IAM: init IAM with Init() rather than InitStore() in tests (#13643)

- rename InitStore() to initStore() and fix tests

- Use IAMSys.Lock() only when IAMSys struct is being mutated
This commit is contained in:
Aditya Manthramurthy 2021-11-11 21:03:02 -08:00 committed by GitHub
parent 087c1b98dc
commit e8c6314770
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 79 additions and 72 deletions

View File

@ -28,6 +28,7 @@ import (
"net/url" "net/url"
"sync" "sync"
"testing" "testing"
"time"
"github.com/gorilla/mux" "github.com/gorilla/mux"
"github.com/minio/madmin-go" "github.com/minio/madmin-go"
@ -73,7 +74,7 @@ func prepareAdminErasureTestBed(ctx context.Context) (*adminErasureTestBed, erro
initAllSubsystems(ctx, objLayer) initAllSubsystems(ctx, objLayer)
globalIAMSys.InitStore(objLayer, globalEtcdClient) globalIAMSys.Init(ctx, objLayer, globalEtcdClient, 2*time.Second)
// Setup admin mgmt REST API handlers. // Setup admin mgmt REST API handlers.
adminRouter := mux.NewRouter() adminRouter := mux.NewRouter()

View File

@ -364,9 +364,12 @@ func TestIsReqAuthenticated(t *testing.T) {
newAllSubsystems() newAllSubsystems()
initAllSubsystems(context.Background(), objLayer) ctx, cancel := context.WithCancel(context.Background())
defer cancel()
globalIAMSys.InitStore(objLayer, globalEtcdClient) initAllSubsystems(ctx, objLayer)
globalIAMSys.Init(ctx, objLayer, globalEtcdClient, 2*time.Second)
creds, err := auth.CreateCredentials("myuser", "mypassword") creds, err := auth.CreateCredentials("myuser", "mypassword")
if err != nil { if err != nil {
@ -392,7 +395,6 @@ func TestIsReqAuthenticated(t *testing.T) {
{mustNewSignedRequest(http.MethodGet, "http://127.0.0.1:9000", 0, nil, t), ErrNone}, {mustNewSignedRequest(http.MethodGet, "http://127.0.0.1:9000", 0, nil, t), ErrNone},
} }
ctx := context.Background()
// Validates all testcases. // Validates all testcases.
for i, testCase := range testCases { for i, testCase := range testCases {
s3Error := isReqAuthenticated(ctx, testCase.req, globalServerRegion, serviceS3) s3Error := isReqAuthenticated(ctx, testCase.req, globalServerRegion, serviceS3)
@ -440,8 +442,8 @@ func TestCheckAdminRequestAuthType(t *testing.T) {
} }
func TestValidateAdminSignature(t *testing.T) { func TestValidateAdminSignature(t *testing.T) {
ctx, cancel := context.WithCancel(context.Background())
ctx := context.Background() defer cancel()
objLayer, fsDir, err := prepareFS() objLayer, fsDir, err := prepareFS()
if err != nil { if err != nil {
@ -455,9 +457,9 @@ func TestValidateAdminSignature(t *testing.T) {
newAllSubsystems() newAllSubsystems()
initAllSubsystems(context.Background(), objLayer) initAllSubsystems(ctx, objLayer)
globalIAMSys.InitStore(objLayer, globalEtcdClient) globalIAMSys.Init(ctx, objLayer, globalEtcdClient, 2*time.Second)
creds, err := auth.CreateCredentials("admin", "mypassword") creds, err := auth.CreateCredentials("admin", "mypassword")
if err != nil { if err != nil {

View File

@ -143,11 +143,8 @@ func (sys *IAMSys) doIAMConfigMigration(ctx context.Context) error {
return sys.store.migrateBackendFormat(ctx) return sys.store.migrateBackendFormat(ctx)
} }
// InitStore initializes IAM stores // initStore initializes IAM stores
func (sys *IAMSys) InitStore(objAPI ObjectLayer, etcdClient *etcd.Client) { func (sys *IAMSys) initStore(objAPI ObjectLayer, etcdClient *etcd.Client) {
sys.Lock()
defer sys.Unlock()
if globalLDAPConfig.Enabled { if globalLDAPConfig.Enabled {
sys.EnableLDAPSys() sys.EnableLDAPSys()
} }
@ -175,7 +172,7 @@ func (sys *IAMSys) Initialized() bool {
} }
// Load - loads all credentials, policies and policy mappings. // Load - loads all credentials, policies and policy mappings.
func (sys *IAMSys) Load(ctx context.Context, store IAMStorageAPI) error { func (sys *IAMSys) Load(ctx context.Context) error {
err := sys.store.LoadIAMCache(ctx) err := sys.store.LoadIAMCache(ctx)
if err != nil { if err != nil {
return err return err
@ -191,10 +188,13 @@ func (sys *IAMSys) Load(ctx context.Context, store IAMStorageAPI) error {
// Init - initializes config system by reading entries from config/iam // Init - initializes config system by reading entries from config/iam
func (sys *IAMSys) Init(ctx context.Context, objAPI ObjectLayer, etcdClient *etcd.Client, iamRefreshInterval time.Duration) { func (sys *IAMSys) Init(ctx context.Context, objAPI ObjectLayer, etcdClient *etcd.Client, iamRefreshInterval time.Duration) {
sys.Lock()
defer sys.Unlock()
sys.iamRefreshInterval = iamRefreshInterval sys.iamRefreshInterval = iamRefreshInterval
// Initialize IAM store // Initialize IAM store
sys.InitStore(objAPI, etcdClient) sys.initStore(objAPI, etcdClient)
retryCtx, cancel := context.WithCancel(ctx) retryCtx, cancel := context.WithCancel(ctx)
@ -258,7 +258,7 @@ func (sys *IAMSys) Init(ctx context.Context, objAPI ObjectLayer, etcdClient *etc
} }
for { for {
if err := sys.Load(retryCtx, sys.store); err != nil { if err := sys.Load(retryCtx); err != nil {
if configRetriableErrors(err) { if configRetriableErrors(err) {
logger.Info("Waiting for all MinIO IAM sub-system to be initialized.. possible cause (%v)", err) logger.Info("Waiting for all MinIO IAM sub-system to be initialized.. possible cause (%v)", err)
time.Sleep(time.Duration(r.Float64() * float64(5*time.Second))) time.Sleep(time.Duration(r.Float64() * float64(5*time.Second)))
@ -329,7 +329,7 @@ func (sys *IAMSys) watch(ctx context.Context) {
for { for {
select { select {
case <-ticker.C: case <-ticker.C:
if err := sys.Load(ctx, sys.store); err != nil { if err := sys.Load(ctx); err != nil {
logger.LogIf(ctx, err) logger.LogIf(ctx, err)
} }
case <-ctx.Done(): case <-ctx.Done():

View File

@ -22,6 +22,7 @@ import (
"net/http" "net/http"
"os" "os"
"testing" "testing"
"time"
"github.com/minio/madmin-go" "github.com/minio/madmin-go"
"github.com/minio/minio/internal/auth" "github.com/minio/minio/internal/auth"
@ -29,6 +30,9 @@ import (
) )
func TestCheckValid(t *testing.T) { func TestCheckValid(t *testing.T) {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
objLayer, fsDir, err := prepareFS() objLayer, fsDir, err := prepareFS()
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
@ -40,9 +44,9 @@ func TestCheckValid(t *testing.T) {
newAllSubsystems() newAllSubsystems()
initAllSubsystems(context.Background(), objLayer) initAllSubsystems(ctx, objLayer)
globalIAMSys.InitStore(objLayer, globalEtcdClient) globalIAMSys.Init(ctx, objLayer, globalEtcdClient, 2*time.Second)
req, err := newTestRequest(http.MethodGet, "http://example.com:9000/bucket/object", 0, nil) req, err := newTestRequest(http.MethodGet, "http://example.com:9000/bucket/object", 0, nil)
if err != nil { if err != nil {

