diff options
Diffstat (limited to 'app/workers/authorized_project_update')
3 files changed, 50 insertions, 17 deletions
diff --git a/app/workers/authorized_project_update/project_recalculate_worker.rb b/app/workers/authorized_project_update/project_recalculate_worker.rb new file mode 100644 index 00000000000..3f0672992ef --- /dev/null +++ b/app/workers/authorized_project_update/project_recalculate_worker.rb @@ -0,0 +1,30 @@ +# frozen_string_literal: true + +module AuthorizedProjectUpdate + class ProjectRecalculateWorker + include ApplicationWorker + include Gitlab::ExclusiveLeaseHelpers + + feature_category :authentication_and_authorization + urgency :high + queue_namespace :authorized_project_update + + deduplicate :until_executing, including_scheduled: true + idempotent! + + def perform(project_id) + project = Project.find_by_id(project_id) + return unless project + + in_lock(lock_key(project), ttl: 10.seconds) do + AuthorizedProjectUpdate::ProjectRecalculateService.new(project).execute + end + end + + private + + def lock_key(project) + "#{self.class.name.underscore}/#{project.root_namespace.id}" + end + end +end diff --git a/app/workers/authorized_project_update/user_refresh_from_replica_worker.rb b/app/workers/authorized_project_update/user_refresh_from_replica_worker.rb new file mode 100644 index 00000000000..5ca9de63fd7 --- /dev/null +++ b/app/workers/authorized_project_update/user_refresh_from_replica_worker.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +module AuthorizedProjectUpdate + class UserRefreshFromReplicaWorker < ::AuthorizedProjectsWorker + feature_category :authentication_and_authorization + urgency :low + queue_namespace :authorized_project_update + deduplicate :until_executing, including_scheduled: true + + idempotent! + + # This worker will start reading data from the replica database soon + # Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/333219 + end +end diff --git a/app/workers/authorized_project_update/user_refresh_over_user_range_worker.rb b/app/workers/authorized_project_update/user_refresh_over_user_range_worker.rb index 2e4e2dd3232..ab4d9c13422 100644 --- a/app/workers/authorized_project_update/user_refresh_over_user_range_worker.rb +++ b/app/workers/authorized_project_update/user_refresh_over_user_range_worker.rb @@ -2,10 +2,9 @@ module AuthorizedProjectUpdate class UserRefreshOverUserRangeWorker # rubocop:disable Scalability/IdempotentWorker - # When the feature flag named `periodic_project_authorization_update_via_replica` is enabled, - # this worker checks if a specific user requires an update to their project_authorizations records. + # This worker checks if users requires an update to their project_authorizations records. # This check is done via the data read from the database replica (and not from the primary). - # If this check returns true, a completely new Sidekiq job is enqueued for this specific user + # If this check returns true, a completely new Sidekiq job is enqueued for a specific user # so as to update its project_authorizations records. # There is a possibility that the data in the replica is lagging behind the primary @@ -24,25 +23,16 @@ module AuthorizedProjectUpdate # `data_consistency :delayed` and not `idempotent!` # See https://gitlab.com/gitlab-org/gitlab/-/issues/325291 deduplicate :until_executing, including_scheduled: true - data_consistency :delayed, feature_flag: :delayed_consistency_for_user_refresh_over_range_worker + data_consistency :delayed def perform(start_user_id, end_user_id) - if Feature.enabled?(:periodic_project_authorization_update_via_replica) - User.where(id: start_user_id..end_user_id).find_each do |user| # rubocop: disable CodeReuse/ActiveRecord - enqueue_project_authorizations_refresh(user) if project_authorizations_needs_refresh?(user) - end - else - use_primary_database - AuthorizedProjectUpdate::RecalculateForUserRangeService.new(start_user_id, end_user_id).execute + User.where(id: start_user_id..end_user_id).find_each do |user| # rubocop: disable CodeReuse/ActiveRecord + enqueue_project_authorizations_refresh(user) if project_authorizations_needs_refresh?(user) end end private - def use_primary_database - # no-op in CE, overriden in EE - end - def project_authorizations_needs_refresh?(user) AuthorizedProjectUpdate::FindRecordsDueForRefreshService.new(user).needs_refresh? end @@ -54,5 +44,3 @@ module AuthorizedProjectUpdate end end end - -AuthorizedProjectUpdate::UserRefreshOverUserRangeWorker.prepend_mod_with('AuthorizedProjectUpdate::UserRefreshOverUserRangeWorker') |