Reload authenticated-emails-file upon update #89
Conversation
|
Also:
Wish I'd read these issues before, but nice to see my findings corroborated. :-) |
|
So I found a couple small tweaks needed to be made for Windows 8.1 and pushed a new commit. Also, tests would fail occasionally on Arch Linux; it seems that a After these small tweaks, everything works out on Windows 8.1, Ubuntu 12.04, Ubuntu 14.04, FreeBSD 10.1, FreeBSD 9.3, Debian Squeeze (though I had to change the fsnotify import to use github.com instead of gopkg.in), and Arch Linux. |
|
Oh, and OS X 10.10.3, since that's what I normally develop on. |
|
Just added What's better is that the |
|
I haven't looked through this closely yet, but at a quick glance this looks great! ⭐ Can you add the new dependency on |
|
Done! BTW, I'm now so intrigued by fsnotify that I forked the repo and am considering coming up with a generic file watcher utility based on |
|
👍 squash down these commits? |
This change extracts the UserMap class from NewValidator() so that its LoadAuthenticatedEmailsFile() method can be called concurrently. This method is called by a goroutine containing a fsnotify.Watcher watching the authenticated emails file. Watching isn't forever aborted when the authenticated emails file disappears. The goroutine will call os.Stat() up to twenty times a second if the file is persistently missing, but that's the pathological case, not the common one. The common case is that some editors (including Vim) will perform a rename-and-replace when updating a file, triggering fsnotify.Rename events, and the file will temporarily disappear. This watcher goroutine handles that case. Also, on some platforms (notably Arch Linux), a remove will be preceded by a fsnotify.Chmod, causing a race between the upcoming fsnotify.Remove and the call to UserMap.LoadAuthenticatedEmailsFile(). Hence, we treat fsnotify.Chmod the same as fsnotify.Remove and fsnotify.Rename. There's no significant penalty to re-adding a file to the watcher. Also contains the following small changes from the summary of commits below: - Minor optimization of email domain search - Fixed api_test.go on Windows - Add deferred File.Close() calls where needed - Log error and return if emails file doesn't parse These are the original commits from bitly#89 squashed into this one: 0c6f2b6 Refactor validator_test to prepare for more tests e0c792b Add more test cases to validator_test a9a9d93 Minor optimization of email domain search b763ea5 Extract LoadAuthenticatedEmailsFile() 8cdaf7f Introduce synchronized UserMap type 1b84eef Add UserMap methods, locking af15dcf Reload authenticated-emails-file upon update 6d95548 Make UserMap operations lock-free Per: - http://stackoverflow.com/questions/21447463/is-assigning-a-pointer-atomic-in-golang - https://groups.google.com/forum/#!msg/golang-nuts/ueSvaEKgyLY/ZW_74IC4PekJ 75755d5 Fix tests on Windows d0eab2e Ignore email file watcher Chmod events 0b9798b Fix watcher on Ubuntu 12.04 3a8251a WaitForReplacement() to retry emails file watch a57fd29 Add deferred File.Close() calls where needed Because correctness: Don't leak file handles anywhere, and prepare for future panics and early returns. 52ed3fd Log error and return if emails file doesn't parse 40100d4 Add gopkg.in/fsnotify.v1 dependency to Godeps file
|
Done! |
|
Hmm, seems there's still a slight bit of a race in the fsnotify.Chmod case. Lemme see... |
This change extracts the UserMap class from NewValidator() so that its LoadAuthenticatedEmailsFile() method can be called concurrently. This method is called by a goroutine containing a fsnotify.Watcher watching the authenticated emails file. Watching isn't forever aborted when the authenticated emails file disappears. The goroutine will call os.Stat() up to twenty times a second if the file is persistently missing, but that's the pathological case, not the common one. The common case is that some editors (including Vim) will perform a rename-and-replace when updating a file, triggering fsnotify.Rename events, and the file will temporarily disappear. This watcher goroutine handles that case. Also, on some platforms (notably Arch Linux), a remove will be preceded by a fsnotify.Chmod, causing a race between the upcoming fsnotify.Remove and the call to UserMap.LoadAuthenticatedEmailsFile(). Hence, we treat fsnotify.Chmod the same as fsnotify.Remove and fsnotify.Rename. There's no significant penalty to re-adding a file to the watcher. Also contains the following small changes from the summary of commits below: - Minor optimization of email domain search - Fixed api_test.go on Windows - Add deferred File.Close() calls where needed - Log error and return if emails file doesn't parse These are the original commits from bitly#89 squashed into this one: 0c6f2b6 Refactor validator_test to prepare for more tests e0c792b Add more test cases to validator_test a9a9d93 Minor optimization of email domain search b763ea5 Extract LoadAuthenticatedEmailsFile() 8cdaf7f Introduce synchronized UserMap type 1b84eef Add UserMap methods, locking af15dcf Reload authenticated-emails-file upon update 6d95548 Make UserMap operations lock-free Per: - http://stackoverflow.com/questions/21447463/is-assigning-a-pointer-atomic-in-golang - https://groups.google.com/forum/#!msg/golang-nuts/ueSvaEKgyLY/ZW_74IC4PekJ 75755d5 Fix tests on Windows d0eab2e Ignore email file watcher Chmod events 0b9798b Fix watcher on Ubuntu 12.04 3a8251a WaitForReplacement() to retry emails file watch a57fd29 Add deferred File.Close() calls where needed Because correctness: Don't leak file handles anywhere, and prepare for future panics and early returns. 52ed3fd Log error and return if emails file doesn't parse 40100d4 Add gopkg.in/fsnotify.v1 dependency to Godeps file 17dfbbc Avoid a race when Remove is preceded by Chmod
|
Looks like that did the trick! :-) |
Reload authenticated-emails-file upon update
Now that we're running an instance with bitly/oauth2_proxy#89 integrated, this is no longer necessary.
Closes #41.
The tricky part here is that sometimes popping the file open in an editor and writing to it results not in a direct write, but in some kind of remove and/or rename operation. (At least, that's how Vim appears to roll.) I've confirmed that this works on our running instance, regardless of whether the file is updated in a text editor or, in our case, regenerated via Jekyll (which, oddly, results in a write event, not a remove/rename). Will test out on various Linux flavors and Windows 8.1 a little later today.
cc: @jehiah @razb