Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
38e934e9
Commit
38e934e9
authored
Jan 17, 2022
by
Tiger Watson
Committed by
Markus Koller
Jan 17, 2022
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Extract agent token usage tracking logic into service
parent
e1464d93
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
143 additions
and
121 deletions
+143
-121
app/models/clusters/agent_token.rb
app/models/clusters/agent_token.rb
+0
-39
app/services/clusters/agent_tokens/track_usage_service.rb
app/services/clusters/agent_tokens/track_usage_service.rb
+54
-0
lib/api/internal/kubernetes.rb
lib/api/internal/kubernetes.rb
+1
-1
spec/models/clusters/agent_token_spec.rb
spec/models/clusters/agent_token_spec.rb
+0
-79
spec/requests/api/internal/kubernetes_spec.rb
spec/requests/api/internal/kubernetes_spec.rb
+4
-2
spec/services/clusters/agent_tokens/track_usage_service_spec.rb
...ervices/clusters/agent_tokens/track_usage_service_spec.rb
+84
-0
No files found.
app/models/clusters/agent_token.rb
View file @
38e934e9
...
@@ -10,9 +10,6 @@ module Clusters
...
@@ -10,9 +10,6 @@ module Clusters
self
.
table_name
=
'cluster_agent_tokens'
self
.
table_name
=
'cluster_agent_tokens'
# The `UPDATE_USED_COLUMN_EVERY` defines how often the token DB entry can be updated
UPDATE_USED_COLUMN_EVERY
=
(
40
.
minutes
..
55
.
minutes
).
freeze
belongs_to
:agent
,
class_name:
'Clusters::Agent'
,
optional:
false
belongs_to
:agent
,
class_name:
'Clusters::Agent'
,
optional:
false
belongs_to
:created_by_user
,
class_name:
'User'
,
optional:
true
belongs_to
:created_by_user
,
class_name:
'User'
,
optional:
true
...
@@ -28,41 +25,5 @@ module Clusters
...
@@ -28,41 +25,5 @@ module Clusters
active:
0
,
active:
0
,
revoked:
1
revoked:
1
}
}
def
track_usage
track_values
=
{
last_used_at:
Time
.
current
.
utc
}
cache_attributes
(
track_values
)
if
can_update_track_values?
log_activity_event!
(
track_values
[
:last_used_at
])
unless
agent
.
connected?
# Use update_column so updated_at is skipped
update_columns
(
track_values
)
end
end
private
def
can_update_track_values?
# Use a random threshold to prevent beating DB updates.
last_used_at_max_age
=
Random
.
rand
(
UPDATE_USED_COLUMN_EVERY
)
real_last_used_at
=
read_attribute
(
:last_used_at
)
# Handle too many updates from high token traffic
real_last_used_at
.
nil?
||
(
Time
.
current
-
real_last_used_at
)
>=
last_used_at_max_age
end
def
log_activity_event!
(
recorded_at
)
Clusters
::
Agents
::
CreateActivityEventService
.
new
(
# rubocop: disable CodeReuse/ServiceClass
agent
,
kind: :agent_connected
,
level: :info
,
recorded_at:
recorded_at
,
agent_token:
self
).
execute
end
end
end
end
end
app/services/clusters/agent_tokens/track_usage_service.rb
0 → 100644
View file @
38e934e9
# frozen_string_literal: true
module
Clusters
module
AgentTokens
class
TrackUsageService
# The `UPDATE_USED_COLUMN_EVERY` defines how often the token DB entry can be updated
UPDATE_USED_COLUMN_EVERY
=
(
40
.
minutes
..
55
.
minutes
).
freeze
delegate
:agent
,
to: :token
def
initialize
(
token
)
@token
=
token
end
def
execute
track_values
=
{
last_used_at:
Time
.
current
.
utc
}
token
.
cache_attributes
(
track_values
)
if
can_update_track_values?
log_activity_event!
(
track_values
[
:last_used_at
])
unless
agent
.
connected?
# Use update_column so updated_at is skipped
token
.
update_columns
(
track_values
)
end
end
private
attr_reader
:token
def
can_update_track_values?
