Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Exclude non-discoverable silos from IP pool silos list #4962

Merged
merged 2 commits into from
Feb 2, 2024
Merged

Exclude non-discoverable silos from IP pool silos list #4962

merged 2 commits into from
Feb 2, 2024

Conversation

david-crespo
Copy link
Contributor

They're still linkable, just like they're still GETable by name or ID. They just don't show up in lists.

Closes #4955

david-crespo
david-crespo commented Feb 1, 2024
View reviewed changes
nexus/db-queries/src/db/datastore/ip_pool.rs
.filter(ip_pool::id.eq(authz_pool.id()))
.filter(ip_pool::time_deleted.is_null())
.filter(silo::time_deleted.is_null())
.filter(silo::discoverable.eq(true))
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Matching the logic in silos_list. Since we're not joining on silo, we can also filter out links to deleted silos, even though it should be impossible to have any such links after #4867.

omicron/nexus/db-queries/src/db/datastore/silo.rs

Lines 322 to 351 in 0531d61

pub async fn silos_list(
&self,
opctx: &OpContext,
pagparams: &PaginatedBy<'_>,
discoverability: Discoverability,
) -> ListResultVec<Silo> {
opctx.authorize(authz::Action::ListChildren, &authz::FLEET).await?;
use db::schema::silo::dsl;
let mut query = match pagparams {
PaginatedBy::Id(params) => paginated(dsl::silo, dsl::id, &params),
PaginatedBy::Name(params) => paginated(
dsl::silo,
dsl::name,
&params.map_name(|n| Name::ref_cast(n)),
),
}
.filter(dsl::id.ne(INTERNAL_SILO.id()))
.filter(dsl::time_deleted.is_null());
if let Discoverability::DiscoverableOnly = discoverability {
query = query.filter(dsl::discoverable.eq(true));
}
query
.select(Silo::as_select())
.load_async::<Silo>(&*self.pool_connection_authorized(opctx).await?)
.await
.map_err(|e| public_error_from_diesel(e, ErrorHandler::Server))
}

david-crespo
david-crespo commented Feb 1, 2024
View reviewed changes
schema/crdb/23.0.0/up4.sql Outdated
@@ -36,6 +36,7 @@ CROSS JOIN omicron.public.silo AS s
WHERE p.time_deleted IS null
AND p.silo_id IS null -- means it's a fleet pool
AND s.time_deleted IS null
-- TODO: AND NOT s.discoverable ???
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Leaning toward not adding this additional filter. The goal is to convert existing data to the new model while keeping the logic the same, and if P0 is a fleet default pool before this migration, it is accessible from non-discoverable silos. So in order to keep the behavior the same after the migration, P0 should be linked to those silos.

@david-crespo david-crespo merged commit 6132e13 into main Feb 2, 2024
20 checks passed
@david-crespo david-crespo deleted the filter-non-discoverable-silos branch February 2, 2024 02:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zephraph zephraph zephraph approved these changes

@charliepark charliepark Awaiting requested review from charliepark

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Exclude non-discoverable silos from list of linked silos for IP pool
2 participants
@david-crespo @zephraph