Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(gate-web): Add delete session tokens from redis endpoint #1827

Merged

Conversation

juangod-wise
Copy link
Contributor

When Spring Boot is upgraded and old tokens no longer work, users get 500's until they delete the cookies from their browser, which causes bad user experience.

A way around this is to delete the spring:session* keys from Redis, as explained here:

https://spinnaker.io/changelogs/1.34.0-changelog/#spring-boot-2615

$ redis-cli keys "spring:session*" | xargs redis-cli del

In our case, we don't have CLI access to our Redis instance in Production. Because of this, we wrote a Gate endpoint that deletes the keys from Redis, so it can be triggered in Production with a curl call:

curl -H "Cookie: SESSION=...." -i -X POST https://spinnaker-host/api/v1/auth/deleteSessionCache

I'm sure many other users of Spinnaker have the same issue and could benefit from this.

delete sessions cache code #publish-snapshot

fix api tests #publish-snapshot

fix sessino service spec test #publish-snapshot
@spinnakerbot
Copy link
Contributor

We prefer that non-test backend code be written in Java or Kotlin, rather than Groovy. The following files have been added and written in Groovy:

  • gate-web/src/main/groovy/com/netflix/spinnaker/gate/services/SessionService.groovy

See our server-side conventions here.

@spinnakerbot
Copy link
Contributor

The following commits need their title changed:

  • 639c99d: Add delete session tokens from redis endpoint

Please format your commit title into the form:

<type>(<scope>): <subject>, e.g. fix(kubernetes): address NPE in status check

This allows us to easily generate changelogs & determine semantic version numbers when cutting releases. You can read more about commit conventions here.

@juangod-wise juangod-wise changed the title Add delete session tokens from redis endpoint feat(gate-web): Add delete session tokens from redis endpoint Sep 6, 2024
@dbyron-sf
Copy link
Contributor

@juangod-wise can you run $ ./gradlew spotlessApply please?

@juangod-wise
Copy link
Contributor Author

@juangod-wise can you run $ ./gradlew spotlessApply please?

Done! :)

@dbyron-sf dbyron-sf dismissed mattgogerly’s stale review November 15, 2024 16:45

The changes you asked for are done.

@dbyron-sf dbyron-sf added the ready to merge Approved and ready for merge label Nov 15, 2024
@mergify mergify bot added the auto merged label Nov 15, 2024
@mergify mergify bot merged commit cae9b39 into spinnaker:master Nov 15, 2024
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants