mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-12 00:27:31 +00:00
feat(eventstore): increase parallel write capabilities (#5940)
This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
This commit is contained in:
Silvan
@@ -7,8 +7,8 @@ import (
|
||||
"github.com/zitadel/zitadel/internal/domain"
|
||||
"github.com/zitadel/zitadel/internal/errors"
|
||||
"github.com/zitadel/zitadel/internal/eventstore"
|
||||
"github.com/zitadel/zitadel/internal/eventstore/handler"
|
||||
"github.com/zitadel/zitadel/internal/eventstore/handler/crdb"
|
||||
old_handler "github.com/zitadel/zitadel/internal/eventstore/handler"
|
||||
"github.com/zitadel/zitadel/internal/eventstore/handler/v2"
|
||||
"github.com/zitadel/zitadel/internal/repository/instance"
|
||||
"github.com/zitadel/zitadel/internal/repository/org"
|
||||
"github.com/zitadel/zitadel/internal/repository/project"
|
||||
@@ -33,46 +33,47 @@ const (
|
||||
AuthNKeyOwnerRemovedCol = "owner_removed"
|
||||
)
|
||||
|
||||
type authNKeyProjection struct {
|
||||
crdb.StatementHandler
|
||||
type authNKeyProjection struct{}
|
||||
|
||||
func newAuthNKeyProjection(ctx context.Context, config handler.Config) *handler.Handler {
|
||||
return handler.NewHandler(ctx, &config, new(authNKeyProjection))
|
||||
}
|
||||
|
||||
func newAuthNKeyProjection(ctx context.Context, config crdb.StatementHandlerConfig) *authNKeyProjection {
|
||||
p := new(authNKeyProjection)
|
||||
config.ProjectionName = AuthNKeyTable
|
||||
config.Reducers = p.reducers()
|
||||
config.InitCheck = crdb.NewTableCheck(
|
||||
crdb.NewTable([]*crdb.Column{
|
||||
crdb.NewColumn(AuthNKeyIDCol, crdb.ColumnTypeText),
|
||||
crdb.NewColumn(AuthNKeyCreationDateCol, crdb.ColumnTypeTimestamp),
|
||||
crdb.NewColumn(AuthNKeyChangeDateCol, crdb.ColumnTypeTimestamp),
|
||||
crdb.NewColumn(AuthNKeyResourceOwnerCol, crdb.ColumnTypeText),
|
||||
crdb.NewColumn(AuthNKeyInstanceIDCol, crdb.ColumnTypeText),
|
||||
crdb.NewColumn(AuthNKeyAggregateIDCol, crdb.ColumnTypeText),
|
||||
crdb.NewColumn(AuthNKeySequenceCol, crdb.ColumnTypeInt64),
|
||||
crdb.NewColumn(AuthNKeyObjectIDCol, crdb.ColumnTypeText),
|
||||
crdb.NewColumn(AuthNKeyExpirationCol, crdb.ColumnTypeTimestamp),
|
||||
crdb.NewColumn(AuthNKeyIdentifierCol, crdb.ColumnTypeText),
|
||||
crdb.NewColumn(AuthNKeyPublicKeyCol, crdb.ColumnTypeBytes),
|
||||
crdb.NewColumn(AuthNKeyEnabledCol, crdb.ColumnTypeBool, crdb.Default(true)),
|
||||
crdb.NewColumn(AuthNKeyTypeCol, crdb.ColumnTypeEnum, crdb.Default(0)),
|
||||
crdb.NewColumn(AuthNKeyOwnerRemovedCol, crdb.ColumnTypeBool, crdb.Default(false)),
|
||||
func (*authNKeyProjection) Name() string {
|
||||
return AuthNKeyTable
|
||||
}
|
||||
|
||||
func (*authNKeyProjection) Init() *old_handler.Check {
|
||||
return handler.NewTableCheck(
|
||||
handler.NewTable([]*handler.InitColumn{
|
||||
handler.NewColumn(AuthNKeyIDCol, handler.ColumnTypeText),
|
||||
handler.NewColumn(AuthNKeyCreationDateCol, handler.ColumnTypeTimestamp),
|
||||
handler.NewColumn(AuthNKeyChangeDateCol, handler.ColumnTypeTimestamp),
