Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-16 13:38:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 93
fleet/server/docs/patterns.md
Victor Lyuboslavsky d2d9b82843
Backend patterns.md update (#22821) 
Input preprocessing and JSON unmarshaling patterns discussed in recent
Backend syncs.
2024-10-10 10:00:25 -05:00

2.9 KiB
Raw Blame History

Backend patterns

The backend software patterns that we follow in Fleet.

NOTE: There are always exceptions to the rules, but we try to follow these patterns as much as possible unless a specific use case calls for something else. These should be discussed within the team and documented before merging.

Table of Contents

API Inputs

Input preprocessing and validation

Validate API inputs and return a 4XX status code if invalid. If you did not do authorization checking before failing validation, skip the authorization check with svc.authz.SkipAuthorization(ctx).

Inputs corresponding to sortable or indexed DB fields should be preprocessed (trim spaces, normalize Unicode, etc.). Use utility method fleet.Preprocess(input string) string. Backend sync where discussed.

JSON unmarshaling

PATCH API calls often need to distinguish between a field being set to null and a field not being present in the JSON. Use the structs from optjson package to handle this. Backend sync where discussed. JSON unmarshaling article and example.

MySQL

Use high precision for all time fields. Precise timestamps make sure that we can accurately track when records were created and updated, keep records in order with a reliable sort, and speed up testing by not having to wait for the time to update. MySQL reference. Backend sync where discussed. Example:

CREATE TABLE `sample` (
  `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
  `created_at` TIMESTAMP(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6),
  `updated_at` TIMESTAMP(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6) ON UPDATE CURRENT_TIMESTAMP(6),
  PRIMARY KEY (`id`)
);

Do not use goqu; use MySQL queries directly. Searching for, understanding, and debugging direct MySQL queries is easier. If needing to modify an existing goqu query, try to rewrite it in MySQL. Backend sync where discussed.

Data retention

Sometimes we need data from rows that have been deleted from DB. For example, the activity feed may be retained forever, and it needs user info (or host info) that may not exist anymore. Going forward, we need to keep this data in a dedicated table(s). A reference unmerged PR is here. The id may be the same as that of the original table. For example, if the user row is deleted, a new entry with the same user.id can be added to user_persistent_info.