Skip to content
This repository was archived by the owner on Sep 30, 2024. It is now read-only.

Reimplement license checks#63068

Merged
pjlast merged 12 commits into
mainfrom
pjlast/reimplement-license-checks
Jun 28, 2024
Merged

Reimplement license checks#63068
pjlast merged 12 commits into
mainfrom
pjlast/reimplement-license-checks

Conversation

@pjlast

@pjlast pjlast commented Jun 4, 2024
edited
Loading

Copy link
Copy Markdown
Contributor

This PR reintroduces the licensing checks that will block a customer's instance if an invalid license is used.

An instance gets blocked (i.e. only Site Admins can sign in and modify the site config) if the license has been:

  1. Revoked
  2. Already used on a different Site ID
  3. Is expired

If a customer creates a new Sourcegraph instance with a new Site ID, they'll need a new license key as well.

If we receive irregular pings from the same Site ID + License key combination, we'll receive a Slack ping about it as that would require manual investigation.

One change made in this PR as well is to only alert when we receive irregular pings from the exact same Site ID + License key. Previously it only checked Site ID, but due to many customers creating a copy of their production instance for testing, this is not particularly reliable and leads to noise.

Test plan

Unit tests updated, also lots of manual testing by starting a dotcom instance with docker run and doing license checks against that instance.

Changelog

@cla-bot cla-bot Bot added the cla-signed label Jun 4, 2024
@github-actions github-actions Bot added team/product-platform team/source Tickets under the purview of Source - the one Source to graph it all labels Jun 4, 2024
@pjlast pjlast marked this pull request as ready for review June 10, 2024 12:02
@pjlast pjlast requested a review from a team June 10, 2024 12:02
eseliger
eseliger approved these changes Jun 10, 2024
View reviewed changes

@eseliger eseliger left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

scared but LGTM :)

Comment thread cmd/frontend/internal/dotcom/productsubscription/license_check_handler.go Outdated
eseliger
eseliger approved these changes Jun 11, 2024
View reviewed changes
Comment thread cmd/frontend/internal/dotcom/productsubscription/license_check_handler.go

flags := featureflag.FromContext(ctx)
// This feature flag allows us to temporarily allow conflicting Site IDs
conflictingSiteIDsValid := flags.GetBoolOr("markConflictingSiteIDsAsValid", false)

@eseliger eseliger Jun 11, 2024

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

off by default is what we want, correct? just double checking

@pjlast pjlast merged commit 111c8ce into main Jun 28, 2024
@pjlast pjlast deleted the pjlast/reimplement-license-checks branch June 28, 2024 11:10
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@eseliger eseliger eseliger approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

cla-signed team/product-platform team/source Tickets under the purview of Source - the one Source to graph it all

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pjlast @eseliger