-
Notifications
You must be signed in to change notification settings - Fork 344
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
refactor: persistence table structure #638
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So how would a migration from the old model to the new model look like? Given that we need that in prod and stage
internal/persistence/sql/migrations/templates/20210623162417_relationtuple.up.sql
Outdated
Show resolved
Hide resolved
internal/persistence/sql/migrations/sql/20210623162416000000_networks.postgres.up.sql
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I found a few things:
- Files
20201110175414_relationtuple
do not follow the new strategy. I think appending trailing0
should be enough. - Missing index for
DELETE FROM keto_relation_tuples WHERE nid = ? AND namespace_id = ? AND object = ? AND relation = ? AND subject_id = ?
- Missing index for
DELETE FROM keto_relation_tuples WHERE nid = ? AND namespace_id = ? AND object = ? AND relation = ? AND subject_set_namespace_id = ? AND subject_set_object = ? AND subject_set_relation = ?
- Missing index for
GetRelationTuples()
And a few more questions:
- What is the difference between
RelationQuery
andInternalRelationTuple
?
Also we do not have network isolation tests yet. Do you want to include that in this PR or in another one?
internal/persistence/sql/migrations/templates/20210623162417_relationtuple.mysql.up.sql
Show resolved
Hide resolved
internal/persistence/sql/migrations/templates/20210623162417_relationtuple.mysql.up.sql
Show resolved
Hide resolved
I can't change the migration ID for already applied migrations right? That would break existing installations as far as I can tell.
Absolutely correct, but I would have to index everything in various orders to match all cases. Depending on the application needs you have different queries. That was the whole point of why we had tables per namespace until now, so that we could add indexes matching the application needs, and not having to index everything. IMO we should right now have some slow queries whenever the indexes are not there, but add the ones required for TL;DR I will add indexes required for the
The swagger annotations and receiver functions. |
Ah, I missed that the files were moved, not created.
SGTM |
// same registry, but different persisters only differing in the network ID | ||
relationtuple.IsolationTest(t, p0, p1, addNamespace(r, nspaces)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@aeneasr this is where we call the isolation test
We have the same registry and therefore same DB connection, but initialize the persisters with different network IDs.
# Conflicts: # docs/docs/CHANGELOG.md
@@ -0,0 +1,87 @@ | |||
package sql |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This file contains everything relevant for the mapping between the serial namespace ID and the UUID stored in the database.
Because it is expected to have few namespaces that are used all the time, I added a ristretto cache for that mapping.
p.l.WithError(err).Error("Unable to ping the database connection, retrying.") | ||
return errors.WithStack(err) | ||
} | ||
func (p *Persister) CreateWithNetwork(ctx context.Context, v interface{}) error { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wow this diff is super messy... Please especially look into this function here, and whether it is a good approach. IMO this is a valid use-case for reflect
, but we should think about that.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So generally this looks pretty smart. Personally I feel that reflection should not belong into strict enforcement code of things that do isolation. Since we have panics here, it kind of feels ok though!
internal/persistence/sql/migrations/templates/20210623162417_relationtuple.mysql.up.sql
Outdated
Show resolved
Hide resolved
internal/persistence/sql/migrations/templates/20210623162417_relationtuple.up.sql
Outdated
Show resolved
Hide resolved
internal/persistence/sql/migrations/templates/20210623162418_namespace_id.up.fizz
Outdated
Show resolved
Hide resolved
# Conflicts: # go.mod # go.sum
internal/persistence/sql/migrations/sql/20210623162417000000_relationtuple.cockroach.up.sql
Show resolved
Hide resolved
This change adds a migration path from Keto version v0.6.x to the new persistence structure introduced by #638. Every namespace has to be migrated separately, or you can use the CLI to detect and migrate all namespaces at once. Have a look at `keto help namespace migrate legacy` for all details. **Please make sure that you backup the database before running the migration command**. Please note that this migration might be a bit slower than usual, as we have to pull the data from the database, transcode it in Keto, and then write it to the new table structure. Versions of Keto >v0.7 will not include this migration script, so you will first have to migrate to v0.7 and move on from there.
Related issue
closes #613
closes #448
closes #665
Proposed changes
As outlined in #613 we now have one table for all relation tuples:
Checklist
contributing code guidelines.
vulnerability. If this pull request addresses a security. vulnerability, I
confirm that I got green light (please contact
[email protected]) from the maintainers to push
the changes.
works.
Further comments
Outstanding are still
#628
#618
but those will be separate PRs.