*: avoid notify privilege update for all users #57042
Conversation
ti-chi-bot
bot
added
release-note-none
|
Hi @tiancaiamao. Thanks for your PR. PRs from untrusted users cannot be marked as trusted with I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #57042 +/- ##
================================================
+ Coverage 72.9672% 74.9233% +1.9561%
================================================
Files 1662 1717 +55
Lines 458718 479730 +21012
================================================
+ Hits 334714 359430 +24716
+ Misses 103425 98000 -5425
- Partials 20579 22300 +1721
Flags with carried forward coverage won't be shown. Click here to find out more.
|
ti-chi-bot
bot
added
size/XL
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/retest |
|
@tiancaiamao: Cannot trigger testing until a trusted user reviews the PR and leaves an In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/test check-dev2 |
|
@tiancaiamao: Cannot trigger testing until a trusted user reviews the PR and leaves an In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/test pull-br-integration-test |
|
@tiancaiamao: Cannot trigger testing until a trusted user reviews the PR and leaves an In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
tiancaiamao
requested review from
lance6716,
Defined2014,
Rustin170506 and
D3Hunter
and removed request for
lance6716 and
Defined2014
|
/retest |
|
@tiancaiamao: Cannot trigger testing until a trusted user reviews the PR and leaves an In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/test unit-test |
|
@tiancaiamao: Cannot trigger testing until a trusted user reviews the PR and leaves an In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
| @@ -200,7 +200,7 @@ func (rc *SnapClient) afterSystemTablesReplaced(ctx context.Context, db string, | |||
| var err error | |||
| for _, table := range tables { | |||
| if table == "user" { | |||
| if serr := rc.dom.NotifyUpdatePrivilege(); serr != nil { | |||
| if serr := rc.dom.NotifyUpdatePrivilege(nil); serr != nil { | |||
There was a problem hiding this comment.
What does NotifyUpdatePrivilege actually do when input an empty user list?
| ok := true | ||
| select { | ||
| case <-do.exit: | ||
| return | ||
| case _, ok = <-watchCh: | ||
| case resp, ok = <-watchCh: | ||
| if ok { |
There was a problem hiding this comment.
Though it is not introduced in this PR, do we need to handle the ok == false here? If the watchCh closed unexpectedly for some reason, this loop would run frequent.
There was a problem hiding this comment.
Just like this issue #49273
| func (h *Handle) Update() error { | ||
| var priv MySQLPrivilege | ||
| err := priv.LoadAll(h.sctx) | ||
| func (h *Handle) Update(userList []string) error { |
There was a problem hiding this comment.
please split into UpdateAll and Update, a nil userList []string is not a clear parameter to mean we want to update all, it's more common to mean we want to update nothing
| func encodeUserList(userList []string) string { | ||
| // use base64 encoding for the user and use ',' to separate them. | ||
| // Because the user name itself may contains special char like ',' | ||
| encoded := make([]string, 0, len(userList)) | ||
| for _, user := range userList { | ||
| encoded = append(encoded, base64.StdEncoding.EncodeToString([]byte(user))) | ||
| } | ||
| return strings.Join(encoded, ",") | ||
| } | ||
|
|
||
| func decodeUserList(userList []string, val string) []string { | ||
| users := strings.Split(val, ",") | ||
| for _, userRaw := range users { | ||
| user, err := base64.StdEncoding.DecodeString(userRaw) | ||
| if err == nil { | ||
| userList = append(userList, string(user)) | ||
| } | ||
| } | ||
| return userList | ||
| } |
There was a problem hiding this comment.
please use a json as the value of the etcd key, easy to en/decode and extend
also what's the size of the list, etcd is not fit to store large data, max 1.5m by default
What problem does this PR solve?
Issue Number: ref #55563
Problem Summary:
In the previous commit, I have maintained the active user lists, this commit intend to fix the notify part.
When privilege change, just notify the changed users and update data for them, instead of all the users.
What changed and how does it work?
The code changes including:
Check List
Tests
Unit test
Integration test
Manual test (add detailed scripts or steps below)
No need to test
Side effects
Documentation
Release note
Please refer to Release Notes Language Style Guide to write a quality release note.