Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Relax Redis requirement #739

Merged
merged 3 commits into from
Nov 1, 2023
Merged

Relax Redis requirement #739

merged 3 commits into from
Nov 1, 2023

Conversation

tsibley
Copy link
Member

@tsibley tsibley commented Oct 26, 2023
edited
Loading

See commit messages.

Related-to: https://github.com/nextstrain/private/issues/94

Checklist

  • Checks pass

@tsibley
docs: Note that Redis must have TLS enabled
ac62b5b 
Connecting with the rediss: protocol won't work if TLS isn't enabled,
and the error message is a generic "connection timed out".
@tsibley tsibley requested review from victorlin and a team October 26, 2023 00:04
@nextstrain-bot nextstrain-bot temporarily deployed to nextstrain-s-trs-relax--88ypky October 26, 2023 00:04 Inactive
@tsibley tsibley temporarily deployed to nextstrain-s-trs-relax--88ypky October 26, 2023 17:08 Inactive
@tsibley
authn: Store user "stale before" markers durably in SQLite when Redis…
dc0ab05 
… is not available

Rather than non-durably in process memory.  This solves two issues:

 1. It allows for production use without Redis as long as certain other
    requirements are met.  I'll be documenting these and relaxing the
    Redis requirement in a subsequent commit.  This is motivated by
    CDC's deployment.¹

 2. It makes development more like production, which is important as the
    difference wasn't obvious and led to strange behaviour, e.g. across
    server restarts.²

I knew the transient in-memory store was not ideal when I wrote it, but
it was very expedient! and I didn't want to address it further at the
time.  This now rectifies that.

The configuration of the keyv library with a key namespace ensures that
no key name migration is needed with this change.

¹ <nextstrain/private#94>
² <#581 (comment)>
@tsibley tsibley temporarily deployed to nextstrain-s-trs-relax--88ypky October 26, 2023 17:11 Inactive
Base automatically changed from trs/configurability to master October 26, 2023 17:22
@tsibley
Allow and document how to run safely in production mode without Redis
64f7d92 
This is made possible by the previous commit which switched the
non-Redis fallback from an in-memory store to an on-disk SQLite store.

As a nice side-effect, we can now set REDIS_REQUIRED=true in development
mode (i.e. not the default) to more easily test the production mode code
path.

Related-to: <nextstrain/private#94>
@tsibley tsibley temporarily deployed to nextstrain-s-trs-relax--88ypky October 26, 2023 22:42 Inactive
@victorlin victorlin mentioned this pull request Oct 31, 2023
Merged
6 tasks
victorlin
victorlin approved these changes Oct 31, 2023
View reviewed changes
src/redis.js Show resolved Hide resolved
@tsibley tsibley merged commit 0a0ebe3 into master Nov 1, 2023
4 checks passed
@tsibley tsibley deleted the trs/relax-redis-requirement branch November 1, 2023 17:13
tsibley
tsibley commented Nov 1, 2023
View reviewed changes
src/config.js
* ² <https://devcenter.heroku.com/articles/app-json-schema>
* ³ <https://devcenter.heroku.com/articles/github-integration-review-apps>
*/
export const REDIS_REQUIRED = fromEnvOrConfig("REDIS_REQUIRED", PRODUCTION && !REVIEW_APP);
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Welp, this doesn't work at all when setting REDIS_REQUIRED=false in the environment or "REDIS_REQUIRED": false in the config because of the use of || in fromEnvOrConfig(). orz

I tested the functionality and it worked! but it only appeared to work because I was testing against a previous version of the code which provided a default of null instead of PRODUCTION && !REVIEW_APP. In my testing, the production config set REDIS_REQUIRED=true, which worked, and the testing config set it to false, which worked, but the actual value was resolved to null (the default). This had the same effect as false and so masked the problematic use of ||. When I changed the default, the behaviour changed, and I didn't re-test. Should have written proper tests, but I didn't because then we need an actual REDIS_URL for the connection. We could provide one in CI I suppose…

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#746

tsibley added a commit that referenced this pull request Nov 2, 2023
@tsibley
config: Support falsy numeric and boolean values…
edf621e 
…instead of considering them missing.

The values considered missing are now more clear:

  1. undefined (i.e. not present)
  2. null (i.e. present but explicitly null)
  3. "" (i.e. present but empty, particularly for env vars)

This allows falsy values¹ like the number 0 and boolean false to be
configurable values², as expected to be for OIDC_IAT_BACKDATED_BY and
REDIS_REQUIRED.

For example, setting REDIS_REQUIRED=false is now functional as intended
by "Allow and document how to run safely in production mode without
Redis" (64f7d92).  And setting OIDC_IAT_BACKDATED_BY=0 in the
environment now overrides any value from the config file instead of
being ignored.

Related-to: <#739>

¹ <https://developer.mozilla.org/en-US/docs/Glossary/Falsy>

² Other falsy values like NaN and 0n are also now considered
  non-missing, but there's no way to express those in our current config
  sources, which permit only strings or JSON values.  We may find
  ourselves wanting to treat NaN as missing too if config sources
  change.
@tsibley tsibley mentioned this pull request Nov 2, 2023
Merged
1 task
tsibley added a commit that referenced this pull request Nov 2, 2023
@tsibley
config: Support falsy numeric and boolean values…
3fccf53 
…instead of considering them missing.

The values considered missing are now more clear:

  1. undefined (i.e. not present)
  2. null (i.e. present but explicitly null)
  3. "" (i.e. present but empty, particularly for env vars)

This allows falsy values¹ like the number 0 and boolean false to be
configurable values², as expected to be for OIDC_IAT_BACKDATED_BY and
REDIS_REQUIRED.

For example, setting REDIS_REQUIRED=false is now functional as intended
by "Allow and document how to run safely in production mode without
Redis" (64f7d92).  And setting OIDC_IAT_BACKDATED_BY=0 in the
environment now overrides any value from the config file instead of
being ignored.

Related-to: <#739>

¹ <https://developer.mozilla.org/en-US/docs/Glossary/Falsy>

² Other falsy values like NaN and 0n are also now considered
  non-missing, but there's no way to express those in our current config
  sources, which permit only strings or JSON values.  We may find
  ourselves wanting to treat NaN as missing too if config sources
  change.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@victorlin victorlin victorlin approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tsibley @victorlin @nextstrain-bot