Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable config file re-reading with SIGUSR2 #1544

Merged
merged 5 commits into from
Jul 13, 2020
Merged

Enable config file re-reading with SIGUSR2 #1544

merged 5 commits into from
Jul 13, 2020

Conversation

steve-chavez
Copy link
Member

@steve-chavez steve-chavez commented Jun 15, 2020
edited
Loading

Continuing the work on #1289. Should also fix #1119.

Considerations:

  • SIGUSR2 only re-reads the config, but doesn't reload the schema cache. This is because jwt-secret and other settings don't deal with the db. Reloading the cache on a jwt-secret update would be wasteful.
  • From the above, if a db-schema changes, a SIGUSR2 + SIGUSR1 would be needed for a correct schema cache reload.
  • If the config file path has changed, the reload will fail(and show an error) but postgrest will continue to work. The reloading will be done in a different thread. This is probably not an issue in production since services have an absolute path defined for the config.
  • If the config file has an invalid config option(like invalid roleClaimKey) the reload will also fail and pgrst will continue to work. In this case the user would have to fix the config for the reload to be successful.

Only these settings will be re-read:

  • db-schema
  • db-anon-role
  • server-proxy-uri
  • jwt-secret
  • secret-is-base64
  • jwt-aud
  • max-rows
  • pre-request
  • role-claim-key
  • db-extra-search-path
  • app.settings.*

These setting won't be re-read(would require a restart):

  • db-uri
  • db-pool
  • db-pool-timeout
  • server-host
  • server-port
  • server-unix-socket
  • server-unix-socket-mode

@steve-chavez steve-chavez marked this pull request as ready for review July 10, 2020 22:03
@steve-chavez
Copy link
Member Author

I think this is done!

I've added bash tests for app.settings.*, jwt-secret, db-schema reloading with SIGUSR2. Those are really the main use case for SIGUSR2. Left testing other config options reload as TODOs.

@steve-chavez
refactor: separate reading file from parsing it
f8385b8
@steve-chavez
refactor: move loadDbUriFile/SecretFile to Config
dfefcf5 
* make schema cacher filler use Appconfig
* change configRoleClaimKey to Either Text JSPath
@steve-chavez
refactor: move parseSecret out of App.postgrest
ca85225 
parseSecret only needs to be computed once, after the config is read.
@steve-chavez
refactor: move logStdout/corsPolicy to Middleware
4fe4ed7 
* remove configQuiet from Config

configQuiet was not an end user setting.
The logging setup is now an internal parameter.

* move proxy uri validation to Private dir
@steve-chavez
Allow config file reloading with SIGUSR2
4a65600 
* move config validation to Config.hs
* Add tests for jwt-secret/app.settings.*/db-schema reload
@steve-chavez steve-chavez merged commit e8b4e37 into PostgREST:master Jul 13, 2020
@steve-chavez steve-chavez mentioned this pull request Jul 13, 2020
Closed
@wolfgangwalther wolfgangwalther mentioned this pull request Jul 20, 2020
Closed
@steve-chavez steve-chavez mentioned this pull request Jul 20, 2020
Closed
@yaobinwen-mvs yaobinwen-mvs mentioned this pull request Oct 7, 2020
Closed
@wolfgangwalther wolfgangwalther mentioned this pull request Jun 7, 2021
Closed
@steve-chavez steve-chavez mentioned this pull request Jun 22, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Question] SIGHUP behavior to reload jwt-secret
1 participant
@steve-chavez