-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
run the users-refresher-lambda
every minute
#123
Conversation
4622d45
to
4c46d85
Compare
4c46d85
to
71d3566
Compare
users-refresher-lambda/src/index.ts
Outdated
); | ||
|
||
if (!emailsOfUsersWithPinboardPermission) { | ||
throw Error("Could not get list of users with 'pinboard' permission."); | ||
} | ||
|
||
const isNightlyFullRun = now.getHours() === 0 && now.getMinutes() === 0; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would it be worth adding a parameter to allow manually running a full run in case of errors/emergencies?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah I actually was thinking about something like that. Perhaps two schedules...
- every minute, sends some
isProcessPermissionChangesOnly: true
flag in the payload - every 24 hours, no payload (i.e. same as a manual run)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done in c4c5d67
01b4e8e
to
cefb868
Compare
…ually pinboard permission changes before hitting Google APIs (except the midnight invocation, where we do a full update to bump the TTLs on the records)
…ffected) email rather than iterating through all the guardian users (500 at a time)
cefb868
to
9364c2e
Compare
…rocessPermissionChangesOnly: true` in the payload) and every 24 hours (no payload, so should do full run)
9364c2e
to
c4c5d67
Compare
Overdue on PROD (merged by @twrichards 5 minutes and 4 seconds ago) What's gone wrong? |
Seen on PROD (merged by @twrichards 6 minutes and 8 seconds ago) Please check your changes! |
https://trello.com/c/RIfC9Vqc/550-run-pinboard-user-refresher-lambda-on-permission-change
Previously the
users-refresher-lambda
ran on a 6 hourly schedule (to keep load on google APIs low), which kept our list of users (needed for name resolution, avatars and to populate the mentions suggestions) somewhat up to date. However the recent live blog pilots highlighted the fact that we still needed to run this lambda manually after a permission change to avoid waiting up to 6 hours before users could safely use pinboard.Initially we hoped to trigger the
users-refresher-lambda
whenever permissions actually change (see #118) however without adding lots of complex infrastructure (including making changes to guardian/permissions) this is not possible.What does this change?
Instead, here we increase the frequency of the
users-refresher-lambda
schedule to every minute and with a payload of{isProcessPermissionChangesOnly: true}
which checks there are actually pinboard permission changes and looks-up only those against the Google APIs. Note that users who have the permission removed are marked asisMentionable: false
We also introduce another schedule, which daily does a full run to ensure users who've left are marked as
isMentionable: false
.Mention suggestions are now only populated with users with
isMentionable: true
. This new approach replaces the previous TTL concept (see #46 and #50) and retains user rows indefinitely, preferring a flag which is more explicit (and also makes the impending move away from Dynamo to a relational DB easier).How to test
With this deployed to CODE
NO CHANGE TO PINBOARD PERMISSIONS, exiting early
in the logsDETECTED PINBOARD PERMISSIONS ADDED FOR
in the logs (followed by the usual log lines about upserting).DETECTED PINBOARD PERMISSIONS REMOVED FOR
in the logs (followed by the usual log lines about upserting).FULL RUN
in the logs (followed by the usual log lines about upserting).How can we measure success?
No dev intervention required when CP add new users to pinboard, and they can start using pinboard safely within a minute.
Have we considered potential risks?
This will cost a touch more, but since pinboard currently costs only a few cents per month - this is OK.