PS-9773 [8.4]: Fix audit_log_read() always returning null#5910
Open
jakub-nowakowski-percona wants to merge 1 commit intopercona:8.4from
Open
PS-9773 [8.4]: Fix audit_log_read() always returning null#5910jakub-nowakowski-percona wants to merge 1 commit intopercona:8.4from
jakub-nowakowski-percona wants to merge 1 commit intopercona:8.4from
Conversation
https://perconadev.atlassian.net/browse/PS-9773 Replace full-document JSON parsing when discovering each log file's first event timestamp with a streaming SAX handler that stops after the first "timestamp" string. That avoids loading large arrays into memory and keeps init() usable on valid-but-growing files. When reading events, treat EOF reached during incremental parsing as normal and stop the read loop instead of failing. The active audit log file is a top-level JSON array that is not closed until rotation, so treating EOF as a hard parse error broke audit_log_read() on the current file. Refactor reader arguments: replace the close_read_sequence flag with an explicit Command enum (continue, read from bookmark, read from timestamp, close sequence). Seek-to-start now depends on the command: bookmark mode requires matching timestamp and id; timestamp-only mode starts at the first event whose timestamp is on or after the requested time. Add LogBookmark::operator== for the bookmark comparison. Adjust set_files_to_read_list() to choose the log file using the interval between consecutive files' first timestamps relative to the next event bookmark, so the correct segment is selected when resuming. FileWriterCompressing flushes gzip stream after each logged event to make sure FileReaderDecompressing can read events from currently opened log file. With encryption enabled, log events in JSON and JSONL log files are padded with whitespace block in order to prevent those events from being stuck in internal buffer of encryption context for prolonged amount of time.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
https://perconadev.atlassian.net/browse/PS-9773
Replace full-document JSON parsing when discovering each log file's first event timestamp with a streaming SAX handler that stops after the first "timestamp" string. That avoids loading large arrays into memory and keeps init() usable on valid-but-growing files.
When reading events, treat EOF reached during incremental parsing as normal and stop the read loop instead of failing. The active audit log file is a top-level JSON array that is not closed until rotation, so treating EOF as a hard parse error broke audit_log_read() on the current file.
Refactor reader arguments: replace the close_read_sequence flag with an explicit Command enum (continue, read from bookmark, read from timestamp, close sequence). Seek-to-start now depends on the command: bookmark mode requires matching timestamp and id; timestamp-only mode starts at the first event whose timestamp is on or after the requested time. Add LogBookmark::operator== for the bookmark comparison.
Adjust set_files_to_read_list() to choose the log file using the interval between consecutive files' first timestamps relative to the next event bookmark, so the correct segment is selected when resuming.
FileWriterCompressing flushes gzip stream after each logged event to make sure FileReaderDecompressing can read events from currently opened log file.
With encryption enabled, log events in JSON and JSONL log files are padded with whitespace block in order to prevent those events from being stuck in internal buffer of encryption context for prolonged amount of time.