TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-12-24 19:49:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
adc8fb201371fcf5c64c6c8bd123161f9fb71ed7
zitadel/internal/api/authz/instance_test.go
Tim Möhlmann a9ebc06c77 perf(actionsv2): execution target router (#10564) 
# Which Problems Are Solved

The event execution system currently uses a projection handler that
subscribes to and processes all events for all instances. This creates a
high static cost because the system over-fetches event data, handling
many events that are not needed by most instances. This inefficiency is
also reflected in high "rows returned" metrics in the database.

# How the Problems Are Solved

Eliminate the use of a project handler. Instead, events for which
"execution targets" are defined, are directly pushed to the queue by the
eventstore. A Router is populated in the Instance object in the authz
middleware.

- By joining the execution targets to the instance, no additional
queries are needed anymore.
- As part of the instance object, execution targets are now cached as
well.
- Events are queued within the same transaction, giving transactional
guarantees on delivery.
- Uses the "insert many fast` variant of River. Multiple jobs are queued
in a single round-trip to the database.
- Fix compatibility with PostgreSQL 15

# Additional Changes

- The signing key was stored as plain-text in the river job payload in
the DB. This violated our [Secrets
Storage](https://zitadel.com/docs/concepts/architecture/secrets#secrets-storage)
principle. This change removed the field and only uses the encrypted
version of the signing key.
- Fixed the target ordering from descending to ascending.
- Some minor linter warnings on the use of `io.WriteString()`.

# Additional Context

- Introduced in https://github.com/zitadel/zitadel/pull/9249
- Closes https://github.com/zitadel/zitadel/issues/10553
- Closes https://github.com/zitadel/zitadel/issues/9832
- Closes https://github.com/zitadel/zitadel/issues/10372
- Closes https://github.com/zitadel/zitadel/issues/10492

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2025-09-01 07:21:10 +02:00

137 lines
2.5 KiB
Go
Raw Blame History

package authz
import (
"context"
"testing"
"time"
"github.com/stretchr/testify/assert"
"golang.org/x/text/language"
"github.com/zitadel/zitadel/internal/execution/target"
"github.com/zitadel/zitadel/internal/feature"
)
func Test_Instance(t *testing.T) {
type args struct {
ctx context.Context
}
type res struct {
instanceID string
projectID string
consoleID string
features feature.Features
}
tests := []struct {
name string
args args
res res
}{
{
"empty context",
args{
context.Background(),
},
res{
instanceID: "",
projectID: "",
consoleID: "",
},
},
{
"WithInstanceID",
args{
WithInstanceID(context.Background(), "id"),
},
res{
instanceID: "id",
projectID: "",
consoleID: "",
},
},
{
"WithInstance",
args{
WithInstance(context.Background(), &mockInstance{}),
},
res{
instanceID: "instanceID",
projectID: "projectID",
consoleID: "consoleID",
},
},
{
"WithFeatures",
args{
WithFeatures(context.Background(), feature.Features{
LoginDefaultOrg: true,
}),
},
res{
features: feature.Features{
LoginDefaultOrg: true,
},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got := GetInstance(tt.args.ctx)
assert.Equal(t, tt.res.instanceID, got.InstanceID())
assert.Equal(t, tt.res.projectID, got.ProjectID())
assert.Equal(t, tt.res.consoleID, got.ConsoleClientID())
assert.Equal(t, tt.res.features, got.Features())
})
}
}
type mockInstance struct{}
func (m *mockInstance) Block() *bool {
panic("shouldn't be called here")
}
func (m *mockInstance) AuditLogRetention() *time.Duration {
panic("shouldn't be called here")
}
func (m *mockInstance) InstanceID() string {
return "instanceID"
}
func (m *mockInstance) ProjectID() string {
return "projectID"
}
func (m *mockInstance) ConsoleClientID() string {
return "consoleID"
}
func (m *mockInstance) ConsoleApplicationID() string {
return "appID"
}
func (m *mockInstance) DefaultLanguage() language.Tag {
return language.English
}
func (m *mockInstance) DefaultOrganisationID() string {
return "orgID"
}
func (m *mockInstance) SecurityPolicyAllowedOrigins() []string {
return nil
}
func (m *mockInstance) EnableImpersonation() bool {
return false
}
func (m *mockInstance) Features() feature.Features {
return feature.Features{}
}
func (m *mockInstance) ExecutionRouter() target.Router {
return target.NewRouter(nil)
}
Reference in New Issue View Git Blame Copy Permalink