7591c8e39b7c8ee9f8113a5393f806524e343","after":"b307d94f44f467a37a7c82526d055dbbca428d33","ref":"refs/heads/release-please--branches--main--components--cloud-sql-go-connector","pushedAt":"2024-05-31T19:57:27.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"release-please[bot]","name":null,"path":"/apps/release-please","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/40688?s=80&v=4"},"commit":{"message":"chore(main): release 1.11.0","shortMessageHtmlLink":"chore(main): release 1.11.0"}},{"before":"9461f7f3d494f315e89ffc649b456018513f7887","after":"2a3257d403f8d685e487032a545fa186876a8442","ref":"refs/heads/main","pushedAt":"2024-05-31T19:57:09.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"jackwotherspoon","name":"Jack Wotherspoon","path":"/jackwotherspoon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/32113413?s=80&v=4"},"commit":{"message":"deps: Update github/codeql-action action to v3.25.7 (#819)","shortMessageHtmlLink":"deps: Update github/codeql-action action to v3.25.7 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2327516660\" data-permission-text=\"Title is private\" data-url=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/issues/819\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/GoogleCloudPlatform/cloud-sql-go-connector/pull/819/hovercard\" href=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/pull/819\">#819</a>)"}},{"before":"1b15b276c422a07be15fd6a5a31c3bdb708f0d50","after":"31f7591c8e39b7c8ee9f8113a5393f806524e343","ref":"refs/heads/release-please--branches--main--components--cloud-sql-go-connector","pushedAt":"2024-05-30T16:37:33.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"release-please[bot]","name":null,"path":"/apps/release-please","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/40688?s=80&v=4"},"commit":{"message":"chore(main): release 1.11.0","shortMessageHtmlLink":"chore(main): release 1.11.0"}},{"before":"34399852e03b6eb452be8fbecb3b38af417fcdb6","after":null,"ref":"refs/heads/enocom-patch-1","pushedAt":"2024-05-30T16:37:15.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"}},{"before":"4b68de3693e25642acd847d0c8ac393982d00c9b","after":"9461f7f3d494f315e89ffc649b456018513f7887","ref":"refs/heads/main","pushedAt":"2024-05-30T16:37:15.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"},"commit":{"message":"chore: correct renovate's go grouping (#817)","shortMessageHtmlLink":"chore: correct renovate's go grouping (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2326097129\" data-permission-text=\"Title is private\" data-url=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/issues/817\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/GoogleCloudPlatform/cloud-sql-go-connector/pull/817/hovercard\" href=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/pull/817\">#817</a>)"}},{"before":null,"after":"34399852e03b6eb452be8fbecb3b38af417fcdb6","ref":"refs/heads/enocom-patch-1","pushedAt":"2024-05-30T16:34:03.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"},"commit":{"message":"chore: correct renovate's go grouping","shortMessageHtmlLink":"chore: correct renovate's go grouping"}},{"before":"4b68de3693e25642acd847d0c8ac393982d00c9b","after":"1b15b276c422a07be15fd6a5a31c3bdb708f0d50","ref":"refs/heads/release-please--branches--main--components--cloud-sql-go-connector","pushedAt":"2024-05-28T18:22:35.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"release-please[bot]","name":null,"path":"/apps/release-please","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/40688?s=80&v=4"},"commit":{"message":"chore(main): release 1.11.0","shortMessageHtmlLink":"chore(main): release 1.11.0"}},{"before":null,"after":"4b68de3693e25642acd847d0c8ac393982d00c9b","ref":"refs/heads/release-please--branches--main--components--cloud-sql-go-connector","pushedAt":"2024-05-28T18:22:34.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"release-please[bot]","name":null,"path":"/apps/release-please","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/40688?s=80&v=4"},"commit":{"message":"feat: invalidate cache on failed IP lookup (#812)\n\nIn #768, we removed an implicit behavior of the Go Connector. If a dial\r\nattempt requests a non-existent IP type (e.g., client asks for public IP\r\non a private IP only instance), the Connector would invalidate the\r\ncache. But with the cleanup PR, we removed that implicit behavior.