LogDog: Implement prefix expiration.

appengine/logdog/coordinator/endpoints/services/registerStream.go

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 package services
 
 import (
         "crypto/subtle"
         "time"
 
@@ skipping 101 matching lines @@
                         log.ErrorKey: err,
                         "id":         pfx.ID,
                         "prefix":     prefix,
                 }.Errorf(c, "Failed to load log stream prefix.")
                 if err == ds.ErrNoSuchEntity {
                         return nil, grpcutil.Errf(codes.FailedPrecondition, "prefix is not registered")
                 }
                 return nil, grpcutil.Internal
         }
 
-        // The prefix secret must match the request secret. If it does, we know this
+        // If we're past prefix's expiration, reject this stream.
+        if now := clock.Now(c); !now.Before(pfx.Expiration) {

[nodir, 2016/05/19 00:54:00]

I am not sure how you do the migration (CL description does not address that),
but it may make sense to skip this check if pfx.Expiration.IsZero()

[dnj (Google), 2016/05/19 02:06:19]

Hmm good question. I have an idea: Since we're defining an expiration, I'll say
that if the Prefix expiration is zero, I'll add the smallest expiration
parameter to the Prefix's creation time and use that.

This will be okay as long as I make sure the config has a non-zero value for
that before I enable this, else all existing Prefixes will suddenly not work
anymore :)

[nodir, 2016/05/19 03:06:33]

Yeah, how you gonna fetch new configs without deploying new proto files? I'd be
on the safe side by having a default prefix expiration if service config doesn't
have it

[dnj (Google), 2016/05/19 03:20:06]

Oh that part's easy. I'll upload the new version, shut down the Collector fleet,
deploy the config, wait for luci-config to pick it up, and then hit the "Migrate
Traffic" button and bring the fleet back up. I'll have to do that anyway on
account of the other changes.

+                log.Fields{
+                        "prefix":     pfx.Prefix,
+                        "expiration": pfx.Expiration,
+                }.Errorf(c, "The log stream Prefix has expired.")
+                return nil, grpcutil.Errf(codes.FailedPrecondition, "prefix has expired")
+        }
+
+        // The prefix secret much match the request secret. If it does, we know this

[nodir, 2016/05/19 00:54:00]

must

         // is a legitimate registration attempt.
         if subtle.ConstantTimeCompare(pfx.Secret, req.Secret) != 1 {
                 log.Errorf(c, "Request secret does not match prefix secret.")
                 return nil, grpcutil.Errf(codes.InvalidArgument, "invalid secret")
         }
 
         // Check for registration, and that the prefix did not expire
         // (non-transactional).
         ls := &coordinator.LogStream{ID: coordinator.LogStreamID(path)}
         lst := ls.State(di)
@@ skipping 113 matching lines @@
                         return nil, grpcutil.Internal
                 }
         }
 
         return nil, nil
 }
 
 func (m *registerStreamMutation) Root(c context.Context) *ds.Key {
         return ds.Get(c).KeyForObj(m.ls)
 }