|
||||
handler.NewColumn(AuthNKeyResourceOwnerCol, handler.ColumnTypeText),
|
||||
handler.NewColumn(AuthNKeyInstanceIDCol, handler.ColumnTypeText),
|
||||
handler.NewColumn(AuthNKeyAggregateIDCol, handler.ColumnTypeText),
|
||||
handler.NewColumn(AuthNKeySequenceCol, handler.ColumnTypeInt64),
|
||||
handler.NewColumn(AuthNKeyObjectIDCol, handler.ColumnTypeText),
|
||||
handler.NewColumn(AuthNKeyExpirationCol, handler.ColumnTypeTimestamp),
|
||||
handler.NewColumn(AuthNKeyIdentifierCol, handler.ColumnTypeText),
|
||||
handler.NewColumn(AuthNKeyPublicKeyCol, handler.ColumnTypeBytes),
|
||||
handler.NewColumn(AuthNKeyEnabledCol, handler.ColumnTypeBool, handler.Default(true)),
|
||||
handler.NewColumn(AuthNKeyTypeCol, handler.ColumnTypeEnum, handler.Default(0)),
|
||||
handler.NewColumn(AuthNKeyOwnerRemovedCol, handler.ColumnTypeBool, handler.Default(false)),
|
||||
},
|
||||
crdb.NewPrimaryKey(AuthNKeyInstanceIDCol, AuthNKeyIDCol),
|
||||
crdb.WithIndex(crdb.NewIndex("enabled", []string{AuthNKeyEnabledCol})),
|
||||
crdb.WithIndex(crdb.NewIndex("identifier", []string{AuthNKeyIdentifierCol})),
|
||||
crdb.WithIndex(crdb.NewIndex("owner_removed", []string{AuthNKeyOwnerRemovedCol})),
|
||||
handler.NewPrimaryKey(AuthNKeyInstanceIDCol, AuthNKeyIDCol),
|
||||
handler.WithIndex(handler.NewIndex("enabled", []string{AuthNKeyEnabledCol})),
|
||||
handler.WithIndex(handler.NewIndex("identifier", []string{AuthNKeyIdentifierCol})),
|
||||
handler.WithIndex(handler.NewIndex("owner_removed", []string{AuthNKeyOwnerRemovedCol})),
|
||||
),
|
||||
)
|
||||
p.StatementHandler = crdb.NewStatementHandler(ctx, config)
|
||||
return p
|
||||
}
|
||||
|
||||
func (p *authNKeyProjection) reducers() []handler.AggregateReducer {
|
||||
func (p *authNKeyProjection) Reducers() []handler.AggregateReducer {
|
||||
return []handler.AggregateReducer{
|
||||
{
|
||||
Aggregate: project.AggregateType,
|
||||
EventRedusers: []handler.EventReducer{
|
||||
EventReducers: []handler.EventReducer{
|
||||
{
|
||||
Event: project.ApplicationKeyAddedEventType,
|
||||
Reduce: p.reduceAuthNKeyAdded,
|
||||
@@ -101,7 +102,7 @@ func (p *authNKeyProjection) reducers() []handler.AggregateReducer {
|
||||
},
|
||||
{
|
||||
Aggregate: user.AggregateType,
|
||||
EventRedusers: []handler.EventReducer{
|
||||
EventReducers: []handler.EventReducer{
|
||||
{
|
||||
Event: user.MachineKeyAddedEventType,
|
||||
Reduce: p.reduceAuthNKeyAdded,
|
||||
@@ -118,7 +119,7 @@ func (p *authNKeyProjection) reducers() []handler.AggregateReducer {
|
||||
},
|
||||
{
|
||||
Aggregate: org.AggregateType,
|
||||
EventRedusers: []handler.EventReducer{
|
||||
EventReducers: []handler.EventReducer{
|
||||
{
|
||||
Event: org.OrgRemovedEventType,
|
||||
Reduce: p.reduceOwnerRemoved,
|
||||
@@ -127,7 +128,7 @@ func (p *authNKeyProjection) reducers() []handler.AggregateReducer {
|
||||
},
|
||||
{
|
||||
Aggregate: instance.AggregateType,
|
||||
EventRedusers: []handler.EventReducer{
|
||||
EventReducers: []handler.EventReducer{
