Skip to content

refactor(improvement): use secret URI as key for cache and refactor lrucache #12682

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 11 commits into
base: master
Choose a base branch
from
Open

refactor(improvement): use secret URI as key for cache and refactor lrucache #12682

wants to merge 11 commits into from
+379 −73

Conversation

Revolyssup
Copy link
Contributor

@Revolyssup Revolyssup commented Oct 16, 2025
edited
Loading

  1. Secret module changes: Currently the cache key is the whole conf which is inefficient because multiple conf might be referencing the same secret.
    So new requirement is to refactor apisix/secret.lua so that cache key is the url and we only cache the result of fetch(uri) function.

  2. LRUCache module changes: Allow LRU cache to have different underlying cache for success and failure, so that each of them can be configured differently.

NOTE: The fetch_secrets() API is simplified to not take key and version from the caller because they were redundant anyways and moreover now the key is resolved internally.

Checklist

  • I have explained the need for this PR and the problem it solves
  • I have explained the changes or the new features added to this PR
  • I have added tests corresponding to this change
  • I have updated the documentation to reflect this change
  • I have verified that this change is backward compatible (If not, please discuss on the APISIX mailing list first)

@dosubot dosubot bot added size:L This PR changes 100-499 lines, ignoring generated files. tech debt labels Oct 16, 2025
@Revolyssup Revolyssup marked this pull request as draft October 16, 2025 18:07
@Revolyssup Revolyssup changed the title refactor(improvement): use secret URI as key for cache with success and failure refactor(improvement): use secret URI as key for cache and refactor lrucache Oct 17, 2025
@Revolyssup Revolyssup marked this pull request as ready for review October 17, 2025 06:35
@dosubot dosubot bot added the enhancement New feature or request label Oct 17, 2025
nic-6443
nic-6443 reviewed Oct 18, 2025
View reviewed changes
apisix/secret.lua


local function fetch_by_uri(secret_uri)
local function fetch_by_uri_secret(secret_uri)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this change necessary?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am using a new local function with same name here https://github.com/apache/apisix/pull/12682/files#diff-50c5241a560560f8d61637b60caa3e9f2dce27139863265cfa8ffb63a8537803R212 so this function name got changed to be more specific to avoid conflict.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nic-6443 nic-6443 nic-6443 approved these changes

@bzp2010 bzp2010 Awaiting requested review from bzp2010

@membphis membphis Awaiting requested review from membphis

At least 3 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

enhancement New feature or request size:L This PR changes 100-499 lines, ignoring generated files. tech debt

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Revolyssup @nic-6443