diff --git a/pkg/capabilities/actions/vault/messages.pb.go b/pkg/capabilities/actions/vault/messages.pb.go index d607130d15..fa75ede681 100644 --- a/pkg/capabilities/actions/vault/messages.pb.go +++ b/pkg/capabilities/actions/vault/messages.pb.go @@ -2012,6 +2012,7 @@ func (x *StoredMetadata) GetSecretIdentifiers() []*SecretIdentifier { type StoredPendingQueueIndex struct { state protoimpl.MessageState `protogen:"open.v1"` Length int64 `protobuf:"varint,1,opt,name=length,proto3" json:"length,omitempty"` + WrittenSeqNr uint64 `protobuf:"varint,2,opt,name=written_seq_nr,json=writtenSeqNr,proto3" json:"written_seq_nr,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -2053,6 +2054,13 @@ func (x *StoredPendingQueueIndex) GetLength() int64 { return 0 } +func (x *StoredPendingQueueIndex) GetWrittenSeqNr() uint64 { + if x != nil { + return x.WrittenSeqNr + } + return 0 +} + // IMPORTANT: this record is persisted so any changes must be // backwards compatible type StoredPendingQueueItem struct { @@ -2472,9 +2480,10 @@ const file_capabilities_actions_vault_messages_proto_rawDesc = "" + "\fStoredSecret\x12)\n" + "\x10encrypted_secret\x18\x01 \x01(\fR\x0fencryptedSecret\"X\n" + "\x0eStoredMetadata\x12F\n" + - "\x12secret_identifiers\x18\x02 \x03(\v2\x17.vault.SecretIdentifierR\x11secretIdentifiers\"1\n" + + "\x12secret_identifiers\x18\x02 \x03(\v2\x17.vault.SecretIdentifierR\x11secretIdentifiers\"W\n" + "\x17StoredPendingQueueIndex\x12\x16\n" + - "\x06length\x18\x01 \x01(\x03R\x06length\"R\n" + + "\x06length\x18\x01 \x01(\x03R\x06length\x12$\n" + + "\x0ewritten_seq_nr\x18\x02 \x01(\x04R\fwrittenSeqNr\"R\n" + "\x16StoredPendingQueueItem\x12(\n" + "\x04item\x18\x01 \x01(\v2\x14.google.protobuf.AnyR\x04item\x12\x0e\n" + "\x02id\x18\x02 \x01(\tR\x02id\"n\n" + diff --git a/pkg/capabilities/actions/vault/messages.proto b/pkg/capabilities/actions/vault/messages.proto index f2f5367396..13a0fe1770 100644 --- a/pkg/capabilities/actions/vault/messages.proto +++ b/pkg/capabilities/actions/vault/messages.proto @@ -206,6 +206,7 @@ message StoredMetadata { // backwards compatible message StoredPendingQueueIndex { int64 length = 1; + uint64 written_seq_nr = 2; } // IMPORTANT: this record is persisted so any changes must be diff --git a/pkg/settings/cresettings/README.md b/pkg/settings/cresettings/README.md index caa8b70f78..2d2dfec09a 100644 --- a/pkg/settings/cresettings/README.md +++ b/pkg/settings/cresettings/README.md @@ -42,6 +42,8 @@ flowchart VaultBase64EncodingEnabled[/VaultBase64EncodingEnabled\]:::gate VaultForceEmptyOCRRounds[/VaultForceEmptyOCRRounds\]:::gate VaultOptimizationsEnabled[/VaultOptimizationsEnabled\]:::gate + VaultPendingQueueStaleAutoEmpty[/VaultPendingQueueStaleAutoEmpty\]:::gate + VaultPendingQueueStaleRoundThreshold{{VaultPendingQueueStaleRoundThreshold}}:::bound end subgraph HandleNodeMessage[gatewayHandler.HandleNodeMessage] diff --git a/pkg/settings/cresettings/defaults.json b/pkg/settings/cresettings/defaults.json index 6b18c23803..6e460caeca 100644 --- a/pkg/settings/cresettings/defaults.json +++ b/pkg/settings/cresettings/defaults.json @@ -9,6 +9,8 @@ "VaultBase64EncodingEnabled": "false", "VaultForceEmptyOCRRounds": "false", "VaultOptimizationsEnabled": "false", + "VaultPendingQueueStaleAutoEmpty": "false", + "VaultPendingQueueStaleRoundThreshold": "30", "GatewayHTTPGlobalRate": "500rps:500", "GatewayHTTPPerNodeRate": "100rps:100", "GatewayConfidentialRelayGlobalRate": "50rps:10", diff --git a/pkg/settings/cresettings/defaults.toml b/pkg/settings/cresettings/defaults.toml index 39d275d096..6e50c34213 100644 --- a/pkg/settings/cresettings/defaults.toml +++ b/pkg/settings/cresettings/defaults.toml @@ -8,6 +8,8 @@ PropagateOrgIDInRequestMetadata = 'false' VaultBase64EncodingEnabled = 'false' VaultForceEmptyOCRRounds = 'false' VaultOptimizationsEnabled = 'false' +VaultPendingQueueStaleAutoEmpty = 'false' +VaultPendingQueueStaleRoundThreshold = '30' GatewayHTTPGlobalRate = '500rps:500' GatewayHTTPPerNodeRate = '100rps:100' GatewayConfidentialRelayGlobalRate = '50rps:10' diff --git a/pkg/settings/cresettings/settings.go b/pkg/settings/cresettings/settings.go index e164696407..d5e3d3feb6 100644 --- a/pkg/settings/cresettings/settings.go +++ b/pkg/settings/cresettings/settings.go @@ -63,6 +63,8 @@ var Default = Schema{ VaultBase64EncodingEnabled: Bool(false), VaultForceEmptyOCRRounds: Bool(false), VaultOptimizationsEnabled: Bool(false), + VaultPendingQueueStaleAutoEmpty: Bool(false), + VaultPendingQueueStaleRoundThreshold: Int(30), GatewayHTTPGlobalRate: Rate(rate.Limit(500), 500), GatewayHTTPPerNodeRate: Rate(rate.Limit(100), 100), GatewayConfidentialRelayGlobalRate: Rate(rate.Limit(50), 10), @@ -263,6 +265,8 @@ type Schema struct { VaultBase64EncodingEnabled Setting[bool] VaultForceEmptyOCRRounds Setting[bool] VaultOptimizationsEnabled Setting[bool] + VaultPendingQueueStaleAutoEmpty Setting[bool] + VaultPendingQueueStaleRoundThreshold Setting[int] `unit:"{round}"` GatewayHTTPGlobalRate Setting[config.Rate] GatewayHTTPPerNodeRate Setting[config.Rate] GatewayConfidentialRelayGlobalRate Setting[config.Rate] diff --git a/pkg/settings/cresettings/settings_test.go b/pkg/settings/cresettings/settings_test.go index 8e3569bdcd..006a6aff01 100644 --- a/pkg/settings/cresettings/settings_test.go +++ b/pkg/settings/cresettings/settings_test.go @@ -130,6 +130,8 @@ func TestSchema_Unmarshal(t *testing.T) { assert.False(t, cfg.VaultBase64EncodingEnabled.DefaultValue) assert.False(t, cfg.VaultForceEmptyOCRRounds.DefaultValue) assert.False(t, cfg.VaultOptimizationsEnabled.DefaultValue) + assert.False(t, cfg.VaultPendingQueueStaleAutoEmpty.DefaultValue) + assert.Equal(t, 30, cfg.VaultPendingQueueStaleRoundThreshold.DefaultValue) assert.Equal(t, config.Rate{Limit: rate.Limit(20), Burst: 7}, cfg.GatewayConfidentialRelayGlobalRate.DefaultValue) assert.Equal(t, config.Rate{Limit: rate.Limit(4), Burst: 2}, cfg.GatewayConfidentialRelayPerNodeRate.DefaultValue) assert.Equal(t, 48*time.Hour, cfg.PerOrg.ZeroBalancePruningTimeout.DefaultValue)