Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rest-proxy: split out into standalone module #993

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

nosahama
Copy link
Contributor

@nosahama nosahama commented Nov 19, 2024

About this change - What it does

Make rest-proxy component standalone module still running the rapu based webserver, leaving only schema_registry and shared components in src/karapace.

Why this way

We can make future changes that aid in providing the karapace components as separate services.

@nosahama nosahama requested review from a team as code owners November 19, 2024 08:26
eliax1996
eliax1996 previously approved these changes Nov 19, 2024
Copy link
Contributor

@eliax1996 eliax1996 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Except the minor note LGTM

bin/smoke-test-rest-proxy.sh Show resolved Hide resolved
@nosahama nosahama force-pushed the nosahama/split-out-rest-proxy branch 9 times, most recently from daccba7 to 7b9bb5c Compare November 19, 2024 20:26
@nosahama nosahama force-pushed the nosahama/split-out-rest-proxy branch from 7b9bb5c to 3cf0f16 Compare November 19, 2024 20:38
Copy link

Coverage report

Click to see where and how coverage changed

FileStatementsMissingCoverageCoverage
(new stmts)
Lines missing
  src/karapace
  karapace_all.py
  src/karapace/backup
  api.py
  cli.py
  src/karapace/sentry
  sentry_client.py
Project Total  

This report was generated by python-coverage-comment-action

Comment on lines +64 to +65
with closing(arg.config_file):
config = read_config(arg.config_file)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if you aren't using the closing arg I don't think you are closing it correctly.
Shouldn't be:

with closing(foo) as bar:
   config = read_config(bar)

?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can take a look, once again, this is existing code 😉

Comment on lines +77 to +78
if "password" in key:
value = "****"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is dangerous, you should keep the info about the secrecy of the field in the context of where its created. Otherwise if tomorrow we add another field like e.g. sentry_api_token this isn't filtered and there isn't any hint about this indirect dependency.
I suggest to add the filtering in the object itself, you can add to the Config object a method like:


SENSITIVE_FIELDS: Final = ("registry_password", "ssl_password", "sasl_plain_password", "sasl_oauth_token")

@staticmethod
def is_field_a_secret(self, field_name: str) -> bool:
   if field_name not in Config:
      raise ValueError(f"{field_name} is not known")
   return field_name not in SENSITIVE_FIELDS

In that way the filtering logic its "near" to where the addition/removal/renaming of the property is, its a property of the data structure rather than a piece of coupled code put randomly in another file and that the developer should know to look before adding/removing something far away.

PS I think the logic wasn't covering the sasl_oauth_token

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Once again, this is existing code 😉
I'd reason around your suggestions and see to add/fix or create follow up items 👍

Copy link
Contributor

@eliax1996 eliax1996 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A couple of notes, again near to the merge 😄

for ((i = 0; i <= retries; i++)); do
response=$(curl --silent --verbose --fail http://localhost:8083/topics)

if [[ $response == '["_schemas","__consumer_offsets"]' ]]; then
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would __consumer_offsets be enough here, the _schemas is schema registry special.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think testing against _schemas adds a little bit more coverage as that topic is created from application code and truly verifies the flow.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also this is existing code/logic.

@@ -27,6 +27,22 @@ rest)
echo "Starting Karapace REST API"
exec python3 -m karapace.karapace_all /opt/karapace/rest.config.json
;;
rest_proxy)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The case rest) is not required anymore.

@nosahama nosahama marked this pull request as draft November 21, 2024 11:33
@nosahama
Copy link
Contributor Author

Setting as draft PR, so I can run some system test against this hash.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants