Skip to content

Commit

Permalink
Merge pull request #47 from vaikas/break-things-apart
Browse files Browse the repository at this point in the history
Use the CI release version of the SQL server that has the schema
  • Loading branch information
vaikas authored Feb 26, 2022
2 parents 95b6d39 + cb82d14 commit 1620cdf
Show file tree
Hide file tree
Showing 12 changed files with 20 additions and 394 deletions.
10 changes: 4 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -63,12 +63,10 @@ Here’s a high level overview of the components in play that we would like to b

## [Trillian](https://github.com/google/trillian)

For Trillian, there needs to be a database and a schema before Trillian services are able to function. Our assumption is that there is a provisioned mysql database, for our Github actions, we spin up a [container](https://hub.docker.com/_/mysql) that has the mysql running, and then we need to create a [schema](https://github.com/google/trillian/blob/master/storage/mysql/schema/storage.sql) for it.

For this we create a Kubernetes Job, which runs against a given mysql database and verifies that all the tables and indices exist. It does not currently handle upgrades to schema, but this is a feature that could be added, but looking at the Change History of the schema, the schema seems to be stable and adding this feature seemed not worth doing at this point.

So, we have a k8s Job called **‘CreateDB’** which is responsible for creating the schema for a given database. As a reminder, because this is a job, automation can gate any further action before this Job successfully completes. We can also (but not currently) make Trillian services depend on the output of ‘**CreateDB’** before proceeding (by using the mounting technique described above), but we have not had need for that yet because they recover if the schema does not exist.

For Trillian, there needs to be a database before Trillian services are able to
function. Our assumption is that there is a provisioned mysql database, for our
Github actions, we spin up a [container](gcr.io/trillian-opensource-ci/db_server@sha256:e58334fead37d1f03c77c80f66008966e79739d85214b373b3c0a69f97c59359) that
has the mysql running, and Trillian [schema](https://github.com/google/trillian/blob/master/storage/mysql/schema/storage.sql) on it.

## [Rekor](https://github.com/sigstore/rekor)

Expand Down
296 changes: 0 additions & 296 deletions cmd/trillian/createdb/main.go

This file was deleted.

7 changes: 3 additions & 4 deletions cmd/trillian/createtree/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ import (
"fmt"
"time"

"github.com/golang/glog"
"github.com/google/trillian"
"github.com/google/trillian/client"
"github.com/google/trillian/client/rpcflags"
Expand Down Expand Up @@ -79,7 +78,7 @@ func main() {
}

func createTree(ctx context.Context) (*trillian.Tree, error) {
req, err := newRequest()
req, err := newRequest(ctx)
if err != nil {
return nil, err
}
Expand All @@ -101,7 +100,7 @@ func createTree(ctx context.Context) (*trillian.Tree, error) {
return client.CreateAndInitTree(ctx, req, adminClient, logClient)
}

func newRequest() (*trillian.CreateTreeRequest, error) {
func newRequest(ctx context.Context) (*trillian.CreateTreeRequest, error) {
ts, ok := trillian.TreeState_value[*treeState]
if !ok {
return nil, fmt.Errorf("unknown TreeState: %v", *treeState)
Expand All @@ -119,7 +118,7 @@ func newRequest() (*trillian.CreateTreeRequest, error) {
Description: *description,
MaxRootDuration: durationpb.New(*maxRootDuration),
}}
glog.Infof("Creating tree %+v", ctr.Tree)
logging.FromContext(ctx).Infof("Creating Tree: %+v", ctr.Tree)

return ctr, nil
}
7 changes: 0 additions & 7 deletions config/trillian/createdb/100-namespace.yaml

This file was deleted.

14 changes: 0 additions & 14 deletions config/trillian/createdb/101-secret.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions config/trillian/createdb/101-service-account.yaml

This file was deleted.

Loading

0 comments on commit 1620cdf

Please sign in to comment.