feat(migrations) add preflight defaults for jwt and key-auth #2883
Conversation
kong/plugins/jwt/handler.lua
Outdated
| -- have `nil` and hence will by default start passing the preflight request | ||
| -- This should be fixed by a migration to update the actual entries | ||
| -- in the datastore | ||
| if get_method() == "OPTIONS" and not conf.run_on_preflight then |
There was a problem hiding this comment.
If we check for conf.run_on_preflight first, we can avoid calling get_method() needlessly?
kong/dao/migrations/helpers.lua
Outdated
| local coro | ||
| if dao.db_type == "cassandra" then | ||
| coro = coroutine.create(function() | ||
| for rows, err in dao.db.cluster:iterate([[ |
There was a problem hiding this comment.
The recent changes in how we handle migrations in Cassandra introduced a new rule of thumb: we only run migrations on a single coordinator (whether they are DDL or DML queries), and let the elected coordinator propagate the changes to its peers via the inter-nodes Cassandra gossiping.
The cluster:iterate() method will load-balance each query and thus, request each page from a different coordinator. The fix is very simple.
Instead, we should use the coordinator that has been elected to run the migrations. This has been done via dao.db:first_coordinator() in factory.lua#L378. We'll need a new method to retrieve this coordinator, since it is stored in an upvalue. Then, we can simply do:
for rows, err in coordinator:iterate() do
endBecause the iterate() API is the same whether it is used in the cassandra or cassandra.cluster modules.
kong/dao/migrations/helpers.lua
Outdated
| end | ||
| end | ||
|
|
||
| return _M |
There was a problem hiding this comment.
style: also does not respect the 2 lines jump rule (inconsistent with the top of this file where it is respected)
I can fix those issues during merge if you prefer. Or we can build habits...
kong/dao/migrations/helpers.lua
Outdated
|
|
||
| else | ||
| coro = coroutine.create(function() | ||
| return nil, nil, "unknown database type: "..tostring(dao.db_type) |
There was a problem hiding this comment.
style: missing spaces around concat operator ..
thibaultcha
added
pr/changes requested
kong/dao/migrations/helpers.lua
Outdated
| return nil, nil, err | ||
| end | ||
|
|
||
| run_rows(rows) |
There was a problem hiding this comment.
It seems run_rows can return an error when we cannot decode the JSON string in row.config, but we are not catching the error here. Should we?
There was a problem hiding this comment.
iirc I left it out on purpose, but on second thought it would pass by silently and cause ugly problems later on probably. So added an extra assertion. (only needed for Cassandra, but for consistency added it also on postgres)
kong/dao/migrations/helpers.lua
Outdated
| @@ -0,0 +1,96 @@ | |||
| local _M = {} | |||
| local json_decode = require("cjson.safe").decode | |||
There was a problem hiding this comment.
I have to say I don't understand why we are not following the usual pattern (in the dozens of files in this codebase) of requiring the modules first, and then declaring the new module?
local json_decode = require("cjson.safe").decode
local _M = {}There was a problem hiding this comment.
I don't understand
me neither
| return nil, nil, err | ||
| end | ||
|
|
||
| assert(run_rows(rows)) |
There was a problem hiding this comment.
👍 We are never too safe imho
thibaultcha
added
pr/ready (but hold merge)
Tieske
force-pushed
the
feat/options-migrations
branch
from
7f99866 to
b0e518c
Compare
Tieske
force-pushed
the
feat/options-migrations
branch
from
b0e518c to
8a7934d
Compare
Tieske
added
pr/ready
PR #2744 and #2857 implemented the preflight options (for a minor release). This adds the migrations including defaults (for a major release)