Add tests for resync and pubsub, and add back previous exp backoff retry

kylecarbs · kylecarbs · commit 1955ae3aa02e · 2022-09-19T19:04:58.000Z
diff --git a/enterprise/coderd/coderd.go b/enterprise/coderd/coderd.go
@@ -10,6 +10,7 @@ import (
 
 	"golang.org/x/xerrors"
 
+	"github.com/cenkalti/backoff/v4"
 	"github.com/go-chi/chi/v5"
 
 	"cdr.dev/slog"
@@ -64,7 +65,7 @@ func New(ctx context.Context, options *Options) (*API, error) {
 	if err != nil {
 		return nil, xerrors.Errorf("update entitlements: %w", err)
 	}
-	api.closeLicenseSubscribe, err = api.Pubsub.Subscribe(pubSubEventLicenses, func(ctx context.Context, message []byte) {
+	api.closeLicenseSubscribe, err = api.Pubsub.Subscribe(PubsubEventLicenses, func(ctx context.Context, message []byte) {
 		_ = api.updateEntitlements(ctx)
 	})
 	if err != nil {
@@ -101,23 +102,6 @@ func (api *API) Close() error {
 	return api.AGPL.Close()
 }
 
-func (api *API) runEntitlementsLoop(ctx context.Context) {
-	ticker := time.NewTicker(api.EntitlementsUpdateInterval)
-	defer ticker.Stop()
-	for {
-		select {
-		case <-ctx.Done():
-			return
-		case <-ticker.C:
-		}
-		err := api.updateEntitlements(ctx)
-		if err != nil {
-			api.Logger.Warn(ctx, "failed to get feature entitlements", slog.Error(err))
-			continue
-		}
-	}
-}
-
 func (api *API) updateEntitlements(ctx context.Context) error {
 	licenses, err := api.Database.GetUnexpiredLicenses(ctx)
 	if err != nil {
@@ -169,7 +153,7 @@ func (api *API) updateEntitlements(ctx context.Context) error {
 		auditor := agplaudit.NewNop()
 		// A flag could be added to the options that would allow disabling
 		// enhanced audit logging here!
-		if api.auditLogs == codersdk.EntitlementEntitled && api.AuditLogging {
+		if auditLogs == codersdk.EntitlementEntitled && api.AuditLogging {
 			auditor = audit.NewAuditor(
 				audit.DefaultFilter,
 				backends.NewPostgres(api.Database, true),
@@ -231,6 +215,64 @@ func (api *API) entitlements(rw http.ResponseWriter, r *http.Request) {
 	httpapi.Write(rw, http.StatusOK, resp)
 }
 
+func (api *API) runEntitlementsLoop(ctx context.Context) {
+	eb := backoff.NewExponentialBackOff()
+	eb.MaxElapsedTime = 0 // retry indefinitely
+	b := backoff.WithContext(eb, ctx)
+	updates := make(chan struct{}, 1)
+	subscribed := false
+
+	for {
+		select {
+		case <-ctx.Done():
+			return
+		default:
+			// pass
+		}
+		if !subscribed {
+			cancel, err := api.Pubsub.Subscribe(PubsubEventLicenses, func(_ context.Context, _ []byte) {
+				// don't block.  If the channel is full, drop the event, as there is a resync
+				// scheduled already.
+				select {
+				case updates <- struct{}{}:
+					// pass
+				default:
+					// pass
+				}
+			})
+			if err != nil {
+				api.Logger.Warn(ctx, "failed to subscribe to license updates", slog.Error(err))
+				time.Sleep(b.NextBackOff())
+				continue
+			}
+			// nolint: revive
+			defer cancel()
+			subscribed = true
+			api.Logger.Debug(ctx, "successfully subscribed to pubsub")
+		}
+
+		api.Logger.Info(ctx, "syncing licensed entitlements")
+		err := api.updateEntitlements(ctx)
+		if err != nil {
+			api.Logger.Warn(ctx, "failed to get feature entitlements", slog.Error(err))
+			time.Sleep(b.NextBackOff())
+			continue
+		}
+		b.Reset()
+		api.Logger.Debug(ctx, "synced licensed entitlements")
+
+		select {
+		case <-ctx.Done():
+			return
+		case <-time.After(api.EntitlementsUpdateInterval):
+			continue
+		case <-updates:
+			api.Logger.Debug(ctx, "got pubsub update")
+			continue
+		}
+	}
+}
+
 func max(a, b int64) int64 {
 	if a > b {
 		return a
diff --git a/enterprise/coderd/coderd_test.go b/enterprise/coderd/coderd_test.go
@@ -2,16 +2,22 @@ package coderd_test
 
 import (
 	"context"
+	"reflect"
 	"testing"
 	"time"
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"go.uber.org/goleak"
 
