APPS-1436 Add static fields validation in update config handler (#299)

* use default for max size * add validation * add empty test * add test for validation * linter warning * add lock to applier * use regular mutex
aerospike · Jan 1, 2025 · f575d4c · f575d4c
1 parent 71e33b4
commit f575d4c
Show file tree

Hide file tree

Showing 8 changed files with 171 additions and 129 deletions.
diff --git a/internal/server/handlers/config.go b/internal/server/handlers/config.go
@@ -71,6 +71,17 @@ func (s *Service) updateConfig(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	// validate static fields.
+	oldConfig := dto.NewConfigFromModel(s.config)
+	if err := validation.ValidateStaticFieldChanges(oldConfig, newConfig); err != nil {
+		hLogger.Error("static configuration has changed",
+			slog.Any("error", err),
+		)
+		err := fmt.Errorf("static configuration has changed: %w", err)
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+
 	newConfigModel, err := newConfig.ToModel(s.nsValidator)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusBadRequest)

diff --git a/internal/util/util.go b/internal/util/util.go
@@ -36,7 +36,7 @@ func logWriter(config *model.LoggerConfig) io.Writer {
 	if config.FileWriter != nil {
 		fileWriter := &lumberjack.Logger{
 			Filename:   config.FileWriter.Filename,
-			MaxSize:    config.FileWriter.MaxSize,
+			MaxSize:    config.FileWriter.GetMaxSizeOrDefault(),
 			MaxBackups: config.FileWriter.MaxBackups,
 			MaxAge:     config.FileWriter.MaxAge,
 			Compress:   config.FileWriter.Compress,

diff --git a/pkg/dto/compare_test.go b/pkg/dto/compare_test.go
@@ -359,6 +359,15 @@ func TestLoggerConfig_Compare(t *testing.T) {
 				"Filename changed: app.log -> new.log",
 			},
 		},
+		{
+			name: "empty configs",
+			current: &LoggerConfig{
+				FileWriter: &FileLoggerConfig{},
+			},
+			other: &LoggerConfig{
+				FileWriter: &FileLoggerConfig{},
+			},
+		},
 	}
 
 	for _, tt := range tests {

diff --git a/pkg/dto/convert_test.go b/pkg/dto/convert_test.go
@@ -8,161 +8,171 @@ import (
 	"github.com/aerospike/aerospike-backup-service/v3/pkg/util"
 	saClient "github.com/aerospike/backup-go/pkg/secret-agent"
 	"github.com/aws/smithy-go/ptr"
-	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 
-func TestConfigModelConversionIsLossless(t *testing.T) {
-	// Step 1: Create a sample Config object with sample data
-	secretAgentConfig := SecretAgentConfig{
-		SecretAgentName: util.Ptr("agent1"),
-	}
+var secretAgentConfig = SecretAgentConfig{
+	SecretAgentName: util.Ptr("agent1"),
+}
 
