Joey
03/26/2023, 4:22 PMsoap_work
03/27/2023, 4:12 AMtestcontainers-java
to host spicedb with a in-memory data store (so I can use a different token per test run to get a clean slate), and somewhat randomly, I will get io.grpc.StatusRuntimeException: UNAVAILABLE: Network closed for unknown reason
when trying to write relationships. Seems related to my test set up though, since the first set of tests runs just great, but then subsequent test files will generate this issue for a handful of test methods, BUT, usually the last couple will pass. So, I guess my question is: when running under serve-testing
, is spicedb ready to handle traffic as soon as gRPC ports are available, or should I be potentially waiting for some other signal it's ready? NB: I have no evidence this is what my problem is, just a suspicion. Might be a docker networking issue.TheRealKlaus
03/27/2023, 5:49 AMsoap_work
03/27/2023, 6:17 AMTheRealKlaus
03/27/2023, 6:21 AMTheRealKlaus
03/27/2023, 6:22 AMsoap_work
03/27/2023, 6:26 AMsoap_work
03/27/2023, 6:27 AMsoap_work
03/27/2023, 6:38 AMtestcontainers
fixtures. Specifically, previously I was waiting only for the first registered port (the GRPC port in this case) to start listening before starting tests. This was inadequate: spicedb was NOT ready for reasons I don't understand (nor can I be bothered finding out). Instead, I used a log tailing wait strategy and specified a wait for the server to emit the 'http server started serving' string (I am obviously also enabling the http server under test) and this has resolved my woes: I only get GRPC communication issues now if I do something stupid/intentionally bad like nuking spicedb.youling66
03/27/2023, 8:40 AM# 流式调用
iter = client.LookupSubjects(request=req)
for resp in iter:
print("xxx", resp, "|", type(resp))
ab.sh.1010
03/29/2023, 4:12 PMhttps://cdn.discordapp.com/attachments/844600078948630559/1090669779951566909/image.png▾
Joey
03/29/2023, 4:18 PMJoey
03/29/2023, 4:18 PM"
in the JSONJoey
03/29/2023, 4:18 PMab.sh.1010
03/29/2023, 4:23 PMhttps://cdn.discordapp.com/attachments/844600078948630559/1090672562901631076/image.png▾
https://cdn.discordapp.com/attachments/844600078948630559/1090672563199410346/image.png▾
Joey
03/29/2023, 4:23 PM"
tooJoey
03/29/2023, 4:24 PM--caveat-context="{\"foo\": \"bar\"}"
TheRealKlaus
03/29/2023, 4:33 PMhttps://cdn.discordapp.com/attachments/844600078948630559/1090675025364930601/image.png▾
ab.sh.1010
03/29/2023, 4:34 PMhttps://cdn.discordapp.com/attachments/844600078948630559/1090675237034672230/image.png▾
TheRealKlaus
03/29/2023, 4:34 PMhttps://cdn.discordapp.com/attachments/844600078948630559/1090675348271808582/image.png▾
TheRealKlaus
03/29/2023, 4:35 PMab.sh.1010
03/29/2023, 4:38 PMJoey
03/29/2023, 4:40 PMab.sh.1010
03/29/2023, 4:49 PMhttps://cdn.discordapp.com/attachments/844600078948630559/1090679034045808790/image.png▾
TheRealKlaus
03/29/2023, 5:00 PMyetitwo
03/29/2023, 6:46 PMdefinition user {}
caveat has_valid_ip(user_ip ipaddress, allowed_range string) {
user_ip.in_cidr(allowed_range)
}
definition resource {
relation viewer: user | user with has_valid_ip
permission view = viewer
}
does relation viewer: user | user with has_valid_ip
mean "a user who has the relation or all users with a valid IP" or does that mean "a user who has the relation or (a user who has the relation and also has a valid IP)"?vroldanbet
03/29/2023, 6:47 PMvroldanbet
03/29/2023, 6:48 PMyetitwo
03/29/2023, 6:49 PMarielcamperi
03/29/2023, 6:53 PMdefinition our_app
but when actually writing relationships I'm not sure what to use as the resource ID (our_app:singleton
? our_app:any
?). I'd love any thoughts you have on this, thanks!arielcamperi
03/29/2023, 6:53 PMdefinition our_app
but when actually writing relationships I'm not sure what to use as the resource ID (our_app:singleton
? our_app:any
?). I'd love any thoughts you have on this, thanks!