Monitoring

aulme · aulme · commit 0014e24dc36e · 2025-03-27T16:25:25.000+08:00
diff --git a/src/main/java/com/uid2/admin/cloudencryption/CloudEncryptionKeyDiff.java b/src/main/java/com/uid2/admin/cloudencryption/CloudEncryptionKeyDiff.java
@@ -0,0 +1,46 @@
+package com.uid2.admin.cloudencryption;
+
+import com.uid2.shared.model.CloudEncryptionKey;
+
+import java.text.MessageFormat;
+import java.util.HashSet;
+import java.util.Set;
+
+public record CloudEncryptionKeyDiff(
+        int before,
+        int after,
+        int created,
+        int removed,
+        int unchanged
+) {
+   public static CloudEncryptionKeyDiff calculateDiff(Set<CloudEncryptionKey> keysBefore, Set<CloudEncryptionKey> keysAfter) {
+        var before = keysBefore.size();
+        var after = keysAfter.size();
+
+        var intersection = new HashSet<>(keysBefore);
+        intersection.retainAll(keysAfter);
+        int unchanged = intersection.size();
+
+        var onlyInLeft = new HashSet<>(keysBefore);
+        onlyInLeft.removeAll(keysAfter);
+        int removed = onlyInLeft.size();
+
+        var onlyInRight = new HashSet<>(keysAfter);
+        onlyInRight.removeAll(keysBefore);
+        int created = onlyInRight.size();
+
+       return new CloudEncryptionKeyDiff(before, after, created, removed, unchanged);
+    }
+
+    @Override
+    public String toString() {
+        return MessageFormat.format(
+                "before={0}, after={1}, created={2}, removed={3}, unchanged={4}",
+                before,
+                after,
+                created,
+                removed,
+                unchanged
+        );
+    }
+}
diff --git a/src/main/java/com/uid2/admin/cloudencryption/CloudEncryptionKeyManager.java b/src/main/java/com/uid2/admin/cloudencryption/CloudEncryptionKeyManager.java
@@ -6,6 +6,9 @@
 import com.uid2.shared.auth.RotatingOperatorKeyProvider;
 import com.uid2.shared.model.CloudEncryptionKey;
 import com.uid2.shared.store.reader.RotatingCloudEncryptionKeyProvider;
+import io.micrometer.core.instrument.Counter;
+import io.micrometer.core.instrument.Gauge;
+import io.micrometer.core.instrument.Metrics;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -18,8 +21,10 @@ public class CloudEncryptionKeyManager {
     private final RotatingOperatorKeyProvider operatorKeyProvider;
     private final CloudEncryptionKeyStoreWriter keyWriter;
     private final CloudKeyStatePlanner planner;
-    private Collection<OperatorKey> operatorKeys;
-    private Collection<CloudEncryptionKey> existingKeys;
+    private Set<OperatorKey> operatorKeys;
+    private Set<CloudEncryptionKey> existingKeys;
+
+    private static final Logger logger = LoggerFactory.getLogger(CloudEncryptionKeyManager.class);
 
     public CloudEncryptionKeyManager(
             RotatingCloudEncryptionKeyProvider keyProvider,
@@ -32,21 +37,41 @@ public CloudEncryptionKeyManager(
         this.planner = planner;
     }
 
-    private static final Logger logger = LoggerFactory.getLogger(CloudEncryptionKeyManager.class);
-
     // For any site that has an operator create a new key activating now
     // Keep up to 5 most recent old keys per site, delete the rest
     public void rotateKeys() throws Exception {
-        refreshCloudData();
-        var desiredKeys = planner.planRotation(existingKeys, operatorKeys);
-        writeKeys(desiredKeys);
+        boolean success = false;
+        try {
+            refreshCloudData();
+            var desiredKeys = planner.planRotation(existingKeys, operatorKeys);
+            writeKeys(desiredKeys);
+            success = true;
+            var diff = CloudEncryptionKeyDiff.calculateDiff(existingKeys, desiredKeys);
+            logger.info("Key rotation complete. Diff: {}", diff);
+        } catch (Exception e) {
+            success = false;
+            logger.error("Key rotation failed", e);
+            throw e;
+        } finally {
+            Counter.builder("uid2.cloud_encryption_key_manager.rotations")
+                    .tag("success", Boolean.toString(success))
+                    .description("The number of times rotations have happened")
+                    .register(Metrics.globalRegistry);
+        }
     }
 