-	originalConfig := &Config{
-		ServiceConfig: BackupServiceConfig{
-			HTTPServer: &HTTPServerConfig{
-				Address: ptr.String("localhost"),
+var originalConfig = &Config{
+	ServiceConfig: BackupServiceConfig{
+		HTTPServer: &HTTPServerConfig{
+			Address: ptr.String("localhost"),
+		},
+		Logger: &LoggerConfig{
+			Level: util.Ptr("DEBUG"),
+			FileWriter: &FileLoggerConfig{
+				Filename: "log",
 			},
 		},
-		AerospikeClusters: map[string]*AerospikeCluster{
-			"cluster1": {
-				SeedNodes: []SeedNode{{HostName: "host", Port: 80}},
-				Credentials: &Credentials{
-					User:              util.Ptr("tester"),
-					Password:          util.Ptr("psw"),
-					SecretAgentConfig: secretAgentConfig,
-				},
+	},
+	AerospikeClusters: map[string]*AerospikeCluster{
+		"cluster1": {
+			SeedNodes: []SeedNode{{HostName: "host", Port: 80}},
+			Credentials: &Credentials{
+				User:              util.Ptr("tester"),
+				Password:          util.Ptr("psw"),
+				SecretAgentConfig: secretAgentConfig,
 			},
-			"cluster2": {
-				SeedNodes: []SeedNode{{HostName: "host", Port: 80}},
-				Credentials: &Credentials{
-					User:     util.Ptr("tester"),
-					Password: util.Ptr("psw"),
-					SecretAgentConfig: SecretAgentConfig{
-						SecretAgent: &SecretAgent{
-							Address:        "host2",
-							ConnectionType: saClient.ConnectionTypeTCP,
-						},
+		},
+		"cluster2": {
+			SeedNodes: []SeedNode{{HostName: "host", Port: 80}},
+			Credentials: &Credentials{
+				User:     util.Ptr("tester"),
+				Password: util.Ptr("psw"),
+				SecretAgentConfig: SecretAgentConfig{
+					SecretAgent: &SecretAgent{
+						Address:        "host2",
+						ConnectionType: saClient.ConnectionTypeTCP,
 					},
 				},
 			},
-			"cluster3": {
-				ClusterLabel: util.Ptr("No credentials"),
-				SeedNodes:    []SeedNode{{HostName: "host", Port: 80}},
-			},
 		},
-		Storage: map[string]*Storage{
-			"aws 0": { // no secret agent
-				S3Storage: &S3Storage{
-					Bucket:          "bucket",
-					S3Region:        "region",
-					AccessKeyID:     util.Ptr("id"),
-					SecretAccessKey: util.Ptr("key"),
-				},
+		"cluster3": {
+			ClusterLabel: util.Ptr("No credentials"),
+			SeedNodes:    []SeedNode{{HostName: "host", Port: 80}},
+		},
+	},
+	Storage: map[string]*Storage{
+		"aws 0": { // no secret agent
+			S3Storage: &S3Storage{
+				Bucket:          "bucket",
+				S3Region:        "region",
+				AccessKeyID:     util.Ptr("id"),
+				SecretAccessKey: util.Ptr("key"),
 			},
-			"aws 1": { // secret agent by name
-				S3Storage: &S3Storage{
-					Bucket:            "bucket",
-					S3Region:          "region",
-					AccessKeyID:       util.Ptr("id"),
-					SecretAccessKey:   util.Ptr("key"),
-					SecretAgentConfig: secretAgentConfig,
-				},
+		},
+		"aws 1": { // secret agent by name
+			S3Storage: &S3Storage{
+				Bucket:            "bucket",
+				S3Region:          "region",
+				AccessKeyID:       util.Ptr("id"),
+				SecretAccessKey:   util.Ptr("key"),
+				SecretAgentConfig: secretAgentConfig,
 			},
-			"aws 2": { // secret agent by full definition
-				S3Storage: &S3Storage{
-					Bucket:          "bucket2",
-					S3Region:        "region2",
-					AccessKeyID:     util.Ptr("id2"),
-					SecretAccessKey: util.Ptr("key2"),
-					SecretAgentConfig: SecretAgentConfig{
-						SecretAgent: &SecretAgent{
-							Address:        "host3",
-							ConnectionType: saClient.ConnectionTypeTCP,
-						},
+		},
+		"aws 2": { // secret agent by full definition
+			S3Storage: &S3Storage{
+				Bucket:          "bucket2",
+				S3Region:        "region2",
+				AccessKeyID:     util.Ptr("id2"),
+				SecretAccessKey: util.Ptr("key2"),
+				SecretAgentConfig: SecretAgentConfig{
+					SecretAgent: &SecretAgent{
