fix(gs-cache): cleanup cache usage, don't try to save key_db_entry no… #1037
Conversation
…w that we already have expiration
|
The style in this PR agrees with This formatting comment was generated automatically by a script in uc-cdis/wool. |
Pull Request Test Coverage Report for Build 12795
💛 - Coveralls |
fence/blueprints/data/indexd.py
Outdated
| key_db_entry.expires, | ||
| ) | ||
|
|
||
| db_entry = {} | ||
| db_entry["gcp_proxy_group_id"] = proxy_group_id | ||
| db_entry["gcp_private_key"] = json.dumps(str(private_key)) | ||
| db_entry["gcp_key_db_entry"] = str(key_db_entry) | ||
| db_entry["gcp_private_key"] = str(private_key) |
There was a problem hiding this comment.
why don't we just json.dumps this and then json.loads should work without the need to do that string manipulation?
>>> import json
>>> test = {"foo": "bar"}
>>> db_entry = json.dumps(test)
>>> db_entry
'{"foo": "bar"}'
>>> json.loads(db_entry)
{'foo': 'bar'}
There was a problem hiding this comment.
okay yes, done. Tested it out and its working
fence/blueprints/data/indexd.py
Outdated
| json.loads(cache.gcp_key_db_entry), | ||
| cache.expires_at, | ||
| private_key = json.loads( | ||
| str(cache.gcp_private_key).replace("'", '"') |
There was a problem hiding this comment.
I'm not sure I understand why this is necessary now. See next comment
| keydbentry = UserGoogleAccountToProxyGroup() | ||
| keydbentry.expires = 10 | ||
| google_object._assume_role_cache_gs = {"1": ("key", keydbentry, 10)} | ||
| google_object._assume_role_cache_gs = {"1": ("key", 10)} |
There was a problem hiding this comment.
we could probably add some more unit tests here to regression test this? What do you think , I'm not sure we have to have integration tests
| ): | ||
| indexed_file = IndexedFile(file_id="some id") | ||
| google_object = GoogleStorageIndexedFileLocation("gs://some/location") | ||
| google_object._assume_role_cache_gs = {"1": ("key", 10)} |
There was a problem hiding this comment.
maybe we should use a dictionary as the key to better simulate the real world data (and hopefully catch any issues with the JSON parsing)
tests/data/test_indexed_file.py
Outdated
| google_object = GoogleStorageIndexedFileLocation("gs://some/location") | ||
| google_object._assume_role_cache_gs = {"1": ("key", 10)} | ||
|
|
||
| assert google_object._assume_role_cache_gs |
There was a problem hiding this comment.
this isn't really necessary, b/c you set it in the test, we're not really asserting behavior of the unit under test
tests/data/test_indexed_file.py
Outdated
| after_cache = db_session.query(AssumeRoleCacheGCP).first() | ||
|
|
||
| assert after_cache | ||
| assert before_cache != after_cache |
There was a problem hiding this comment.
Why do we expect these to be different? Also I think we should test the actual contents of the cache, make sure it's a dictionary or JSON (whatever we actually expect in the code)
tests/data/test_indexed_file.py
Outdated
| create presigned url again | ||
| make sure cache is set correctly | ||
| """ | ||
| # db_session.add( |
There was a problem hiding this comment.
should this be commented out?
tests/data/test_indexed_file.py
Outdated
|
|
||
| assert after_cache | ||
| assert ( | ||
| str(type(after_cache)) |
There was a problem hiding this comment.
I'm not sure this assert is worth having. The important thing is that we can json load properly, this type check seems unecessary
tests/data/test_indexed_file.py
Outdated
| ) | ||
| # check if json loads can properly parse json string stored in cache | ||
| assert ( | ||
| str(type(json.loads(after_cache.gcp_private_key))) |
There was a problem hiding this comment.
I don't think we need this type check either. The assert below will make sure the json.loads works and creates a comparable object to the mock we provided. So I'd remove this line
tests/data/test_indexed_file.py
Outdated
| assert json.loads(after_cache.gcp_private_key) == sa_private_key | ||
|
|
||
| db_session.delete(after_cache) | ||
| cleared_cache = db_session.query(AssumeRoleCacheGCP).first() |
There was a problem hiding this comment.
This isn't the regression test we want, it's not bad to keep this too, but the test we need is:
- Generate url
- Simulate pod rolling (e.g. the in memory cache being cleared, not the database one)
- Generate url, ensure new in memory cache has valid info from the db
tests/data/test_indexed_file.py
Outdated
|
|
||
| assert redo_cache | ||
| assert ( | ||
| str(type(redo_cache)) == "<class 'fence.models.AssumeRoleCacheGCP'>" |
There was a problem hiding this comment.
see comments from above. I think we should remove all these type checks and only leave the json.loads assert. And we may want to do something like this to capture the failure correction:
try:
assert json.loads(redo_cache.gcp_private_key) == sa_private_key
except Exception:
pytest.fail("Could not json.loads(cache)")
tests/data/test_indexed_file.py
Outdated
| r_pays_project=None, | ||
| ) | ||
|
|
||
| try: |
There was a problem hiding this comment.
you only need the try catch around the json.loads
There was a problem hiding this comment.
or I guess this makes sense, in case it never got added into the cache. But I'd just assert that explicitly. The only reason for this pattern was b/c the json.loads itself can fail in the test
There was a problem hiding this comment.
so here you can just
assert "1" in google_object._assume_role_cache_gs
assert len(google_object._assume_role_cache_gs["1"]) > 1
assert google_object._assume_role_cache_gs["1"][0] == sa_private_key
There was a problem hiding this comment.
and remove the try/except
There was a problem hiding this comment.
Oh, saw these comments after i had added the try-catch for the json.loads. Should i still do this? My reasoning was, whatever is stored in the database should be json.loads-able. Which would be assert google_object._assume_role_cache_gs["1"][0] == sa_private_key
I suppose that would be cleaner to do. Okay, convinced writing this commend that I shoukd just do those asserts.
New Features
Breaking Changes
Bug Fixes
Improvements
Dependency updates
Deployment changes