Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mitigate against token replication lag #79

Merged
merged 4 commits into from
Apr 28, 2022
Merged

Mitigate against token replication lag #79

merged 4 commits into from
Apr 28, 2022

Conversation

pglass
Copy link

@pglass pglass commented Apr 27, 2022

Changes proposed in this PR:

Copy the consul-k8s approach for dealing with inherent token replication lag.

How I've tested this PR:

  • Unit test

How I expect reviewers to test this PR:

👀

Checklist:

  • Tests added
  • CHANGELOG entry added n/a, part of unreleased auth method changes which are already logged

@pglass pglass requested review from a team and cthain and removed request for a team April 27, 2022 22:36
cthain
cthain approved these changes Apr 27, 2022
View reviewed changes
Copy link
Contributor

@cthain cthain left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good Paul. I left a minor suggestion.. I'll leave it to you to decide whether or not to implement it.

subcommand/mesh-init/command_test.go Show resolved Hide resolved
pglass
pglass commented Apr 28, 2022
View reviewed changes
subcommand/mesh-init/command.go Outdated
newCfg.Address = c.config.ConsulHTTPAddr
newCfg.TLSConfig.CAFile = c.config.ConsulCACertFile
newCfg.TokenFile = cfg.TokenFile
newCfg.Token = cfg.Token
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't love the way I "clone" this config. I could change the function to receive a value/copy, e.g. waitForTokenReplication(cfg api.Config), so that the function receives a copy, but there are some pointer fields on the api.Config type...

Maybe a common function to construct a new config will help.

Copy link
Contributor

@cthain cthain Apr 28, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What about updating the waitForTokenReplication to just take the token file and token args?.. those are the only fields from the client config that the func uses.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I updated this. I realized it just needed the TokenFile and not the Token as well.

@pglass pglass mentioned this pull request Apr 28, 2022
Merged
2 tasks
@pglass pglass merged commit f2a70fe into main Apr 28, 2022
@pglass pglass deleted the pglass/mitigate-token-replication branch April 28, 2022 19:19
@mikemorris mikemorris mentioned this pull request Oct 4, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cthain cthain cthain approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@pglass @cthain