Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Don't connect to ldap on startup #6565

Merged
merged 1 commit into from
Jun 21, 2023
Merged

Conversation

kobergj
Copy link
Collaborator

@kobergj kobergj commented Jun 20, 2023

Reducing log level of the ldap connect error messages to debug. Corresponding reva code already logs on debug. See here: https://github.com/cs3org/reva/blob/edge/pkg/utils/ldap/reconnect.go#L206

We removed the call to connect to ldap instead. It will connect on the first request now. This should remove the misleading error messages on startup

Fixes #4520

Copy link
Contributor

@rhafer rhafer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd prefer to not merge it this way. It will hide real errors in the end and makes debugging hard.

@@ -207,7 +207,7 @@ func (c ConnWithReconnect) GetConnection() (*ldap.Conn, error) {
func (c ConnWithReconnect) ldapAutoConnect(config Config) {
l, err := c.ldapConnect(config)
if err != nil {
c.logger.Error().Err(err).Msg("autoconnect could not get ldap Connection")
c.logger.Debug().Err(err).Msg("autoconnect could not get ldap Connection")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I rather not merge this. As this will make it really hard to debug when there a real connection issues to the server.

A simple fix might be to actually just delay the initial connection until the first request is send (by the the IDM service should be up). Without having tried it, I think it might be enough to just remove the c.ldapConnect() call on line 208. Then the first call to any of the LDAP methods should trigger a new connection.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The same code also lives again in reva. There the Logging calls are already reduced to Debug should we change that too then?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There the Logging calls are already reduced to Debug should we change that too then?

Yeah, I think so.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking at the code I think you are right. I changed the code accordingly.

Do you have any idea how to test this? (Except from assuming it's fixed)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If the test suite succeeds it is already a very good indication that the delay of the initial connection doesn't break anything.

To check if the error message does no longer appear at startup. You could e.g. point the graph service to a non existing LDAP server. The error will now only be displayed once the graph service needs to access the LDAP server (e.g. during first login)

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Can reproduce expected behaviour when running with not existent LDAP_URI

Copy link
Contributor

@rhafer rhafer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me. You should update the changelog message though.

@kobergj kobergj force-pushed the RemoveLDAPErrorLog branch from 88fada3 to eb9d2bc Compare June 21, 2023 09:53
@kobergj kobergj requested a review from rhafer June 21, 2023 09:55
@kobergj kobergj changed the title Remove LDAP error log Don't connect to ldap on startup Jun 21, 2023
@ownclouders
Copy link
Contributor

💥 Acceptance test localApiTests-apiAntivirus-ocis failed. Further test are cancelled...

@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

0.0% 0.0% Coverage
0.0% 0.0% Duplication

@kobergj kobergj merged commit 3446256 into owncloud:master Jun 21, 2023
@kobergj kobergj deleted the RemoveLDAPErrorLog branch June 21, 2023 12:18
ownclouders pushed a commit that referenced this pull request Jun 21, 2023
@micbar micbar mentioned this pull request Jul 24, 2023
68 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Missleading LDAP connection error at startup
3 participants