feat(eventstore): increase parallel write capabilities (#5940)

This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2025-08-11 21:17:32 +00:00 · 2023-10-19 12:19:10 +02:00
parent 259faba3f0
commit b5564572bc
791 changed files with 30326 additions and 43202 deletions
--- a/internal/query/projection/user_auth_method.go
+++ b/internal/query/projection/user_auth_method.go
@@ -6,8 +6,8 @@ import (
 	"github.com/zitadel/zitadel/internal/domain"
 	"github.com/zitadel/zitadel/internal/errors"
 	"github.com/zitadel/zitadel/internal/eventstore"
-	"github.com/zitadel/zitadel/internal/eventstore/handler"
-	"github.com/zitadel/zitadel/internal/eventstore/handler/crdb"
+	old_handler "github.com/zitadel/zitadel/internal/eventstore/handler"
+	"github.com/zitadel/zitadel/internal/eventstore/handler/v2"
 	"github.com/zitadel/zitadel/internal/repository/instance"
 	"github.com/zitadel/zitadel/internal/repository/org"
 	"github.com/zitadel/zitadel/internal/repository/user"
@@ -29,42 +29,43 @@ const (
 	UserAuthMethodOwnerRemovedCol  = "owner_removed"
 )

-type userAuthMethodProjection struct {
-	crdb.StatementHandler
+type userAuthMethodProjection struct{}
+
+func newUserAuthMethodProjection(ctx context.Context, config handler.Config) *handler.Handler {
+	return handler.NewHandler(ctx, &config, new(userAuthMethodProjection))
 }

-func newUserAuthMethodProjection(ctx context.Context, config crdb.StatementHandlerConfig) *userAuthMethodProjection {
-	p := new(userAuthMethodProjection)
-	config.ProjectionName = UserAuthMethodTable
-	config.Reducers = p.reducers()
-	config.InitCheck = crdb.NewTableCheck(
-		crdb.NewTable([]*crdb.Column{
-			crdb.NewColumn(UserAuthMethodUserIDCol, crdb.ColumnTypeText),
-			crdb.NewColumn(UserAuthMethodTypeCol, crdb.ColumnTypeEnum),
-			crdb.NewColumn(UserAuthMethodTokenIDCol, crdb.ColumnTypeText),
-			crdb.NewColumn(UserAuthMethodCreationDateCol, crdb.ColumnTypeTimestamp),
-			crdb.NewColumn(UserAuthMethodChangeDateCol, crdb.ColumnTypeTimestamp),
-			crdb.NewColumn(UserAuthMethodSequenceCol, crdb.ColumnTypeInt64),
-			crdb.NewColumn(UserAuthMethodStateCol, crdb.ColumnTypeEnum),
-			crdb.NewColumn(UserAuthMethodResourceOwnerCol, crdb.ColumnTypeText),
-			crdb.NewColumn(UserAuthMethodInstanceIDCol, crdb.ColumnTypeText),
-			crdb.NewColumn(UserAuthMethodNameCol, crdb.ColumnTypeText),
-			crdb.NewColumn(UserAuthMethodOwnerRemovedCol, crdb.ColumnTypeBool, crdb.Default(false)),
+func (*userAuthMethodProjection) Name() string {
+	return UserAuthMethodTable
+}
+
+func (*userAuthMethodProjection) Init() *old_handler.Check {
+	return handler.NewTableCheck(
+		handler.NewTable([]*handler.InitColumn{
+			handler.NewColumn(UserAuthMethodUserIDCol, handler.ColumnTypeText),
+			handler.NewColumn(UserAuthMethodTypeCol, handler.ColumnTypeEnum),
+			handler.NewColumn(UserAuthMethodTokenIDCol, handler.ColumnTypeText),
+			handler.NewColumn(UserAuthMethodCreationDateCol, handler.ColumnTypeTimestamp),
+			handler.NewColumn(UserAuthMethodChangeDateCol, handler.ColumnTypeTimestamp),
+			handler.NewColumn(UserAuthMethodSequenceCol, handler.ColumnTypeInt64),
+			handler.NewColumn(UserAuthMethodStateCol, handler.ColumnTypeEnum),
+			handler.NewColumn(UserAuthMethodResourceOwnerCol, handler.ColumnTypeText),
+			handler.NewColumn(UserAuthMethodInstanceIDCol, handler.ColumnTypeText),
+			handler.NewColumn(UserAuthMethodNameCol, handler.ColumnTypeText),
+			handler.NewColumn(UserAuthMethodOwnerRemovedCol, handler.ColumnTypeBool, handler.Default(false)),
 		},
-			crdb.NewPrimaryKey(UserAuthMethodInstanceIDCol, UserAuthMethodUserIDCol, UserAuthMethodTypeCol, UserAuthMethodTokenIDCol),
-			crdb.WithIndex(crdb.NewIndex("resource_owner", []string{UserAuthMethodResourceOwnerCol})),
-			crdb.WithIndex(crdb.NewIndex("owner_removed", []string{UserAuthMethodOwnerRemovedCol})),
+			handler.NewPrimaryKey(UserAuthMethodInstanceIDCol, UserAuthMethodUserIDCol, UserAuthMethodTypeCol, UserAuthMethodTokenIDCol),
+			handler.WithIndex(handler.NewIndex("resource_owner", []string{UserAuthMethodResourceOwnerCol})),
+			handler.WithIndex(handler.NewIndex("owner_removed", []string{UserAuthMethodOwnerRemovedCol})),
 		),
 	)
-	p.StatementHandler = crdb.NewStatementHandler(ctx, config)
-	return p
 }

-func (p *userAuthMethodProjection) reducers() []handler.AggregateReducer {
+func (p *userAuthMethodProjection) Reducers() []handler.AggregateReducer {
 	return []handler.AggregateReducer{
 		{
 			Aggregate: user.AggregateType,
-			EventRedusers: []handler.EventReducer{
+			EventReducers: []handler.EventReducer{
 				{
 					Event:  user.HumanPasswordlessTokenAddedType,
 					Reduce: p.reduceInitAuthMethod,
@@ -129,7 +130,7 @@ func (p *userAuthMethodProjection) reducers() []handler.AggregateReducer {
 		},
 		{
 			Aggregate: org.AggregateType,
-			EventRedusers: []handler.EventReducer{
+			EventReducers: []handler.EventReducer{
 				{
 					Event:  org.OrgRemovedEventType,
 					Reduce: p.reduceOwnerRemoved,
@@ -138,7 +139,7 @@ func (p *userAuthMethodProjection) reducers() []handler.AggregateReducer {
 		},
 		{
 			Aggregate: instance.AggregateType,
-			EventRedusers: []handler.EventReducer{
+			EventReducers: []handler.EventReducer{
 				{
 					Event:  instance.InstanceRemovedEventType,
 					Reduce: reduceInstanceRemovedHelper(UserAuthMethodInstanceIDCol),
@@ -164,7 +165,7 @@ func (p *userAuthMethodProjection) reduceInitAuthMethod(event eventstore.Event)
 		return nil, errors.ThrowInvalidArgumentf(nil, "PROJE-f92f", "reduce.wrong.event.type %v", []eventstore.EventType{user.HumanPasswordlessTokenAddedType, user.HumanU2FTokenAddedType})
 	}

