New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docstore/mongodocstore: Update Mongo dialer when MONGO_SERVER_URL rotates #3429
docstore/mongodocstore: Update Mongo dialer when MONGO_SERVER_URL rotates #3429
Conversation
docstore/mongodocstore/urls.go
Outdated
} | ||
|
||
func (o *defaultDialer) OpenCollectionURL(ctx context.Context, u *url.URL) (*docstore.Collection, error) { | ||
o.init.Do(func() { | ||
serverURL := os.Getenv("MONGO_SERVER_URL") | ||
serverURL := os.Getenv("MONGO_SERVER_URL") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is not thread-safe (OpenCollectionURL can be called concurrently on the same o
).
You can protect it with a sync.Mutex.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
makes sense, updated 👍🏼
docstore/mongodocstore/urls.go
Outdated
o.init.Do(func() { | ||
serverURL := os.Getenv("MONGO_SERVER_URL") | ||
serverURL := os.Getenv("MONGO_SERVER_URL") | ||
if serverURL != o.mongoServerURL { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This doesn't work. If MONGO_SERVER_URL isn't set, then both of these will be the empty string and we'll fall through without returning an error.
How about something like if o.opener == nil || serverURL != o.openerServerURL
... ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good catch 👍🏼
i've updated this to check for an empty MONGO_SERVER_URL
outside the if condition, so it should fail each time the env var is empty
if currentEnv == "" {
o.err = errors.New("MONGO_SERVER_URL environment variable is not set")
return nil, fmt.Errorf("open collection %s: %v", u, o.err)
}
// If MONGO_SERVER_URL has been updated, then update o.opener as well
if currentEnv != o.mongoServerURL {
client, err := Dial(ctx, currentEnv)
...
...
wdyt?
18ee57d
to
cd0e696
Compare
@vangent thanks for the quick review 🚀 🙂 - i've updated the PR and also added some tests. |
Prior to this commit, the dialer for MongoDB was generated once from MONGO_SERVER_URL environment variable but was never updated even when the environment variable was updated in subsequent calls. While this works fine when MONGO_SERVER_URL is not expected to update, but as MONGO_SERVER_URL also contains the credentials to connect to MongoDB, it's a fairly common use case to rotate these credentials (and hence the environment variable) at regular intervals. This commit fixes that and updates the dialer when MONGO_SERVER_URL is updated.
cd0e696
to
024ea8c
Compare
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #3429 +/- ##
==========================================
+ Coverage 73.17% 73.20% +0.03%
==========================================
Files 113 113
Lines 14872 14873 +1
==========================================
+ Hits 10882 10888 +6
+ Misses 3216 3213 -3
+ Partials 774 772 -2 ☔ View full report in Codecov by Sentry. |
This commit bumps gocloud.dev/docstore/mongodocstore to the commit at google/go-cloud#3429 that allows MONGO_SERVER_URL rotation.
This commit bumps gocloud.dev/docstore/mongodocstore to the commit at google/go-cloud#3429 that allows MONGO_SERVER_URL rotation.
This commit bumps gocloud.dev/docstore/mongodocstore to the commit at google/go-cloud#3429 that allows MONGO_SERVER_URL rotation.
This commit bumps gocloud.dev/docstore/mongodocstore to the commit at google/go-cloud#3429 that allows MONGO_SERVER_URL rotation.
Prior to this commit, the dialer for MongoDB was generated once from MONGO_SERVER_URL environment variable but was never updated even when the environment variable was updated in subsequent calls. While this works fine when MONGO_SERVER_URL is not expected to update, but as MONGO_SERVER_URL also contains the credentials to connect to MongoDB, it's a fairly common use case to rotate these credentials (and hence the environment variable) at regular intervals.
This commit fixes that and updates the dialer when MONGO_SERVER_URL is updated.
This PR blocks tektoncd/chains#1089