Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove not used DB session from certificate queries #4576

Merged
merged 1 commit into from
Sep 29, 2023
Merged

Remove not used DB session from certificate queries #4576

merged 1 commit into from
Sep 29, 2023

Conversation

fmarco76
Copy link
Member

The DB interaction was moved in a separate method which has its own DB session so it was not required in the original methods.

@sonarcloud
Copy link

sonarcloud bot commented Sep 27, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

edewata
edewata reviewed Sep 27, 2023
View reviewed changes
base/ca/src/main/java/com/netscape/cmscore/dbs/CertificateRepository.java

e = list.getCertRecords(0, size - 1);
}
e = list.getCertRecords(0, size - 1);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm.. there are two DBSSession objects here, the one created in findCertRecords() and the one created in findCertRecordsInList(). The CertRecordList is created with the second DBSSession which also provides a connection to LDAP.

IIUC the CertRecordList.getCertRecords() will only work if the LDAP connection is still active, but at this point the second DBSSession is already closed (which is supposed to release the LDAP connection), so I'm suspecting that the code is currently working because we still have the first DBSSession even though we don't use it directly, so if we remove the first DBSSession it might introduce problems in some scenarios that we don't test in CI.

I'm currently working to change the default minConns to 0. Let me test this PR against my changes, if there's no problem it's probably safe to merge.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be very strange if the CertRecordList is valid because of an existing session which is unrelated with the query performed. It could be even in a separate thread. It would require more investigation to understand the connection.
However, if there is an extra tests to verify this it is better.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not too familiar with how ldapjdk or the connection factory works, but IIUC it involves cloning the LDAPConnection object, so maybe somehow they are still related. Regardless, I'm going to test this anyway. I'll let you know.

edewata
edewata approved these changes Sep 28, 2023
View reviewed changes
Copy link
Contributor

@edewata edewata left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It was a bit difficult to test because some of these methods are actually not used, and the rest can only be tested using the web UI under certain scenarios or a custom profile, but I managed to do some basic testing and it seems to be working just fine, so feel free to merge it. Thanks!

@fmarco76
Copy link
Member Author

are actually not used

Yes, I am reviewing the DB interaction for the VLV evaluation and I have difficulties to understand what is used and what is heritage. I think we should clean this part if/when we modify the queries from VLV to other approaches.

@fmarco76
Copy link
Member Author

@edewata Thanks!

@fmarco76 fmarco76 merged commit f93d360 into dogtagpki:master Sep 29, 2023
150 of 151 checks passed
@fmarco76 fmarco76 deleted the FixDuplicateDBSessions branch September 29, 2023 08:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@edewata edewata edewata approved these changes

@ckelleyRH ckelleyRH Awaiting requested review from ckelleyRH

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fmarco76 @edewata