View File

@ -1477,10 +1477,6 @@ func newTestObjectLayer(ctx context.Context, endpointServerPools EndpointServerP
newAllSubsystems() newAllSubsystems()
initAllSubsystems(ctx, z)
globalIAMSys.InitStore(z, globalEtcdClient)
return z, nil return z, nil
} }
@ -1522,12 +1518,12 @@ func removeDiskN(disks []string, n int) {
// initializes the specified API endpoints for the tests. // initializes the specified API endpoints for the tests.
// initialies the root and returns its path. // initialies the root and returns its path.
// return credentials. // return credentials.
func initAPIHandlerTest(obj ObjectLayer, endpoints []string) (string, http.Handler, error) { func initAPIHandlerTest(ctx context.Context, obj ObjectLayer, endpoints []string) (string, http.Handler, error) {
newAllSubsystems() newAllSubsystems()
initAllSubsystems(context.Background(), obj) initAllSubsystems(ctx, obj)
globalIAMSys.InitStore(obj, globalEtcdClient) globalIAMSys.Init(ctx, obj, globalEtcdClient, 2*time.Second)
// get random bucket name. // get random bucket name.
bucketName := getRandomBucketName() bucketName := getRandomBucketName()
@ -1736,7 +1732,7 @@ func ExecObjectLayerAPITest(t *testing.T, objAPITest objAPITestType, endpoints [
t.Fatalf("Initialization of object layer failed for single node setup: %s", err) t.Fatalf("Initialization of object layer failed for single node setup: %s", err)
} }
bucketFS, fsAPIRouter, err := initAPIHandlerTest(objLayer, endpoints) bucketFS, fsAPIRouter, err := initAPIHandlerTest(ctx, objLayer, endpoints)
if err != nil { if err != nil {
t.Fatalf("Initialization of API handler tests failed: <ERROR> %s", err) t.Fatalf("Initialization of API handler tests failed: <ERROR> %s", err)
} }
@ -1758,7 +1754,7 @@ func ExecObjectLayerAPITest(t *testing.T, objAPITest objAPITestType, endpoints [
} }
defer objLayer.Shutdown(ctx) defer objLayer.Shutdown(ctx)
bucketErasure, erAPIRouter, err := initAPIHandlerTest(objLayer, endpoints) bucketErasure, erAPIRouter, err := initAPIHandlerTest(ctx, objLayer, endpoints)
if err != nil { if err != nil {
t.Fatalf("Initialzation of API handler tests failed: <ERROR> %s", err) t.Fatalf("Initialzation of API handler tests failed: <ERROR> %s", err)
} }
@ -1793,13 +1789,11 @@ type objTestDiskNotFoundType func(obj ObjectLayer, instanceType string, dirs []s
// ExecObjectLayerTest - executes object layer tests. // ExecObjectLayerTest - executes object layer tests.
// Creates single node and Erasure ObjectLayer instance and runs test for both the layers. // Creates single node and Erasure ObjectLayer instance and runs test for both the layers.
func ExecObjectLayerTest(t TestErrHandler, objTest objTestType) { func ExecObjectLayerTest(t TestErrHandler, objTest objTestType) {
{
ctx, cancel := context.WithCancel(context.Background()) ctx, cancel := context.WithCancel(context.Background())
defer cancel()
if localMetacacheMgr != nil { if localMetacacheMgr != nil {
localMetacacheMgr.deleteAll() localMetacacheMgr.deleteAll()
} }
defer setObjectLayer(newObjectLayerFn())
objLayer, fsDir, err := prepareFS() objLayer, fsDir, err := prepareFS()
if err != nil { if err != nil {
@ -1814,18 +1808,24 @@ func ExecObjectLayerTest(t TestErrHandler, objTest objTestType) {
if err = newTestConfig(globalMinioDefaultRegion, objLayer); err != nil { if err = newTestConfig(globalMinioDefaultRegion, objLayer); err != nil {
t.Fatal("Unexpected error", err) t.Fatal("Unexpected error", err)
} }
initAllSubsystems(ctx, objLayer) initAllSubsystems(ctx, objLayer)
globalIAMSys.Init(ctx, objLayer, globalEtcdClient, 2*time.Second)
globalIAMSys.InitStore(objLayer, globalEtcdClient)
// Executing the object layer tests for single node setup. // Executing the object layer tests for single node setup.
objTest(objLayer, FSTestStr, t) objTest(objLayer, FSTestStr, t)
// Call clean up functions
cancel()
setObjectLayer(newObjectLayerFn())
removeRoots([]string{fsDir})
}
{
ctx, cancel := context.WithCancel(context.Background())
if localMetacacheMgr != nil { if localMetacacheMgr != nil {
localMetacacheMgr.deleteAll() localMetacacheMgr.deleteAll()
} }
defer setObjectLayer(newObjectLayerFn())
newAllSubsystems() newAllSubsystems()
objLayer, fsDirs, err := prepareErasureSets32(ctx) objLayer, fsDirs, err := prepareErasureSets32(ctx)
@ -1833,20 +1833,20 @@ func ExecObjectLayerTest(t TestErrHandler, objTest objTestType) {
t.Fatalf("Initialization of object layer failed for Erasure setup: %s", err) t.Fatalf("Initialization of object layer failed for Erasure setup: %s", err)
} }
setObjectLayer(objLayer) setObjectLayer(objLayer)
defer objLayer.Shutdown(context.Background())
initAllSubsystems(ctx, objLayer) initAllSubsystems(ctx, objLayer)
globalIAMSys.Init(ctx, objLayer, globalEtcdClient, 2*time.Second)
globalIAMSys.InitStore(objLayer, globalEtcdClient)
defer removeRoots(append(fsDirs, fsDir))
// Executing the object layer tests for Erasure. // Executing the object layer tests for Erasure.
objTest(objLayer, ErasureTestStr, t) objTest(objLayer, ErasureTestStr, t)
objLayer.Shutdown(context.Background())
if localMetacacheMgr != nil { if localMetacacheMgr != nil {
localMetacacheMgr.deleteAll() localMetacacheMgr.deleteAll()
} }
setObjectLayer(newObjectLayerFn())
cancel()
removeRoots(fsDirs)
}
} }
// ExecObjectLayerTestWithDirs - executes object layer tests. // ExecObjectLayerTestWithDirs - executes object layer tests.

2
go.mod
View File

@ -85,7 +85,7 @@ require (
go.uber.org/atomic v1.9.0 go.uber.org/atomic v1.9.0
go.uber.org/zap v1.19.1 go.uber.org/zap v1.19.1
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519
golang.org/x/net v0.0.0-20211020060615-d418f374d309 golang.org/x/net v0.0.0-20211020060615-d418f374d309 // indirect
golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f
golang.org/x/sys v0.0.0-20211020174200-9d6173849985 golang.org/x/sys v0.0.0-20211020174200-9d6173849985
golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac