Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🎨 efs improvements (group extra properties) πŸ—ƒοΈ #6493

Merged
merged 5 commits into from
Oct 7, 2024
Merged

🎨 efs improvements (group extra properties) πŸ—ƒοΈ #6493

merged 5 commits into from
Oct 7, 2024

Conversation

matusdrobuliak66
Copy link
Contributor

@matusdrobuliak66 matusdrobuliak66 commented Oct 7, 2024
edited
Loading

What do these changes do?

  • πŸ—ƒοΈ Add enabled_efs to the groups_extra_properties database table.
  • ♻️ Run EFS Guardian with root access.
    • EFS Guardian requires elevated privileges:
      • Currently, user services start as root and override all permissions. Additionally, all new files are created by the user defined by the service. EFS Guardian needs access to these files so it can compute their size and, in special cases, revoke write permissions.
      • Guardian also needs permission to delete files that are no longer in use for a specified period of time.

My strategy:

  1. Once this PR is merged, our users can start using it immediately.
  2. We need to implement two background tasks in EFS Guardian:
  • One to monitor storage size and change permissions when the limit is reached.
  • Another to monitor and remove files that have not been used for an extended period.
  1. We can enhance ownership management to ensure EFS doesn't run as root.

Related issue/s

How to test

Dev-ops checklist

@codecov Codecov
Copy link

codecov bot commented Oct 7, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests βœ…

Project coverage is 89.2%. Comparing base (cafbf96) to head (ee25042).
Report is 619 commits behind head on master.

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff            @@
##           master   #6493      +/-   ##
=========================================
+ Coverage    84.5%   89.2%    +4.7%     
=========================================
  Files          10    1329    +1319     
  Lines         214   55436   +55222     
  Branches       25     961     +936     
=========================================
+ Hits          181   49495   +49314     
- Misses         23    5788    +5765     
- Partials       10     153     +143
Flag Coverage Ξ”
integrationtests 64.7% <100.0%> (?)
unittests 86.9% <75.0%> (+2.4%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Ξ”
...ostgres_database/models/groups_extra_properties.py 100.0% <ΓΈ> (ΓΈ)
...postgres_database/utils_groups_extra_properties.py 95.9% <100.0%> (ΓΈ)
...modules/db/repositories/groups_extra_properties.py 86.3% <100.0%> (ΓΈ)
...es/dynamic_sidecar/docker_service_specs/sidecar.py 88.0% <100.0%> (ΓΈ)
..._sidecar/scheduler/_core/_event_create_sidecars.py 100.0% <100.0%> (ΓΈ)

... and 1289 files with indirect coverage changes

@matusdrobuliak66 matusdrobuliak66 self-assigned this Oct 7, 2024
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Oct 7, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@matusdrobuliak66 matusdrobuliak66 added this to the MartinKippenberger milestone Oct 7, 2024
@matusdrobuliak66 matusdrobuliak66 marked this pull request as ready for review October 7, 2024 09:59
@matusdrobuliak66 matusdrobuliak66 requested a review from GitHK October 7, 2024 12:53
pcrespov
pcrespov approved these changes Oct 7, 2024
View reviewed changes
Copy link
Member

@pcrespov pcrespov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thx. Please consider my suggestions before merging

services/efs-guardian/Dockerfile Show resolved Hide resolved
@matusdrobuliak66 matusdrobuliak66 merged commit d4e5471 into ITISFoundation:master Oct 7, 2024
57 checks passed
@matusdrobuliak66 matusdrobuliak66 deleted the improve-efs-1 branch October 7, 2024 14:03
mrnicegyu11 pushed a commit to mrnicegyu11/osparc-simcore that referenced this pull request Oct 14, 2024
@matusdrobuliak66 @mrnicegyu11
🎨 efs improvements (group extra properties) πŸ—ƒοΈ (ITISFoundation#6493)
f4dc38b
@matusdrobuliak66 matusdrobuliak66 mentioned this pull request Oct 15, 2024
Closed
18 tasks
This was referenced Oct 23, 2024
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pcrespov pcrespov pcrespov approved these changes

@GitHK GitHK GitHK approved these changes

@sanderegg sanderegg Awaiting requested review from sanderegg sanderegg is a code owner

@YuryHrytsuk YuryHrytsuk Awaiting requested review from YuryHrytsuk

@mrnicegyu11 mrnicegyu11 Awaiting requested review from mrnicegyu11

Assignees

@matusdrobuliak66 matusdrobuliak66

Labels
None yet
Projects
None yet
Milestone
MartinKippenberger
Development

Successfully merging this pull request may close these issues.
3 participants
@matusdrobuliak66 @GitHK @pcrespov