gatekeeper icon indicating copy to clipboard operation
gatekeeper copied to clipboard

Published 20 hours ago verified publisher icon open-policy-agent

fix: refactoring to remove pubsub flags to improve experience

Open JaydipGabani opened this issue 11 months ago • 8 comments

What this PR does / why we need it:

  • Removing --audit-connection and --audit-channel flags to reduce configuration complexity
  • Adding support to define channel/topic to publish messages within dapr driver
  • Publishing to all established connections

Which issue(s) this PR fixes (optional, using fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when the PR gets merged): Fixes #

Special notes for your reviewer:

JaydipGabani avatar Mar 27 '24 23:03 JaydipGabani

Codecov Report

Attention: Patch coverage is 50.00000% with 12 lines in your changes are missing coverage. Please review.

Project coverage is 46.72%. Comparing base (3350319) to head (acc6280). Report is 57 commits behind head on master.

Files Patch % Lines
pkg/pubsub/dapr/dapr.go 40.00% 5 Missing and 1 partial :warning:
pkg/pubsub/dapr/fake_dapr_client.go 16.66% 5 Missing :warning:
pkg/audit/manager.go 0.00% 1 Missing :warning:
Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #3339      +/-   ##
==========================================
- Coverage   54.49%   46.72%   -7.77%     
==========================================
  Files         134      218      +84     
  Lines       12329    14798    +2469     
==========================================
+ Hits         6719     6915     +196     
- Misses       5116     7079    +1963     
- Partials      494      804     +310
Flag Coverage Δ
unittests 46.72% <50.00%> (-7.77%) :arrow_down:

Flags with carried forward coverage won't be shown. Click here to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

codecov-commenter avatar Apr 01 '24 16:04 codecov-commenter

I'm confused as to how this improves UX. If a customer doesn't specify the flags, won't they get the default values, which is an equivalent effort on the users part?

If a user is using a custom queue value/name how would they be able to continue to do so with this change?

Are there any backwards compatibility concerns removing flags from the command line and Helm chart?

maxsmythe avatar Apr 02 '24 01:04 maxsmythe

Also, we probably want to ensure pubsub can still be disabled for those who do not want to use it.

maxsmythe avatar Apr 02 '24 01:04 maxsmythe

Sorry, that last comment was off-topic... you mistakenly removed enablePubsub from the Helm config's values file instead of the channel name flag.

maxsmythe avatar Apr 02 '24 01:04 maxsmythe

I'm confused as to how this improves UX. If a customer doesn't specify the flags, won't they get the default values, which is an equivalent effort on the users part?

If a user is using a custom queue value/name how would they be able to continue to do so with this change?

Are there any backwards compatibility concerns removing flags from the command line and Helm chart?

Instead of using flags to define global connection and channel - ensure that --audit-connection must match name of the configMap to send messages, the channel/queue should now be defined as a part of spec in connectionConfig. So each connection will say on which queue these messages should be sent out to. And instead of using only one connection for all messages, now pubsub would be able to use all the configured connections to send messages as it will not be required to sepcify a connection using audit-connection flag.

JaydipGabani avatar Apr 08 '24 17:04 JaydipGabani

I'm confused as to how this improves UX. If a customer doesn't specify the flags, won't they get the default values, which is an equivalent effort on the users part? If a user is using a custom queue value/name how would they be able to continue to do so with this change? Are there any backwards compatibility concerns removing flags from the command line and Helm chart?

Instead of using flags to define global connection and channel - ensure that --audit-connection must match name of the configMap to send messages, the channel/queue should now be defined as a part of spec in connectionConfig. So each connection will say on which queue these messages should be sent out to. And instead of using only one connection for all messages, now pubsub would be able to use all the configured connections to send messages as it will not be required to sepcify a connection using audit-connection flag.

The concern here is by removing flags, it will definitely break in-place upgrade if users are using this alpha feature. are we ok with doing that for an alpha feature? @maxsmythe If not, then we need to follow the same deprecation process as other flags to add deprecation message for 2-3 releases before we can remove it. e.g. the validate-template-rego flag lived for 3 releases before we can remove it in 3.16.

Separately, you should add some details in the docs for how users can use topic in the configmap to describe connections and queues they want to use for different purposes. Add few examples on top of the audit one maybe.

ritazh avatar Apr 30 '24 21:04 ritazh

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 14 days if no further activity occurs. Thank you for your contributions.

stale[bot] avatar Jul 12 '24 22:07 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 14 days if no further activity occurs. Thank you for your contributions.

stale[bot] avatar Sep 17 '24 00:09 stale[bot]