docstore/mongodocstore: Update Mongo dialer when MONGO_SERVER_URL rotates #3429
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
vangent
requested changes
Apr 30, 2024
docstore/mongodocstore/urls.go
Outdated
| } | ||
|
|
||
| func (o *defaultDialer) OpenCollectionURL(ctx context.Context, u *url.URL) (*docstore.Collection, error) { | ||
| o.init.Do(func() { | ||
| serverURL := os.Getenv("MONGO_SERVER_URL") | ||
| serverURL := os.Getenv("MONGO_SERVER_URL") |
There was a problem hiding this comment.
This is not thread-safe (OpenCollectionURL can be called concurrently on the same o).
You can protect it with a sync.Mutex.
There was a problem hiding this comment.
makes sense, updated 👍🏼
docstore/mongodocstore/urls.go
Outdated
| o.init.Do(func() { | ||
| serverURL := os.Getenv("MONGO_SERVER_URL") | ||
| serverURL := os.Getenv("MONGO_SERVER_URL") | ||
| if serverURL != o.mongoServerURL { |
There was a problem hiding this comment.
This doesn't work. If MONGO_SERVER_URL isn't set, then both of these will be the empty string and we'll fall through without returning an error.
How about something like if o.opener == nil || serverURL != o.openerServerURL ... ?
There was a problem hiding this comment.
good catch 👍🏼
i've updated this to check for an empty MONGO_SERVER_URL outside the if condition, so it should fail each time the env var is empty
if currentEnv == "" {
o.err = errors.New("MONGO_SERVER_URL environment variable is not set")
return nil, fmt.Errorf("open collection %s: %v", u, o.err)
}
// If MONGO_SERVER_URL has been updated, then update o.opener as well
if currentEnv != o.mongoServerURL {
client, err := Dial(ctx, currentEnv)
...
...wdyt?
concaf
force-pushed
the
concaf/fix/mongo-server-url-rotation
branch
2 times, most recently
from
18ee57d
to
cd0e696
Compare
|
@vangent thanks for the quick review 🚀 🙂 - i've updated the PR and also added some tests. |
Prior to this commit, the dialer for MongoDB was generated once from MONGO_SERVER_URL environment variable but was never updated even when the environment variable was updated in subsequent calls. While this works fine when MONGO_SERVER_URL is not expected to update, but as MONGO_SERVER_URL also contains the credentials to connect to MongoDB, it's a fairly common use case to rotate these credentials (and hence the environment variable) at regular intervals. This commit fixes that and updates the dialer when MONGO_SERVER_URL is updated.
concaf
force-pushed
the
concaf/fix/mongo-server-url-rotation
branch
from
cd0e696
to
024ea8c
Compare
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #3429 +/- ##
==========================================
+ Coverage 73.17% 73.20% +0.03%
==========================================
Files 113 113
Lines 14872 14873 +1
==========================================
+ Hits 10882 10888 +6
+ Misses 3216 3213 -3
+ Partials 774 772 -2 ☔ View full report in Codecov by Sentry. |
vangent
approved these changes
May 1, 2024
concaf
added a commit
to concaf/chains
that referenced
this pull request
May 6, 2024
This commit bumps gocloud.dev/docstore/mongodocstore to the commit at google/go-cloud#3429 that allows MONGO_SERVER_URL rotation.
concaf
added a commit
to concaf/chains
that referenced
this pull request
May 8, 2024
This commit bumps gocloud.dev/docstore/mongodocstore to the commit at google/go-cloud#3429 that allows MONGO_SERVER_URL rotation.
concaf
added a commit
to concaf/chains
that referenced
this pull request
May 14, 2024
This commit bumps gocloud.dev/docstore/mongodocstore to the commit at google/go-cloud#3429 that allows MONGO_SERVER_URL rotation.
concaf
added a commit
to concaf/chains
that referenced
this pull request
May 15, 2024
This commit bumps gocloud.dev/docstore/mongodocstore to the commit at google/go-cloud#3429 that allows MONGO_SERVER_URL rotation.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Prior to this commit, the dialer for MongoDB was generated once from MONGO_SERVER_URL environment variable but was never updated even when the environment variable was updated in subsequent calls. While this works fine when MONGO_SERVER_URL is not expected to update, but as MONGO_SERVER_URL also contains the credentials to connect to MongoDB, it's a fairly common use case to rotate these credentials (and hence the environment variable) at regular intervals.
This commit fixes that and updates the dialer when MONGO_SERVER_URL is updated.
This PR blocks tektoncd/chains#1089