engine/opa: reset x and y if z has just been updated

This is a robustness measure -- without this, we might be answering the wrong versioned queries when we really shouldn't. Only relevant for scenarios where we upgrade, though, as usually, only one of the three should be initialized on startup. Signed-off-by: Stephan Renatus <[email protected]>
chef · Jun 4, 2019 · f32a476 · f32a476
1 parent 0e2960f
commit f32a476
Showing 1 changed file with 6 additions and 5 deletions.
diff --git a/components/authz-service/engine/opa/opa.go b/components/authz-service/engine/opa/opa.go
@@ -166,6 +166,8 @@ func (s *State) initPartialResult(ctx context.Context) error {
 		return errors.Wrap(err, "partial eval")
 	}
 	s.partialAuth = pr
+	s.v2PartialAuth = rego.PartialResult{}
+	s.v2PartialProjects = rego.PartialResult{}
 	return nil
 }
 
@@ -187,6 +189,8 @@ func (s *State) initPartialResultV2(ctx context.Context) error {
 		return errors.Wrap(err, "partial eval (authorized)")
 	}
 	s.v2PartialAuth = v2Partial
+	s.partialAuth = rego.PartialResult{}
+	s.v2PartialProjects = rego.PartialResult{}
 	return nil
 }
 
@@ -207,11 +211,8 @@ func (s *State) initPartialResultV2p1(ctx context.Context) error {
 		return errors.Wrap(err, "partial eval (authorized_project)")
 	}
 	s.v2PartialProjects = v2PartialProjects
-
-	s.log.Info("Ran partial update v2.1")
-	if err := s.DumpDataV2p1(ctx); err != nil {
-		s.log.Warnf("error dumping v2.1 data: %v", err)
-	}
+	s.partialAuth = rego.PartialResult{}
+	s.v2PartialAuth = rego.PartialResult{}
 	return nil
 }