# Use a random threshold to prevent beating DB updates.
last_used_at_max_age
=
Random
.
rand
(
UPDATE_USED_COLUMN_EVERY
)
real_last_used_at
=
token
.
read_attribute
(
:last_used_at
)
# Handle too many updates from high token traffic
real_last_used_at
.
nil?
||
(
Time
.
current
-
real_last_used_at
)
>=
last_used_at_max_age
end
def
log_activity_event!
(
recorded_at
)
Clusters
::
Agents
::
CreateActivityEventService
.
new
(
agent
,
kind: :agent_connected
,
level: :info
,
recorded_at:
recorded_at
,
agent_token:
token
).
execute
end
end
end
end
lib/api/internal/kubernetes.rb
View file @
38e934e9
...
@@ -53,7 +53,7 @@ module API
...
@@ -53,7 +53,7 @@ module API
def
check_agent_token
def
check_agent_token
unauthorized!
unless
agent_token
unauthorized!
unless
agent_token
agent_token
.
track_usag
e
Clusters
::
AgentTokens
::
TrackUsageService
.
new
(
agent_token
).
execut
e
end
end
end
end
...
...
spec/models/clusters/agent_token_spec.rb
View file @
38e934e9
...
@@ -49,83 +49,4 @@ RSpec.describe Clusters::AgentToken do
...
@@ -49,83 +49,4 @@ RSpec.describe Clusters::AgentToken do
expect
(
agent_token
.
token
.
length
).
to
be
>=
50
expect
(
agent_token
.
token
.
length
).
to
be
>=
50
end
end
end
end
describe
'#track_usage'
,
:clean_gitlab_redis_cache
do
let_it_be
(
:agent
)
{
create
(
:cluster_agent
)
}
let
(
:agent_token
)
{
create
(
:cluster_agent_token
,
agent:
agent
)
}
subject
{
agent_token
.
track_usage
}
context
'when last_used_at was updated recently'
do
before
do
agent_token
.
update!
(
last_used_at:
10
.
minutes
.
ago
)
end
it
'updates cache but not database'
do
expect
{
subject
}.
not_to
change
{
agent_token
.
reload
.
read_attribute
(
:last_used_at
)
}
expect_redis_update
end
end
context
'when last_used_at was not updated recently'
do
it
'updates cache and database'
do
does_db_update
expect_redis_update
end
context
'with invalid token'
do
before
do
agent_token
.
description
=
SecureRandom
.
hex
(
2000
)
end
it
'still updates caches and database'
do
expect
(
agent_token
).
to
be_invalid
does_db_update
expect_redis_update
end
end
context
'agent is not connected'
do
before
do
allow
(
agent
).
to
receive
(
:connected?
).
and_return
(
false
)
end
it
'creates an activity event'
do
expect
{
subject
}.
to
change
{
agent
.
activity_events
.
count
}
event
=
agent
.
activity_events
.
last
expect
(
event
).
to
have_attributes
(
kind:
'agent_connected'
,
level:
'info'
,
recorded_at:
agent_token
.
reload
.
read_attribute
(
:last_used_at
),
agent_token:
agent_token
)
end
end
context
'agent is connected'
do
before
do
allow
(
agent
).
to
receive
(
:connected?
).
and_return
(
true
)
end
it
'does not create an activity event'
do
expect
{
subject
}.
not_to
change
{
agent
.
activity_events
.
count
}
end
end
end
def
expect_redis_update
Gitlab
::
Redis
::
Cache
.
with
do
|
redis
|
redis_key
=
"cache:
#{
described_class
.
name
}
:
#{
agent_token
.
id
}
:attributes"
expect
(
redis
.
get
(
redis_key
)).
to
be_present
end
end
def
does_db_update
expect
{
subject
}.
to
change
{
agent_token
.
reload
.
read_attribute
(
:last_used_at
)
}
end
end
end
end
spec/requests/api/internal/kubernetes_spec.rb
View file @
38e934e9
...
@@ -53,7 +53,9 @@ RSpec.describe API::Internal::Kubernetes do
...
