Replace trillian_log_server.log_id_ranges flag with a config file

This will make it easier to specify mulitple shards, along with associated tree IDs and lengths. Each shard may eventually have its own signer/public key as well, so it'll be easier to pass those in through a config file rather than through CLI flags. Signed-off-by: Priya Wadhwa <priya@chainguard.dev>
sigstore · Mar 21, 2022 · a0c7882 · a0c7882
1 parent caf126d
commit a0c7882
Show file tree

Hide file tree

Showing 7 changed files with 55 additions and 203 deletions.
diff --git a/.gitignore b/.gitignore
@@ -12,4 +12,4 @@ dist/*
 hack/tools/bin/*
 *fuzz.zip
 docker-compose-sharding.yaml
-
+sharding-config.yaml
diff --git a/cmd/rekor-server/app/flags.go b/cmd/rekor-server/app/flags.go
diff --git a/cmd/rekor-server/app/flags_test.go b/cmd/rekor-server/app/flags_test.go
diff --git a/cmd/rekor-server/app/root.go b/cmd/rekor-server/app/root.go
@@ -31,7 +31,6 @@ var (
 	cfgFile     string
 	logType     string
 	enablePprof bool
-	logRangeMap LogRangesFlag
 )
 
 // rootCmd represents the base command when called without any subcommands
@@ -65,7 +64,7 @@ func init() {
 	rootCmd.PersistentFlags().String("trillian_log_server.address", "127.0.0.1", "Trillian log server address")
 	rootCmd.PersistentFlags().Uint16("trillian_log_server.port", 8090, "Trillian log server port")
 	rootCmd.PersistentFlags().Uint("trillian_log_server.tlog_id", 0, "Trillian tree id")
-	rootCmd.PersistentFlags().String("trillian_log_server.log_id_ranges", "", "ordered list of tree ids and ranges")
+	rootCmd.PersistentFlags().String("trillian_log_server.sharding_config", "", "path to config file for inactive shards")
 
 	rootCmd.PersistentFlags().String("rekor_server.hostname", "rekor.sigstore.dev", "public hostname of instance")
 	rootCmd.PersistentFlags().String("rekor_server.address", "127.0.0.1", "Address to bind to")

diff --git a/cmd/rekor-server/app/serve.go b/cmd/rekor-server/app/serve.go
@@ -29,6 +29,7 @@ import (
 	"github.com/sigstore/rekor/pkg/generated/restapi"
 	"github.com/sigstore/rekor/pkg/generated/restapi/operations"
 	"github.com/sigstore/rekor/pkg/log"
+	"github.com/sigstore/rekor/pkg/sharding"
 	"github.com/sigstore/rekor/pkg/types/alpine"
 	alpine_v001 "github.com/sigstore/rekor/pkg/types/alpine/v0.0.1"
 	hashedrekord "github.com/sigstore/rekor/pkg/types/hashedrekord"
@@ -104,14 +105,15 @@ var serveCmd = &cobra.Command{
 		server.EnabledListeners = []string{"http"}
 
 		// Update logRangeMap if flag was passed in
-		rangeMap := viper.GetString("trillian_log_server.log_id_ranges")
-		if rangeMap != "" {
-			if err := logRangeMap.Set(rangeMap); err != nil {
-				log.Logger.Fatal("unable to set logRangeMap from flag: %v", err)
-			}
+		shardingConfig := viper.GetString("trillian_log_server.sharding_config")
+		treeID := viper.GetString("trillian_log_server.tlog_id")
+
+		ranges, err := sharding.NewLogRanges(shardingConfig, treeID)
+		if err != nil {
+			log.Logger.Fatalf("unable get sharding details from sharding config: %v", err)
 		}
 
-		api.ConfigureAPI(logRangeMap.Ranges)
+		api.ConfigureAPI(ranges)
 		server.ConfigureAPI()
 
 		http.Handle("/metrics", promhttp.Handler())

diff --git a/pkg/sharding/ranges.go b/pkg/sharding/ranges.go
@@ -17,16 +17,49 @@ package sharding
 
 import (
 	"fmt"
+	"io/ioutil"
+	"strconv"
 	"strings"
+
+	"github.com/ghodss/yaml"
+	"github.com/pkg/errors"
 )
 
 type LogRanges struct {
-	ranges []LogRange
+	activeTreeID int64
+	ranges       Ranges
 }
 
+type Ranges []LogRange
+
 type LogRange struct {
-	TreeID     int64
-	TreeLength int64
+	TreeID     int64 `yaml:"treeID"`
+	TreeLength int64 `yaml:"treeLength"`
+}
+
+func NewLogRanges(path string, treeID string) (LogRanges, error) {
+	id, err := strconv.Atoi(treeID)
+	if err != nil {
+		return LogRanges{}, errors.Wrapf(err, "%s is not a valid int64", treeID)
+	}
+	// if there are no shards, just return info about the active tree id
+	if path == "" {
+		return LogRanges{activeTreeID: int64(id)}, nil
+	}
+
+	// otherwise, try to read contents of the sharding config
+	var ranges Ranges
+	contents, err := ioutil.ReadFile(path)
+	if err != nil {
+		return LogRanges{}, err
+	}
+	if err := yaml.Unmarshal(contents, &ranges); err != nil {
+		return LogRanges{}, err
+	}
+	return LogRanges{
+		activeTreeID: int64(id),
+		ranges:       ranges,
+	}, nil
 }
 
 func (l *LogRanges) ResolveVirtualIndex(index int) (int64, int64) {
@@ -44,7 +77,7 @@ func (l *LogRanges) ResolveVirtualIndex(index int) (int64, int64) {
 
 // ActiveTreeID returns the active shard index, always the last shard in the range
 func (l *LogRanges) ActiveTreeID() int64 {
-	return l.ranges[len(l.ranges)-1].TreeID
+	return l.activeTreeID
 }
 
 func (l *LogRanges) Empty() bool {

diff --git a/tests/sharding-e2e-test.sh b/tests/sharding-e2e-test.sh
@@ -101,9 +101,14 @@ echo "stopping the rekor server..."
 REKOR_CONTAINER_ID=$(docker ps --filter name=rekor-server --format {{.ID}})
 docker stop $REKOR_CONTAINER_ID
 
-
 # Now we want to spin up the Rekor server again, but this time point
 # to the new tree
+SHARDING_CONFIG=sharding-config.yaml
+cat << EOF > $SHARDING_CONFIG
+- treeID: $INITIAL_TREE_ID
+  treeLength: 3
+EOF
+
 
 COMPOSE_FILE=docker-compose-sharding.yaml
 cat << EOF > $COMPOSE_FILE
@@ -125,12 +130,13 @@ services:
       "--enable_attestation_storage",
       "--attestation_storage_bucket=file:///var/run/attestations",
       "--trillian_log_server.tlog_id=$SHARD_TREE_ID",
-      "--trillian_log_server.log_id_ranges=$INITIAL_TREE_ID=3,$SHARD_TREE_ID"
+      "--trillian_log_server.sharding_config=/$SHARDING_CONFIG"
       # Uncomment this for production logging
       # "--log_type=prod",
       ]
     volumes:
     - "/var/run/attestations:/var/run/attestations:z"
+    - "./$SHARDING_CONFIG:/$SHARDING_CONFIG:z"
     restart: always # keep the server running
     ports:
       - "3000:3000"