-
-
Notifications
You must be signed in to change notification settings - Fork 503
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: use recommended cluster settings for cockroachdb #2858
feat: use recommended cluster settings for cockroachdb #2858
Conversation
✅ Deploy Preview for testcontainers-go ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, I left a minor comment.
I wonder if we always want to add those recommendations, or wrap them into a functional opt so users can decide whether to apply them or not 🤔
BTW I'd rename the title to |
Would you add one single |
Given all of us agree, I'd go with a single functional option for settings, as pointed out by @stevenh. What I'm not sure if we want to append the default settings to those passed by the user (I like this, although it could come with some conflicts) |
We could export a variable to be used e.g. |
Would you make those configurable? Thinking that if we expose that as something configurable then a struct would probably be better but it would be weird if we only add these specific settings to the struct and leave out all the other configurable stuff of the cluster. I suppose, given that these are just statements we run after ready, we could also just expose this as a non-configurable |
I'd go simple: a |
Thinking about it I wouldn't call it |
481c29b
to
fe3d3ee
Compare
Just updated the PR. Let me know if that's roughly what you had in mind. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for making all these changes, we're getting close to a solid solution I think.
Co-authored-by: Steven Hartland <stevenmhartland@gmail.com>
Co-authored-by: Steven Hartland <stevenmhartland@gmail.com>
… in defaultOptions
Co-authored-by: Manuel de la Peña <social.mdelapenya@gmail.com>
… to DefaultStatements
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thank you very much and sorry if the review process took longer than expected 🙏
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like this fails due the example not working with TLS, see here.
So I found two issues... First one was that the user you pass in the options when setting up the cluster needs to have MODIFYCLUSTERSETTING privilege to run the statements. I added a note about that in the Second one was the one you mentioned, it seems like these default statements don't play nicely with TLS. I couldn't find any documentation from Cockroach Labs that would help me understand why this would be the case. I tried running only some of these statements but I couldn't really make it work with any combination that I tried. Should we maybe error if default statements and TLS are used? |
// This, in combination with DefaultStatements, can be used to configure the cluster with the settings | ||
// recommended by Cockroach Labs. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
suggestion: This is somewhat confusing as this won't be combined with DefaultStatements
which is how I would interpret this currently. We should clarify and ensure we clearly state the default if not configured is DefaultStatements
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we are always adding the default statements, then I think they must be private, and probably prepended to the user-provided ones.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we are always adding the default statements, then I think they must be private, and probably prepended to the user-provided ones.
I see what you mean, but given the complications with TLS and users without MODIFYCLUSTERSETTING privilege I think prepending to the user-provided statements is probably going to cause a bit of pain.
Good spot on the comment. I'll hold on that change until we've established what we do about the TLS and user privileges thing though, as it might affect this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Private vs public for these is an interesting discussion, here's some ideas from the perspective of making the var private:
- Pro: Others can't mess with them
- Conn: Others can't correct if needed
- Conn: Can't pass them into WithStatements to customise
- Conn: Not self documenting.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One of the goals of any testcontainers module is to be simple, and maybe opinionated, helping users in not committing mistakes. So I'd look for the mechanism that creates this experience.
Whatever you find that matches that, it's fine for me 😊
I believe TLS issue is down to how the self signed cert is created by the module in that it only supports the default user, which seems like an unnecessary restriction. |
I'm not sure I understand. Should it be failing in the main branch if that was the case? I haven't modified those failing tests or anything around TLS that would cause it fail. Also, commenting out the added statements seemed to make the tests pass for me. Apologies if I'm misunderstanding something here. |
88ab497
to
ff63c4c
Compare
I had a look into this in more detail and the connections handling in this module for TLS is not clear, it actually requires the user to jump through hoops to get it right combining a base URL with TLS setting. You've fallen foul of this in the way you're using the connection string in I've pushed a commit to a separate draft PR which fixes that. |
Ooh that's a good find! I'm happy to close this one and go with yours then, sounds like the easier path. |
Closing in favour of #2869 |
What does this PR do?
This PR configures the cockroachdb container with the settings recommended by Cockroach Labs for testing clusters.
Why is it important?
It seems reasonable to follow their advise but the why for each of these settings is explained in the link above.
Related issues
None
How to test this PR
I did some rather naive testing by running a test suite with and without these changes and it seemed like it did work in that the the tests took less time to finish with these settings than without them. It's not clear to me whether that improvement will be there in all possible scenarios but, as I said before, I think it's reasonable to follow Cockroach Labs advise on this.