\r\n\r\nIn some cases, it might be useful to have this behavior. For example, if\r\na caller starts the Go Connector and tries to connect to a public IP and\r\nthen later configures public IP, there is no need for a restart.\r\n\r\nWe made that change in the AlloyDB Go Connector mostly because some\r\ninternal tests depend on that behavior. See\r\nGoogleCloudPlatform/alloydb-go-connector#555.\r\n\r\nFixes #780","shortMessageHtmlLink":"feat: invalidate cache on failed IP lookup (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2321359660\" data-permission-text=\"Title is private\" data-url=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/issues/812\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/GoogleCloudPlatform/cloud-sql-go-connector/pull/812/hovercard\" href=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/pull/812\">#812</a>)"}},{"before":"573f53710d80fb78b7cbac643ba6d0733951b960","after":null,"ref":"refs/heads/failed-ip-lookup","pushedAt":"2024-05-28T18:22:17.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"}},{"before":"164badf655ff96022e141b43f4df7d0c9b4f6583","after":"4b68de3693e25642acd847d0c8ac393982d00c9b","ref":"refs/heads/main","pushedAt":"2024-05-28T18:22:16.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"},"commit":{"message":"feat: invalidate cache on failed IP lookup (#812)\n\nIn #768, we removed an implicit behavior of the Go Connector. If a dial\r\nattempt requests a non-existent IP type (e.g., client asks for public IP\r\non a private IP only instance), the Connector would invalidate the\r\ncache. But with the cleanup PR, we removed that implicit behavior.\r\n\r\nIn some cases, it might be useful to have this behavior. For example, if\r\na caller starts the Go Connector and tries to connect to a public IP and\r\nthen later configures public IP, there is no need for a restart.\r\n\r\nWe made that change in the AlloyDB Go Connector mostly because some\r\ninternal tests depend on that behavior. See\r\nGoogleCloudPlatform/alloydb-go-connector#555.\r\n\r\nFixes #780","shortMessageHtmlLink":"feat: invalidate cache on failed IP lookup (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2321359660\" data-permission-text=\"Title is private\" data-url=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/issues/812\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/GoogleCloudPlatform/cloud-sql-go-connector/pull/812/hovercard\" href=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/pull/812\">#812</a>)"}},{"before":null,"after":"573f53710d80fb78b7cbac643ba6d0733951b960","ref":"refs/heads/failed-ip-lookup","pushedAt":"2024-05-27T22:43:00.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"},"commit":{"message":"feat: invalidate cache on failed IP lookup\n\nIn #768, we removed an implicit behavior of the Go Connector. If a dial\nattempt requests a non-existent IP type (e.g., client asks for public IP\non a private IP only instance), the Connector would invalidate the\ncache. But with the cleanup PR, we removed that implicit behavior.\n\nIn some cases, it might be useful to have this behavior. For example, if\na caller starts the Go Connector and tries to connect to a public IP and\nthen later configures public IP, there is no need for a restart.\n\nWe made that change in the AlloyDB Go Connector mostly because some\ninternal tests depend on that behavior. See\nGoogleCloudPlatform/alloydb-go-connector#555.\n\nFixes #780","shortMessageHtmlLink":"feat: invalidate cache on failed IP lookup"}},{"before":"c4f88c9313121786074280432f6ae7b402e7becc","after":null,"ref":"refs/heads/release-please--branches--main--components--cloud-sql-go-connector","pushedAt":"2024-05-22T16:17:15.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"}},{"before":"213811ac6e05a1b21965a34bb06231dba25abfb7","after":"164badf655ff96022e141b43f4df7d0c9b4f6583","ref":"refs/heads/main","pushedAt":"2024-05-22T16:17:14.