+	agplaudit "github.com/coder/coder/coderd/audit"
 	"github.com/coder/coder/coderd/coderdtest"
+	"github.com/coder/coder/coderd/database"
 	"github.com/coder/coder/codersdk"
+	"github.com/coder/coder/enterprise/audit"
+	"github.com/coder/coder/enterprise/coderd"
 	"github.com/coder/coder/enterprise/coderd/coderdenttest"
+	"github.com/coder/coder/testutil"
 )
 
 func TestMain(m *testing.M) {
@@ -40,7 +46,7 @@ func TestEntitlements(t *testing.T) {
 		t.Parallel()
 		client := coderdenttest.New(t, nil)
 		_ = coderdtest.CreateFirstUser(t, client)
-		coderdenttest.AddLicense(t, client, coderdenttest.AddLicenseOptions{
+		coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
 			UserLimit: 100,
 			AuditLog:  true,
 		})
@@ -63,7 +69,7 @@ func TestEntitlements(t *testing.T) {
 		t.Parallel()
 		client := coderdenttest.New(t, nil)
 		_ = coderdtest.CreateFirstUser(t, client)
-		license := coderdenttest.AddLicense(t, client, coderdenttest.AddLicenseOptions{
+		license := coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
 			UserLimit: 100,
 			AuditLog:  true,
 		})
@@ -79,7 +85,7 @@ func TestEntitlements(t *testing.T) {
 
 		res, err = client.Entitlements(context.Background())
 		require.NoError(t, err)
-		assert.True(t, res.HasLicense)
+		assert.False(t, res.HasLicense)
 		al = res.Features[codersdk.FeatureAuditLog]
 		assert.Equal(t, codersdk.EntitlementNotEntitled, al.Entitlement)
 		assert.True(t, al.Enabled)
@@ -91,7 +97,7 @@ func TestEntitlements(t *testing.T) {
 		for i := 0; i < 4; i++ {
 			coderdtest.CreateAnotherUser(t, client, first.OrganizationID)
 		}
-		coderdenttest.AddLicense(t, client, coderdenttest.AddLicenseOptions{
+		coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
 			UserLimit: 4,
 			AuditLog:  true,
 			GraceAt:   time.Now().Add(-time.Second),
@@ -115,4 +121,73 @@ func TestEntitlements(t *testing.T) {
 		assert.Contains(t, res.Warnings,
 			"Audit logging is enabled but your license for this feature is expired.")
 	})
+	t.Run("Pubsub", func(t *testing.T) {
+		t.Parallel()
+		client, _, api := coderdenttest.NewWithAPI(t, nil)
+		entitlements, err := client.Entitlements(context.Background())
+		require.NoError(t, err)
+		require.False(t, entitlements.HasLicense)
+		coderdtest.CreateFirstUser(t, client)
+		_, err = api.Database.InsertLicense(context.Background(), database.InsertLicenseParams{
+			UploadedAt: database.Now(),
+			Exp:        database.Now().AddDate(1, 0, 0),
+			JWT: coderdenttest.GenerateLicense(t, coderdenttest.LicenseOptions{
+				AuditLog: true,
+			}),
+		})
+		require.NoError(t, err)
+		err = api.Pubsub.Publish(coderd.PubsubEventLicenses, []byte{})
+		require.NoError(t, err)
+		require.Eventually(t, func() bool {
+			entitlements, err := client.Entitlements(context.Background())
+			assert.NoError(t, err)
+			return entitlements.HasLicense
+		}, testutil.WaitShort, testutil.IntervalFast)
+	})
+	t.Run("Resync", func(t *testing.T) {
+		t.Parallel()
+		client, _, api := coderdenttest.NewWithAPI(t, &coderdenttest.Options{
+			EntitlementsUpdateInterval: 25 * time.Millisecond,
+		})
+		entitlements, err := client.Entitlements(context.Background())
+		require.NoError(t, err)
+		require.False(t, entitlements.HasLicense)
+		coderdtest.CreateFirstUser(t, client)
+		_, err = api.Database.InsertLicense(context.Background(), database.InsertLicenseParams{
+			UploadedAt: database.Now(),
+			Exp:        database.Now().AddDate(1, 0, 0),
+			JWT: coderdenttest.GenerateLicense(t, coderdenttest.LicenseOptions{
+				AuditLog: true,
+			}),
+		})
+		require.NoError(t, err)
+		require.Eventually(t, func() bool {
+			entitlements, err := client.Entitlements(context.Background())
+			assert.NoError(t, err)
+			return entitlements.HasLicense
+		}, testutil.WaitShort, testutil.IntervalFast)
+	})
+}
+
+func TestAuditLogging(t *testing.T) {
+	t.Parallel()
+	t.Run("Enabled", func(t *testing.T) {
+		t.Parallel()
+		client, _, api := coderdenttest.NewWithAPI(t, nil)
+		coderdtest.CreateFirstUser(t, client)
+		coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
+			AuditLog: true,
+		})
+		_, auditor := api.AGPL.Auditor.Load(context.Background())
+		ea := audit.NewAuditor(audit.DefaultFilter)
+		assert.Equal(t, reflect.ValueOf(ea).Type(), reflect.ValueOf(auditor).Type())
+	})
+	t.Run("Disabled", func(t *testing.T) {
+		t.Parallel()
+		client, _, api := coderdenttest.NewWithAPI(t, nil)
+		coderdtest.CreateFirstUser(t, client)
+		_, auditor := api.AGPL.Auditor.Load(context.Background())
+		ea := agplaudit.NewNop()
+		assert.Equal(t, reflect.ValueOf(ea).Type(), reflect.ValueOf(auditor).Type())
+	})
 }
diff --git a/enterprise/coderd/coderdenttest/coderdenttest.go b/enterprise/coderd/coderdenttest/coderdenttest.go
@@ -36,6 +36,7 @@ func init() {
 
