VAULT-5827 Don't prepare SQL queries before executing them #15166
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We don't support proper prepared statements, i.e., preparing once and executing many times since we do our own templating. So preparing our queries does not really accomplish anything, and can have severe performance impacts (see hashicorp/vault-plugin-database-snowflake#13 for example). This behavior seems to have been copy-pasted for many years but not for any particular reason that we have been able to find. First use was in #15 So here we switch to new methods suffixed with `Direct` to indicate that they don't `Prepare` before running `Exec`, and switch everything here to use those. We maintain the older methods with the existing behavior (with `Prepare`) for backwards compatibility.
calvn
reviewed
Apr 25, 2022
| @@ -95,7 +95,7 @@ func (b *backend) pathCredsCreateRead(ctx context.Context, req *logical.Request, | |||
| "name": username, | |||
| "password": password, | |||
| } | |||
| if err := dbtxn.ExecuteTxQuery(ctx, tx, m, query); err != nil { | |||
| if err := dbtxn.ExecuteTxQueryDirect(ctx, tx, m, query); err != nil { | |||
There was a problem hiding this comment.
The database secret engines under builtin/logical/ that's not database/ such as this one (aka "Standalone DB Engines") are deprecated and will be removed in the near future. Doesn't hurt to update them, but note that we will be dropping them soon.
There was a problem hiding this comment.
I was just changing all uses of the existing functions in vault :)
|
Thanks everyone! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
We don't support proper prepared statements, i.e., preparing once and
executing many times since we do our own templating. So preparing our
queries does not really accomplish anything, and can have severe
performance impacts (see
hashicorp/vault-plugin-database-snowflake#13
for example).
This behavior seems to have been copy-pasted for many years but not for
any particular reason that we have been able to find. First use was in
#15
So here we switch to new methods suffixed with
Directto indicatethat they don't
Preparebefore runningExec, and switch everythinghere to use those. We maintain the older methods with the existing
behavior (with
Prepare) for backwards compatibility.