6af7f2db69bcd25b3c0152c1ae07f7f165c55681-PR-573

Committed 24 Jan 2025 12:13PM UTC coverage: 46.518% (-0.8%) from 47.304%

Build # 6af7f2db69bcd25b3c0152c1ae07f7f165c55681-PR-573

Build Type

Pull #573

github

Committed by

hauleth

Commit Message

chore: ignore tests support files in coverage reports

Pull Request Pull Request #573: chore: ignore tests support files in coverage reports

Run Details

962 of 2068 relevant lines covered (46.52%)

206.71 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

78.05

/lib/supavisor/secret_checker.ex

defmodule Supavisor.SecretChecker do
  @moduledoc false

  use GenServer
  require Logger

  alias Supavisor.Helpers

  @interval :timer.seconds(15)

  def start_link(args) do
    name = {:via, Registry, {Supavisor.Registry.Tenants, {:secret_checker, args.id}}}

    GenServer.start_link(__MODULE__, args, name: name)
  end

  def init(args) do
    Logger.debug("SecretChecker: Starting secret checker")
    tenant = Supavisor.tenant(args.id)

    %{auth: auth, user: user} = Enum.find(args.replicas, fn e -> e.replica_type == :write end)

    state = %{
      tenant: tenant,
      auth: auth,
      user: user,
      key: {:secrets, tenant, user},
      ttl: args[:ttl] || :timer.hours(24),
      conn: nil,
      check_ref: check()
    }

    Logger.metadata(project: tenant, user: user)
    {:ok, state, {:continue, :init_conn}}
  end

  def handle_continue(:init_conn, %{auth: auth} = state) do
    ssl_opts =
      if auth.upstream_ssl and auth.upstream_verify == "peer" do
        [
          {:verify, :verify_peer},
          {:cacerts, [Helpers.upstream_cert(auth.upstream_tls_ca)]},
          {:server_name_indication, auth.host},
          {:customize_hostname_check, [{:match_fun, fn _, _ -> true end}]}
        ]
      end

    {:ok, conn} =
      Postgrex.start_link(
        hostname: auth.host,
        port: auth.port,
        database: auth.database,
        password: auth.password.(),
        username: auth.user,
        parameters: [application_name: "Supavisor auth_query"],
        ssl: auth.upstream_ssl,
        socket_options: [
          auth.ip_version
        ],
        queue_target: 1_000,
        queue_interval: 5_000,
        ssl_opts: ssl_opts || []
      )

    # kill the postgrex connection if the current process exits unexpectedly
    Process.link(conn)
    {:noreply, %{state | conn: conn}}
  end

  def handle_info(:check, state) do
    check_secrets(state)
    {:noreply, %{state | check_ref: check()}}
  end

  def handle_info(msg, state) do
    Logger.error("Unexpected message: #{inspect(msg)}")
    {:noreply, state}
  end

  def terminate(_, state) do
    :gen_statem.stop(state.conn)
    :ok
  end

  def check(interval \\ @interval),
    do: Process.send_after(self(), :check, interval)

  def check_secrets(%{auth: auth, user: user, conn: conn} = state) do
    case Helpers.get_user_secret(conn, auth.auth_query, user) do
      {:ok, secret} ->
        method = if secret.digest == :md5, do: :auth_query_md5, else: :auth_query
        secrets = Map.put(secret, :alias, auth.alias)

        update_cache =
          case Cachex.get(Supavisor.Cache, state.key) do
            {:ok, {:cached, {_, {old_method, old_secrets}}}} ->
              method != old_method or secrets != old_secrets.()

            other ->
              Logger.error("Failed to get cache: #{inspect(other)}")
              true
          end

        if update_cache do
          Logger.info("Secrets changed or not present, updating cache")
          value = {:ok, {method, fn -> secrets end}}
          Cachex.put(Supavisor.Cache, state.key, {:cached, value}, expire: :timer.hours(24))
        end

      other ->
        Logger.error("Failed to get secret: #{inspect(other)}")
    end
  end
end

1	defmodule Supavisor.SecretChecker do
2	@moduledoc false
3
4	use GenServer
5	require Logger
6
7	alias Supavisor.Helpers
8
9	@interval :timer.seconds(15)
10
11	def start_link(args) do
12	name = {:via, Registry, {Supavisor.Registry.Tenants, {:secret_checker, args.id}}}	20✔
13
14	GenServer.start_link(__MODULE__, args, name: name)	20✔
15	end
16
17	def init(args) do
18	Logger.debug("SecretChecker: Starting secret checker")	20✔
19	tenant = Supavisor.tenant(args.id)	20✔
20
21	%{auth: auth, user: user} = Enum.find(args.replicas, fn e -> e.replica_type == :write end)	20✔
22
23	state = %{	20✔
24	tenant: tenant,
25	auth: auth,
26	user: user,
27	key: {:secrets, tenant, user},
28	ttl: args[:ttl] \|\| :timer.hours(24),	20✔
29	conn: nil,
30	check_ref: check()
31	}
32
33	Logger.metadata(project: tenant, user: user)	20✔
34	{:ok, state, {:continue, :init_conn}}	20✔
35	end
36
37	def handle_continue(:init_conn, %{auth: auth} = state) do
38	ssl_opts =	20✔
39	if auth.upstream_ssl and auth.upstream_verify == "peer" do	20✔
40	[
41	{:verify, :verify_peer},
42	{:cacerts, [Helpers.upstream_cert(auth.upstream_tls_ca)]},	×
43	{:server_name_indication, auth.host},	×
44	{:customize_hostname_check, [{:match_fun, fn _, _ -> true end}]}	×
45	]
46	end
47
48	{:ok, conn} =	20✔
49	Postgrex.start_link(
50	hostname: auth.host,	20✔
51	port: auth.port,	20✔
52	database: auth.database,	20✔
53	password: auth.password.(),	20✔
54	username: auth.user,	20✔
55	parameters: [application_name: "Supavisor auth_query"],
56	ssl: auth.upstream_ssl,	20✔
57	socket_options: [
58	auth.ip_version	20✔
59	],
60	queue_target: 1_000,
61	queue_interval: 5_000,
62	ssl_opts: ssl_opts \|\| []	20✔
63	)
64
65	# kill the postgrex connection if the current process exits unexpectedly
66	Process.link(conn)	20✔
67	{:noreply, %{state \| conn: conn}}
68	end
69
70	def handle_info(:check, state) do
71	check_secrets(state)	3✔
72	{:noreply, %{state \| check_ref: check()}}
73	end
74
75	def handle_info(msg, state) do
76	Logger.error("Unexpected message: #{inspect(msg)}")	×
77	{:noreply, state}
78	end
79
80	def terminate(_, state) do
81	:gen_statem.stop(state.conn)	×
82	:ok
83	end
84
85	def check(interval \\ @interval),	23✔
86	do: Process.send_after(self(), :check, interval)	23✔
87
88	def check_secrets(%{auth: auth, user: user, conn: conn} = state) do
89	case Helpers.get_user_secret(conn, auth.auth_query, user) do	3✔
90	{:ok, secret} ->
91	method = if secret.digest == :md5, do: :auth_query_md5, else: :auth_query	2✔
92	secrets = Map.put(secret, :alias, auth.alias)	2✔
93
94	update_cache =	2✔
95	case Cachex.get(Supavisor.Cache, state.key) do	2✔
96	{:ok, {:cached, {_, {old_method, old_secrets}}}} ->
97	method != old_method or secrets != old_secrets.()	2✔
98
99	other ->
100	Logger.error("Failed to get cache: #{inspect(other)}")	×
101	true
102	end
103
104	if update_cache do	2✔
105	Logger.info("Secrets changed or not present, updating cache")	×
106	value = {:ok, {method, fn -> secrets end}}	×
107	Cachex.put(Supavisor.Cache, state.key, {:cached, value}, expire: :timer.hours(24))	×
108	end
109
110	other ->
111	Logger.error("Failed to get secret: #{inspect(other)}")	1✔
112	end
113	end
114	end

supabase / supavisor / 6af7f2db69bcd25b3c0152c1ae07f7f165c55681-PR-573

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous