NotificationsYou must be signed in to change notification settings
Fork1.1k
Star11.4k

Commit9d47f64

committed

perf: optimize prebuilds membership reconciliation to check orgs not presets

1 parentcf93c34 commit9d47f64Copy full SHA for 9d47f64

File tree

10 files changed

+363

-210

lines changed

coderd/database
- dbauthz
  - dbauthz.go
  - dbauthz_test.go
- dbmetrics
  - querymetrics.go
- dbmock
  - dbmock.go
- querier.go
- queries.sql.go
- queries
  - prebuilds.sql
enterprise/coderd/prebuilds

10 files changed

+363

-210

lines changed

`‎coderd/database/dbauthz/dbauthz.go‎`

Lines changed: 7 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -2648,6 +2648,13 @@ func (q *querier) GetOrganizationsByUserID(ctx context.Context, userID database.`
`2648`	`2648`	`returnfetchWithPostFilter(q.auth,policy.ActionRead,q.db.GetOrganizationsByUserID)(ctx,userID)`
`2649`	`2649`	`}`
`2650`	`2650`
	`2651`	`+func (q*querier)GetOrganizationsWithPrebuildStatus(ctx context.Context,arg database.GetOrganizationsWithPrebuildStatusParams) ([]database.GetOrganizationsWithPrebuildStatusRow,error) {`
	`2652`	`+iferr:=q.authorizeContext(ctx,policy.ActionRead,rbac.ResourceOrganization.All());err!=nil {`
	`2653`	`+returnnil,err`
	`2654`	`+}`
	`2655`	`+returnq.db.GetOrganizationsWithPrebuildStatus(ctx,arg)`
	`2656`	`+}`
	`2657`	`+`
`2651`	`2658`	`func (q*querier)GetParameterSchemasByJobID(ctx context.Context,jobID uuid.UUID) ([]database.ParameterSchema,error) {`
`2652`	`2659`	`version,err:=q.db.GetTemplateVersionByJobID(ctx,jobID)`
`2653`	`2660`	`iferr!=nil {`

`‎coderd/database/dbauthz/dbauthz_test.go‎`

Lines changed: 8 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -3756,6 +3756,14 @@ func (s *MethodTestSuite) TestPrebuilds() {`
`3756`	`3756`	`dbm.EXPECT().GetPrebuildMetrics(gomock.Any()).Return([]database.GetPrebuildMetricsRow{},nil).AnyTimes()`
`3757`	`3757`	`check.Args().Asserts(rbac.ResourceWorkspace.All(),policy.ActionRead)`
`3758`	`3758`	`}))`
	`3759`	`+s.Run("GetOrganizationsWithPrebuildStatus",s.Mocked(func(dbmdbmock.MockStore,fakergofakeit.Faker,check*expects) {`
	`3760`	`+arg:= database.GetOrganizationsWithPrebuildStatusParams{`
	`3761`	`+UserID:uuid.New(),`
	`3762`	`+GroupName:"test",`
	`3763`	`+}`
	`3764`	`+dbm.EXPECT().GetOrganizationsWithPrebuildStatus(gomock.Any(),arg).Return([]database.GetOrganizationsWithPrebuildStatusRow{},nil).AnyTimes()`
	`3765`	`+check.Args(arg).Asserts(rbac.ResourceOrganization.All(),policy.ActionRead)`
	`3766`	`+}))`
`3759`	`3767`	`s.Run("GetPrebuildsSettings",s.Mocked(func(dbmdbmock.MockStore,_gofakeit.Faker,check*expects) {`
`3760`	`3768`	`dbm.EXPECT().GetPrebuildsSettings(gomock.Any()).Return("{}",nil).AnyTimes()`
`3761`	`3769`	`check.Args().Asserts()`

`‎coderd/database/dbmetrics/querymetrics.go‎`

Lines changed: 7 additions & 0 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/dbmock/dbmock.go‎`

Lines changed: 15 additions & 0 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/querier.go‎`

Lines changed: 3 additions & 0 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/queries.sql.go‎`

Lines changed: 87 additions & 0 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/queries/prebuilds.sql‎`

Lines changed: 44 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -325,3 +325,47 @@ WHERE id IN (`
`325`	`325`	`ANDpj.completed_at ISNULL`
`326`	`326`	`)`
`327`	`327`	`RETURNING id;`
	`328`	`+`
	`329`	`+-- name: GetOrganizationsWithPrebuildStatus :many`
	`330`	`+-- GetOrganizationsWithPrebuildStatus returns organizations with prebuilds configured and their`
	`331`	`+-- membership status for the prebuilds system user (org membership, group existence, group membership).`
	`332`	`+WITH orgs_with_prebuildsAS (`
	`333`	`+-- Get unique organizations that have presets with prebuilds configured`
	`334`	`+SELECT DISTINCTo.id,o.name`
	`335`	`+FROM organizations o`
	`336`	`+INNER JOIN templates tONt.organization_id=o.id`
	`337`	`+INNER JOIN template_versions tvONtv.template_id=t.id`
	`338`	`+INNER JOIN template_version_presets tvpONtvp.template_version_id=tv.id`
	`339`	`+WHEREtvp.desired_instancesIS NOT NULL`
	`340`	`+),`
	`341`	`+prebuild_user_membershipAS (`
	`342`	`+-- Check if the user is a member of the organizations`
	`343`	`+SELECTom.organization_id`
	`344`	`+FROM organization_members om`
	`345`	`+INNER JOIN orgs_with_prebuilds owpONowp.id=om.organization_id`
	`346`	`+WHEREom.user_id= @user_id::uuid`
	`347`	`+),`
	`348`	`+prebuild_groupsAS (`
	`349`	`+-- Check if the organizations have the prebuilds group`
	`350`	`+SELECTg.organization_id,g.idas group_id`
	`351`	`+FROM groups g`
	`352`	`+INNER JOIN orgs_with_prebuilds owpONowp.id=g.organization_id`
	`353`	`+WHEREg.name= @group_name::text`
	`354`	`+),`
	`355`	`+prebuild_group_membershipAS (`
	`356`	`+-- Check if the user is in the prebuilds group`
	`357`	`+SELECTpg.organization_id`
	`358`	`+FROM prebuild_groups pg`
	`359`	`+INNER JOIN group_members gmONgm.group_id=pg.group_id`
	`360`	`+WHEREgm.user_id= @user_id::uuid`
	`361`	`+)`
	`362`	`+SELECT`
	`363`	`+owp.idAS organization_id,`
	`364`	`+owp.nameAS organization_name,`
	`365`	`+(pum.organization_idIS NOT NULL)::booleanAS has_prebuild_user,`
	`366`	`+pg.group_idAS prebuilds_group_id,`
	`367`	`+(pgm.organization_idIS NOT NULL)::booleanAS has_prebuild_user_in_group`
	`368`	`+FROM orgs_with_prebuilds owp`
	`369`	`+LEFT JOIN prebuild_groups pgONpg.organization_id=owp.id`
	`370`	`+LEFT JOIN prebuild_user_membership pumONpum.organization_id=owp.id`
	`371`	`+LEFT JOIN prebuild_group_membership pgmONpgm.organization_id=owp.id;`

