Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Avoid sparse key read for non sparse secrets #280

Merged
merged 1 commit into from
Jun 7, 2017

Conversation

kamaradclimber
Copy link
Contributor

Before this patch, every call to ChefVault::Item.load used to call the
chef server for sparse key twice:

  • once to load keys
  • once to decrypt symetrical key

This has a huge cost on secret read for nodes whose latency to the chef
server is high (we have example with ~300ms ping time).

This patch make sure we don't try to read sparse key when the secret is
marked as non sparse.

Signed-off-by: Grégoire Seux [email protected]

Before this patch, every call to ChefVault::Item.load used to call the
chef server for sparse key twice:
- once to load keys
- once to decrypt symetrical key

This has a huge cost on secret read for nodes whose latency to the chef
server is high (we have example with ~300ms ping time).

This patch make sure we don't try to read sparse key when the secret is
marked as non sparse.

Change-Id: Ib0c493845ccd8d0630c00010b5f48a6a264f81dc
Signed-off-by: Grégoire Seux <[email protected]>
@kamaradclimber
Copy link
Contributor Author

appveyor test refuses to launch, I've repushed to retry with the same result. @thommay could you have a quick look and tell me when I can retry?

@thommay
Copy link
Contributor

thommay commented Jun 7, 2017

Appveyor is a bit daft, but that's green now. Thanks!

@thommay thommay merged commit 9aaeb75 into chef:master Jun 7, 2017
@thommay thommay added the Type: Bug Does not work as expected. label Jun 7, 2017
@kamaradclimber
Copy link
Contributor Author

kamaradclimber commented Jun 7, 2017 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Type: Bug Does not work as expected.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants