-
Notifications
You must be signed in to change notification settings - Fork 385
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add initial schema, storage provider and quota manager for CockroachDB #2834
Conversation
9d77cf0
to
9bf155f
Compare
59b4026
to
c1d7038
Compare
Current status: The driver spawns a single node crdb instance when the tests start, and these are passing. The tests and some basic linting is running on GH actions. I'm currently looking into getting the integration tests to run on GH actions too. One caveat is that in order to easily parse database URI's, I did use a golang 1.19 function: https://github.com/equinixmetal-security/trillian/blob/crdb/storage/testdb/testdb.go#L191 Don't know how much of an issue this would be 😕 , but it's sure a convenient function! 😄 Looking forward for initial feedback. |
d95c343
to
cb4973f
Compare
@roger2hk ah! I used a golang 1.19 construct. I'll refactoring so it works in 1.17. |
Currently, the Trillian installation is hard-coded to use the mysql storage system. While this is mostly fine (it is the most common and used storage system for Trillian after all!), this makes it non trivial to try custom backends for Trillian. There is work on the way to introduce [a CockroachDB storage system for Trillian](google/trillian#2834). And, while this is currently not usable using the mainline Trillian image, it is possible to try out if one specifies a custom image for trillian. To enable this, some variables were introduced: * `storageSystem.driver`: defines the storage backend to use for both the log signer and the log server. Defaults to `mysql`. * `storageSystem.envCredentials`: is the kubernetes deployment definition of environment variables to aide the log signer in connecting to the desired database. When set to `null` it defaults to the environment variables used by MySQL: A values file that would take this work into use would look as follows: ```yaml storageSystem: driver: crdb envCredentials: - name: CRDB_USER valueFrom: secretKeyRef: name: mySecret key: crdb-user - name: CRDB_PASSWORD valueFrom: secretKeyRef: name: mySecret key: crdb-password - name: CRDB_HOST value: crdb.trillian.svc.cluster.local logServer: image: registry: ghcr.io repository: equinixmetal-security/trillian-log-server version: latest extraArgs: - "--crdb-uri=postgres://$(CRDB_USER):$(CRDB_PASSWORD)@$(CRDB_HOST):26257/" logSigner: image: registry: ghcr.io repository: equinixmetal-security/trillian-log-signer version: latest extraArgs: - "--crdb-uri=postgres://$(CRDB_USER):$(CRDB_PASSWORD)@$(CRDB_HOST):26257/" mysql: enabled: false ``` Signed-off-by: Juan Antonio Osorio <juan.osoriorobles@eu.equinix.com>
/gcbrun |
1 similar comment
/gcbrun |
/gcbrun |
/gcbrun |
/gcbrun |
This creates an initial schema for CRDB by mirroring a lot of the existing constructs from the MySQL storage provider. It also adds scripts and test code to run unit and integration tests with CockRoachDB While this lead to a lot of code duplication, the intention is to address that in a separate PR in order to keep the work separated into logical batches. Doing all the refactoring to create common constructs for SQL backends would lead to a patch too big for folks to review in a reasonable time and would create more risk. Signed-off-by: Juan Antonio Osorio <juan.osoriorobles@eu.equinix.com>
This adds a simple GitHub actions based test that runs unit and lint tests. Signed-off-by: Juan Antonio Osorio <juan.osoriorobles@eu.equinix.com>
This ensures that the tests run faster. This is possible since we have a dedicated database per test. Signed-off-by: Juan Antonio Osorio <juan.osoriorobles@eu.equinix.com>
These are not a problem in CRDB Signed-off-by: Juan Antonio Osorio <juan.osoriorobles@eu.equinix.com>
Signed-off-by: Juan Antonio Osorio <juan.osoriorobles@eu.equinix.com>
This sets up integration tests in GitHub actions. Signed-off-by: Juan Antonio Osorio <juan.osoriorobles@eu.equinix.com>
Signed-off-by: Juan Antonio Osorio <juan.osoriorobles@eu.equinix.com>
Signed-off-by: Juan Antonio Osorio <juan.osoriorobles@eu.equinix.com>
/gcbrun |
1 similar comment
/gcbrun |
Can you add a note in |
Signed-off-by: Juan Antonio Osorio <juan.osoriorobles@eu.equinix.com>
done. |
/gcbrun |
This creates an initial schema for CRDB by mirroring a lot of the existing constructs from the MySQL storage provider. It also adds scripts and test code to run unit and integration tests with CockroachDB
While this lead to a lot of code duplication, the intention is to address that in a separate PR in order to keep the work separated into logical batches. Doing all the refactoring to create common constructs for SQL backends would lead to a patch too big for folks to review in a reasonable time and would create more risk.
Checklist