mirror of
https://github.com/zitadel/zitadel.git
synced 2025-12-06 15:12:14 +00:00
2727fa719d
# Which Problems Are Solved
The event execution system currently uses a projection handler that
subscribes to and processes all events for all instances. This creates a
high static cost because the system over-fetches event data, handling
many events that are not needed by most instances. This inefficiency is
also reflected in high "rows returned" metrics in the database.
# How the Problems Are Solved
Eliminate the use of a project handler. Instead, events for which
"execution targets" are defined, are directly pushed to the queue by the
eventstore. A Router is populated in the Instance object in the authz
middleware.
- By joining the execution targets to the instance, no additional
queries are needed anymore.
- As part of the instance object, execution targets are now cached as
well.
- Events are queued within the same transaction, giving transactional
guarantees on delivery.
- Uses the "insert many fast` variant of River. Multiple jobs are queued
in a single round-trip to the database.
- Fix compatibility with PostgreSQL 15
# Additional Changes
- The signing key was stored as plain-text in the river job payload in
the DB. This violated our [Secrets
Storage](https://zitadel.com/docs/concepts/architecture/secrets#secrets-storage)
principle. This change removed the field and only uses the encrypted
version of the signing key.
- Fixed the target ordering from descending to ascending.
- Some minor linter warnings on the use of `io.WriteString()`.
# Additional Context
- Introduced in https://github.com/zitadel/zitadel/pull/9249
- Closes https://github.com/zitadel/zitadel/issues/10553
- Closes https://github.com/zitadel/zitadel/issues/9832
- Closes https://github.com/zitadel/zitadel/issues/10372
- Closes https://github.com/zitadel/zitadel/issues/10492
---------
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
(cherry picked from commit a9ebc06c77)
51 lines
1.2 KiB
Go
51 lines
1.2 KiB
Go
package target
|
|
|
|
import (
|
|
"time"
|
|
|
|
"github.com/zitadel/zitadel/internal/crypto"
|
|
)
|
|
|
|
type TargetType uint
|
|
|
|
const (
|
|
TargetTypeWebhook TargetType = iota
|
|
TargetTypeCall
|
|
TargetTypeAsync
|
|
)
|
|
|
|
type Target struct {
|
|
ExecutionID string `json:"execution_id,omitempty"`
|
|
TargetID string `json:"target_id,omitempty"`
|
|
TargetType TargetType `json:"target_type,omitempty"`
|
|
Endpoint string `json:"endpoint,omitempty"`
|
|
Timeout time.Duration `json:"timeout,omitempty"`
|
|
InterruptOnError bool `json:"interrupt_on_error,omitempty"`
|
|
SigningKey *crypto.CryptoValue `json:"signing_key,omitempty"`
|
|
}
|
|
|
|
func (e *Target) GetExecutionID() string {
|
|
return e.ExecutionID
|
|
}
|
|
func (e *Target) GetTargetID() string {
|
|
return e.TargetID
|
|
}
|
|
func (e *Target) IsInterruptOnError() bool {
|
|
return e.InterruptOnError
|
|
}
|
|
func (e *Target) GetEndpoint() string {
|
|
return e.Endpoint
|
|
}
|
|
func (e *Target) GetTargetType() TargetType {
|
|
return e.TargetType
|
|
}
|
|
func (e *Target) GetTimeout() time.Duration {
|
|
return e.Timeout
|
|
}
|
|
func (e *Target) GetSigningKey(alg crypto.EncryptionAlgorithm) (string, error) {
|
|
if e.SigningKey == nil {
|
|
return "", nil
|
|
}
|
|
return crypto.DecryptString(e.SigningKey, alg)
|
|
}
|