@@ -53,7 +53,9 @@ RSpec.describe API::Internal::Kubernetes do
shared_examples
'agent token tracking'
do
shared_examples
'agent token tracking'
do
it
'tracks token usage'
do
it
'tracks token usage'
do
expect
{
response
}.
to
change
{
agent_token
.
reload
.
read_attribute
(
:last_used_at
)
}
expect
do
send_request
(
headers:
{
'Authorization'
=>
"Bearer
#{
agent_token
.
token
}
"
})
end
.
to
change
{
agent_token
.
reload
.
read_attribute
(
:last_used_at
)
}
end
end
end
end
...
@@ -149,7 +151,7 @@ RSpec.describe API::Internal::Kubernetes do
...
@@ -149,7 +151,7 @@ RSpec.describe API::Internal::Kubernetes do
let
(
:agent
)
{
agent_token
.
agent
}
let
(
:agent
)
{
agent_token
.
agent
}
let
(
:project
)
{
agent
.
project
}
let
(
:project
)
{
agent
.
project
}
shared
_examples
'agent token tracking'
include
_examples
'agent token tracking'
it
'returns expected data'
,
:aggregate_failures
do
it
'returns expected data'
,
:aggregate_failures
do
send_request
(
headers:
{
'Authorization'
=>
"Bearer
#{
agent_token
.
token
}
"
})
send_request
(
headers:
{
'Authorization'
=>
"Bearer
#{
agent_token
.
token
}
"
})
...
...
spec/services/clusters/agent_tokens/track_usage_service_spec.rb
0 → 100644
View file @
38e934e9
# frozen_string_literal: true
require
'spec_helper'
RSpec
.
describe
Clusters
::
AgentTokens
::
TrackUsageService
do
let_it_be
(
:agent
)
{
create
(
:cluster_agent
)
}
describe
'#execute'
,
:clean_gitlab_redis_cache
do
let
(
:agent_token
)
{
create
(
:cluster_agent_token
,
agent:
agent
)
}
subject
{
described_class
.
new
(
agent_token
).
execute
}
context
'when last_used_at was updated recently'
do
before
do
agent_token
.
update!
(
last_used_at:
10
.
minutes
.
ago
)
end
it
'updates cache but not database'
do
expect
{
subject
}.
not_to
change
{
agent_token
.
reload
.
read_attribute
(
:last_used_at
)
}
expect_redis_update
end
end
context
'when last_used_at was not updated recently'
do
it
'updates cache and database'
do
does_db_update
expect_redis_update
end
context
'with invalid token'
do
before
do
agent_token
.
description
=
SecureRandom
.
hex
(
2000
)
end
it
'still updates caches and database'
do
expect
(
agent_token
).
to
be_invalid
does_db_update
expect_redis_update
end
end
context
'agent is not connected'
do
before
do
allow
(
agent
).
to
receive
(
:connected?
).
and_return
(
false
)
end
it
'creates an activity event'
do
expect
{
subject
}.
to
change
{
agent
.
activity_events
.
count
}
event
=
agent
.
activity_events
.
last
expect
(
event
).
to
have_attributes
(
kind:
'agent_connected'
,
level:
'info'
,
recorded_at:
agent_token
.
reload
.
read_attribute
(
:last_used_at
),
agent_token:
agent_token
)
end
end
context
'agent is connected'
do
before
do
allow
(
agent
).
to
receive
(
:connected?
).
and_return
(
true
)
end
it
'does not create an activity event'
do
expect
{
subject
}.
not_to
change
{
agent
.
activity_events
.
count
}
end
end
end
def
expect_redis_update
Gitlab
::
Redis
::
Cache
.
with
do
|
redis
|
redis_key
=
"cache:
#{
agent_token
.
class
}
:
#{
agent_token
.
id
}
:attributes"
expect
(
redis
.
get
(
redis_key
)).
to
be_present
end
end
def
does_db_update
expect
{
subject
}.
to
change
{
agent_token
.
reload
.
read_attribute
(
:last_used_at
)
}
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment