-
Notifications
You must be signed in to change notification settings - Fork 893
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GODRIVER-3168 Retry KMS requests on transient errors. #1887
base: master
Are you sure you want to change the base?
Conversation
API Change Report./v2/mongoincompatible changes##Connect: changed from func(...*./v2/mongo/options.ClientOptions) (*Client, error) to func(..../v2/mongo/options.Lister[./v2/mongo/options.ClientOptions]) (*Client, error) ./v2/mongo/optionsincompatible changes(*AutoEncryptionOptions).SetBypassAutoEncryption: removed compatible changesAutoEncryptionOptionsBuilder: added ./v2/x/mongo/driver/authincompatible changesHandshakeOptions.OuterLibraryName: removed ./v2/x/mongo/driver/mongocryptcompatible changes(*KmsContext).RequestError: added ./v2/x/mongo/driver/operationincompatible changes(*Distinct).Hint: removed ./v2/x/mongo/driver/topologyincompatible changes##ConvertToDriverAPIOptions: changed from func(*./v2/mongo/options.ServerAPIOptions) *./v2/x/mongo/driver.ServerAPIOptions to func(./v2/mongo/options.Lister[./v2/mongo/options.ServerAPIOptions]) ./v2/x/mongo/driver.ServerAPIOptions compatible changesNewConfigFromOptions: added |
b11c2a5
to
93ebd31
Compare
4d94342
to
fd682b7
Compare
6ecb7c2
to
ddc0900
Compare
77cf4a1
to
d4a0765
Compare
074d596
to
50549f6
Compare
58a6a49
to
db03cdf
Compare
db03cdf
to
701bd46
Compare
x/mongo/driver/crypt.go
Outdated
@@ -399,7 +397,10 @@ func (c *crypt) decryptKey(kmsCtx *mongocrypt.KmsContext) error { | |||
|
|||
res := make([]byte, bytesNeeded) | |||
bytesRead, err := conn.Read(res) | |||
if err != nil && !errors.Is(err, io.EOF) { | |||
if err != nil { | |||
if kmsCtx.Fail() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See MONGOCRYPT-752. When mongocrypt_kms_ctx_fail
returns false, consider wrapping the error message from mongocrypt_ctx_kms_status
. The error from mongocrypt_ctx_kms_status
may help identify a retry occurred (e.g. "KMS request failed after 3 retries due to a network error: last attempt failed with: ")
4c20d77
to
614aba5
Compare
GODRIVER-3168
Summary
Retry KMS requests on transient errors.
Background & Motivation
Changes described here: https://github.com/mongodb/libmongocrypt/blob/master/integrating.md#state-mongocrypt_ctx_need_kms
New tests: https://github.com/mongodb/specifications/blob/master/source/client-side-encryption/tests/README.md#24-kms-retry-tests