*: maintain the active users for privilege data

[tiancaiamao]

What problem does this PR solve?

Issue Number: ref #55563

Problem Summary:

What changed and how does it work?

Add an activeUsers field to the privilege.Handler.
This is a step towrads supporting 2.5M users, later we'll only keep the active users' data in-memory.

Check List

Tests

• Unit test
• Integration test
• Manual test (add detailed scripts or steps below)
• No need to test

  • I checked and no code files have been changed.

Side effects

• Performance regression: Consumes more CPU
• Performance regression: Consumes more Memory
• Breaking backward compatibility

Documentation

• Affects user behaviors
• Contains syntax changes
• Contains variable changes
• Contains experimental features
• Changes MySQL compatibility

Release note

Please refer to Release Notes Language Style Guide to write a quality release note.

None

[tiprow]

Hi @tiancaiamao. Thanks for your PR.

PRs from untrusted users cannot be marked as trusted with /ok-to-test in this repo meaning untrusted PR authors can never trigger tests themselves. Collaborators can still trigger tests on the PR using /test all.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[codecov]

Codecov Report

Attention: Patch coverage is 79.00763% with 55 lines in your changes missing coverage. Please review.

Project coverage is 57.4224%. Comparing base (5ab6738) to head (b8f6092).
Report is 43 commits behind head on master.

Additional details and impacted files

@@                Coverage Diff                @@
##             master     #56709         +/-   ##
=================================================
- Coverage   73.3167%   57.4224%   -15.8944%     
=================================================
  Files          1636       1801        +165     
  Lines        453659     647223     +193564     
=================================================
+ Hits         332608     371651      +39043     
- Misses       100674     250234     +149560     
- Partials      20377      25338       +4961     

Flag	Coverage Δ
integration	39.5301% <78.2442%> (?)
unit	72.5787% <70.9923%> (+0.0534%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
dumpling	52.9478% <ø> (ø)
parser	∅ <ø> (∅)
br	63.1883% <ø> (+17.1766%)	⬆️

[tiancaiamao]

/retest

[tiprow]

@tiancaiamao: Cannot trigger testing until a trusted user reviews the PR and leaves an /ok-to-test message.

In response to this:

/retest

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[lance6716]

I'm not sure about the future usage. Will something happen between ensureActiveUser and Get and evict the active user?

[tiancaiamao]

Currently there is no evict operation, evict make thing more complex.

[lance6716]

(I will check later if only User and GlobalPriv need dedup, and RoleGraph can be directly used)

[tiancaiamao]

RoleGraph is a full load, because I found that the table definitions differ from the others.
Other other tables has the User+Host column, while this table does not have it.

[lcwangchao]

Use the type sqlexec.RestrictedSQLExecutor if we only use the context to execute some SQLs to reduce the dependency.

[tiancaiamao]

sqlexec.RestrictedSQLExecutor is not enough here.
We need something like a sqlexec.RestrictedSQLExecutor pool to avoid the single instance been used by multiple threads. @lcwangchao

[lcwangchao]

If so, keeping a sessionctx.Context inside has the same problem.

[lcwangchao]

Why need to keep a immutable globalPriv and a mutable Global? Any problem to just keep one Global field?

[tiancaiamao]

Make the apply diff logic simpler if we're using one single slice representation...
we can copy and paste a lot code and just handle them the same way.

It's possible to keep different representation for different field, or even using Map for almost all field, but we need to add more code.

[tiancaiamao]

/retest

[tiprow]

@tiancaiamao: Cannot trigger testing until a trusted user reviews the PR and leaves an /ok-to-test message.

In response to this:

/retest

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[tiancaiamao]

/retest

[tiprow]

@tiancaiamao: Cannot trigger testing until a trusted user reviews the PR and leaves an /ok-to-test message.

In response to this:

/retest

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[lance6716]

nit: can use strings.Compare

[lance6716]

nit: for i := range p.User

[lance6716]

ditto

[lance6716]

ditto

[ti-chi-bot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: lance6716, lcwangchao

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [lance6716,lcwangchao]
• pkg/domain/OWNERS [lance6716]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[ti-chi-bot]

[LGTM Timeline notifier]

Timeline:

• 2024-10-30 10:42:37.160397932 +0000 UTC m=+432869.999553478: ☑️ agreed by lcwangchao.
• 2024-10-30 12:43:56.172825283 +0000 UTC m=+440149.011980830: ☑️ agreed by lance6716.

[lance6716]

It's OK to fix my comments in next PR or ignore them @tiancaiamao

[tiancaiamao]

This commit could make the login process slower, because now we need to load the users data.
And also some scenario like show grants for some other users.

The general DDL/DML cases should not be affected, this just affects a minority of privileges related.