fix(server): remove auth from proceed-db-migration endpoint#8930
Open
jbsmith7741 wants to merge 2 commits into
Open
fix(server): remove auth from proceed-db-migration endpoint#8930jbsmith7741 wants to merge 2 commits into
jbsmith7741 wants to merge 2 commits into
Conversation
* Auth tables may not exist when migration is pending, causing a bootstrap deadlock * Restores pre-auth-hardening behavior for the idempotent migration endpoint Signed-off-by: Joshua Smith <jbsmith7741@gmail.com>
Contributor
|
Can we go a different route based on whether the table exists? |
Contributor
Author
|
We could do a check that the table exists on every migration request, but that would add unnecessary overhead and make the process more fragile. I've added the route as a public path, as the migrations endpoint is idempotent and only triggers pending migrations—there is very little risk associated with this being public, and it resolves the issue in a clean manner. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Removes
auth.RequireAuth()middleware from the/proceed-db-migrationendpoint. WhenAUTH_ENABLED=true, auth tables (e.g.auth_sessions) may not exist yet if the pending migration is the one that creates them — resulting in a bootstrap deadlock where the migration endpoint requires auth but auth requires the migration to have run.This restores the pre-auth-hardening behavior for this endpoint, which is idempotent and only executes pending migration scripts.
Does this close any open issues?
N/A
Other Information