From 601d2ee04840d24fe13e5ec54ae09f2a623f3d02 Mon Sep 17 00:00:00 2001 From: Rasmus Dahlberg Date: Tue, 28 Dec 2021 21:32:38 +0100 Subject: db: Fix error prone timestamp configuration The timestamp for the latest tree head is now set based on the current UNIX time. This means that there is no longer any reliance on Trillian to move the timestamp forward every 5 minutes, just set -interval=300s. --- issues/fix-error-prone-timestamp-configuration.md | 23 ----------------------- pkg/db/trillian.go | 3 ++- pkg/db/trillian_test.go | 16 ++++++++++++++-- 3 files changed, 16 insertions(+), 26 deletions(-) delete mode 100644 issues/fix-error-prone-timestamp-configuration.md diff --git a/issues/fix-error-prone-timestamp-configuration.md b/issues/fix-error-prone-timestamp-configuration.md deleted file mode 100644 index 79db548..0000000 --- a/issues/fix-error-prone-timestamp-configuration.md +++ /dev/null @@ -1,23 +0,0 @@ -**Title:** Fix error-prone timestamp configuration
-**Date:** 2021-12-18
- -# Summary -Stop relying on Trillian to update tree head timestamps. - -# Description -A sigsum log is expected to produce a new to-sign tree head every five minutes. -If no new entries were added, only the timestamp is updated to ensure freshness. - -The current sigsum-log-go implementation assumes that Trillian ensures that a -new tree head is produced every five minutes. It can be configured as follows: -``` -$ createtree --help -Usage of ./createtree: -[...] - -max_root_duration duration - Interval after which a new signed root is produced despite no submissions; zero means never (default 1h0m0s) -[...] -``` - -It would be less error-prone to configure this from sigsum-log-go instead, as -part of the `StateManager` interface based on a constant (i.e., 5 minutes). diff --git a/pkg/db/trillian.go b/pkg/db/trillian.go index ab57db6..25b2fb3 100644 --- a/pkg/db/trillian.go +++ b/pkg/db/trillian.go @@ -3,6 +3,7 @@ package db import ( "context" "fmt" + "time" "git.sigsum.org/sigsum-lib-go/pkg/requests" "git.sigsum.org/sigsum-lib-go/pkg/types" @@ -173,7 +174,7 @@ func (c *TrillianClient) GetLeaves(ctx context.Context, req *requests.Leaves) (* func treeHeadFromLogRoot(lr *trillianTypes.LogRootV1) *types.TreeHead { th := types.TreeHead{ - Timestamp: uint64(lr.TimestampNanos / 1000 / 1000 / 1000), + Timestamp: uint64(time.Now().Unix()), TreeSize: uint64(lr.TreeSize), } copy(th.RootHash[:], lr.RootHash) diff --git a/pkg/db/trillian_test.go b/pkg/db/trillian_test.go index a33458f..955fc46 100644 --- a/pkg/db/trillian_test.go +++ b/pkg/db/trillian_test.go @@ -1,10 +1,12 @@ package db import ( + "bytes" "context" "fmt" "reflect" "testing" + "time" "git.sigsum.org/sigsum-lib-go/pkg/requests" "git.sigsum.org/sigsum-lib-go/pkg/types" @@ -185,8 +187,18 @@ func TestGetTreeHead(t *testing.T) { if err != nil { return } - if got, want := th, table.wantTh; !reflect.DeepEqual(got, want) { - t.Errorf("got tree head\n\t%v\nbut wanted\n\t%v\nin test %q", got, want, table.description) + + // we would need a clock that can be mocked to make a nicer test + now := uint64(time.Now().Unix()) + if got, wantLow, wantHigh := th.Timestamp, now-5, now+5; got < wantLow || got > wantHigh { + t.Errorf("got tree head with timestamp %d but wanted between [%d, %d] in test %q", + got, wantLow, wantHigh, table.description) + } + if got, want := th.TreeSize, table.wantTh.TreeSize; got != want { + t.Errorf("got tree head with tree size %d but wanted %d in test %q", got, want, table.description) + } + if got, want := th.RootHash[:], table.wantTh.RootHash[:]; !bytes.Equal(got, want) { + t.Errorf("got root hash %x but wanted %x in test %q", got, want, table.description) } }() } -- cgit v1.2.3