synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-03 16:13:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: fix tailnet resume using incorrect DB reference (#15522)

Browse Source 
- We were instantiating a cryptokey cache with a vanilla reference to
the database instead of one wrapped by dbcrypt.
- Fixes an issue where failing to instantiate unrelated keycaches does
not fatally error out.
This commit is contained in:
Jon Ayers
2024-11-18 14:09:04 -06:00
committed by GitHub
parent 4fedc7cf3d
commit 48bb452829
2 changed files with 23 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
coderd/coderd.go
View File

@ -467,7 +467,7 @@ func New(options *Options) *API {
codersdk.CryptoKeyFeatureOIDCConvert,
)
if err != nil {
options.Logger.Critical(ctx, "failed to properly instantiate oidc convert signing cache", slog.Error(err))
options.Logger.Fatal(ctx, "failed to properly instantiate oidc convert signing cache", slog.Error(err))
}
}
@ -478,7 +478,7 @@ func New(options *Options) *API {
codersdk.CryptoKeyFeatureWorkspaceAppsToken,
)
if err != nil {
options.Logger.Critical(ctx, "failed to properly instantiate app signing key cache", slog.Error(err))
options.Logger.Fatal(ctx, "failed to properly instantiate app signing key cache", slog.Error(err))
}
}
@ -489,10 +489,30 @@ func New(options *Options) *API {
codersdk.CryptoKeyFeatureWorkspaceAppsAPIKey,
)
if err != nil {
options.Logger.Critical(ctx, "failed to properly instantiate app encryption key cache", slog.Error(err))
options.Logger.Fatal(ctx, "failed to properly instantiate app encryption key cache", slog.Error(err))
}
}
if options.CoordinatorResumeTokenProvider == nil {
fetcher := &cryptokeys.DBFetcher{
DB: options.Database,
}
resumeKeycache, err := cryptokeys.NewSigningCache(ctx,
options.Logger,
fetcher,
codersdk.CryptoKeyFeatureTailnetResume,
)
if err != nil {
options.Logger.Fatal(ctx, "failed to properly instantiate tailnet resume signing cache", slog.Error(err))
}
options.CoordinatorResumeTokenProvider = tailnet.NewResumeTokenKeyProvider(
resumeKeycache,
options.Clock,
tailnet.DefaultResumeTokenExpiry,
)
}
updatesProvider := NewUpdatesProvider(options.Logger.Named("workspace_updates"), options.Pubsub, options.Database, options.Authorizer)
// Start a background process that rotates keys. We intentionally start this after the caches