-
Notifications
You must be signed in to change notification settings - Fork 156
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Write the "whole schema" version after successful update and check that version in $healthcheck #2756
Comments
team discussion: we should set the overall schema version in a new table in the data schema (not FHIR_ADMIN). this way it will have similar security characteristics as the other tables. suggestion: do an initial implementation, gather feedback from team, then finish |
A new table SCHEMA_VERSIONS is created in each data schema (not the FHIR_ADMIN schema). The version is checked before updates are applied, allowing those updates to be skipped if the schema is already at the latest version (this short-circuits code and makes the step much lighter-weight.
The RECORD_ID is a simple mechanism to make it easier to keep only one row in the table. In addition #2751 handles locking (via a lease mechanism) to ensure that only one schema update can be applied concurrently, making it much more cluster-friendly. |
I built new versions of the ibm-fhir-server and ibm-fhir-schematool images and then executed a The schematool ran for about 2 minutes. During this time, the healthcheck of the old pods continued to return 200 OK and they remained healthy. The fhir server logs now contain messages like the following:
Looks good. |
Is your feature request related to a problem? Please describe.
Currently, we write the version of each schema object to FHIR_ADMIN.VERSION_HISTORY.
However, we don't have a good way to check the overall version of the schema.
Describe the solution you'd like
After a successful schema migration, we should write the overall schema version (as according to the FhirSchemaVersion enum).
In our healthcheck operation, instead of just checking for a valid connection to the database, it would be great to also check that the schema version. However, this would require the db user thats being used by the server to both:
Optionally, before we attempt a schema migration, we should check to see if its already at the desired version. If so, we can skip the update-schema. However, if we implement this option I think we should have a flag that forces the migration anyway "just in case".
Describe alternatives you've considered
I was thinking we could use the
max
of the existing objects as a stand-in, but because schema upgrades use multiple transactions, we'd think that we're on the latest version before it actually completes.Acceptance Criteria
AND [another precondition]
WHEN [test step]
AND [test step]
THEN [verification step]
AND [verification step]
Additional context
#2751 is similar but broader in that it also aims to protect from concurrent update requests.
The healthcheck update would be particularly handy for preventing a server from becoming "ready" until the corresponding schema update has successfully completed. See
Alvearie/alvearie-helm#28 (comment) for more info.
The text was updated successfully, but these errors were encountered: