mirror of
https://github.com/zitadel/zitadel.git
synced 2025-12-06 16:52:18 +00:00
2727fa719d
# Which Problems Are Solved
The event execution system currently uses a projection handler that
subscribes to and processes all events for all instances. This creates a
high static cost because the system over-fetches event data, handling
many events that are not needed by most instances. This inefficiency is
also reflected in high "rows returned" metrics in the database.
# How the Problems Are Solved
Eliminate the use of a project handler. Instead, events for which
"execution targets" are defined, are directly pushed to the queue by the
eventstore. A Router is populated in the Instance object in the authz
middleware.
- By joining the execution targets to the instance, no additional
queries are needed anymore.
- As part of the instance object, execution targets are now cached as
well.
- Events are queued within the same transaction, giving transactional
guarantees on delivery.
- Uses the "insert many fast` variant of River. Multiple jobs are queued
in a single round-trip to the database.
- Fix compatibility with PostgreSQL 15
# Additional Changes
- The signing key was stored as plain-text in the river job payload in
the DB. This violated our [Secrets
Storage](https://zitadel.com/docs/concepts/architecture/secrets#secrets-storage)
principle. This change removed the field and only uses the encrypted
version of the signing key.
- Fixed the target ordering from descending to ascending.
- Some minor linter warnings on the use of `io.WriteString()`.
# Additional Context
- Introduced in https://github.com/zitadel/zitadel/pull/9249
- Closes https://github.com/zitadel/zitadel/issues/10553
- Closes https://github.com/zitadel/zitadel/issues/9832
- Closes https://github.com/zitadel/zitadel/issues/10372
- Closes https://github.com/zitadel/zitadel/issues/10492
---------
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
(cherry picked from commit a9ebc06c77)
168 lines
4.0 KiB
Go
168 lines
4.0 KiB
Go
package eventstore
|
|
|
|
import (
|
|
"context"
|
|
"database/sql"
|
|
_ "embed"
|
|
"fmt"
|
|
|
|
"github.com/riverqueue/river"
|
|
"github.com/zitadel/logging"
|
|
|
|
"github.com/zitadel/zitadel/internal/api/authz"
|
|
"github.com/zitadel/zitadel/internal/database"
|
|
"github.com/zitadel/zitadel/internal/eventstore"
|
|
"github.com/zitadel/zitadel/internal/queue"
|
|
exec_repo "github.com/zitadel/zitadel/internal/repository/execution"
|
|
"github.com/zitadel/zitadel/internal/telemetry/tracing"
|
|
)
|
|
|
|
var pushTxOpts = &sql.TxOptions{
|
|
Isolation: sql.LevelReadCommitted,
|
|
ReadOnly: false,
|
|
}
|
|
|
|
func (es *Eventstore) Push(ctx context.Context, client database.ContextQueryExecuter, commands ...eventstore.Command) (events []eventstore.Event, err error) {
|
|
ctx, span := tracing.NewSpan(ctx)
|
|
defer func() { span.EndWithError(err) }()
|
|
|
|
events, err = es.writeCommands(ctx, client, commands)
|
|
if isSetupNotExecutedError(err) {
|
|
return es.pushWithoutFunc(ctx, client, commands...)
|
|
}
|
|
|
|
return events, err
|
|
}
|
|
|
|
func (es *Eventstore) writeCommands(ctx context.Context, client database.ContextQueryExecuter, commands []eventstore.Command) (_ []eventstore.Event, err error) {
|
|
var conn *sql.Conn
|
|
switch c := client.(type) {
|
|
case database.Client:
|
|
conn, err = c.Conn(ctx)
|
|
case nil:
|
|
conn, err = es.client.Conn(ctx)
|
|
client = conn
|
|
}
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if conn != nil {
|
|
defer conn.Close()
|
|
}
|
|
|
|
tx, close, err := es.pushTx(ctx, client)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if close != nil {
|
|
defer func() {
|
|
err = close(err)
|
|
}()
|
|
}
|
|
|
|
_, err = tx.ExecContext(ctx, fmt.Sprintf("SET LOCAL application_name = '%s'", fmt.Sprintf("zitadel_es_pusher_%s", authz.GetInstance(ctx).InstanceID())))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
events, err := writeEvents(ctx, tx, commands)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err = handleUniqueConstraints(ctx, tx, commands); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
err = es.handleFieldCommands(ctx, tx, commands)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
err = es.queueExecutions(ctx, tx, events)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return events, nil
|
|
}
|
|
|
|
func writeEvents(ctx context.Context, tx database.Tx, commands []eventstore.Command) (_ []eventstore.Event, err error) {
|
|
ctx, span := tracing.NewSpan(ctx)
|
|
defer func() { span.EndWithError(err) }()
|
|
|
|
events, cmds, err := commandsToEvents(ctx, commands)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
rows, err := tx.QueryContext(ctx, `select owner, created_at, "sequence", position from eventstore.push($1::eventstore.command[])`, cmds)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer rows.Close()
|
|
|
|
for i := 0; rows.Next(); i++ {
|
|
err = rows.Scan(&events[i].(*event).command.Owner, &events[i].(*event).createdAt, &events[i].(*event).sequence, &events[i].(*event).position)
|
|
if err != nil {
|
|
logging.WithError(err).Warn("failed to scan events")
|
|
return nil, err
|
|
}
|
|
}
|
|
if err = rows.Err(); err != nil {
|
|
return nil, err
|
|
}
|
|
return events, nil
|
|
}
|
|
|
|
func (es *Eventstore) queueExecutions(ctx context.Context, tx database.Tx, events []eventstore.Event) error {
|
|
if es.queue == nil {
|
|
return nil
|
|
}
|
|
|
|
sqlTx, ok := tx.(*sql.Tx)
|
|
if !ok {
|
|
types := make([]string, len(events))
|
|
for i, event := range events {
|
|
types[i] = string(event.Type())
|
|
}
|
|
logging.WithFields("event_types", types).Warningf("event executions skipped: wrong type of transaction %T", tx)
|
|
return nil
|
|
}
|
|
jobArgs, err := eventsToJobArgs(ctx, events)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if len(jobArgs) == 0 {
|
|
return nil
|
|
}
|
|
return es.queue.InsertManyFastTx(
|
|
ctx, sqlTx, jobArgs,
|
|
queue.WithQueueName(exec_repo.QueueName),
|
|
)
|
|
}
|
|
|
|
func eventsToJobArgs(ctx context.Context, events []eventstore.Event) ([]river.JobArgs, error) {
|
|
if len(events) == 0 {
|
|
return nil, nil
|
|
}
|
|
router := authz.GetInstance(ctx).ExecutionRouter()
|
|
if router.IsZero() {
|
|
return nil, nil
|
|
}
|
|
|
|
jobArgs := make([]river.JobArgs, 0, len(events))
|
|
for _, event := range events {
|
|
targets, ok := router.GetEventBestMatch(fmt.Sprintf("event/%s", event.Type()))
|
|
if !ok {
|
|
continue
|
|
}
|
|
req, err := exec_repo.NewRequest(event, targets)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
jobArgs = append(jobArgs, req)
|
|
}
|
|
return jobArgs, nil
|
|
}
|