`‎enterprise/coderd/prebuilds/membership.go‎`

Lines changed: 43 additions & 69 deletions

Original file line number	Diff line number	Diff line change
`@@ -2,7 +2,6 @@ package prebuilds`
`2`	`2`
`3`	`3`	`import (`
`4`	`4`	`"context"`
`5`		`-"database/sql"`
`6`	`5`	`"errors"`
`7`	`6`
`8`	`7`	`"github.com/google/uuid"`
`@@ -32,103 +31,78 @@ func NewStoreMembershipReconciler(store database.Store, clock quartz.Clock) Stor`
`32`	`31`	`}`
`33`	`32`	`}`
`34`	`33`
`35`		`-// ReconcileAll compares the current organization and group memberships of a user to the memberships required`
`36`		`-// in order to create prebuilt workspaces. If the user in question is not yet a member of an organization that`
`37`		`-// needs prebuilt workspaces, ReconcileAll will create the membership required.`
	`34`	`+// ReconcileAll ensures the prebuilds system user has the necessary memberships to create prebuilt workspaces.`
	`35`	`+// For each organization with prebuilds configured, it ensures:`
	`36`	`+// * The user is a member of the organization`
	`37`	`+// * A group exists with quota 0`
	`38`	`+// * The user is a member of that group`
`38`	`39`	`//`
`39`		`-// To facilitate quota management, ReconcileAll will ensure:`
`40`		`-// * the existence of a group (defined by PrebuiltWorkspacesGroupName) in each organization that needs prebuilt workspaces`
`41`		`-// * that the prebuilds system user belongs to the group in each organization that needs prebuilt workspaces`
`42`		`-// * that the group has a quota of 0 by default, which users can adjust based on their needs.`
	`40`	`+// Unique constraint violations are safely ignored (concurrent creation).`
`43`	`41`	`//`
`44`	`42`	`// ReconcileAll does not have an opinion on transaction or lock management. These responsibilities are left to the caller.`
`45`		`-func (sStoreMembershipReconciler)ReconcileAll(ctx context.Context,userID uuid.UUID,presets []database.GetTemplatePresetsWithPrebuildsRow)error {`
`46`		`-organizationMemberships,err:=s.store.GetOrganizationsByUserID(ctx, database.GetOrganizationsByUserIDParams{`
`47`		`-UserID:userID,`
`48`		`-Deleted: sql.NullBool{`
`49`		`-Bool:false,`
`50`		`-Valid:true,`
`51`		`-},`
	`43`	`+func (sStoreMembershipReconciler)ReconcileAll(ctx context.Context,userID uuid.UUID,groupNamestring)error {`
	`44`	`+orgStatuses,err:=s.store.GetOrganizationsWithPrebuildStatus(ctx, database.GetOrganizationsWithPrebuildStatusParams{`
	`45`	`+UserID:userID,`
	`46`	`+GroupName:groupName,`
`52`	`47`	`})`
`53`	`48`	`iferr!=nil {`
`54`		`-returnxerrors.Errorf("determine prebuild organization membership: %w",err)`
`55`		`-}`
`56`		`-`
`57`		`-orgMemberships:=make(map[uuid.UUID]struct{},0)`
`58`		`-defaultOrg,err:=s.store.GetDefaultOrganization(ctx)`
`59`		`-iferr!=nil {`
`60`		`-returnxerrors.Errorf("get default organization: %w",err)`
`61`		`-}`
`62`		`-orgMemberships[defaultOrg.ID]=struct{}{}`
`63`		`-for_,o:=rangeorganizationMemberships {`
`64`		`-orgMemberships[o.ID]=struct{}{}`
	`49`	`+returnxerrors.Errorf("get organizations with prebuild status: %w",err)`
`65`	`50`	`}`
`66`	`51`
`67`	`52`	`varmembershipInsertionErrorserror`
`68`		`-for_,preset:=rangepresets {`
`69`		`-_,alreadyOrgMember:=orgMemberships[preset.OrganizationID]`
`70`		`-if!alreadyOrgMember {`
`71`		`-// Add the organization to our list of memberships regardless of potential failure below`
`72`		`-// to avoid a retry that will probably be doomed anyway.`
`73`		`-orgMemberships[preset.OrganizationID]=struct{}{}`
`74`		`-`
`75`		`-// Insert the missing membership`
	`53`	`+for_,orgStatus:=rangeorgStatuses {`
	`54`	`+// Add user to org if needed`
	`55`	`+if!orgStatus.HasPrebuildUser {`
`76`	`56`	`_,err=s.store.InsertOrganizationMember(ctx, database.InsertOrganizationMemberParams{`
`77`		`-OrganizationID:preset.OrganizationID,`
	`57`	`+OrganizationID:orgStatus.OrganizationID,`
`78`	`58`	`UserID:userID,`
`79`	`59`	`CreatedAt:s.clock.Now(),`
`80`	`60`	`UpdatedAt:s.clock.Now(),`
`81`	`61`	`Roles: []string{},`
`82`	`62`	`})`
`83`		`-iferr!=nil {`
`84`		`-membershipInsertionErrors=errors.Join(membershipInsertionErrors,xerrors.Errorf("insert membership for prebuilt workspaces: %w",err))`
`85`		`-continue`
`86`		`-}`
`87`		`-}`
`88`		`-`
`89`		`-// determine whether the org already has a prebuilds group`
`90`		`-prebuildsGroupExists:=true`
`91`		`-prebuildsGroup,err:=s.store.GetGroupByOrgAndName(ctx, database.GetGroupByOrgAndNameParams{`
`92`		`-OrganizationID:preset.OrganizationID,`
`93`		`-Name:PrebuiltWorkspacesGroupName,`
`94`		`-})`
`95`		`-iferr!=nil {`
`96`		`-if!xerrors.Is(err,sql.ErrNoRows) {`
`97`		`-membershipInsertionErrors=errors.Join(membershipInsertionErrors,xerrors.Errorf("get prebuilds group: %w",err))`
	`63`	`+// Unique violation means membership was created after status check, safe to ignore.`
	`64`	`+iferr!=nil&&!database.IsUniqueViolation(err) {`
	`65`	`+membershipInsertionErrors=errors.Join(membershipInsertionErrors,err)`
`98`	`66`	`continue`
`99`	`67`	`}`
`100`		`-prebuildsGroupExists=false`
`101`	`68`	`}`
`102`	`69`
`103`		`-//if the prebuildsgroupdoes not exist, create it`
`104`		`-if!prebuildsGroupExists {`
`105`		`-// create a "prebuilds" group in the organization and add the system user to it`
`106`		`-//this group will have a quota of 0 by default, which users can adjust based on their needs`
`107`		`-prebuildsGroup,err=s.store.InsertGroup(ctx, database.InsertGroupParams{`
	`70`	`+//Creategroupif it doesn't exist`
	`71`	`+vargroupID uuid.UUID`
	`72`	`+if!orgStatus.PrebuildsGroupID.Valid {`
	`73`	`+//Group doesn't exist, create it`
	`74`	`+group,err:=s.store.InsertGroup(ctx, database.InsertGroupParams{`
`108`	`75`	`ID:uuid.New(),`
`109`	`76`	`Name:PrebuiltWorkspacesGroupName,`
`110`	`77`	`DisplayName:PrebuiltWorkspacesGroupDisplayName,`
`111`		`-OrganizationID:preset.OrganizationID,`
	`78`	`+OrganizationID:orgStatus.OrganizationID,`
`112`	`79`	`AvatarURL:"",`
`113`		`-QuotaAllowance:0,// Default quota of 0, users should set this based on their needs`
	`80`	`+QuotaAllowance:0,`
`114`	`81`	`})`
`115`		`-iferr!=nil {`
`116`		`-membershipInsertionErrors=errors.Join(membershipInsertionErrors,xerrors.Errorf("create prebuilds group: %w",err))`
	`82`	`+// Unique violation means membership was created after status check, safe to ignore.`
	`83`	`+iferr!=nil&&!database.IsUniqueViolation(err) {`
	`84`	`+membershipInsertionErrors=errors.Join(membershipInsertionErrors,err)`
`117`	`85`	`continue`
`118`	`86`	`}`
	`87`	`+groupID=group.ID`
	`88`	`+}else {`
	`89`	`+// Group exists`
	`90`	`+groupID=orgStatus.PrebuildsGroupID.UUID`
`119`	`91`	`}`
`120`	`92`
`121`		`-// add the system user to the prebuilds group`
`122`		`-err=s.store.InsertGroupMember(ctx, database.InsertGroupMemberParams{`
`123`		`-GroupID:prebuildsGroup.ID,`
`124`		`-UserID:userID,`
`125`		`-})`
`126`		`-iferr!=nil {`
`127`		`-// ignore unique violation errors as the user might already be in the group`
`128`		`-if!database.IsUniqueViolation(err) {`
`129`		`-membershipInsertionErrors=errors.Join(membershipInsertionErrors,xerrors.Errorf("add system user to prebuilds group: %w",err))`
	`93`	`+// Add user to group if needed`
	`94`	`+if!orgStatus.HasPrebuildUserInGroup {`
	`95`	`+err=s.store.InsertGroupMember(ctx, database.InsertGroupMemberParams{`
	`96`	`+GroupID:groupID,`
	`97`	`+UserID:userID,`
	`98`	`+})`
	`99`	`+// Unique violation means membership was created after status check, safe to ignore.`
	`100`	`+iferr!=nil&&!database.IsUniqueViolation(err) {`
	`101`	`+membershipInsertionErrors=errors.Join(membershipInsertionErrors,err)`
	`102`	`+continue`
`130`	`103`	`}`
`131`	`104`	`}`
`132`	`105`	`}`
	`106`	`+`
`133`	`107`	`returnmembershipInsertionErrors`
`134`	`108`	`}`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit9d47f64

File tree

10 files changed

10 files changed

`‎coderd/database/dbauthz/dbauthz.go‎`

`‎coderd/database/dbauthz/dbauthz_test.go‎`

`‎coderd/database/dbmetrics/querymetrics.go‎`

`‎coderd/database/dbmock/dbmock.go‎`

`‎coderd/database/querier.go‎`

`‎coderd/database/queries.sql.go‎`

`‎coderd/database/queries/prebuilds.sql‎`

`‎enterprise/coderd/prebuilds/membership.go‎`

0 commit comments