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"},"commit":{"message":"chore(main): release 1.10.1 (#808)\n\nCo-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>","shortMessageHtmlLink":"chore(main): release 1.10.1 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2308793593\" data-permission-text=\"Title is private\" data-url=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/issues/808\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/GoogleCloudPlatform/cloud-sql-go-connector/pull/808/hovercard\" href=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/pull/808\">#808</a>)"}},{"before":"5ac6a0a983fb3517c8a51024f437502c3c873cb8","after":"213811ac6e05a1b21965a34bb06231dba25abfb7","ref":"refs/heads/main","pushedAt":"2024-05-22T16:15:12.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"},"commit":{"message":"deps: Update google.golang.org/genproto/googleapis/rpc digest to d264139 (#809)","shortMessageHtmlLink":"deps: Update google.golang.org/genproto/googleapis/rpc digest to d264…"}},{"before":"a218aba9c1388a444a73fc6eb9161f7fb6cd9698","after":"5ac6a0a983fb3517c8a51024f437502c3c873cb8","ref":"refs/heads/main","pushedAt":"2024-05-22T16:07:08.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"},"commit":{"message":"deps: Update dependencies for github (#801)","shortMessageHtmlLink":"deps: Update dependencies for github (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2296578353\" data-permission-text=\"Title is private\" data-url=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/issues/801\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/GoogleCloudPlatform/cloud-sql-go-connector/pull/801/hovercard\" href=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/pull/801\">#801</a>)"}},{"before":"1d9d3c0b16a92b64e50ecbd2ee339377e5e396df","after":"a218aba9c1388a444a73fc6eb9161f7fb6cd9698","ref":"refs/heads/main","pushedAt":"2024-05-22T16:06:52.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"},"commit":{"message":"deps: Update module google.golang.org/api to v0.181.0 (#805)","shortMessageHtmlLink":"deps: Update module google.golang.org/api to v0.181.0 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2301058060\" data-permission-text=\"Title is private\" data-url=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/issues/805\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/GoogleCloudPlatform/cloud-sql-go-connector/pull/805/hovercard\" href=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/pull/805\">#805</a>)"}},{"before":"517f5ece27eb0d80aef64d43ef109d322001a94c","after":"c4f88c9313121786074280432f6ae7b402e7becc","ref":"refs/heads/release-please--branches--main--components--cloud-sql-go-connector","pushedAt":"2024-05-22T16:03:37.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"release-please[bot]","name":null,"path":"/apps/release-please","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/40688?s=80&v=4"},"commit":{"message":"chore(main): release 1.10.1","shortMessageHtmlLink":"chore(main): release 1.10.1"}},{"before":"809be4d9ffadc5be2058322dade7ef8d20eb797c","after":null,"ref":"refs/heads/fast-tests","pushedAt":"2024-05-22T16:03:18.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"}},{"before":"beb36052af2221d7ff238edc4c98c733cac2999d","after":"1d9d3c0b16a92b64e50ecbd2ee339377e5e396df","ref":"refs/heads/main","pushedAt":"2024-05-22T16:03:17.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"},"commit":{"message":"chore: make short tests faster (#810)\n\nThe test cases covering failure behavior were all inadvertently using\r\nexponential backoff in test runs, causing unnecessary slowdowns. This\r\ncommit disables exponential backoff in tests by having the mock API\r\nserver return 400 status codes instead of 501s when a request is not\r\nrecognized. As a result, the exponential backoff logic does not trigger.\r\n\r\nThis change reduces the time taken by ~75% to about ~5s.","shortMessageHtmlLink":"chore: make short tests faster (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2310892824\" data-permission-text=\"Title is private\" data-url=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/issues/810\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/GoogleCloudPlatform/cloud-sql-go-connector/pull/810/hovercard\" href=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/pull/810\">#810</a>)"}},{"before":"666078f01bc01009098ad6e50f0f8caee1be896d","after":null,"ref":"refs/heads/friendly-error","pushedAt":"2024-05-22T15:54:43.