Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable caching contextual Login Credentials #1521

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

souleb
Copy link
Member

@souleb souleb commented Jun 19, 2024

Provide an optional Cache to the Login Manager used to retrive contextual login credentials.

@souleb souleb marked this pull request as draft June 19, 2024 15:35
@souleb souleb force-pushed the enable-provider-auth-caching branch 2 times, most recently from 7070dd5 to 93cddf4 Compare June 19, 2024 21:59
// NewOIDCAuthenticator returns a new OIDCAuthenticator.
// The capacity is the number of authenticators to cache.
// If the capacity is less than or equal to 0, the cache is disabled.
func NewOIDCAuthenticator(opts ...OIDCAuthenticatorOptionFunc) (*OIDCAuthenticator, error) {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can later on add retry and evection logic to that struct

@souleb souleb force-pushed the enable-provider-auth-caching branch from 93cddf4 to e92327d Compare June 20, 2024 08:56
Provide an optional Cache to the Login Manager used to retrive
contextual login credentials.

Signed-off-by: Soule BA <[email protected]>
@souleb souleb force-pushed the enable-provider-auth-caching branch from e92327d to 5ecc6b1 Compare June 21, 2024 13:15
@souleb
Copy link
Member Author

souleb commented Jun 21, 2024

generated metrics

Screenshot 2024-06-21 at 15 05 40 Screenshot 2024-06-21 at 15 03 55

Comment on lines +416 to +419
disabled, found := os.LookupEnv("LOGIN_CACHE_DISABLED")
if found && disabled == "true" {
capacity = -1
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please implement this as a feature flag called CacheLoginTokens enabled by default.

@@ -47,7 +47,7 @@ func NewCacheRecorder() *CacheRecorder {
return &CacheRecorder{
cacheEventsCounter: prometheus.NewCounterVec(
prometheus.CounterOpts{
Name: "gotk_cache_events_total",
Name: "gotk_sc_cache_events_total",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changing the metric name is a breaking change, what is the reason for this change?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

there is a conflict in naming with the same metric in flux/pkg/cache. I'll remove the SC internal cache package to fix this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants