Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[full-ci] Store settings via metadata #3232

Merged
merged 51 commits into from
Mar 15, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
51 commits
Select commit Hold shift + click to select a range
59527e1
Settings: add metadata store
kobergj Feb 24, 2022
534e561
Merge branch 'master' into StoreSettingsViaMetadata
kobergj Feb 24, 2022
0d4f8df
Settings: activate metadata store to see tests failing
kobergj Feb 24, 2022
297a006
add changelog
kobergj Feb 24, 2022
25191fe
Merge branch 'master' into StoreSettingsViaMetadata
kobergj Feb 24, 2022
a762e3c
make assignment unittests green
kobergj Feb 24, 2022
45c85f4
make bundle unit tests green
kobergj Feb 24, 2022
7210266
make values unit tests green
kobergj Feb 25, 2022
11a8b75
use cs3storage in metadatastorage
kobergj Feb 25, 2022
2452d01
lazy initialize metadataclient
kobergj Feb 26, 2022
588a731
delay creation of default roles
kobergj Feb 26, 2022
e23448f
return listaccounts permission when mdc is not yet set
kobergj Feb 28, 2022
4c22c07
add test for appendSetting
kobergj Feb 28, 2022
492419e
rework initialization logic
kobergj Feb 28, 2022
a873fdc
return default values when mdc is not initialized
kobergj Mar 1, 2022
7fcf6f5
implement permission unit tests
kobergj Mar 1, 2022
f642801
refine initialization logic again
kobergj Mar 1, 2022
a647f56
unitests for list values
kobergj Mar 1, 2022
c80022b
ReadSetting unit test & implementation
kobergj Mar 1, 2022
7731de9
create id for values if not given
kobergj Mar 2, 2022
fd78a66
Merge branch 'master' into StoreSettingsViaMetadata
kobergj Mar 2, 2022
62ec3cf
add new defaults
kobergj Mar 2, 2022
0d49316
downgrade reva temporarilly
kobergj Mar 2, 2022
1cde2fa
use feature reva
kobergj Mar 3, 2022
085dcd9
Merge branch 'master' into StoreSettingsViaMetadata
kobergj Mar 3, 2022
15ac5d8
make it configurable
kobergj Mar 3, 2022
ba698aa
next reva version
kobergj Mar 3, 2022
8f10226
next reva bump
kobergj Mar 3, 2022
da3fc4c
don't log fatal on startup
kobergj Mar 3, 2022
d7e48b8
Merge branch 'master' into StoreSettingsViaMetadata
kobergj Mar 4, 2022
634c69e
bump web master
kobergj Mar 4, 2022
b8aaed6
tmp: use custom web branch to uncover the error
kobergj Mar 4, 2022
2ae4959
sonarcloud suggestions
kobergj Mar 4, 2022
6ff9df9
Merge branch 'master' into StoreSettingsViaMetadata
kobergj Mar 4, 2022
fc5a67c
sonarcloud part II
kobergj Mar 4, 2022
1d98e48
add caching
kobergj Mar 5, 2022
1205d34
illustrate the problem
kobergj Mar 5, 2022
429ed2e
use different user
kobergj Mar 5, 2022
d824223
clean up
kobergj Mar 5, 2022
0af1c98
Revert "tmp: use custom web branch to uncover the error"
kobergj Mar 5, 2022
7bfeb16
use settings user
kobergj Mar 7, 2022
f4619db
make service user configurable
kobergj Mar 7, 2022
9f8e7e8
TMP: use adminuser/disable service user
kobergj Mar 7, 2022
2f55feb
Merge branch 'master' into StoreSettingsViaMetadata
kobergj Mar 7, 2022
40cfa90
rebase to edge reva
kobergj Mar 8, 2022
1a9d446
resolve conflicts
wkloucek Mar 11, 2022
2d4d90a
Merge branch 'master' into StoreSettingsViaMetadata
kobergj Mar 14, 2022
65b3c97
Merge branch 'master' into StoreSettingsViaMetadata
kobergj Mar 14, 2022
edf8452
Only add the service user to the index once (lazily)
aduffeck Mar 8, 2022
b7c934b
use service user / hardcode idp
kobergj Mar 15, 2022
d54f75d
don't store service user data in metadataservice
kobergj Mar 15, 2022
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion accounts/pkg/config/defaults/defaultconfig.go
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ func DefaultConfig() *config.Config {
},
ServiceUser: config.ServiceUser{
UUID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
Username: "",
Username: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
UID: 0,
GID: 0,
},
Expand Down
29 changes: 0 additions & 29 deletions accounts/pkg/service/v0/accounts.go
Original file line number Diff line number Diff line change
Expand Up @@ -99,33 +99,6 @@ func (s Service) hasSelfManagementPermissions(ctx context.Context) bool {
return s.RoleManager.FindPermissionByID(ctx, roleIDs, SelfManagementPermissionID) != nil
}

