Merge branch 'main' into integration-tests

2025-08-12 01:47:33 +00:00 · 2023-04-27 12:47:35 +03:00
parent bd3820cc6c 86f4477ae1
commit 11ab645bb7
104 changed files with 5089 additions and 749 deletions
--- a/cmd/defaults.yaml
+++ b/cmd/defaults.yaml
@@ -321,6 +321,8 @@ SystemDefaults:
    ApplicationKeySize: 2048
  Multifactors:
    OTP:
+      # If this is empty, the issuer is the requested domain
+      # This is helpful in scenarios with multiple ZITADEL environments or virtual instances
      Issuer: "ZITADEL"
  DomainVerification:
    VerificationGenerator:
--- a/cmd/setup/03.go
+++ b/cmd/setup/03.go
@@ -76,6 +76,7 @@ func (mig *FirstInstance) Execute(ctx context.Context) error {
 		nil,
 		nil,
 		nil,
+		nil,
 	)

 	if err != nil {
--- a/cmd/setup/10.go
+++ b/cmd/setup/10.go
@@ -2,48 +2,62 @@ package setup

 import (
 	"context"
+	"database/sql"
 	_ "embed"
+	"time"

+	"github.com/cockroachdb/cockroach-go/v2/crdb"
 	"github.com/zitadel/logging"

 	"github.com/zitadel/zitadel/internal/database"
 )

 var (
-	//go:embed 10.sql
-	correctCreationDate10 string
+	//go:embed 10_create_temp_table.sql
+	correctCreationDate10CreateTable string
+	//go:embed 10_fill_table.sql
+	correctCreationDate10FillTable string
+	//go:embed 10_update.sql
+	correctCreationDate10Update string
 )

 type CorrectCreationDate struct {
-	dbClient *database.DB
+	dbClient  *database.DB
+	FailAfter time.Duration
 }

 func (mig *CorrectCreationDate) Execute(ctx context.Context) (err error) {
-	tx, err := mig.dbClient.Begin()
-	if err != nil {
-		return err
-	}
-	if mig.dbClient.Type() == "cockroach" {
-		if _, err := tx.Exec("SET experimental_enable_temp_tables=on"); err != nil {
-			return err
-		}
-	}
-	defer func() {
-		if err != nil {
-			logging.OnError(tx.Rollback()).Debug("rollback failed")
-			return
-		}
-		err = tx.Commit()
-	}()
+	ctx, cancel := context.WithTimeout(ctx, mig.FailAfter)
+	defer cancel()
+
 	for {
-		res, err := tx.ExecContext(ctx, correctCreationDate10)
-		if err != nil {
-			return err
-		}
-		affected, _ := res.RowsAffected()
-		logging.WithFields("count", affected).Info("creation dates changed")
-		if affected == 0 {
+		var affected int64
+		err = crdb.ExecuteTx(ctx, mig.dbClient.DB, nil, func(tx *sql.Tx) error {
+			if mig.dbClient.Type() == "cockroach" {
+				if _, err := tx.Exec("SET experimental_enable_temp_tables=on"); err != nil {
+					return err
+				}
+			}
+			_, err := tx.ExecContext(ctx, correctCreationDate10CreateTable)
+			if err != nil {
+				return err
+			}
+
+			_, err = tx.ExecContext(ctx, correctCreationDate10FillTable)
+			if err != nil {
+				return err
+			}
+
+			res, err := tx.ExecContext(ctx, correctCreationDate10Update)
+			if err != nil {
+				return err
+			}
+			affected, _ = res.RowsAffected()
+			logging.WithFields("count", affected).Info("creation dates changed")
 			return nil
+		})
+		if affected == 0 || err != nil {
+			return err
 		}
 	}
 }
--- a/cmd/setup/10_create_temp_table.sql
+++ b/cmd/setup/10_create_temp_table.sql
@@ -0,0 +1,6 @@
+CREATE temporary TABLE IF NOT EXISTS wrong_events (
+    instance_id TEXT
+    , event_sequence BIGINT
+    , current_cd TIMESTAMPTZ
+    , next_cd TIMESTAMPTZ
+);
--- a/cmd/setup/10_fill_table.sql
+++ b/cmd/setup/10_fill_table.sql
@@ -1,10 +1,3 @@
-CREATE temporary TABLE IF NOT EXISTS wrong_events (
-    instance_id TEXT
-    , event_sequence BIGINT
-    , current_cd TIMESTAMPTZ
-    , next_cd TIMESTAMPTZ
-);
-
 TRUNCATE wrong_events;

 INSERT INTO wrong_events (
@@ -24,5 +17,3 @@ INSERT INTO wrong_events (
    ORDER BY
        event_sequence DESC
 );
-
-UPDATE eventstore.events e SET creation_date = we.next_cd FROM wrong_events we WHERE e.event_sequence = we.event_sequence and e.instance_id = we.instance_id;
--- a/cmd/setup/10_update.sql
+++ b/cmd/setup/10_update.sql
@@ -0,0 +1 @@
+UPDATE eventstore.events e SET creation_date = we.next_cd FROM wrong_events we WHERE e.event_sequence = we.event_sequence and e.instance_id = we.instance_id;
--- a/cmd/setup/config.go
+++ b/cmd/setup/config.go
@@ -56,16 +56,16 @@ func MustNewConfig(v *viper.Viper) *Config {
 }

 type Steps struct {
-	s1ProjectionTable         *ProjectionTable
-	s2AssetsTable             *AssetTable
-	FirstInstance             *FirstInstance
-	s4EventstoreIndexes       *EventstoreIndexesNew
-	s5LastFailed              *LastFailed
-	s6OwnerRemoveColumns      *OwnerRemoveColumns
-	s7LogstoreTables          *LogstoreTables
-	s8AuthTokens              *AuthTokenIndexes
-	s9EventstoreIndexes2      *EventstoreIndexesNew
-	s10EventstoreCreationDate *CorrectCreationDate
+	s1ProjectionTable    *ProjectionTable
+	s2AssetsTable        *AssetTable
+	FirstInstance        *FirstInstance
+	s4EventstoreIndexes  *EventstoreIndexesNew
+	s5LastFailed         *LastFailed
+	s6OwnerRemoveColumns *OwnerRemoveColumns
+	s7LogstoreTables     *LogstoreTables
+	s8AuthTokens         *AuthTokenIndexes
+	s9EventstoreIndexes2 *EventstoreIndexesNew
+	CorrectCreationDate  *CorrectCreationDate
 }

 type encryptionKeyConfig struct {
--- a/cmd/setup/config_change.go
+++ b/cmd/setup/config_change.go
@@ -33,7 +33,8 @@ func (mig *externalConfigChange) Check() bool {
 }

 func (mig *externalConfigChange) Execute(ctx context.Context) error {
-	cmd, err := command.StartCommands(mig.es,
+	cmd, err := command.StartCommands(
+		mig.es,
 		systemdefaults.SystemDefaults{},
 		nil,
 		nil,
@@ -50,6 +51,7 @@ func (mig *externalConfigChange) Execute(ctx context.Context) error {
 		nil,
 		nil,
 		nil,
+		nil,
 	)

 	if err != nil {
--- a/cmd/setup/setup.go
+++ b/cmd/setup/setup.go
@@ -88,7 +88,7 @@ func Setup(config *Config, steps *Steps, masterKey string) {
 	steps.s7LogstoreTables = &LogstoreTables{dbClient: dbClient.DB, username: config.Database.Username(), dbType: config.Database.Type()}
 	steps.s8AuthTokens = &AuthTokenIndexes{dbClient: dbClient}
 	steps.s9EventstoreIndexes2 = New09(dbClient)
-	steps.s10EventstoreCreationDate = &CorrectCreationDate{dbClient: dbClient}
+	steps.CorrectCreationDate.dbClient = dbClient

 	err = projection.Create(ctx, dbClient, eventstoreClient, config.Projections, nil, nil)
 	logging.OnError(err).Fatal("unable to start projections")
@@ -124,7 +124,7 @@ func Setup(config *Config, steps *Steps, masterKey string) {
 	logging.OnError(err).Fatal("unable to migrate step 8")
 	err = migration.Migrate(ctx, eventstoreClient, steps.s9EventstoreIndexes2)
 	logging.OnError(err).Fatal("unable to migrate step 9")
-	err = migration.Migrate(ctx, eventstoreClient, steps.s10EventstoreCreationDate)
+	err = migration.Migrate(ctx, eventstoreClient, steps.CorrectCreationDate)
 	logging.OnError(err).Fatal("unable to migrate step 10")

 	for _, repeatableStep := range repeatableSteps {
--- a/cmd/setup/steps.yaml
+++ b/cmd/setup/steps.yaml
@@ -30,3 +30,5 @@ FirstInstance:
      MachineKey:
        ExpirationDate:
        Type:
+CorrectCreationDate:
+  FailAfter: 5m
--- a/cmd/start/start.go
+++ b/cmd/start/start.go
@@ -163,6 +163,7 @@ func startZitadel(config *Config, masterKey string, server chan<- *Server) error
 		keys.OIDC,
 		keys.SAML,
 		&http.Client{},
+		authZRepo,
 	)
 	if err != nil {
 		return fmt.Errorf("cannot start commands: %w", err)
@@ -288,7 +289,7 @@ func startAPIs(
 	if err := apis.RegisterServer(ctx, auth.CreateServer(commands, queries, authRepo, config.SystemDefaults, keys.User, config.ExternalSecure, config.AuditLogRetention)); err != nil {
 		return err
 	}
-	if err := apis.RegisterService(ctx, user.CreateServer(commands, queries)); err != nil {
+	if err := apis.RegisterService(ctx, user.CreateServer(commands, queries, keys.User)); err != nil {
 		return err
 	}
 	if err := apis.RegisterService(ctx, session.CreateServer(commands, queries)); err != nil {
				`@@ -0,0 +1 @@`
				`UPDATE eventstore.events e SET creation_date = we.next_cd FROM wrong_events we WHERE e.event_sequence = we.event_sequence and e.instance_id = we.instance_id;`