conjur icon indicating copy to clipboard operation
conjur copied to clipboard
verified publisher icon cyberark

Fix broken tests by refershing materalized views

Open codihuston opened this issue 2 years ago • 1 comments

Desired Outcome

Further resolves broken tests after the addition of materialized views. This PR contains two commits that contain two different approaches to resolving the issues.

The materialized views introduces a form of caching for some compute expensive operations for authorizing a role to a resource. As a result, this cache needs to be rehydrated / invalidated and repopulated on a per-policy load basis. This is fine, and should function out-of-box in production.

However, our testing infrastructure has an amalgamation of integration and end-to-end tests across both rspec and cucumber that leverage the models and/or repository classes directly to persist records into the database outside of a policy load. Thus, we need to

Commit 1: Attempts to refresh the materialized views from the tests, outside of the application code. Commit 2: Attempts to refresh the materialized views from the application code using the sequel gem lifecycle hooks.

Both of these have tradeoffs. The former is a bit of a code smell that will sour the developer experience, as they have to remember to refresh these views explicitly. The latter may incur application performance implications, as loading policy that will create multiple resources may trigger multiple refreshes per policy load, which could have a profound impact on the database. We would also need to account for the update/destroy hooks as well.

Ideally, we would clean up our testing infrastructure such these resource creations are only occurring through policy load as opposed to using the model / repository classes.

Implemented Changes

Describe how the desired outcome above has been achieved with this PR. In particular, consider:

  • What's changed? Why were these changes made?
  • How should the reviewer approach this PR, especially if manual tests are required?
  • Are there relevant screenshots you can add to the PR description?

Connected Issue/Story

Resolves #[relevant GitHub issue(s), e.g. 76]

CyberArk internal issue ID: [ONYX-30396

Definition of Done

At least 1 todo must be completed in the sections below for the PR to be merged.

Changelog

  • [ ] The CHANGELOG has been updated, or
  • [ ] This PR does not include user-facing changes and doesn't require a CHANGELOG update

Test coverage

  • [ ] This PR includes new unit and integration tests to go with the code changes, or
  • [ ] The changes in this PR do not require tests

Documentation

  • [ ] Docs (e.g. READMEs) were updated in this PR
  • [ ] A follow-up issue to update official docs has been filed here: [insert issue ID]
  • [ ] This PR does not require updating any documentation

Behavior

  • [ ] This PR changes product behavior and has been reviewed by a PO, or
  • [ ] These changes are part of a larger initiative that will be reviewed later, or
  • [ ] No behavior was changed with this PR

Security

  • [ ] Security architect has reviewed the changes in this PR,
  • [ ] These changes are part of a larger initiative with a separate security review, or
  • [ ] There are no security aspects to these changes

codihuston avatar Jan 09 '23 22:01 codihuston

Is this still relevant @codihuston?

szh avatar May 12 '25 19:05 szh