Open ohsabry opened 4 years ago
@casperisfine does Shopify still use pubsubstub in a separate process, or are you using the polling mode from the rails application? I see that Pubsubstub.use_persistent_connections = false
is now the default in the shipit-engine template.rb.
(Unfortunately, I couldn't get polling mode to work on latest shipit either: https://github.com/Shopify/shipit-engine/issues/1082)
If running it separately is still the recommended approach - I would be interested in submitting a PR with a conventional implementation of pubsubstub/config.ru
and some doc updates if you'd take it. Gotta figure out how to implement it well first of course 😁
does Shopify still use pubsubstub in a separate process
Yes. We haven't changed it one bit.
I see that Pubsubstub.use_persistent_connections = false is now the default in the shipit-engine template.rb.
This was done so that it works out of the box. And if you don't have many users it's actually just fine.
If running it separately is still the recommended approach
It is if you have a sizeable amount of users, or would like to have a slightly more reactive UI.
can you please share how you would implement UserRequiredMiddleware today if we are storing sessions from the rails side using the redis_cache_store as the `session_store?
I'd still do it the same way. Except we moved to memcache for sessions:
# config.ru
use ActionDispatch::Session::MemCacheStore, {
memcache_server: Shipit::Config.sessions_url,
key: Shipit::Config::SESSION_KEY,
pool_size: 5,
}
use UserRequiredMiddleware
run Pubsubstub::StreamAction.new
class UserRequiredMiddleware
def initialize(app)
@app = app
end
def call(env)
env['rack.session'][:init] = true
if env['rack.session'][:authenticated] || ENV.key?('SHIPIT_DISABLE_AUTH')
@app.call(env)
else
[403, {"Content-Type" => "text/html"}, ["Log into Shipit first"]]
end
end
end
Then from our auth controller:
session[:authenticated] = true
We also use the same midleware to protect /sidekiq
:
# routes.rb
mount UserRequiredMiddleware.new(Sidekiq::Web.new), at: '/sidekiq'
It seems like
rack/session/redis
is creating a new session with nothing in it as opposed to reading rails session.
I can see a few possible reasons:
I would be interested in submitting a PR with a conventional implementation of pubsubstub/config.ru and some doc updates if you'd take it.
I am, but the goal is to make the steup as simple and as little error prone as possible. So I'd probably leave the integrated polling method as the default. But I'd definitely be open for a nice doc on when and how to setup the external stream server.
We recently upgraded an instance of shipit-engine to 0.31 (and now running shipit-engine master)
When running pubsubstub in a separate app, we don't want to leave the
/events
endpoint exposed, so our goal is to return 403s and short circuit the pubsubstub server with a middleware if we get a request that doesn't map to the session that was created from the rails app.Unfortunately, we are unable to use the same session cookie created from the rails server in the pubsubstub server
we ran into two problems so far:
Doing
request.session[:init] = true
in the pubsubstub app was blowing up with an error. I did some digging around and found that this was an issue related to an incompatibility betweenredis-rb
4.2 andredis-store
. This was fixed by @casperisfine very recently here: https://github.com/redis-store/redis-store/pull/334. We are running this patchgem 'redis-store', github: 'redis-store/redis-store'
to get around this. I think this is needed because the session is uninitialized in rack without it because of some lazy loading.It seems like
rack/session/redis
is creating a new session with nothing in it as opposed to reading rails session.session[:user_id]
is not defined when I try to print it from the pubsubstub application after theRack::Session::Redis
middleware executed.@casperisfine i hate to bug you again but you know probably redis-store, pubsubstub and shipit better than anyone - can you please share how you would implement
UserRequiredMiddleware
today if we are storing sessions from the rails side using theredis_cache_store
as the `session_store?We run pubsubstub in its own process/container like this:
pubsubstub/puma_config.rb:
This is how we are setting up the session store for the rails application:
How the cache store is set up:
pubsubstub/config.ru