Support per-task configuration for async host processing configuration#5700
Support per-task configuration for async host processing configuration#5700mna merged 9 commits intofleetdm:mainfrom
Conversation
mna
left a comment
mna
left a comment
There was a problem hiding this comment.
Note that I haven't forgotten about the renaming of the async package, it will be done in a separate PR, this already turned out to be more work than I hoped for.
|
|
||
| // TODO: tried to test command-line flags too by using cmd.SetArgs to | ||
| // test-case values, but that didn't seem to work, not sure how it can | ||
| // be done in our particlar setup. |
There was a problem hiding this comment.
Haven't found a way to do this but I've tested the flags manually. Would be a nice-to-have if we find a way to support this eventually.
| "(DEPRECATED: Use filesystem.enable_log_rotation) Enable automatic rotation for osquery log files") | ||
| man.addConfigInt("osquery.max_jitter_percent", 10, | ||
| "Maximum percentage of the interval to add as jitter") | ||
| man.addConfigBool("osquery.enable_async_host_processing", false, |
There was a problem hiding this comment.
So this kind of change is backwards compatible because it only changes how the value is parsed, but false/0/no would parse the same, right?
There was a problem hiding this comment.
Yeah, I tested with various yaml bool encodings (env vars and flags are strings to begin with anyway, so that's less of a concern although tested too) to make sure that they were all still parsed properly.
roperzh
left a comment
roperzh
left a comment
There was a problem hiding this comment.
LGTM. I really like when a factory function makes the code way more readable
| man.addConfigDuration("osquery.async_host_collect_lock_timeout", 1*time.Minute, | ||
| "Timeout of the exclusive lock held during async host collection") | ||
| man.addConfigString("osquery.async_host_collect_lock_timeout", (1 * time.Minute).String(), | ||
| "Timeout of the exclusive lock held during async host collection (i.e. 30s or set per task, e.g. 'label_membership=10s&policy_membership=1m'") |
There was a problem hiding this comment.
nit: should this be 1min to be consistent with the default?
| "Timeout of the exclusive lock held during async host collection (i.e. 30s or set per task, e.g. 'label_membership=10s&policy_membership=1m'") | |
| "Timeout of the exclusive lock held during async host collection (i.e. 1 minute or set per task, e.g. 'label_membership=10s&policy_membership=1m'") |
There was a problem hiding this comment.
That was meant to be an example of a literal value that can be used for this option, 30s or label_membership=10s&policy_membership=1m. The default value is printed out separately when running fleet --help. I'll add the missing quotes around 30s, that may help indicate that this is the actual value to set.
| datastore fleet.Datastore | ||
| pool fleet.RedisPool | ||
| clock clock.Clock | ||
| taskConfigs map[string]config.AsyncProcessingConfig |
There was a problem hiding this comment.
thinking out loud, not even sure if it's a good idea: I wonder if instead of a raw string we should declare our own custom type (which just alias to string) to better communicate that there's a well defined and constant set of tasks which can be configured.
kind of the classic:
type TaskName string
const (
AsyncTaskLabelMembership TaskName = "label_membership"
AsyncTaskPolicyMembership TaskName = "policy_membership"
AsyncTaskHostLastSeen TaskName = "host_last_seen"
)There was a problem hiding this comment.
Yeah there's not too much value type-safety-wise because you can still pass a string constant and it will accept it fine, but I guess it's true that it communicates that there's some set defined somewhere and new ones should be added there.
There was a problem hiding this comment.
indeed, it might be a good idea just to communicate intent, but I don't think it's super important!
offtopic but tangentially related I was reading this blog post the other day that talks about a way to enforce type safety in a simple(ish) way:
type FlagID struct {
name string
}
func (f FlagID) String() { return f.name }
var (
FooBar = FlagID{ “FooBar” }
FizzBuzz = FlagID{ “FizzBuzz” }
)There was a problem hiding this comment.
Yeah I saw that recently on HN I think? That's a clever approach.
| @@ -0,0 +1 @@ | |||
| * Support an extended configuration syntax to configure asynchronous host processing task on a per-task basis. | |||
There was a problem hiding this comment.
niiiiiiit:
| * Support an extended configuration syntax to configure asynchronous host processing task on a per-task basis. | |
| * Support an extended syntax to configure asynchronous host processing task on a per-task basis. |
|
|
||
| Note that currently, if both the failing policies webhook *and* this `osquery.enable_async_host_processing` option are set, some failing policies webhooks could be missing (some transitions from succeeding to failing or vice-versa could happen without triggering a webhook request). | ||
|
|
||
| It can be set to a single boolean value ("true" or "false"), which controls all async host processing tasks, or it can be set for specific async tasks using a syntax similar to an URL query string or parameters in a Data Source Name (DSN) string, e.g. "label_membership=true&policy_membership=true". The supported async task names are: |
There was a problem hiding this comment.
Let's clarify that when using the "URL query", if the field is not set, e.g. host_last_seen in the case of label_membership=true&policy_membership=true, then it will be set the default value.
…g configuration # Editor pass for: - #5700
|
Editor pass completed on: |
5 participants
#5536 , specifically this comment on the original PR: #5640 (comment) and the related discussion on slack.
Checklist for submitter
If some of the following don't apply, delete the relevant line.
changes/and/ororbit/changes/).