// serviceUserToIndex temporarily adds a service user to the index, which is supposed to be removed before the lock on the handler function is released
func (s Service) serviceUserToIndex() (teardownServiceUser func()) {
if s.Config.ServiceUser.Username != "" && s.Config.ServiceUser.UUID != "" {
_, err := s.index.Add(s.getInMemoryServiceUser())
if err != nil {
s.log.Logger.Err(err).Msg("service user was configured but failed to be added to the index")
} else {
return func() {
_ = s.index.Delete(s.getInMemoryServiceUser())
}
}
}
return func() {}
}

func (s Service) getInMemoryServiceUser() accountsmsg.Account {
return accountsmsg.Account{
AccountEnabled: true,
Id: s.Config.ServiceUser.UUID,
PreferredName: s.Config.ServiceUser.Username,
OnPremisesSamAccountName: s.Config.ServiceUser.Username,
DisplayName: s.Config.ServiceUser.Username,
UidNumber: s.Config.ServiceUser.UID,
GidNumber: s.Config.ServiceUser.GID,
}
}

// ListAccounts implements the AccountsServiceHandler interface
// the query contains account properties
func (s Service) ListAccounts(ctx context.Context, in *accountssvc.ListAccountsRequest, out *accountssvc.ListAccountsResponse) (err error) {
Expand All @@ -145,8 +118,6 @@ func (s Service) ListAccounts(ctx context.Context, in *accountssvc.ListAccountsR
}
onlySelf := hasSelf && !hasManagement

teardownServiceUser := s.serviceUserToIndex()
defer teardownServiceUser()
match, authRequest := getAuthQueryMatch(in.Query)
if authRequest {
password := match[2]
Expand Down
24 changes: 24 additions & 0 deletions accounts/pkg/service/v0/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -86,9 +86,33 @@ func New(opts ...Option) (s *Service, err error) {
if err = s.createDefaultGroups(cfg.DemoUsersAndGroups); err != nil {
return nil, err
}

s.serviceUserToIndex()
return
}

// serviceUserToIndex temporarily adds a service user to the index, which is supposed to be removed before the lock on the handler function is released
func (s Service) serviceUserToIndex() {
if s.Config.ServiceUser.Username != "" && s.Config.ServiceUser.UUID != "" {
_, err := s.index.Add(s.getInMemoryServiceUser())
if err != nil {
s.log.Logger.Err(err).Msg("service user was configured but failed to be added to the index")
}
}
}

func (s Service) getInMemoryServiceUser() accountsmsg.Account {
return accountsmsg.Account{
AccountEnabled: true,
Id: s.Config.ServiceUser.UUID,
PreferredName: s.Config.ServiceUser.Username,
OnPremisesSamAccountName: s.Config.ServiceUser.Username,
DisplayName: s.Config.ServiceUser.Username,
UidNumber: s.Config.ServiceUser.UID,
GidNumber: s.Config.ServiceUser.GID,
}
}

func (s Service) buildIndex() (*indexer.Indexer, error) {
var indexcfg *idxcfg.Config

Expand Down
5 changes: 5 additions & 0 deletions changelog/unreleased/store-settings-in-metadata-service.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
Change: settings service now stores its data via metadata service

Instead of writing files to disk it will use metadata service to do so

https://github.com/owncloud/ocis/pull/3232
1 change: 1 addition & 0 deletions ocis-pkg/roles/manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ func (m *Manager) List(ctx context.Context, roleIDs []string) []*settingsmsg.Bun
res, err := m.roleService.ListRoles(ctx, request)
if err != nil {
m.logger.Debug().Err(err).Msg("failed to fetch roles by roleIDs")
return nil
}
for _, role := range res.Bundles {
m.cache.set(role.Id, role)
Expand Down
15 changes: 14 additions & 1 deletion settings/pkg/config/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,10 @@ type Config struct {
HTTP HTTP `ocisConfig:"http"`
GRPC GRPC `ocisConfig:"grpc"`

