[WPB 3796] Fix background worker for federation policy allowAll #3526
Conversation
zebot
added
the
ok-to-test
fisx
force-pushed
the
WPB-3796/fix-background-worker-for-allowAll-fed-policy
branch
from
189af78
to
f524514
Compare
(To pull remotes from rabbitMQ, allowing us to quit talking to brig about this.)
(This was only needed to get federation remote configs, but we get those from rabbitMQ now, and without bugs in allowAll.)
fisx
force-pushed
the
WPB-3796/fix-background-worker-for-allowAll-fed-policy
branch
from
f524514
to
06e2f3f
Compare
fisx
changed the title
…round-worker-for-allowAll-fed-policy
| ensureConsumers consumersRef chan $ domain <$> chanRemotes.remotes | ||
| remoteDomains <- getRemoteDomains | ||
| ensureConsumers consumers chan remoteDomains | ||
| threadDelay (round $ 1_000_000 * fromMaybe 60 env.backendNotificationsConfig.remotesRefreshInterval) |
There was a problem hiding this comment.
Why is this a Maybe, we can put default values in all the places, i.e. helm chart and integration test configs? IMO this is unnecessary complexity.
| pushBackoffMaxWait :: Int | ||
| pushBackoffMaxWait :: Int, | ||
| -- | Number of seconds between two calls to `getRemoteDomains`. | ||
| remotesRefreshInterval :: Maybe Double |
There was a problem hiding this comment.
Instead of using Double can we just take number of milliseconds? We won't need rounding like this. I think we can safely assume people running wire are capable of understanding different units of time than seconds.
This also makes it more in line with the config one line above.
There was a problem hiding this comment.
i get the last point, but i just think doubles are more ergonomic. anyway i'll align it with the rest.
changelog.d/0-release-notes/WPB-3796
Outdated
| @@ -0,0 +1,5 @@ | |||
| New config value `background-worker.backendNotificationPusher.remotesRefreshIntervalMs`. If in doubt, set to 30000 ms. (This controls the delay between backend-to-backend notification queue update pulls from rabbitMQ to background-worker.) | |||
|
|
|||
| Remote federation domains in the config file are no longer supported (deprecated since Charts...). Before deploying this release, make sure you have completed the migration steps from [the CHANGELOG of that release](...). | |||
There was a problem hiding this comment.
There was never a release which supported this, it came and went away between releases. So, this line is not necessary.
There was a problem hiding this comment.
incorrect. we released this last week or so.
changelog.d/0-release-notes/WPB-3796
Outdated
|
|
||
| Remote federation domains in the config file are no longer supported (deprecated since Charts...). Before deploying this release, make sure you have completed the migration steps from [the CHANGELOG of that release](...). | ||
|
|
||
| If you have enabled federation and therefore rabbitMQ before this upgrade, you may need to remove all queues called `backend-notifications.delete-federation` manually, or this release won't start. |
There was a problem hiding this comment.
| If you have enabled federation and therefore rabbitMQ before this upgrade, you may need to remove all queues called `backend-notifications.delete-federation` manually, or this release won't start. | |
| If you have enabled federation and therefore rabbitMQ before this upgrade, you should remove the queue called `backend-notifications.delete-federation` manually. |
I think the release still starts, just keeps printing warning logs, if not something is not right.
There was a problem hiding this comment.
the thing that fails is the line below the one where the queue is created: it chokes on the fact that the queue has an invalid domain name and gets trapped in a loop, i think. but you are right, my wording was inaccurate.
| @@ -0,0 +1 @@ | |||
| [background-worker] Get federation remote domains from rabbitMQ, not from brig (this fixes a bug in federation policy `allowAll`) | |||
There was a problem hiding this comment.
There was no release made with this bug, so you can also just drop this changelog.
charts/background-worker/values.yaml
Outdated
| @@ -26,6 +26,7 @@ config: | |||
| backendNotificationPusher: | |||
| pushBackoffMinWait: 10000 # in microseconds, so 10ms | |||
| pushBackoffMaxWait: 300000000 # microseconds, so 300s | |||
| remotesRefreshIntervalMs: 30000 | |||
There was a problem hiding this comment.
Adding Ms here has two problems:
- Capital
MmeansMeganotmilliormicro. - The things above do not have this suffix, so it is inconsistent.
There was a problem hiding this comment.
sigh
i really don't like the way we do config files. very brittle and fragile at the same time.
i'll remove the Ms.
| -- | FUTUREWORK: This really doesn't belong here in a module about pushing backend-to-backend | ||
| -- notifications. Maybe "Wire.API.Federation.Defederate"? (Same for `ensureTLQueue`.) |
There was a problem hiding this comment.
Why not create the module right now?
| ensureQueue :: Q.Channel -> Text -> IO () | ||
| ensureQueue chan queue = do | ||
| ensureTLQueue :: Q.Channel -> Text -> IO () | ||
| ensureTLQueue chan queue = do |
There was a problem hiding this comment.
"top level". not great, yes.
do you have a suggestion what to use for a name?
i'll think of something...
(for some reason, remotes listed in config files don't do it any more. stealing this fix from #3526)
| @@ -58,6 +58,8 @@ data: | |||
| cert: /etc/wire/integration-secrets/provider-publiccert.pem | |||
| botHost: https://brig-integration | |||
|
|
|||
| originDomain: 612c6a18-4e3e-11ee-a205-97507f092421.example.com | |||
There was a problem hiding this comment.
Having this hard-coded like this raises an eyebrow. Why is this not dynamic?
| @@ -207,3 +207,7 @@ spec: | |||
| secretKeyRef: | |||
| name: brig | |||
| key: rabbitmqPassword | |||
| - name: TEST_INCLUDE | |||
There was a problem hiding this comment.
Should probably remove this before merging? :)
|
@akshaymankar this can be closed, right? i'll close it! #3588 |
echoes-hq
bot
added
the
echoes: technical-debt
https://wearezeta.atlassian.net/browse/WPB-3796
Checklist
changelog.d