[Cherry-pick to branch-1.3] [#11212] test(authz): add CI workflow for multi-instance consistency (#11213)#11396
Open
github-actions[bot] wants to merge 1 commit into
Open
Conversation
…11213) ### What changes were proposed in this pull request? Adds a new GitHub Actions workflow at \`.github/workflows/multi-instance-consistency-test.yml\` that brings up two Gravitino instances backed by a shared MySQL service container and runs the shell-based consistency suite against them. The complex instance-staging logic (JDBC download, conf patching, PID-grep fix, server start + health-wait) lives in \`dev/ci/setup_multi_instance.sh\`, following the same pattern as \`util_free_space.sh\` and \`test_multi_instance_consistency.sh\`. The YAML step is a single \`bash dev/ci/setup_multi_instance.sh\` call. The consistency suite at \`dev/ci/test_multi_instance_consistency.sh\` is a 19-phase / 128-assertion script that exercises the \`JcasbinAuthorizer\` caches (\`ownerRelCache\`, \`metadataIdCache\`, \`userRoleCache\`, \`loadedRoles\`, \`groupRoleCache\`) and the \`JcasbinChangePoller\` invalidation paths across two instances: | Phase | What it covers | |---|---| | A / B' | Owner read-back + warm-cache invalidation (eventual, poll-driven) | | C / D | Role grant / revoke immediately effective on the peer | | E | Role-privilege add/remove immediately effective on the peer | | F | Role hard-delete clears peer's \`loadedRoles\` cache | | G / H | User delete + same-name re-create has no stale role inheritance | | I | Role re-create with same name has no stale privilege leak | | J | Cross-metalake isolation (role/owner does not leak) | | K | DENY condition overrides ALLOW on a different role | | L | Group lifecycle: create / grant / revoke / delete visible on peer | | N | \`setOwner\` propagation works for non-METALAKE entities (TAG) | | O | Multi-role partial revoke only affects the revoked role | | P | Owner change on TAG with warm cache on the peer | | Q | Burst of \`setOwner\` calls within one poll window converges | | R | Re-granting an already-held role is idempotent | | S | GROUP-type owner propagated correctly via \`ownerRelCache\` | | T | Tag delete + same-name re-create has no stale owner (owner_meta invalidation) | | U | GET \`/users/{user}\` on peer reflects role grant/revoke from the other instance | | V | GET \`/roles/{role}\` on peer reflects privilege changes from the other instance | | W | Bidirectional: grant/revoke on B is immediately effective on A | Both Gravitino instances run with: \`\`\` gravitino.cache.enabled = false # isolates from entity-store cache gravitino.authorization.enable = true gravitino.authorization.serviceAdmins = admin gravitino.entity.store.relational.jdbcUrl = <shared MySQL> \`\`\` A \`paths-filter\` job keeps the workflow from running for unrelated changes. ### Why are the changes needed? The script exercises the \`JcasbinAuthorizer\` cache layer end-to-end across instances; without a CI gate, regressions in these paths only surface when someone runs the script by hand. The recent \`versionCheckAndLoadRoles\` fix for the role-delete propagation gap (follow-up to #10996) in particular has no automated coverage. Fix: #11212 ### Does this PR introduce _any_ user-facing change? No. ### How was this patch tested? The script itself is the test. It passes 128/128 in CI against two instances: \`\`\` == Summary == Passed: 128 Failed: 0 \`\`\` The workflow file is structured per the existing access-control / integration test workflows in this repo.
Author
Code Coverage Report
Files
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Cherry-pick Information:
branch-1.3