     // For any site that has an operator, if there are no keys, create a key activating now
     public void backfillKeys() throws Exception {
-        refreshCloudData();
-        var desiredKeys = planner.planBackfill(existingKeys, operatorKeys);
-        writeKeys(desiredKeys);
+        try {
+            refreshCloudData();
+            var desiredKeys = planner.planBackfill(existingKeys, operatorKeys);
+            writeKeys(desiredKeys);
+            var diff = CloudEncryptionKeyDiff.calculateDiff(existingKeys, desiredKeys);
+            logger.info("Key backfill complete. Diff: {}", diff);
+        } catch (Exception e) {
+            logger.error("Key backfill failed", e);
+            throw e;
+        }
     }
 
     public List<CloudEncryptionKeySummary> getKeySummaries() throws Exception {
@@ -65,7 +90,7 @@ private void writeKeys(Set<CloudEncryptionKey> desiredKeys) throws Exception {
     private void refreshCloudData() throws Exception {
         keyProvider.loadContent();
         operatorKeyProvider.loadContent(operatorKeyProvider.getMetadata());
-        operatorKeys = operatorKeyProvider.getAll();
-        existingKeys = keyProvider.getAll().values();
+        operatorKeys = new HashSet<>(operatorKeyProvider.getAll());
+        existingKeys = new HashSet<>(keyProvider.getAll().values());
     }
 }
diff --git a/src/main/java/com/uid2/admin/cloudencryption/CloudKeyStatePlanner.java b/src/main/java/com/uid2/admin/cloudencryption/CloudKeyStatePlanner.java
@@ -5,7 +5,9 @@
 import com.uid2.shared.auth.OperatorKey;
 import com.uid2.shared.model.CloudEncryptionKey;
 
+import java.text.MessageFormat;
 import java.util.Collection;
+import java.util.HashSet;
 import java.util.Map;
 import java.util.Set;
 import java.util.stream.Collectors;
@@ -27,8 +29,8 @@ public CloudKeyStatePlanner(
         }
 
         public Set<CloudEncryptionKey> planRotation(
-                Collection<CloudEncryptionKey> existingKeys,
-                Collection<OperatorKey> operatorKeys
+                Set<CloudEncryptionKey> existingKeys,
+                Set<OperatorKey> operatorKeys
         ) {
                 var keyGenerator = new CloudEncryptionKeyGenerator(clock, secretGenerator, existingKeys);
                 Map<Integer, Set<CloudEncryptionKey>> existingKeysBySite = existingKeys
@@ -41,8 +43,8 @@ public Set<CloudEncryptionKey> planRotation(
         }
 