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"}},{"before":"39590a308666481a94d642fa2ca76eca0374f394","after":null,"ref":"refs/heads/faster-tests","pushedAt":"2024-05-22T15:54:30.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"}},{"before":null,"after":"809be4d9ffadc5be2058322dade7ef8d20eb797c","ref":"refs/heads/fast-tests","pushedAt":"2024-05-22T15:53:01.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"},"commit":{"message":"chore: make short tests faster\n\nThe test cases covering failure behavior were all inadvertently using\nexponential backoff in test runs, causing unnecessary slowdowns. This\ncommit disables exponential backoff in tests by having the mock API\nserver return 400 status codes instead of 501s when a request is not\nrecognized. As a result, the exponential backoff logic does not trigger.\n\nThis change reduces the time taken by ~75% to about ~5s.","shortMessageHtmlLink":"chore: make short tests faster"}},{"before":"08a86f774576d8f386b350e0891202601afe9857","after":"39590a308666481a94d642fa2ca76eca0374f394","ref":"refs/heads/faster-tests","pushedAt":"2024-05-22T03:49:29.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"},"commit":{"message":"chore: make short tests faster\n\nThe test cases covering failure behavior were all inadvertently using\nexponential backoff in test runs, causing unnecessary slowdowns. This\ncommit disables exponential backoff in tests and uses constant time\nbackoff.\n\nThis change reduces the time taken by ~75% to about ~5s.","shortMessageHtmlLink":"chore: make short tests faster"}},{"before":"beb36052af2221d7ff238edc4c98c733cac2999d","after":"517f5ece27eb0d80aef64d43ef109d322001a94c","ref":"refs/heads/release-please--branches--main--components--cloud-sql-go-connector","pushedAt":"2024-05-21T17:41:39.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"release-please[bot]","name":null,"path":"/apps/release-please","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/40688?s=80&v=4"},"commit":{"message":"chore(main): release 1.10.1","shortMessageHtmlLink":"chore(main): release 1.10.1"}},{"before":null,"after":"beb36052af2221d7ff238edc4c98c733cac2999d","ref":"refs/heads/release-please--branches--main--components--cloud-sql-go-connector","pushedAt":"2024-05-21T17:41:38.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"release-please[bot]","name":null,"path":"/apps/release-please","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/40688?s=80&v=4"},"commit":{"message":"fix: remove duplicate refresh operations (#806)\n\nWhen callers (like the Cloud SQL Proxy) warmup the background refresh\r\nwith EngineVersion, the initial refresh operation starts with IAM Authn\r\ndisabled. Then when a caller connects with IAM authentication, the\r\nexisting refresh is invalidated (because it doesn't include the client's\r\nOAuth2 token). In effect, two refresh operations are completed when the\r\ndialer could have just run one initially.\r\n\r\nThis commit ensures calls to EngineVersion respect the dialer's global\r\nIAM authentication setting. If IAM authentication is enabled at the\r\ndialer level, then EngineVersion will ensure the refresh operation uses\r\nIAM authentication. And only one refresh operation occurs between warmup\r\nand first connection.\r\n\r\nIn cases where a dialer is initialized without IAM authentication, but\r\nthen a call to dial requests IAM authentication, a second refresh is\r\nunavoidable. This seems to be an uncommon enough use case that it is an\r\nacceptable tradeoff given how IAM authentication is tightly coupled with\r\nthe client certificate refresh.\r\n\r\nSeparately, when Cloud SQL Proxy invocations start the Proxy with the\r\n--token flag in combination with IAM authentication, the underlying\r\ntoken does not have a corresponding refresh token and so cannot be\r\nrefreshed. As a result, when the double calls occur (as described\r\nabove), there is a third refresh attempt started because the token has a\r\nmissing expiration field (there is only AccessToken, no RefreshToken, or\r\nExpiry).\r\n\r\nThe dialer sees the missing expiration as an expired client certificate\r\nand immediately starts a new refresh. But because the dialer has already\r\nconsumed two attempts, the rate limiter (2 initial attempts, then\r\n30s/attempt) forces the client to wait 30s before connecting.