Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add bounds on number of elements in api/v1/log/entries/retrieve #1011

Merged
merged 3 commits into from
Aug 29, 2022

Conversation

priyawadhwa
Copy link
Contributor

@priyawadhwa priyawadhwa commented Aug 29, 2022

Currently set the limit to 10 entries, we can increase it if users request it.

It's difficult to know how much this will affect users. Based on parsing Rekor logs in the last 1 week, there are 290 requests to this endpoint that took >1s, which I'm assuming was requesting more than 10 entries (but could also just be related to something else). A lot of these logs are manual testing @var-sdk and I were doing, and there aren't any logs on the weekend. If anyone has suggestions on how to roll this out I'm happy to make changes.

closes #901

logs query

Signed-off-by: Priya Wadhwa priya@chainguard.dev

cc @var-sdk

Currently set the limit to 10 entries, we can increase it if users request it.

Signed-off-by: Priya Wadhwa <priya@chainguard.dev>
@priyawadhwa priyawadhwa requested a review from a team as a code owner August 29, 2022 15:39
@bobcallaway
Copy link
Member

can you also add the limit to the various fields in openapi.yaml?

@priyawadhwa
Copy link
Contributor Author

can you also add the limit to the various fields in openapi.yaml?

yup, added!

openapi.yaml Outdated Show resolved Hide resolved
@codecov-commenter
Copy link

codecov-commenter commented Aug 29, 2022

Codecov Report

Merging #1011 (14651f8) into main (568e31a) will increase coverage by 0.04%.
The diff coverage is 0.00%.

@@            Coverage Diff             @@
##             main    #1011      +/-   ##
==========================================
+ Coverage   41.41%   41.45%   +0.04%     
==========================================
  Files          70       70              
  Lines        6863     6867       +4     
==========================================
+ Hits         2842     2847       +5     
  Misses       3724     3724              
+ Partials      297      296       -1     
Impacted Files Coverage Δ
pkg/api/entries.go 0.00% <0.00%> (ø)
pkg/api/error.go 0.00% <ø> (ø)
pkg/types/rekord/v0.0.1/entry.go 48.68% <0.00%> (+0.65%) ⬆️
pkg/types/alpine/v0.0.1/entry.go 54.87% <0.00%> (+1.21%) ⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@priyawadhwa priyawadhwa force-pushed the bounds branch 2 times, most recently from 28a4447 to d0f528d Compare August 29, 2022 16:23
Signed-off-by: Priya Wadhwa <priya@chainguard.dev>
bobcallaway
bobcallaway previously approved these changes Aug 29, 2022
Copy link
Member

@bobcallaway bobcallaway left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@var-sdk
Copy link

var-sdk commented Aug 29, 2022

For rollout there are options:

  1. Roll it out as dark-launch with no enforcement and add a metric to count occurrences where a caller would be hit by the limit. Turn on enforcement after gathering data for some bake period that demonstrates no "real" usage that would be broken.
  2. Roll it out under a flag so the limit can be adjusted or killswitched if this causes problems for users.
  3. Roll it out as is and potentially break customers. We're pre-GA so no guarantees on API stability yet.

Post GA we will need to be following some combination of 1&2 for any breaking or risky change.

@priyawadhwa
Copy link
Contributor Author

I'm open to 2 or 3 for this change. @bobcallaway or @var-sdk, any preferences?

@dlorenc
Copy link
Member

dlorenc commented Aug 29, 2022

I think a notification period (email and slack), wait a few days, then roll it out with a potential breakage would be fine.

Signed-off-by: Priya Wadhwa <priya@chainguard.dev>
@priyawadhwa
Copy link
Contributor Author

SGTM. Had to fix a merge conflict, if someone could LGTM this :)

@priyawadhwa priyawadhwa merged commit ae429bb into sigstore:main Aug 29, 2022
@priyawadhwa priyawadhwa deleted the bounds branch August 29, 2022 19:55
@github-actions github-actions bot added this to the v1.0.0 milestone Aug 29, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add bounds on number of elements in api/v1/log/entries/retrieve.
5 participants