|
||||
{
|
||||
Event: instance.InstanceRemovedEventType,
|
||||
Reduce: reduceInstanceRemovedHelper(AuthNKeyInstanceIDCol),
|
||||
@@ -167,7 +168,7 @@ func (p *authNKeyProjection) reduceAuthNKeyAdded(event eventstore.Event) (*handl
|
||||
default:
|
||||
return nil, errors.ThrowInvalidArgumentf(nil, "PROJE-Dgb32", "reduce.wrong.event.type %v", []eventstore.EventType{project.ApplicationKeyAddedEventType, user.MachineKeyAddedEventType})
|
||||
}
|
||||
return crdb.NewCreateStatement(
|
||||
return handler.NewCreateStatement(
|
||||
&authNKeyEvent,
|
||||
[]handler.Column{
|
||||
handler.NewCol(AuthNKeyIDCol, authNKeyEvent.keyID),
|
||||
@@ -194,7 +195,7 @@ func (p *authNKeyProjection) reduceAuthNKeyEnabledChanged(event eventstore.Event
|
||||
switch e := event.(type) {
|
||||
case *project.APIConfigChangedEvent:
|
||||
if e.AuthMethodType == nil {
|
||||
return crdb.NewNoOpStatement(event), nil
|
||||
return handler.NewNoOpStatement(event), nil
|
||||
}
|
||||
appID = e.AppID
|
||||
enabled = *e.AuthMethodType == domain.APIAuthMethodTypePrivateKeyJWT
|
||||
@@ -202,7 +203,7 @@ func (p *authNKeyProjection) reduceAuthNKeyEnabledChanged(event eventstore.Event
|
||||
sequence = e.Sequence()
|
||||
case *project.OIDCConfigChangedEvent:
|
||||
if e.AuthMethodType == nil {
|
||||
return crdb.NewNoOpStatement(event), nil
|
||||
return handler.NewNoOpStatement(event), nil
|
||||
}
|
||||
appID = e.AppID
|
||||
enabled = *e.AuthMethodType == domain.OIDCAuthMethodTypePrivateKeyJWT
|
||||
@@ -211,7 +212,7 @@ func (p *authNKeyProjection) reduceAuthNKeyEnabledChanged(event eventstore.Event
|
||||
default:
|
||||
return nil, errors.ThrowInvalidArgumentf(nil, "PROJE-Dbrt1", "reduce.wrong.event.type %v", []eventstore.EventType{project.APIConfigChangedType, project.OIDCConfigChangedType})
|
||||
}
|
||||
return crdb.NewUpdateStatement(
|
||||
return handler.NewUpdateStatement(
|
||||
event,
|
||||
[]handler.Column{
|
||||
handler.NewCol(AuthNKeyChangeDateCol, changeDate),
|
||||
@@ -241,7 +242,7 @@ func (p *authNKeyProjection) reduceAuthNKeyRemoved(event eventstore.Event) (*han
|
||||
default:
|
||||
return nil, errors.ThrowInvalidArgumentf(nil, "PROJE-BGge42", "reduce.wrong.event.type %v", []eventstore.EventType{project.ApplicationKeyRemovedEventType, project.ApplicationRemovedType, project.ProjectRemovedType, user.MachineKeyRemovedEventType, user.UserRemovedType})
|
||||
}
|
||||
return crdb.NewDeleteStatement(
|
||||
return handler.NewDeleteStatement(
|
||||
event,
|
||||
[]handler.Condition{
|
||||
condition,
|
||||
@@ -256,7 +257,7 @@ func (p *authNKeyProjection) reduceOwnerRemoved(event eventstore.Event) (*handle
|
||||
return nil, errors.ThrowInvalidArgumentf(nil, "PROJE-Hyd1f", "reduce.wrong.event.type %s", org.OrgRemovedEventType)
|
||||
}
|
||||
|
||||
return crdb.NewDeleteStatement(
|
||||
return handler.NewDeleteStatement(
|
||||
e,
|
||||
[]handler.Condition{
|
||||
handler.NewCond(AuthNKeyInstanceIDCol, e.Aggregate().InstanceID),
|
||||
|
||||
Reference in New Issue
Block a user