Use a temp ZK config cache for tenant validation

We don't want tenant validation to change the production config in
Zookeeper. Therefore we use a temporary path in Zookeeper for the config
cache when validating tenants.

Change-Id: I41a22df69232d5551ab27aa014fecbc6a5d16a56
This commit is contained in:
Simon Westphahl 2021-07-14 17:07:13 +02:00
parent a2b8b975d0
commit 9c569377fc
2 changed files with 20 additions and 10 deletions

View File

@ -24,6 +24,7 @@ import threading
import time
import traceback
import urllib
import uuid
from collections import defaultdict
from apscheduler.schedulers.background import BackgroundScheduler
@ -855,12 +856,20 @@ class Scheduler(threading.Thread):
invalid = tenants_to_load.difference(available_tenants)
raise RuntimeError(f"Invalid tenant(s) found: {invalid}")
abide = Abide()
loader.loadAdminRules(abide, unparsed_abide)
loader.loadTPCs(abide, unparsed_abide)
for tenant_name in tenants_to_load:
loader.loadTenant(abide, tenant_name, self.ansible_manager,
unparsed_abide, min_ltimes=None)
# Use a temporary config cache for the validation
validate_root = f"/zuul/validate/{uuid.uuid4().hex}"
self.unparsed_config_cache = UnparsedConfigCache(self.zk_client,
validate_root)
try:
abide = Abide()
loader.loadAdminRules(abide, unparsed_abide)
loader.loadTPCs(abide, unparsed_abide)
for tenant_name in tenants_to_load:
loader.loadTenant(abide, tenant_name, self.ansible_manager,
unparsed_abide, min_ltimes=None)
finally:
self.zk_client.client.delete(validate_root, recursive=True)
loading_errors = []
for tenant in abide.tenants.values():

View File

@ -23,6 +23,8 @@ from kazoo.exceptions import NoNodeError
from zuul.zk import sharding, ZooKeeperSimpleBase
CONFIG_ROOT = "/zuul/config"
def _safe_path(root_path, *keys):
return "/".join((root_path, *(quote_plus(k) for k in keys)))
@ -134,13 +136,12 @@ class FilesCache(ZooKeeperSimpleBase, MutableMapping):
class UnparsedConfigCache(ZooKeeperSimpleBase):
"""Zookeeper cache for unparsed config files."""
CONFIG_ROOT = "/zuul/config"
log = logging.getLogger("zuul.zk.config_cache.UnparsedConfigCache")
def __init__(self, client):
def __init__(self, client, config_root=CONFIG_ROOT):
super().__init__(client)
self.cache_path = f"{self.CONFIG_ROOT}/cache"
self.lock_path = f"{self.CONFIG_ROOT}/lock"
self.cache_path = f"{config_root}/cache"
self.lock_path = f"{config_root}/lock"
def readLock(self, project_cname):
return self.kazoo_client.ReadLock(