 type Options struct {
 	*coderdtest.Options
+	EntitlementsUpdateInterval time.Duration
 }
 
 // New constructs a codersdk client connected to an in-memory Enterprise API instance.
@@ -53,8 +54,9 @@ func NewWithAPI(t *testing.T, options *Options) (*codersdk.Client, io.Closer, *c
 	}
 	srv, oop := coderdtest.NewOptions(t, options.Options)
 	coderAPI, err := coderd.New(context.Background(), &coderd.Options{
-		AuditLogging: true,
-		Options:      oop,
+		AuditLogging:               true,
+		Options:                    oop,
+		EntitlementsUpdateInterval: options.EntitlementsUpdateInterval,
 		Keys: map[string]ed25519.PublicKey{
 			testKeyID: testPublicKey,
 		},
@@ -72,7 +74,7 @@ func NewWithAPI(t *testing.T, options *Options) (*codersdk.Client, io.Closer, *c
 	return codersdk.New(coderAPI.AccessURL), provisionerCloser, coderAPI
 }
 
-type AddLicenseOptions struct {
+type LicenseOptions struct {
 	AccountType string
 	AccountID   string
 	GraceAt     time.Time
@@ -82,7 +84,16 @@ type AddLicenseOptions struct {
 }
 
 // AddLicense generates a new license with the options provided and inserts it.
-func AddLicense(t *testing.T, client *codersdk.Client, options AddLicenseOptions) codersdk.License {
+func AddLicense(t *testing.T, client *codersdk.Client, options LicenseOptions) codersdk.License {
+	license, err := client.AddLicense(context.Background(), codersdk.AddLicenseRequest{
+		License: GenerateLicense(t, options),
+	})
+	require.NoError(t, err)
+	return license
+}
+
+// GenerateLicense returns a signed JWT using the test key.
+func GenerateLicense(t *testing.T, options LicenseOptions) string {
 	if options.ExpiresAt.IsZero() {
 		options.ExpiresAt = time.Now().Add(time.Hour)
 	}
@@ -113,11 +124,7 @@ func AddLicense(t *testing.T, client *codersdk.Client, options AddLicenseOptions
 	tok.Header[coderd.HeaderKeyID] = testKeyID
 	signedTok, err := tok.SignedString(testPrivateKey)
 	require.NoError(t, err)
-	license, err := client.AddLicense(context.Background(), codersdk.AddLicenseRequest{
-		License: signedTok,
-	})
-	require.NoError(t, err)
-	return license
+	return signedTok
 }
 