DataPath string `ocisConfig:"data_path" env:"SETTINGS_DATA_PATH"`
StoreType string `ocisConfig:"store_type" env:"SETTINGS_STORE_TYPE"`
DataPath string `ocisConfig:"data_path" env:"SETTINGS_DATA_PATH"`
Metadata Metadata `ocisConfig:"metadata_config"`

Asset Asset `ocisConfig:"asset"`
TokenManager TokenManager `ocisConfig:"token_manager"`

Expand All @@ -30,3 +33,13 @@ type Config struct {
type Asset struct {
Path string `ocisConfig:"path" env:"SETTINGS_ASSET_PATH"`
}

// Metadata configures the metadata store to use
type Metadata struct {
GatewayAddress string `ocisConfig:"gateway_addr" env:"STORAGE_GATEWAY_GRPC_ADDR"`
StorageAddress string `ocisConfig:"storage_addr" env:"STORAGE_GRPC_ADDR"`

ServiceUserID string `ocisConfig:"service_user_id" env:"METADATA_SERVICE_USER_UUID"`
ServiceUserIDP string `ocisConfig:"service_user_idp" env:"OCIS_URL;METADATA_SERVICE_USER_IDP"`
MachineAuthAPIKey string `ocisConfig:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"`
}
12 changes: 11 additions & 1 deletion settings/pkg/config/defaults/defaultconfig.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ func FullDefaultConfig() *config.Config {
return cfg
}

// DefaultConfig returns the default config
func DefaultConfig() *config.Config {
return &config.Config{
Service: config.Service{
Expand Down Expand Up @@ -44,13 +45,22 @@ func DefaultConfig() *config.Config {
Addr: "127.0.0.1:9191",
Namespace: "com.owncloud.api",
},
DataPath: path.Join(defaults.BaseDataPath(), "settings"),
StoreType: "metadata", // use metadata or filesystem
DataPath: path.Join(defaults.BaseDataPath(), "settings"),
Asset: config.Asset{
Path: "",
},
TokenManager: config.TokenManager{
JWTSecret: "Pive-Fumkiu4",
},

Metadata: config.Metadata{
GatewayAddress: "127.0.0.1:9142",
StorageAddress: "127.0.0.1:9215",
ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
ServiceUserIDP: "https://localhost:9200",
MachineAuthAPIKey: "change-me-please",
},
}
}

Expand Down
22 changes: 16 additions & 6 deletions settings/pkg/service/v0/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,8 @@ import (
settingssvc "github.com/owncloud/ocis/protogen/gen/ocis/services/settings/v0"
"github.com/owncloud/ocis/settings/pkg/config"
"github.com/owncloud/ocis/settings/pkg/settings"
store "github.com/owncloud/ocis/settings/pkg/store/filesystem"
filestore "github.com/owncloud/ocis/settings/pkg/store/filesystem"
metastore "github.com/owncloud/ocis/settings/pkg/store/metadata"
merrors "go-micro.dev/v4/errors"
"go-micro.dev/v4/metadata"
"google.golang.org/protobuf/types/known/emptypb"
Expand All @@ -32,12 +33,21 @@ type Service struct {
// NewService returns a service implementation for Service.
func NewService(cfg *config.Config, logger log.Logger) Service {
service := Service{
id: "ocis-settings",
config: cfg,
logger: logger,
manager: store.New(cfg),
id: "ocis-settings",
config: cfg,
logger: logger,
}

switch cfg.StoreType {
default:
fallthrough
case "metadata":
service.manager = metastore.New(cfg)
case "filesystem":
service.manager = filestore.New(cfg)
// TODO: if we want to further support filesystem store it should use default permissions from store/defaults/defaults.go instead using this duplicate
service.RegisterDefaultRoles()
wkloucek marked this conversation as resolved.
Show resolved Hide resolved
}
service.RegisterDefaultRoles()
return service
}

Expand Down
Loading