improve: split updates destination from list grants

So that we can block on list grants
infrahq · Oct 4, 2022 · a17c3da · a17c3da
1 parent 9c44ce9
commit a17c3da
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 8 deletions.
diff --git a/internal/connector/connector.go b/internal/connector/connector.go
@@ -208,7 +208,19 @@ func Run(ctx context.Context, options Options) error {
 			}
 			wait(ctx, 30*time.Second)
 			if err := ctx.Err(); err != nil {
-				return nil
+				return err
+			}
+		}
+	})
+	group.Go(func() error {
+		for {
+			if err := syncDestination(con); err != nil {
+				logging.Errorf("failed to update destination in infra: %v", err)
+			}
+			// TODO: should this exit after the first successful update?
+			wait(ctx, 30*time.Second)
+			if err := ctx.Err(); err != nil {
+				return err
 			}
 		}
 	})
@@ -294,7 +306,11 @@ func Run(ctx context.Context, options Options) error {
 	}
 
 	// wait for goroutines to shutdown
-	return group.Wait()
+	err = group.Wait()
+	if errors.Is(err, context.Canceled) {
+		return nil
+	}
+	return err
 }
 
 func httpTransportFromOptions(opts ServerOptions) *http.Transport {
@@ -400,11 +416,6 @@ func getEndpointHostPort(k8s *kubernetes.Kubernetes, opts Options) (types.HostPo
 }
 
 func syncWithServer(con connector) error {
-	if err := syncDestination(con); err != nil {
-		logging.Errorf("failed to update destination in infra: %v", err)
-		return nil
-	}
-
 	grants, err := con.client.ListGrants(api.ListGrantsRequest{Resource: con.destination.Name})
 	if err != nil {
 		logging.Errorf("error listing grants: %v", err)

diff --git a/internal/server/destinations.go b/internal/server/destinations.go
@@ -2,6 +2,7 @@ package server
 
 import (
 	"fmt"
+	"time"
 
 	"github.com/gin-gonic/gin"
 
@@ -44,6 +45,12 @@ func (a *API) CreateDestination(c *gin.Context, r *api.CreateDestinationRequest)
 		Version:       r.Version,
 	}
 
+	// set LastSeenAt if this request came from a connector. The middleware
+	// can't do this update in the case where the destination did not exist yet
+	if c.Request.Header.Get(headerInfraDestination) == r.UniqueID {
+		destination.LastSeenAt = time.Now()
+	}
+
 	err := access.CreateDestination(c, destination)
 	if err != nil {
 		return nil, fmt.Errorf("create destination: %w", err)

diff --git a/internal/server/middleware.go b/internal/server/middleware.go
@@ -114,7 +114,7 @@ func authenticateRequest(c *gin.Context, route routeSettings, srv *Server) (acce
 	}
 
 	if authned.User != nil {
-		if uniqueID := c.Request.Header.Get("Infra-Destination"); uniqueID != "" {
+		if uniqueID := c.Request.Header.Get(headerInfraDestination); uniqueID != "" {
 			tx = tx.WithOrgID(authned.Organization.ID)
 			rCtx := access.RequestContext{DBTxn: tx, Authenticated: authned}
 			if err := handleInfraDestinationHeader(rCtx, uniqueID); err != nil {
@@ -127,6 +127,8 @@ func authenticateRequest(c *gin.Context, route routeSettings, srv *Server) (acce
 	return authned, err
 }
 
+const headerInfraDestination = "Infra-Destination"
+
 // validateOrgMatchesRequest checks that if both the accessKeyOrg and the org
 // from the request are set they have the same ID. If only one is set no
 // error is returned.