 type nopcloser struct{}
diff --git a/enterprise/coderd/coderdenttest/coderdenttest_test.go b/enterprise/coderd/coderdenttest/coderdenttest_test.go
@@ -402,7 +402,7 @@ func newAuthTester(ctx context.Context, t *testing.T) *authTester {
 		DestinationScheme: codersdk.ParameterDestinationSchemeProvisionerVariable,
 	})
 	require.NoError(t, err, "create template param")
-	license := coderdenttest.AddLicense(t, client, coderdenttest.AddLicenseOptions{})
+	license := coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{})
 	urlParameters := map[string]string{
 		"{organization}":        admin.OrganizationID.String(),
 		"{user}":                admin.UserID.String(),
diff --git a/enterprise/coderd/licenses.go b/enterprise/coderd/licenses.go
@@ -31,7 +31,7 @@ const (
 	AccountTypeSalesforce = "salesforce"
 	VersionClaim          = "version"
 
-	pubSubEventLicenses = "licenses"
+	PubsubEventLicenses = "licenses"
 )
 
 var ValidMethods = []string{"EdDSA"}
@@ -127,7 +127,7 @@ func (api *API) postLicense(rw http.ResponseWriter, r *http.Request) {
 		})
 		return
 	}
-	err = api.Pubsub.Publish(pubSubEventLicenses, []byte("add"))
+	err = api.Pubsub.Publish(PubsubEventLicenses, []byte("add"))
 	if err != nil {
 		api.Logger.Error(context.Background(), "failed to publish license add", slog.Error(err))
 		// don't fail the HTTP request, since we did write it successfully to the database
@@ -206,7 +206,7 @@ func (api *API) deleteLicense(rw http.ResponseWriter, r *http.Request) {
 		})
 		return
 	}
-	err = api.Pubsub.Publish(pubSubEventLicenses, []byte("delete"))
+	err = api.Pubsub.Publish(PubsubEventLicenses, []byte("delete"))
 	if err != nil {
 		api.Logger.Error(context.Background(), "failed to publish license delete", slog.Error(err))
 		// don't fail the HTTP request, since we did write it successfully to the database
diff --git a/enterprise/coderd/licenses_test.go b/enterprise/coderd/licenses_test.go
@@ -24,7 +24,7 @@ func TestPostLicense(t *testing.T) {
 		t.Parallel()
 		client := coderdenttest.New(t, nil)
 		_ = coderdtest.CreateFirstUser(t, client)
-		respLic := coderdenttest.AddLicense(t, client, coderdenttest.AddLicenseOptions{
+		respLic := coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
 			AccountType: coderd.AccountTypeSalesforce,
 			AccountID:   "testing",
 			AuditLog:    true,
@@ -55,7 +55,7 @@ func TestPostLicense(t *testing.T) {
 		t.Parallel()
 		client := coderdenttest.New(t, nil)
 		_ = coderdtest.CreateFirstUser(t, client)
-		coderdenttest.AddLicense(t, client, coderdenttest.AddLicenseOptions{})
+		coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{})
 		_, err := client.AddLicense(context.Background(), codersdk.AddLicenseRequest{
 			License: "invalid",
 		})
@@ -77,12 +77,12 @@ func TestGetLicense(t *testing.T) {
 		ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
 		defer cancel()
 
-		coderdenttest.AddLicense(t, client, coderdenttest.AddLicenseOptions{
+		coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
 			AccountID: "testing",
 			AuditLog:  true,
 		})
 
-		coderdenttest.AddLicense(t, client, coderdenttest.AddLicenseOptions{
+		coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
 			AccountID: "testing2",
 			AuditLog:  true,
 			UserLimit: 200,
@@ -144,11 +144,11 @@ func TestDeleteLicense(t *testing.T) {
 		ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
 		defer cancel()
 
-		coderdenttest.AddLicense(t, client, coderdenttest.AddLicenseOptions{
+		coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
 			AccountID: "testing",
 			AuditLog:  true,
 		})
-		coderdenttest.AddLicense(t, client, coderdenttest.AddLicenseOptions{
+		coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
 			AccountID: "testing2",
 			AuditLog:  true,
 			UserLimit: 200,