+						Address:        "host3",
+						ConnectionType: saClient.ConnectionTypeTCP,
 					},
 				},
 			},
-			"gcp": {
-				GcpStorage: &GcpStorage{
-					KeyFile:           "key-file",
-					BucketName:        "bucket",
-					Path:              "path",
-					Endpoint:          "http://localhost",
-					SecretAgentConfig: secretAgentConfig,
-				},
+		},
+		"gcp": {
+			GcpStorage: &GcpStorage{
+				KeyFile:           "key-file",
+				BucketName:        "bucket",
+				Path:              "path",
+				Endpoint:          "http://localhost",
+				SecretAgentConfig: secretAgentConfig,
 			},
-			"gcp2": {
-				GcpStorage: &GcpStorage{
-					Key:        "key-json",
-					BucketName: "bucket",
-					Path:       "path",
-					Endpoint:   "http://localhost",
-					SecretAgentConfig: SecretAgentConfig{
-						SecretAgent: &SecretAgent{
-							Address:        "host3",
-							ConnectionType: saClient.ConnectionTypeTCP,
-						},
+		},
+		"gcp2": {
+			GcpStorage: &GcpStorage{
+				Key:        "key-json",
+				BucketName: "bucket",
+				Path:       "path",
+				Endpoint:   "http://localhost",
+				SecretAgentConfig: SecretAgentConfig{
+					SecretAgent: &SecretAgent{
+						Address:        "host3",
+						ConnectionType: saClient.ConnectionTypeTCP,
 					},
 				},
 			},
-			"azure 1": {
-				AzureStorage: &AzureStorage{
-					SecretAgentConfig: secretAgentConfig,
-					Endpoint:          "http://localhost",
-					ContainerName:     "container",
-					Path:              "backup",
-					AccountName:       "hello",
-					AccountKey:        "world",
-					TenantID:          "",
-					ClientID:          "",
-					ClientSecret:      "",
-				},
+		},
+		"azure 1": {
+			AzureStorage: &AzureStorage{
+				SecretAgentConfig: secretAgentConfig,
+				Endpoint:          "http://localhost",
+				ContainerName:     "container",
+				Path:              "backup",
+				AccountName:       "hello",
+				AccountKey:        "world",
+				TenantID:          "",
+				ClientID:          "",
+				ClientSecret:      "",
 			},
-			"azure 2": {
-				AzureStorage: &AzureStorage{
-					SecretAgentConfig: SecretAgentConfig{
-						SecretAgent: &SecretAgent{
-							Address:        "host4",
-							ConnectionType: saClient.ConnectionTypeUDS,
-						},
+		},
+		"azure 2": {
+			AzureStorage: &AzureStorage{
+				SecretAgentConfig: SecretAgentConfig{
+					SecretAgent: &SecretAgent{
+						Address:        "host4",
+						ConnectionType: saClient.ConnectionTypeUDS,
 					},
-					Endpoint:      "http://localhost",
-					ContainerName: "container",
-					Path:          "backup",
-					AccountName:   "",
-					AccountKey:    "",
-					TenantID:      "1",
-					ClientID:      "2",
-					ClientSecret:  "3",
 				},
+				Endpoint:      "http://localhost",
+				ContainerName: "container",
+				Path:          "backup",
+				AccountName:   "",
+				AccountKey:    "",
+				TenantID:      "1",
+				ClientID:      "2",
+				ClientSecret:  "3",
 			},
 		},
-		BackupPolicies: map[string]*BackupPolicy{"policy1": {}},
-		BackupRoutines: map[string]*BackupRoutine{"routine1": {
-			BackupPolicy:  "policy1",
-			SourceCluster: "cluster1",
-			Storage:       "aws 1",
-			IntervalCron:  "@daily",
-		}},
-		SecretAgents: map[string]*SecretAgent{"agent1": {
-			Address:        "host",
-			ConnectionType: saClient.ConnectionTypeTCP,
-		}},
-	}
+	},
+	BackupPolicies: map[string]*BackupPolicy{"policy1": {}},
+	BackupRoutines: map[string]*BackupRoutine{"routine1": {
+		BackupPolicy:  "policy1",
+		SourceCluster: "cluster1",
+		Storage:       "aws 1",
+		IntervalCron:  "@daily",
+	}},
+	SecretAgents: map[string]*SecretAgent{"agent1": {
+		Address:        "host",
+		ConnectionType: saClient.ConnectionTypeTCP,
+	}},
+}
 
