New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(db/declarative): fix TTL not working in DB-less and Hybrid mode #11464
Merged
Merged
Changes from all commits
Commits
Show all changes
28 commits
Select commit
Hold shift + click to select a range
7992a9a
fix(declarative): fix TTL not working in DB-less and Hybrid mode
chobits cb0f4fc
fix coding style
chobits e3de141
fix coding style: improved function name
chobits 1f59fd9
added test case: hybrid mode for key-auth
chobits bd30b30
fix test case warnings
chobits 8bdb6b5
fixed test case consumer domain
chobits 42a7b2f
export ttl as absolute value
chobits ca979f2
delete unused defination
chobits 5799a81
move ttl-fixing logic into row_to_entity()
chobits 4344c90
still use pg to caculate relative value
chobits 2d90e5d
clean code
chobits c57d259
add changelog entry
chobits f122f06
fixed test cases
chobits 93cc9f9
fixed test cases warning
chobits 745c659
fixed test failure
chobits e3c3ea8
fix test case issue: ttl expiration
chobits cc0c81a
fix test case: unsed local variable
chobits 0125ab6
add an entry in CHANGELOG.md
chobits 7e73638
fix changelog scope
chobits 8cff12c
remove release-related information in CHANGELOG.md
chobits 40c0c22
fix test case: sleep before attempting unnecessary requests
chobits e9d22c8
fix CHANGELOG typo
chobits 2525c56
fix the tense problem of changelog entry
chobits ab19f53
add export options for "page_*_for_export" sql statement
chobits 600498a
fix warning: setting non-standard global variable
chobits 810306e
fix error reporting: options is nil
chobits f971ef7
fix an issue where the off strategy returned the expired entity
chobits 91f1294
run ttl processing before schema:process_auto_fields()
chobits File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
message: Fix an issue that the TTL of the key-auth plugin didnt work in DB-less and Hybrid mode. | ||
type: bugfix | ||
scope: Core | ||
prs: | ||
- 11464 | ||
jiras: | ||
- "FTI-4512" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,123 @@ | ||
local helpers = require "spec.helpers" | ||
|
||
for _, strategy in helpers.each_strategy({"postgres"}) do | ||
describe("Plugin: key-auth (access) [#" .. strategy .. "] auto-expiring keys", function() | ||
-- Give a bit of time to reduce test flakyness on slow setups | ||
local ttl = 10 | ||
local inserted_at | ||
local proxy_client | ||
|
||
lazy_setup(function() | ||
local bp = helpers.get_db_utils(strategy, { | ||
"routes", | ||
"services", | ||
"plugins", | ||
"consumers", | ||
"keyauth_credentials", | ||
}) | ||
|
||
local r = bp.routes:insert { | ||
hosts = { "key-ttl-hybrid.com" }, | ||
} | ||
|
||
bp.plugins:insert { | ||
name = "key-auth", | ||
route = { id = r.id }, | ||
} | ||
|
||
bp.consumers:insert { | ||
username = "Jafar", | ||
} | ||
|
||
assert(helpers.start_kong({ | ||
role = "control_plane", | ||
database = strategy, | ||
cluster_cert = "spec/fixtures/kong_clustering.crt", | ||
cluster_cert_key = "spec/fixtures/kong_clustering.key", | ||
lua_ssl_trusted_certificate = "spec/fixtures/kong_clustering.crt", | ||
cluster_listen = "127.0.0.1:9005", | ||
cluster_telemetry_listen = "127.0.0.1:9006", | ||
nginx_conf = "spec/fixtures/custom_nginx.template", | ||
})) | ||
|
||
assert(helpers.start_kong({ | ||
role = "data_plane", | ||
database = "off", | ||
prefix = "servroot2", | ||
cluster_cert = "spec/fixtures/kong_clustering.crt", | ||
cluster_cert_key = "spec/fixtures/kong_clustering.key", | ||
lua_ssl_trusted_certificate = "spec/fixtures/kong_clustering.crt", | ||
cluster_control_plane = "127.0.0.1:9005", | ||
cluster_telemetry_endpoint = "127.0.0.1:9006", | ||
proxy_listen = "0.0.0.0:9002", | ||
})) | ||
end) | ||
|
||
lazy_teardown(function() | ||
if proxy_client then | ||
proxy_client:close() | ||
end | ||
|
||
helpers.stop_kong("servroot2") | ||
helpers.stop_kong() | ||
end) | ||
|
||
it("authenticate for up to 'ttl'", function() | ||
|
||
-- add credentials after nginx has started to avoid TTL expiration | ||
local admin_client = helpers.admin_client() | ||
local res = assert(admin_client:send { | ||
method = "POST", | ||
path = "/consumers/Jafar/key-auth", | ||
headers = { | ||
["Content-Type"] = "application/json", | ||
}, | ||
body = { | ||
key = "kong", | ||
ttl = 10, | ||
}, | ||
}) | ||
assert.res_status(201, res) | ||
admin_client:close() | ||
|
||
ngx.update_time() | ||
inserted_at = ngx.now() | ||
|
||
helpers.wait_until(function() | ||
proxy_client = helpers.http_client("127.0.0.1", 9002) | ||
res = assert(proxy_client:send { | ||
method = "GET", | ||
path = "/status/200", | ||
headers = { | ||
["Host"] = "key-ttl-hybrid.com", | ||
["apikey"] = "kong", | ||
} | ||
}) | ||
|
||
proxy_client:close() | ||
return res and res.status == 200 | ||
end, 5) | ||
|
||
ngx.update_time() | ||
local elapsed = ngx.now() - inserted_at | ||
|
||
ngx.sleep(ttl - elapsed) | ||
|
||
helpers.wait_until(function() | ||
proxy_client = helpers.http_client("127.0.0.1", 9002) | ||
res = assert(proxy_client:send { | ||
method = "GET", | ||
path = "/status/200", | ||
headers = { | ||
["Host"] = "key-ttl-hybrid.com", | ||
["apikey"] = "kong", | ||
} | ||
}) | ||
|
||
proxy_client:close() | ||
return res and res.status == 401 | ||
end, 5) | ||
|
||
end) | ||
end) | ||
end |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As discussed with bungle, we have used
:each_for_export
here to export the entity with the absolute ttl while keeping original:each
unchanged.:each
will continue to give the relative.