PMM-13315 Fix problem with big orgIDs.

percona · Oct 3, 2024 · 5c45652 · 5c45652
1 parent ac7ea22
commit 5c45652
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 10 deletions.
diff --git a/api-tests/server/auth_test.go b/api-tests/server/auth_test.go
@@ -622,11 +622,9 @@ func deleteServiceToken(t *testing.T, serviceAccountID, serviceTokenID int) {
 }
 
 func sanitizeSAName(name string) string {
-	if len(name) <= 185 {
+	if len(name) <= 180 {
 		return name
 	}
 
-	res := fmt.Sprintf("%s%x", name[:153], md5.Sum([]byte(name[153:]))) //nolint:gosec
-
-	return res
+	return fmt.Sprintf("%s%x", name[:148], md5.Sum([]byte(name[148:]))) //nolint:gosec
 }
diff --git a/managed/services/grafana/client.go b/managed/services/grafana/client.go
@@ -673,15 +673,18 @@ type serviceToken struct {
 	Role string `json:"role"`
 }
 
-// Max length of service account name is 185 chars (limit in Grafana Postgres DB for 190 chars).
+// Max length of service account name is 190 chars (limit in Grafana Postgres DB).
+// However, prefix added by grafana is counted too. Prefix is sa-{orgID}-.
+// Bare minimum is 5 chars reserved (orgID is <10, like sa-1-) and could be more depends
+// on orgID number. Let's reserve 10 chars. It will cover almost one million orgIDs.
 // Sanitizing, ensure its length by hashing postfix when length is exceeded.
 // MD5 is used because it has fixed length 32 chars.
 func sanitizeSAName(name string) string {
-	if len(name) <= 185 {
+	if len(name) <= 180 {
 		return name
 	}
 
-	return fmt.Sprintf("%s%x", name[:153], md5.Sum([]byte(name[153:]))) //nolint:gosec
+	return fmt.Sprintf("%s%x", name[:148], md5.Sum([]byte(name[148:]))) //nolint:gosec
 }
 
 func (c *Client) createServiceAccount(ctx context.Context, role role, nodeName string, reregister bool, authHeaders http.Header) (int, error) {

diff --git a/managed/services/grafana/client_test.go b/managed/services/grafana/client_test.go
@@ -241,13 +241,13 @@ func TestClient(t *testing.T) {
 
 func Test_sanitizeSAName(t *testing.T) {
 	// max possible length without hashing
-	len185, err := stringsgen.GenerateRandomString(185)
+	len180, err := stringsgen.GenerateRandomString(180)
 	require.NoError(t, err)
-	require.Equal(t, len185, sanitizeSAName(len185))
+	require.Equal(t, len180, sanitizeSAName(len180))
 
 	// too long length - postfix hashed
 	len200, err := stringsgen.GenerateRandomString(200)
 	require.NoError(t, err)
 	len200sanitized := sanitizeSAName(len200)
-	require.Equal(t, fmt.Sprintf("%s%s", len200[:153], len200sanitized[153:]), len200sanitized)
+	require.Equal(t, fmt.Sprintf("%s%s", len200[:148], len200sanitized[148:]), len200sanitized)
 }