Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

reload db-credentials-file upon SIGHUP #4514

Merged
merged 3 commits into from
Jan 15, 2019
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 18 additions & 1 deletion go/vt/dbconfigs/credentials.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,10 @@ import (
"errors"
"flag"
"io/ioutil"
"os"
"os/signal"
"sync"
"syscall"

"vitess.io/vitess/go/mysql"
"vitess.io/vitess/go/vt/log"
Expand All @@ -37,7 +40,7 @@ var (
dbCredentialsServer = flag.String("db-credentials-server", "file", "db credentials server type (use 'file' for the file implementation)")

// 'file' implementation flags
dbCredentialsFile = flag.String("db-credentials-file", "", "db credentials file")
dbCredentialsFile = flag.String("db-credentials-file", "", "db credentials file; send SIGHUP to reload this file")

// ErrUnknownUser is returned by credential server when the
// user doesn't exist
Expand Down Expand Up @@ -126,4 +129,18 @@ func WithCredentials(cp *mysql.ConnParams) (*mysql.ConnParams, error) {

func init() {
AllCredentialsServers["file"] = &FileCredentialsServer{}

sigChan := make(chan os.Signal, 1)
signal.Notify(sigChan, syscall.SIGHUP)
go func() {
for {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use for _ = range sigChan {

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

gofmt changed that to for range sigChan

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

and i made the same change the two other places i saw the bare for

<-sigChan
fcs, ok := AllCredentialsServers["file"].(*FileCredentialsServer)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Inline this with if fcs...; ok {

if ok {
fcs.mu.Lock()
fcs.dbCredentials = nil
fcs.mu.Unlock()
}
}
}()
}
49 changes: 49 additions & 0 deletions go/vt/dbconfigs/dbconfigs_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,13 @@ limitations under the License.
package dbconfigs

import (
"fmt"
"io/ioutil"
"os"
"reflect"
"syscall"
"testing"
"time"

"vitess.io/vitess/go/mysql"
)
Expand Down Expand Up @@ -217,3 +222,47 @@ func TestCopy(t *testing.T) {
t.Errorf("DBConfig: %v, want %v", got, want)
}
}

func TestCredentialsFileHUP(t *testing.T) {
tmpFile, err := ioutil.TempFile("", "credentials.json")
if err != nil {
t.Fatalf("couldn't create temp file: %v", err)
}
defer os.Remove(tmpFile.Name())
*dbCredentialsFile = tmpFile.Name()
*dbCredentialsServer = "file"
oldStr := "str1"
jsonConfig := fmt.Sprintf("{\"%s\": [\"%s\"]}", oldStr, oldStr)
if err := ioutil.WriteFile(tmpFile.Name(), []byte(jsonConfig), 0600); err != nil {
t.Fatalf("couldn't write temp file: %v", err)
}
cs := GetCredentialsServer()
_, pass, err := cs.GetUserAndPassword(oldStr)
if pass != oldStr {
t.Fatalf("%s's Password should still be '%s'", oldStr, oldStr)
}
hupTest(t, tmpFile, oldStr, "str2")
hupTest(t, tmpFile, "str2", "str3") // still handling the signal
}

func hupTest(t *testing.T, tmpFile *os.File, oldStr, newStr string) {
cs := GetCredentialsServer()
jsonConfig := fmt.Sprintf("{\"%s\": [\"%s\"]}", newStr, newStr)
if err := ioutil.WriteFile(tmpFile.Name(), []byte(jsonConfig), 0600); err != nil {
t.Fatalf("couldn't overwrite temp file: %v", err)
}
_, pass, err := cs.GetUserAndPassword(oldStr)
if pass != oldStr {
t.Fatalf("%s's Password should still be '%s'", oldStr, oldStr)
}
syscall.Kill(syscall.Getpid(), syscall.SIGHUP)
time.Sleep(100 * time.Millisecond) // wait for signal handler
_, pass, err = cs.GetUserAndPassword(oldStr)
if err != ErrUnknownUser {
t.Fatalf("Should not have old %s after config reload", oldStr)
}
_, pass, err = cs.GetUserAndPassword(newStr)
if pass != newStr {
t.Fatalf("%s's Password should be '%s'", newStr, newStr)
}
}