Google Git
Sign in
gerrit / modules / remote-gerrit-account-cache / refs/heads/master
commitc00261a961e65d07ce477dc2f88e757ed48d0b6c[log] [tgz]
authorPrakash Aswal <prakash.aswal@linaro.org>Fri May 03 15:06:42 2024 +0530
committerPrakash Aswal <prakash.aswal@linaro.org>Thu May 09 14:57:22 2024 +0530
tree2498517ba97cc3e7c8b85f76281b1d6b6b245292
parent436b6f4cc24f9bfc61a3398dec2ebc9d809b4097 [diff]
Add AccountCacheImpl.AccountCacheBindingModule

With change If9a5ea1e2d2fd071e0765ebab844c8a87f3c2fbc gerrit doesn't
come up and throws error [1] when remotegerritaccountcache is installed.
Adapt AccountCacheImpl class to use AccountCacheBindingModule for
binding to work correctly.

Bump gerrit plugin API version to stable-3.10 release

[1]
[main] ERROR com.google.gerrit.pgm.Daemon : Unable to start daemon
com.google.inject.CreationException: Unable to create injector, see the following errors:
1) [Guice/BindingAlreadySet]: AccountCache was bound multiple times.
Bound at:
1  : AccountCacheImpl$AccountCacheModule.configure(AccountCacheImpl.java:99)
2  : AccountCacheImpl$AccountCacheBindingModule.configure(AccountCacheImpl.java:86)

Change-Id: I0b83d64b2bbcb49a303edf16d2a7fffed573455b
2 files changed
tree: 2498517ba97cc3e7c8b85f76281b1d6b6b245292
  1. src/
  2. tools/
  3. .bazelrc
  4. .bazelversion
  5. .gitignore
  6. bazlets.bzl
  7. BUILD
  8. Jenkinsfile
  9. LICENSE
  10. README.md
  11. WORKSPACE
README.md

About

The remote-gerrit-account-cache lib provides a way to sync accounts from a remote Gerrit system. This library overrides the Accounts cache implementation from core and loads accounts from a remote Gerrit system using /accounts/ REST APIs. Upon fetching the account info from the remote Gerrit REST API, the account is saved into NoteDb and re-indexed. If the remote Gerrit REST API fails to return the account, the cache falls back to the account stored in NoteDb.

The HTTP user needs to have ‘View All Accounts’, ‘Modify Account’ and ‘View Secondary Emails’ Capabilities in remote gerrit site inorder to fetch account details using /accounts/{account-id}/detail and /accounts/{account-id}/external.ids REST APIs.

The remote REST APIs fired from this lib module are rate limited to 8 per second. This can be changed with a config if needed.

Test scenarios:

Add new email

Add new email address for a user in the remote Gerrit site. The new email address must be visible on the internal site either after accounts cache expiry or flushing the accounts cache.

Update preferred email

Update preferred email for a user in the remote Gerrit site. The update must be visible on the internal site either after accounts cache expiry or flushing the accounts cache.

Delete an email

Delete an email for a user in the remote Gerrit site. The update must be visible on the internal site either after accounts cache expiry or flushing the accounts cache.

Add a new account

Add a new account in the remote Gerrit site. The new account must be visible on the internal site whenever the new account is queried for.

Delete an account

Delete an account in the remote Gerrit site. The internal Gerrit site continues to return the account as it falls-back to NoteDB when /accounts/ API fails to return an account.

Accounts cache timeout

The entries in the accounts cache must be evicted after maxAge duration reaches.

API throttling

The remote REST APIs must be throttled based on the requestsPerSecond gerrit setting.

How to build

This lib can be built either standalone or in-tree.

Example:

bazel build remote-gerrit-account-cache

The output module jar is created in:

bazel-bin/remote-gerrit-account-cache.jar

How to install

Copy the remote-gerrit-account-cache.jar into the ${GERRIT_SITE}/lib/ so that it is being loaded when the Gerrit instance is started. Note that the following configuration options need to be added.

Configuration

Section gerrit

gerrit.installModule

AccountCache module which will be overriding the core AccountCache implementation. By default, unset.

Example:

[gerrit]
    installModule = com.googlesource.gerrit.plugins.remotegerritaccountcache.AccountCacheImpl$AccountCacheModule

Section remote-gerrit-account-cache

remote-gerrit-account-cache.remoteGerritBaseUrl

The remote Gerrit site base URL. By default, unset.

Example:

[remote-gerrit-account-cache]
    remoteGerritBaseUrl = https://gerrit.example.com

remote-gerrit-account-cache.httpUsername

The remote Gerrit site HTTP username. By default, unset.

Example:

[remote-gerrit-account-cache]
    httpUsername = example

remote-gerrit-account-cache.httpPassword

The remote Gerrit site HTTP password. By default, unset.

Example:

[remote-gerrit-account-cache]
    httpPassword = ***

remote-gerrit-account-cache.requestsPerSecond

The maximum rate at which the remote REST APIs are fired. By default, set to 8 per second.

Example:

[remote-gerrit-account-cache]
    requestsPerSecond = 10

Section cache

cache.accounts.maxAge

Maximum age to keep an entry in the accounts cache. By default, the entries in accounts cache expire in a day.

Example:

[cache "accounts"]
    maxAge = 1d

cache.accounts.refreshAfterWrite

Duration after which account cache entries are eligible for asynchronous refresh. By default, set to 23h.

Example:

[cache "accounts"]
    refreshAfterWrite = 23h