adyxax/tfstated
1
0
Fork 0
Code Issues Pull requests Releases Packages Activity

feat(tfstated): implement states versioning

Browse source
This commit is contained in:
Julien Dessaux 2024-10-14 23:54:49 +02:00
parent 71702002cf
commit 3319e74279
Signed by: adyxax
GPG key ID: F92E51B86E07177E
5 changed files with 56 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
cmd/tfstated/get.go
View file

@ -1,8 +1,6 @@
package main package main
import ( import (
"database/sql"
"errors"
"fmt" "fmt"
"net/http" "net/http"
@ -20,12 +18,7 @@ func handleGet(db *database.DB) http.Handler {
} }
if data, err := db.GetState(r.URL.Path); err != nil { if data, err := db.GetState(r.URL.Path); err != nil {
if errors.Is(err, sql.ErrNoRows) {
_ = errorResponse(w, http.StatusNotFound,
fmt.Errorf("state path not found: %s", r.URL.Path))
} else {
_ = errorResponse(w, http.StatusInternalServerError, err) _ = errorResponse(w, http.StatusInternalServerError, err)
}
} else { } else {
w.WriteHeader(http.StatusOK) w.WriteHeader(http.StatusOK)
_, _ = w.Write(data) _, _ = w.Write(data)

2
cmd/tfstated/get_test.go
View file

@ -18,7 +18,7 @@ func TestGet(t *testing.T) {
msg string msg string
}{ }{
{"GET", &url.URL{Path: "/"}, nil, "", http.StatusBadRequest, "/"}, {"GET", &url.URL{Path: "/"}, nil, "", http.StatusBadRequest, "/"},
{"GET", &url.URL{Path: "/non_existent_get"}, nil, "", http.StatusNotFound, "non existent"}, {"GET", &url.URL{Path: "/non_existent_get"}, strings.NewReader(""), "", http.StatusOK, "non existent"},
{"POST", &url.URL{Path: "/test_get"}, strings.NewReader("the_test_get"), "", http.StatusOK, "/test_get"}, {"POST", &url.URL{Path: "/test_get"}, strings.NewReader("the_test_get"), "", http.StatusOK, "/test_get"},
{"GET", &url.URL{Path: "/test_get"}, nil, "the_test_get", http.StatusOK, "/test_get"}, {"GET", &url.URL{Path: "/test_get"}, nil, "the_test_get", http.StatusOK, "/test_get"},
} }

6
pkg/database/locks.go
View file

@ -25,11 +25,7 @@ func (db *DB) SetLockOrGetExistingLock(name string, lock any) (bool, error) {
if lockData, err = json.Marshal(lock); err != nil { if lockData, err = json.Marshal(lock); err != nil {
return false, err return false, err
} }
_, err = tx.ExecContext(db.ctx, _, err = tx.ExecContext(db.ctx, `INSERT INTO states(name, lock) VALUES (?, json(?))`, name, lockData)
`INSERT INTO states(name, lock) VALUES (:name, json(:lock))`,
sql.Named("lock", lockData),
sql.Named("name", name),
)
if err != nil { if err != nil {
return false, err return false, err
} }

9
pkg/database/sql/000_init.sql
View file

@ -5,7 +5,14 @@ CREATE TABLE schema_version (
CREATE TABLE states ( CREATE TABLE states (
id INTEGER PRIMARY KEY, id INTEGER PRIMARY KEY,
name TEXT NOT NULL, name TEXT NOT NULL,
data BLOB,
lock TEXT lock TEXT
) STRICT; ) STRICT;
CREATE UNIQUE INDEX states_name on states(name); CREATE UNIQUE INDEX states_name on states(name);
CREATE TABLE versions (
id INTEGER PRIMARY KEY,
state_id INTEGER,
data BLOB,
created INTEGER DEFAULT (unixepoch()),
FOREIGN KEY(state_id) REFERENCES states(id) ON DELETE CASCADE
) STRICT;

56
pkg/database/states.go
View file

@ -2,7 +2,9 @@ package database
import ( import (
"database/sql" "database/sql"
"errors"
"fmt" "fmt"
"slices"
) )
// returns true in case of successful deletion // returns true in case of successful deletion
@ -20,8 +22,11 @@ func (db *DB) DeleteState(name string) (bool, error) {
func (db *DB) GetState(name string) ([]byte, error) { func (db *DB) GetState(name string) ([]byte, error) {
var encryptedData []byte var encryptedData []byte
err := db.QueryRow(`SELECT data FROM states WHERE name = ?;`, name).Scan(&encryptedData) err := db.QueryRow(`SELECT versions.data FROM versions JOIN states ON states.id = versions.state_id WHERE states.name = ? ORDER BY versions.id DESC LIMIT 1;`, name).Scan(&encryptedData)
if err != nil { if err != nil {
if errors.Is(err, sql.ErrNoRows) {
return []byte{}, nil
}
return nil, err return nil, err
} }
if encryptedData == nil { if encryptedData == nil {
@ -31,30 +36,49 @@ func (db *DB) GetState(name string) ([]byte, error) {
} }
// returns true in case of id mismatch // returns true in case of id mismatch
func (db *DB) SetState(name string, data []byte, id string) (bool, error) { func (db *DB) SetState(name string, data []byte, lockID string) (bool, error) {
encryptedData, err := db.dataEncryptionKey.EncryptAES256(data) encryptedData, err := db.dataEncryptionKey.EncryptAES256(data)
if err != nil { if err != nil {
return false, err return false, err
} }
if id == "" { tx, err := db.Begin()
_, err = db.Exec( if err != nil {
`INSERT INTO states(name, data) VALUES (:name, :data) ON CONFLICT DO UPDATE SET data = :data WHERE name = :name;`, return false, err
sql.Named("data", encryptedData), }
sql.Named("name", name), defer func() {
if err != nil {
_ = tx.Rollback()
}
}()
var (
stateID int64
lockData []byte
) )
if err = tx.QueryRowContext(db.ctx, `SELECT id, lock->>'ID' FROM states WHERE name = ?;`, name).Scan(&stateID, &lockData); err != nil {
if errors.Is(err, sql.ErrNoRows) {
var result sql.Result
result, err = tx.ExecContext(db.ctx, `INSERT INTO states(name) VALUES (?)`, name)
if err != nil {
return false, err return false, err
}
stateID, err = result.LastInsertId()
if err != nil {
return false, err
}
} else { } else {
result, err := db.Exec(`UPDATE states SET data = ? WHERE name = ? and lock->>'ID' = ?;`, encryptedData, name, id) return false, err
}
}
if lockID != "" && slices.Compare([]byte(lockID), lockData) != 0 {
err = fmt.Errorf("failed to update state, lock ID does not match")
return true, err
}
_, err = tx.ExecContext(db.ctx, `INSERT INTO versions(state_id, data) VALUES (?, ?);`, stateID, encryptedData)
if err != nil { if err != nil {
return false, err return false, err
} }
n, err := result.RowsAffected() // TODO delete old states
if err != nil { err = tx.Commit()
return false, err return false, err
}
if n != 1 {
return true, fmt.Errorf("failed to update state, lock ID does not match")
}
return false, nil
}
} }