-	require.NoError(t, originalConfig.validate())
-	indent, _ := json.MarshalIndent(originalConfig, "", "    ")
-	t.Logf("\nOriginal config:\n%s\n", string(indent))
+func TestConfigModelConversionIsLossless(t *testing.T) {
+	configJSON, _ := json.MarshalIndent(originalConfig, "", "    ")
+	t.Logf("\nOriginal config:\n%s\n", string(configJSON))
 
-	// Step 2: Convert the Config to a model.Config
+	// Convert the Config to a model.Config
 	nsValidator := &aerospike.NoopNamespaceValidator{}
 	modelConfig, err := originalConfig.ToModel(nsValidator)
 	require.NoError(t, err, "toModel should not return an error")
 
-	// Step 3: Convert the model.Config back to a Config
+	// Convert the model.Config back to a Config
 	newConfig := NewConfigFromModel(modelConfig)
 
-	// Step 4: Assert that the new Config matches the original Config
-	assert.Equal(t, originalConfig, newConfig, "Config -> model.Config -> Config should be lossless")
+	// Assert that the new Config matches the original Config
+	require.Equal(t, originalConfig, newConfig, "Config -> model.Config -> Config should be lossless")
+}
+
+func TestConfigValidation(t *testing.T) {
+	configJSON, _ := json.Marshal(originalConfig)
+	require.NoError(t, originalConfig.validate())
+	configJSONAfter, _ := json.Marshal(originalConfig)
+	require.Equal(t, string(configJSON), string(configJSONAfter), "validation should not change the config")
 }
diff --git a/pkg/dto/logger_config.go b/pkg/dto/logger_config.go
@@ -123,9 +123,6 @@ func (f *FileLoggerConfig) Validate() error {
 	if f.MaxSize < 0 {
 		return fmt.Errorf("negative logger MaxSize: %d", f.MaxSize)
 	}
-	if f.MaxSize == 0 {
-		f.MaxSize = 100 // set default in Mb
-	}
 	if f.MaxAge < 0 {
 		return fmt.Errorf("negative logger MaxAge: %d", f.MaxAge)
 	}

diff --git a/pkg/model/config_default.go b/pkg/model/config_default.go
@@ -29,6 +29,9 @@ var defaultConfig = struct {
 		Level:        util.Ptr("DEBUG"),
 		Format:       util.Ptr("PLAIN"),
 		StdoutWriter: util.Ptr(true),
+		FileWriter: &FileLoggerConfig{
+			MaxSize: 0,
+		},
 	},
 	backupPolicy: BackupPolicy{
 		RetryPolicy: &models.RetryPolicy{

diff --git a/pkg/model/logger_config.go b/pkg/model/logger_config.go
@@ -60,3 +60,11 @@ type FileLoggerConfig struct {
 	// using gzip. The default is not to perform compression.
 	Compress bool
 }
+
+func (f *FileLoggerConfig) GetMaxSizeOrDefault() int {
+	if f.MaxSize != 0 {
+		return f.MaxSize
+	}
+
+	return defaultConfig.logger.FileWriter.MaxSize
+}
diff --git a/pkg/service/config_applier.go b/pkg/service/config_applier.go
@@ -18,6 +18,7 @@ type ConfigApplier interface {
 }
 
 type DefaultConfigApplier struct {
+	mu            sync.Mutex
 	scheduler     quartz.Scheduler
 	backends      BackendsHolder
 	clientManager aerospike.ClientManager
@@ -39,6 +40,9 @@ func NewDefaultConfigApplier(
 }
 
 func (a *DefaultConfigApplier) ApplyNewRoutines(ctx context.Context, routines map[string]*model.BackupRoutine) error {
+	a.mu.Lock()
+	defer a.mu.Unlock()
+
 	err := a.clearPeriodicSchedulerJobs()
 	if err != nil {
 		return fmt.Errorf("failed to clear periodic jobs: %w", err)
@@ -71,7 +75,7 @@ func (a *DefaultConfigApplier) clearPeriodicSchedulerJobs() error {
 	for _, key := range keys {
 		err = a.scheduler.DeleteJob(key)
 		if err != nil {
-			return fmt.Errorf("cannot delete job: %w", err)
+			return fmt.Errorf("cannot delete job %q: %w", key, err)
 		}
 	}
 	return nil