\r\n\r\nThis commit ensures that situation will not happen by using the correct\r\nclient certificate expiration and not the invalid token expiration. For\r\ncases where the Cloud SQL Proxy configures the dialer with the --token\r\nflag (and no refresh token), the dialer will always default to using the\r\nclient certificate's expiration. This means the refresh cycle will fail\r\nonce the token expires.\r\n\r\nFixes #771","shortMessageHtmlLink":"fix: remove duplicate refresh operations (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2306449251\" data-permission-text=\"Title is private\" data-url=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/issues/806\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/GoogleCloudPlatform/cloud-sql-go-connector/pull/806/hovercard\" href=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/pull/806\">#806</a>)"}},{"before":"1ee46e8b0d224ed906a921d2331968094f81e434","after":"beb36052af2221d7ff238edc4c98c733cac2999d","ref":"refs/heads/main","pushedAt":"2024-05-21T17:40:32.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"enocom","name":"Eno Compton","path":"/enocom","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1175430?s=80&v=4"},"commit":{"message":"fix: remove duplicate refresh operations (#806)\n\nWhen callers (like the Cloud SQL Proxy) warmup the background refresh\r\nwith EngineVersion, the initial refresh operation starts with IAM Authn\r\ndisabled. Then when a caller connects with IAM authentication, the\r\nexisting refresh is invalidated (because it doesn't include the client's\r\nOAuth2 token). In effect, two refresh operations are completed when the\r\ndialer could have just run one initially.\r\n\r\nThis commit ensures calls to EngineVersion respect the dialer's global\r\nIAM authentication setting. If IAM authentication is enabled at the\r\ndialer level, then EngineVersion will ensure the refresh operation uses\r\nIAM authentication. And only one refresh operation occurs between warmup\r\nand first connection.\r\n\r\nIn cases where a dialer is initialized without IAM authentication, but\r\nthen a call to dial requests IAM authentication, a second refresh is\r\nunavoidable. This seems to be an uncommon enough use case that it is an\r\nacceptable tradeoff given how IAM authentication is tightly coupled with\r\nthe client certificate refresh.\r\n\r\nSeparately, when Cloud SQL Proxy invocations start the Proxy with the\r\n--token flag in combination with IAM authentication, the underlying\r\ntoken does not have a corresponding refresh token and so cannot be\r\nrefreshed. As a result, when the double calls occur (as described\r\nabove), there is a third refresh attempt started because the token has a\r\nmissing expiration field (there is only AccessToken, no RefreshToken, or\r\nExpiry).\r\n\r\nThe dialer sees the missing expiration as an expired client certificate\r\nand immediately starts a new refresh. But because the dialer has already\r\nconsumed two attempts, the rate limiter (2 initial attempts, then\r\n30s/attempt) forces the client to wait 30s before connecting.\r\n\r\nThis commit ensures that situation will not happen by using the correct\r\nclient certificate expiration and not the invalid token expiration. For\r\ncases where the Cloud SQL Proxy configures the dialer with the --token\r\nflag (and no refresh token), the dialer will always default to using the\r\nclient certificate's expiration. This means the refresh cycle will fail\r\nonce the token expires.\r\n\r\nFixes #771","shortMessageHtmlLink":"fix: remove duplicate refresh operations (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2306449251\" data-permission-text=\"Title is private\" data-url=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/issues/806\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/GoogleCloudPlatform/cloud-sql-go-connector/pull/806/hovercard\" href=\"https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/pull/806\">#806</a>)"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEXZksdQA","startCursor":null,"endCursor":null}},"title":"Activity · GoogleCloudPlatform/cloud-sql-go-connector"}