[nexus] webhooks #7277
[nexus] webhooks #7277
Conversation
hawkw
force-pushed
the
eliza/webhook-models
branch
from
51f7f8e to
139cfe6
Compare
hawkw
force-pushed
the
eliza/webhook-models
branch
2 times, most recently
from
140aea4 to
0b80c8f
Compare
hawkw
force-pushed
the
eliza/webhook-models
branch
from
41cf0b0 to
2bc5925
Compare
|
I think I've come around a bit to @andrewjstone's proposal that the event classes be a DB enum, so I'm planning to change that. I'd like to have a way to include a couple "test" variants in there that aren't exposed in the public API, so I'll be giving some thought to how to deal with that. |
Glob subscription entries in |
|
As far as GCing old events from the event table, dispatching an event should probably add a count of the number of receivers it was dispatched to, and then when we successfully deliver the event, we increment a count of successes. That way, we would not consider an event entry eligible to be deleted unless the two counts are equal; we want to hang onto events that weren't successfully delivered so any failed deliveries can be re-triggered. GCing an event would also clean up any child delivery attempt records. |
This commit adds (unimplemented) public API endpoints for managing Nexus webhooks, as described in [RFD 364][1]. [1]: https://rfd.shared.oxide.computer/rfd/364#_external_api
Co-authored-by: Augustus Mayo <[email protected]>
and add some more valdation
hawkw
force-pushed
the
eliza/webhook-models
branch
from
67a041b to
1d09bfc
Compare
|
@smklein I believe I've either addressed or replied to all your review comments, I'd love another look when you have the time! |
Co-authored-by: Sean Klein <[email protected]>
'cause we give everyhing UUIDs i guess
hawkw
force-pushed
the
eliza/webhook-models
branch
from
fa359f5 to
f846125
Compare
see: #7277 (comment) gotta figure out how to test this...
|
AGH MY BAD i forgot that seanmonstar/reqwest#2623 hasn't actually been merged yet, oops. gotta take a git dep for now. |
| // If we are configured to only bind external TCP connections on a specific interface, do so. | ||
| #[cfg(any( | ||
| target_os = "linux", | ||
| target_os = "macos", | ||
| target_os = "illumos", | ||
| ))] | ||
| { |
There was a problem hiding this comment.
This seems like it's trying to resolve #7277 (comment), correct?
- Is this actually getting set in our production config? I see that
ExternalHttpClientConfighas a default value ofNonefor interface, and I cannot see where this would otherwise be set. - Is it possible for us to have a test here?
There was a problem hiding this comment.
Whops, I started writing up a comment about this but I think I accidentally closed the tab without posting it. 😅
What I meant to say was that I still need to write a test for this, and that I think it's going to be kind of a pain. To wit:
- the test needs to run in a production-like network (which I think means a live test)
- the test will need to stand up some kind of underlay network service that it can assert DIDN'T get a webhook request sent to it
- the test will need a way of triggering a webhook on a running control plane (which we don't have presently but probably should add for this sort of thing)
- we should also be testing that a webhook request does get sent to a service external to teh rack network in a prod-like network config, which...i'm not sure how possible that is with the current live test framework? might require additional work on that, or manual verification for now?
There was a problem hiding this comment.
To answer the other question, the OPTE interface name gets set here by sled-agent when constructing the DeploymentConfig for a Nexus zone: 0cf8154#diff-b8a6f13742cae29f44d095f6b9e8c2febc712e0ff86f01f3c8ec9d4e5d2db396
It's unset otherwise, so that the integration tests for webhooks work outside of prod-like networks.
This branch adds an MVP implementation of the internal machinery for delivering webhooks from Nexus. This includes:
delivery status
The user-facing interface for webhooks is described in greater detail in RFD 538. The code change in this branch includes a "Big Theory Statement" comment that describes most of the implementation details, so reviewers are encouraged to refer to that for more information on the implementation.
Future Work
Immediate follow-up work (i.e. stuff I'd like to do shortly but would prefer to land in separate PRs):
webhook_delivery,webhook_delivery_attempt, andwebhook_eventCRDB tables (need to figure out a good retention policy for events)omdb db webhookscommands for actually looking at the webhook database tablesNot currently planned, but possible future work:
/v1/webhooks/event-classesendpoints, or both)fleet.viewer(see RFD 538 Appendix B.3); probably requires service accounts