         public Set<CloudEncryptionKey> planBackfill(
-                Collection<CloudEncryptionKey> existingKeys,
-                Collection<OperatorKey> operatorKeys
+                Set<CloudEncryptionKey> existingKeys,
+                Set<OperatorKey> operatorKeys
         ) {
                 var keyGenerator = new CloudEncryptionKeyGenerator(clock, secretGenerator, existingKeys);
                 var siteIdsWithKeys = existingKeys.stream().map(CloudEncryptionKey::getSiteId).collect(Collectors.toSet());
diff --git a/src/test/java/com/uid2/admin/cloudencryption/CloudEncryptionKeyDiffTest.java b/src/test/java/com/uid2/admin/cloudencryption/CloudEncryptionKeyDiffTest.java
@@ -0,0 +1,54 @@
+package com.uid2.admin.cloudencryption;
+
+import com.uid2.shared.model.CloudEncryptionKey;
+import org.junit.jupiter.api.Test;
+
+import java.util.Set;
+
+import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
+import static org.junit.jupiter.api.Assertions.*;
+
+class CloudEncryptionKeyDiffTest {
+    private final int siteId = 1;
+    private final String secret1 = "secret 1";
+    private final CloudEncryptionKey key1 = new CloudEncryptionKey(1, siteId, 0, 0, secret1);
+    private final CloudEncryptionKey key2 = new CloudEncryptionKey(2, siteId, 0, 0, secret1);
+    private final CloudEncryptionKey key3 = new CloudEncryptionKey(3, siteId, 0, 0, secret1);
+
+
+    @Test
+    void calculateDiff_noKeys() {
+        var expected = new CloudEncryptionKeyDiff(0, 0, 0, 0, 0);
+
+        var actual = CloudEncryptionKeyDiff.calculateDiff(Set.of(), Set.of());
+
+        assertThat(actual).isEqualTo(expected);
+    }
+
+    @Test
+    void calculateDiff_noChange() {
+        var expected = new CloudEncryptionKeyDiff(2, 2, 0, 0, 2);
+
+        var actual = CloudEncryptionKeyDiff.calculateDiff(Set.of(key1, key2), Set.of(key1, key2));
+
+        assertThat(actual).isEqualTo(expected);
+    }
+
+    @Test
+    void calculateDiff_keysCreated() {
+        var expected = new CloudEncryptionKeyDiff(2, 3, 1, 0, 2);
+
+        var actual = CloudEncryptionKeyDiff.calculateDiff(Set.of(key1, key2), Set.of(key1, key2, key3));
+
+        assertThat(actual).isEqualTo(expected);
+    }
+
+    @Test
+    void calculateDiff_keysRemoved() {
+        var expected = new CloudEncryptionKeyDiff(3, 1, 0, 2, 1);
+
+        var actual = CloudEncryptionKeyDiff.calculateDiff(Set.of(key1, key2, key3), Set.of(key1));
+
+        assertThat(actual).isEqualTo(expected);
+    }
+}
diff --git a/src/test/java/com/uid2/admin/cloudencryption/CloudKeyStatePlannerTest.java b/src/test/java/com/uid2/admin/cloudencryption/CloudKeyStatePlannerTest.java
@@ -36,8 +36,8 @@ void setUp() {
     @Test
     void planBackfill_doesNotRemoveKeysWhenOperatorsForKeyMissing() {
         // We do cleanup in rotation, this job is supposed to be extremely safe and won't delete anything
-        var existingCloudKeys = List.of(key1);
-        var operatorKeys = List.<OperatorKey>of();
+        var existingCloudKeys = Set.of(key1);
+        var operatorKeys = Set.<OperatorKey>of();
         var expected = Set.of(key1);
 
         var actual = planner.planBackfill(existingCloudKeys, operatorKeys);
@@ -47,8 +47,8 @@ void planBackfill_doesNotRemoveKeysWhenOperatorsForKeyMissing() {
 
     @Test
     void planBackfill_createsNoNewKeysForOperatorsWithExistingKeys() {
-        var existingCloudKeys = List.of(key1);
-        var operatorKeys = List.of(operatorKey1);
+        var existingCloudKeys = Set.of(key1);
+        var operatorKeys = Set.of(operatorKey1);
         var expected = Set.of(key1);
 
         var actual = planner.planBackfill(existingCloudKeys, operatorKeys);
@@ -58,8 +58,8 @@ void planBackfill_createsNoNewKeysForOperatorsWithExistingKeys() {
 
     @Test
     void planBackfill_createsNewKeysForOperatorsWithNoKeys() {
-        var existingCloudKeys = List.<CloudEncryptionKey>of();
-        var operatorKeys = List.of(operatorKey1);
+        var existingCloudKeys = Set.<CloudEncryptionKey>of();
+        var operatorKeys = Set.of(operatorKey1);
         var expected = Set.of(key1);
 
         var actual = planner.planBackfill(existingCloudKeys, operatorKeys);
diff --git a/src/test/java/com/uid2/admin/vertx/CloudEncryptionKeyServiceTest.java b/src/test/java/com/uid2/admin/vertx/CloudEncryptionKeyServiceTest.java
@@ -232,6 +232,18 @@ key2Id, new CloudEncryptionKey(key2Id, siteId1, now, now, secret2)
         });
     }
 
+    @Test
+    public void testRotate_handleExceptions(Vertx vertx, VertxTestContext testContext) {
+        fakeAuth(Role.MAINTAINER);
+        setOperatorKeys(operator1);
+        when(clock.getEpochSecond()).thenThrow(new RuntimeException("oops"));
+
+        post(vertx, testContext, Endpoints.CLOUD_ENCRYPTION_KEY_ROTATE, null, rotateResponse -> {
+            assertEquals(500, rotateResponse.statusCode());
+            testContext.completeNow();
+        });
+    }
+
     private static CloudEncryptionKeyListResponse parseKeyListResponse(HttpResponse<Buffer> response) throws JsonProcessingException {
         return OBJECT_MAPPER.readValue(response.bodyAsString(), new TypeReference<>() {
         });
