feat(authentication): per method cleanup process

[GeorgeMac]

This adds a new per authentication method cleanup process.

The process creates 1 background goroutine per enabled authentication method.
This goroutine will attempt to acquire a lock via the storage layer and then deleted expired authentications from the backing store.

The process is repeated on a configurable periodic basis.
The delete process includes a configurable grace period for what is deemed "expired".
Allowing for expired authentications to be left untouched until some elapsed duration.

The new configuration levers can be seen in the following patch:

authentication:
  methods:
    token:
      enabled: true // cleanup is only initiated if the method is enabled
+     cleanup:
+       interval: 1h
+       grace_period: 1h

Each key beneath cleanup configures the associated authentication method.
The clean-up process is only initiated if the method is also enabled.

By default, for an enabled auth method, cleanup is also configured.
It will be configured with 1h interval and 30m grace period.

These defaults are debatable.

[markphelps]

this all looks great!

one question I have is around the configuration, does it make sense to nest cleanup under the already existing method? ie:

authentication:
  methods:
    token:
      enabled: true // cleanup is only started if the method is also enabled
      cleanup:
          interval: 1h
          grace_period: 1h

[GeorgeMac]

@markphelps yeah, this had also crossed my mind shortly after opening the PR.

Ill take a stab at that real quick.

[GeorgeMac]

@markphelps yep, much better 👍

[codecov-commenter]

Codecov Report

Merging #1161 (c86fa95) into main (2638b10) will increase coverage by 1.06%.
The diff coverage is 90.41%.

@@            Coverage Diff             @@
##             main    #1161      +/-   ##
==========================================
+ Coverage   78.83%   79.89%   +1.06%     
==========================================
  Files          35       38       +3     
  Lines        2528     2761     +233     
==========================================
+ Hits         1993     2206     +213     
- Misses        435      451      +16     
- Partials      100      104       +4     

Impacted Files	Coverage Δ
internal/config/errors.go	100.00% <ø> (ø)
internal/storage/sql/migrator.go	23.45% <ø> (ø)
internal/cleanup/cleanup.go	77.41% <77.41%> (ø)
internal/config/authentication.go	88.88% <86.84%> (-11.12%)	⬇️
internal/storage/oplock/sql/sql.go	96.33% <96.33%> (ø)
internal/config/config.go	82.30% <100.00%> (+2.65%)	⬆️
internal/storage/auth/memory/store.go	77.86% <100.00%> (+0.18%)	⬆️
internal/storage/oplock/memory/memory.go	100.00% <100.00%> (ø)
internal/storage/sql/db.go	91.11% <100.00%> (+0.20%)	⬆️

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[markphelps]

Setting interval to a negative value puts the cleanup process in an infinite loop 😲

authentication:
  required: true
  methods:
    token:
      enabled: true
      cleanup:
        interval: -2h
        grace_period: 48h

2022-11-29T09:42:38-05:00       INFO    cleanup process deleting authentications        {"server": "grpc", "expired_before": "2022-11-27T14:42:38Z"}
2022-11-29T09:42:38-05:00       INFO    cleanup process deleting authentications        {"server": "grpc", "expired_before": "2022-11-27T14:42:38Z"}
2022-11-29T09:42:38-05:00       INFO    cleanup process deleting authentications        {"server": "grpc", "expired_before": "2022-11-27T14:42:38Z"}
2022-11-29T09:42:38-05:00       INFO    cleanup process deleting authentications        {"server": "grpc", "expired_before": "2022-11-27T14:42:38Z"}
2022-11-29T09:42:38-05:00       INFO    cleanup process deleting authentications        {"server": "grpc", "expired_before": "2022-11-27T14:42:38Z"}

We should prob have some validation there that its a positive number greater than 0

[markphelps]

see above about ♾️

[markphelps]

noice!