-	return crdb.NewUpsertStatement(
+	return handler.NewUpsertStatement(
 		event,
 		[]handler.Column{
 			handler.NewCol(UserAuthMethodInstanceIDCol, nil),
@@ -174,8 +175,8 @@ func (p *userAuthMethodProjection) reduceInitAuthMethod(event eventstore.Event)
 		},
 		[]handler.Column{
 			handler.NewCol(UserAuthMethodTokenIDCol, tokenID),
-			handler.NewCol(UserAuthMethodCreationDateCol, event.CreationDate()),
-			handler.NewCol(UserAuthMethodChangeDateCol, event.CreationDate()),
+			handler.NewCol(UserAuthMethodCreationDateCol, event.CreatedAt()),
+			handler.NewCol(UserAuthMethodChangeDateCol, event.CreatedAt()),
 			handler.NewCol(UserAuthMethodResourceOwnerCol, event.Aggregate().ResourceOwner),
 			handler.NewCol(UserAuthMethodInstanceIDCol, event.Aggregate().InstanceID),
 			handler.NewCol(UserAuthMethodUserIDCol, event.Aggregate().ID),
@@ -208,10 +209,10 @@ func (p *userAuthMethodProjection) reduceActivateEvent(event eventstore.Event) (
 		return nil, errors.ThrowInvalidArgumentf(nil, "PROJE-f92f", "reduce.wrong.event.type %v", []eventstore.EventType{user.HumanPasswordlessTokenAddedType, user.HumanU2FTokenAddedType})
 	}

-	return crdb.NewUpdateStatement(
+	return handler.NewUpdateStatement(
 		event,
 		[]handler.Column{
-			handler.NewCol(UserAuthMethodChangeDateCol, event.CreationDate()),
+			handler.NewCol(UserAuthMethodChangeDateCol, event.CreatedAt()),
 			handler.NewCol(UserAuthMethodSequenceCol, event.Sequence()),
 			handler.NewCol(UserAuthMethodNameCol, name),
 			handler.NewCol(UserAuthMethodStateCol, domain.MFAStateReady),
@@ -237,12 +238,12 @@ func (p *userAuthMethodProjection) reduceAddAuthMethod(event eventstore.Event) (
 		return nil, errors.ThrowInvalidArgumentf(nil, "PROJE-DS4g3", "reduce.wrong.event.type %v", []eventstore.EventType{user.HumanOTPSMSAddedType, user.HumanOTPEmailAddedType})
 	}

-	return crdb.NewCreateStatement(
+	return handler.NewCreateStatement(
 		event,
 		[]handler.Column{
 			handler.NewCol(UserAuthMethodTokenIDCol, ""),
-			handler.NewCol(UserAuthMethodCreationDateCol, event.CreationDate()),
-			handler.NewCol(UserAuthMethodChangeDateCol, event.CreationDate()),
+			handler.NewCol(UserAuthMethodCreationDateCol, event.CreatedAt()),
+			handler.NewCol(UserAuthMethodChangeDateCol, event.CreatedAt()),
 			handler.NewCol(UserAuthMethodResourceOwnerCol, event.Aggregate().ResourceOwner),
 			handler.NewCol(UserAuthMethodInstanceIDCol, event.Aggregate().InstanceID),
 			handler.NewCol(UserAuthMethodUserIDCol, event.Aggregate().ID),
@@ -286,7 +287,7 @@ func (p *userAuthMethodProjection) reduceRemoveAuthMethod(event eventstore.Event
 	if tokenID != "" {
 		conditions = append(conditions, handler.NewCond(UserAuthMethodTokenIDCol, tokenID))
 	}
-	return crdb.NewDeleteStatement(
+	return handler.NewDeleteStatement(
 		event,
 		conditions,
 	), nil
@@ -298,7 +299,7 @@ func (p *userAuthMethodProjection) reduceOwnerRemoved(event eventstore.Event) (*
 		return nil, errors.ThrowInvalidArgumentf(nil, "PROJE-FwDZ8", "reduce.wrong.event.type %s", org.OrgRemovedEventType)
 	}

-	return crdb.NewDeleteStatement(
+	return handler.NewDeleteStatement(
 		e,
 		[]handler.Condition{
 			handler.NewCond(UserAuthMethodInstanceIDCol, e.Aggregate().InstanceID),