Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

go/worker/keymanager: Optimize enclave initialization #5218

Merged
merged 1 commit into from
Mar 14, 2023
Merged

go/worker/keymanager: Optimize enclave initialization #5218

merged 1 commit into from
Mar 14, 2023

Conversation

peternose
Copy link
Contributor

Enclave initialization was moved into its own goroutine to avoid blocking the main loop of the key manager worker. Once initialization is completed, the resulting state of the enclave is compared to the latest key manager status. If the latter has changed, initialization is performed again.

This will be useful when we deploy master secret rotation since new secrets may be generated while old secrets are being replicated which can result in an outdated state once initialization finishes.

@codecov
Copy link

codecov bot commented Mar 10, 2023
edited
Loading

Codecov Report

Merging #5218 (a3909bb) into master (4abf809) will increase coverage by 0.11%.
The diff coverage is 80.53%.

@@            Coverage Diff             @@
##           master    #5218      +/-   ##
==========================================
+ Coverage   61.51%   61.62%   +0.11%     
==========================================
  Files         512      512              
  Lines       54243    54281      +38     
==========================================
+ Hits        33365    33449      +84     
+ Misses      16640    16598      -42     
+ Partials     4238     4234       -4
Impacted Files Coverage Δ
go/worker/keymanager/status.go 0.00% <0.00%> (ø)
go/worker/keymanager/worker.go 65.20% <80.00%> (+0.16%) ⬆️
go/worker/keymanager/init.go 63.79% <100.00%> (ø)

... and 29 files with indirect coverage changes

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@peternose peternose force-pushed the peternose/feature/optimize-km-status-update branch 2 times, most recently from aba6ccf to 4ce1ee0 Compare March 11, 2023 00:30
@peternose peternose marked this pull request as ready for review March 11, 2023 00:53
@peternose peternose force-pushed the peternose/feature/optimize-km-status-update branch 2 times, most recently from a9f02fc to c3c4ec6 Compare March 13, 2023 20:23
@peternose
go/worker/keymanager: Optimize enclave initialization
a3909bb 
Enclave initialization was moved into its own goroutine to avoid blocking
the main loop of the key manager worker. Once initialization is completed,
the resulting state of the enclave is compared to the latest key manager
status. If the latter has changed, initialization is performed again.

This will be useful when we deploy master secret rotation since new secrets
may be generated while old secrets are being replicated which can result
in an outdated state once initialization finishes.
@peternose peternose force-pushed the peternose/feature/optimize-km-status-update branch from c3c4ec6 to a3909bb Compare March 14, 2023 13:29
@peternose peternose merged commit bdda4f7 into master Mar 14, 2023
@peternose peternose deleted the peternose/feature/optimize-km-status-update branch March 14, 2023 14:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kostko kostko kostko approved these changes

@peterjgilbert peterjgilbert Awaiting requested review from peterjgilbert peterjgilbert is a code owner

@pro-wh pro-wh Awaiting requested review from pro-wh pro-wh is a code owner

@ptrus ptrus Awaiting requested review from ptrus ptrus is a code owner

Assignees
No one assigned
Labels
golang
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@peternose @kostko