apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

AuthZ-Service: Add traces to cache (#105718)

Browse Source
pull/105145/head
Gabriel MABILLE 1 day ago committed by GitHub
parent 8caa62ede0
commit cb3cd021b7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 25 additions and 15 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 13
      pkg/services/authz/rbac/cache.go
  2. 12
      pkg/services/authz/rbac/service.go
  3. 15
      pkg/services/authz/rbac/service_test.go

13
pkg/services/authz/rbac/cache.go
Unescape View File

@ -7,8 +7,10 @@ import (
"time" "time"
"github.com/grafana/authlib/cache" "github.com/grafana/authlib/cache"
"go.opentelemetry.io/otel/attribute"
"github.com/grafana/grafana/pkg/infra/log" "github.com/grafana/grafana/pkg/infra/log"
"github.com/grafana/grafana/pkg/infra/tracing"
) )
func userIdentifierCacheKey(namespace, userUID string) string { func userIdentifierCacheKey(namespace, userUID string) string {
@ -50,20 +52,24 @@ type cacheWrap[T any] interface {
type cacheWrapImpl[T any] struct { type cacheWrapImpl[T any] struct {
cache cache.Cache cache cache.Cache
logger log.Logger logger log.Logger
tracer tracing.Tracer
ttl time.Duration ttl time.Duration
} }
// cacheWrap is a wrapper around the authlib Cache that provides typed Get and Set methods // cacheWrap is a wrapper around the authlib Cache that provides typed Get and Set methods
// it handles encoding/decoding for a specific type. // it handles encoding/decoding for a specific type.
func newCacheWrap[T any](cache cache.Cache, logger log.Logger, ttl time.Duration) cacheWrap[T] { func newCacheWrap[T any](cache cache.Cache, logger log.Logger, tracer tracing.Tracer, ttl time.Duration) cacheWrap[T] {
if ttl == 0 { if ttl == 0 {
logger.Info("cache ttl is 0, using noop cache") logger.Info("cache ttl is 0, using noop cache")
return &noopCache[T]{} return &noopCache[T]{}
} }
return &cacheWrapImpl[T]{cache: cache, logger: logger, ttl: ttl} return &cacheWrapImpl[T]{cache: cache, logger: logger, tracer: tracer, ttl: ttl}
} }
func (c *cacheWrapImpl[T]) Get(ctx context.Context, key string) (T, bool) { func (c *cacheWrapImpl[T]) Get(ctx context.Context, key string) (T, bool) {
ctx, span := c.tracer.Start(ctx, "cacheWrap.Get")
defer span.End()
span.SetAttributes(attribute.Bool("hit", false))
logger := c.logger.FromContext(ctx) logger := c.logger.FromContext(ctx)
var value T var value T
@ -81,10 +87,13 @@ func (c *cacheWrapImpl[T]) Get(ctx context.Context, key string) (T, bool) {
return value, false return value, false
} }
span.SetAttributes(attribute.Bool("hit", true))
return value, true return value, true
} }
func (c *cacheWrapImpl[T]) Set(ctx context.Context, key string, value T) { func (c *cacheWrapImpl[T]) Set(ctx context.Context, key string, value T) {
ctx, span := c.tracer.Start(ctx, "cacheWrap.Set")
defer span.End()
logger := c.logger.FromContext(ctx) logger := c.logger.FromContext(ctx)
data, err := json.Marshal(value) data, err := json.Marshal(value)

12
pkg/services/authz/rbac/service.go
Unescape View File

@ -94,12 +94,12 @@ func NewService(
tracer: tracer, tracer: tracer,
metrics: newMetrics(reg), metrics: newMetrics(reg),
mapper: newMapper(), mapper: newMapper(),
idCache: newCacheWrap[store.UserIdentifiers](cache, logger, longCacheTTL), idCache: newCacheWrap[store.UserIdentifiers](cache, logger, tracer, longCacheTTL),
permCache: newCacheWrap[map[string]bool](cache, logger, settings.CacheTTL), permCache: newCacheWrap[map[string]bool](cache, logger, tracer, settings.CacheTTL),
permDenialCache: newCacheWrap[bool](cache, logger, settings.CacheTTL), permDenialCache: newCacheWrap[bool](cache, logger, tracer, settings.CacheTTL),
teamCache: newCacheWrap[[]int64](cache, logger, settings.CacheTTL), teamCache: newCacheWrap[[]int64](cache, logger, tracer, settings.CacheTTL),
basicRoleCache: newCacheWrap[store.BasicRole](cache, logger, settings.CacheTTL), basicRoleCache: newCacheWrap[store.BasicRole](cache, logger, tracer, settings.CacheTTL),
folderCache: newCacheWrap[folderTree](cache, logger, settings.CacheTTL), folderCache: newCacheWrap[folderTree](cache, logger, tracer, settings.CacheTTL),
sf: new(singleflight.Group), sf: new(singleflight.Group),
} }
} }

15
pkg/services/authz/rbac/service_test.go
Unescape View File

@ -1516,17 +1516,18 @@ func setupService() *Service {
cache := cache.NewLocalCache(cache.Config{Expiry: 5 * time.Minute, CleanupInterval: 5 * time.Minute}) cache := cache.NewLocalCache(cache.Config{Expiry: 5 * time.Minute, CleanupInterval: 5 * time.Minute})
logger := log.New("authz-rbac-service") logger := log.New("authz-rbac-service")
fStore := &fakeStore{} fStore := &fakeStore{}
tracer := tracing.NewNoopTracerService()
return &Service{ return &Service{
logger: logger, logger: logger,
mapper: newMapper(), mapper: newMapper(),
tracer: tracing.NewNoopTracerService(), tracer: tracer,
metrics: newMetrics(nil), metrics: newMetrics(nil),
idCache: newCacheWrap[store.UserIdentifiers](cache, logger, longCacheTTL), idCache: newCacheWrap[store.UserIdentifiers](cache, logger, tracer, longCacheTTL),
permCache: newCacheWrap[map[string]bool](cache, logger, shortCacheTTL), permCache: newCacheWrap[map[string]bool](cache, logger, tracer, shortCacheTTL),
permDenialCache: newCacheWrap[bool](cache, logger, shortCacheTTL), permDenialCache: newCacheWrap[bool](cache, logger, tracer, shortCacheTTL),
teamCache: newCacheWrap[[]int64](cache, logger, shortCacheTTL), teamCache: newCacheWrap[[]int64](cache, logger, tracer, shortCacheTTL),
basicRoleCache: newCacheWrap[store.BasicRole](cache, logger, longCacheTTL), basicRoleCache: newCacheWrap[store.BasicRole](cache, logger, tracer, longCacheTTL),
folderCache: newCacheWrap[folderTree](cache, logger, shortCacheTTL), folderCache: newCacheWrap[folderTree](cache, logger, tracer, shortCacheTTL),
settings: Settings{AnonOrgRole: "Viewer"}, settings: Settings{AnonOrgRole: "Viewer"},
store: fStore, store: fStore,
permissionStore: fStore, permissionStore: fStore,

Write Preview
Loading…
Cancel
Save