Skip to content

PSMDB-1947 LDAP User Cache Refresh options#1115

Merged
rasika-chivate merged 14 commits into7.0from
PSMDB-1947-LDAP-User-Cache-Refresh-options
Mar 30, 2026
Merged

PSMDB-1947 LDAP User Cache Refresh options#1115
rasika-chivate merged 14 commits into7.0from
PSMDB-1947-LDAP-User-Cache-Refresh-options

Conversation

@rasika-chivate
Copy link
Copy Markdown
Collaborator

@rasika-chivate rasika-chivate commented Mar 26, 2026
edited by Copilot AI
Loading

  • Document ldapUserCacheRefreshInterval parameter
  • Document ldapShouldRefreshUserCacheEntries parameter with true/false semantics and default
  • Add description of ldapUserCacheInvalidationInterval (units, what it controls, when it applies)
  • Fix runtime example to exclude startup-only ldapShouldRefreshUserCacheEntries
  • Fix $external formatting typo
  • Add warning about default value change after March 1, 2026
  • Remove bold version formatting to match existing style
  • Add configuration examples (runtime, command line, config file)

📍 Connect Copilot coding agent with Jira, Azure Boards or Linear to delegate work to Copilot in one click without leaving your project management tool.

@rasika-chivate rasika-chivate marked this pull request as draft March 26, 2026 16:39
@rasika-chivate rasika-chivate requested a review from Copilot March 26, 2026 16:39
Copilot AI reviewed Mar 26, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds documentation for new LDAP user cache refresh configuration options to help operators tune LDAP authentication performance.

Changes:

  • Documented two new LDAP cache refresh server parameters: ldapUserCacheRefreshInterval and ldapShouldRefreshUserCacheEntries.
  • Added brief explanation of how the refresh strategy relates to existing cache invalidation behavior.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@rasika-chivate
Update docs/authorization.md
bd8cc39 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@rasika-chivate
Update docs/authorization.md
38a4fbe 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@it-percona it-percona temporarily deployed to PSMDB-1947-LDAP-User-Cache-Refresh-options - psmdb-docs-7.0 PR #1115 March 26, 2026 16:50 — with Render Destroyed
@rasika-chivate
Update docs/authorization.md
cac5460 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@rasika-chivate rasika-chivate marked this pull request as ready for review March 26, 2026 16:59
igorsol
igorsol requested changes Mar 26, 2026
View reviewed changes
@it-percona it-percona temporarily deployed to PSMDB-1947-LDAP-User-Cache-Refresh-options - psmdb-docs-7.0 PR #1115 March 27, 2026 11:46 — with Render Destroyed
@rasika-chivate rasika-chivate requested a review from Copilot March 27, 2026 11:49
Copilot AI reviewed Mar 27, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated 4 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

docs/authorization.md
Comment on lines +134 to +136
- When set to `false`, all `$external` users are evicted from the cache at intervals defined by `ldapUserCacheInvalidationInterval`. This preserves the behavior that existed prior to the introduction of `ldapUserCacheRefreshInterval` and `ldapShouldRefreshUserCacheEntries`.

The default value is `false` (expiration-based invalidation using `ldapUserCacheInvalidationInterval`), to maintain backward-compatible behavior unless interval-based refreshing is explicitly enabled.
Copy link

Copilot AI Mar 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This section references ldapUserCacheInvalidationInterval but doesn't explain what it is or where to configure it, and it appears to be undocumented elsewhere in docs/. Consider adding a brief definition (units/default) and/or linking to the place where ldapUserCacheInvalidationInterval is documented so readers can understand the false behavior path.

Copilot uses AI. Check for mistakes.
Copy link
Copy Markdown
Collaborator Author

@rasika-chivate rasika-chivate Mar 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@copilot apply changes based on this feedback

Copy link
Copy Markdown
Contributor

Copilot AI Mar 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added a description of ldapUserCacheInvalidationInterval as a new bullet point explaining that it controls how long (in seconds) cached LDAP user entries remain valid before they expire and are evicted, and noting that it applies when ldapShouldRefreshUserCacheEntries is set to false. Commit: abd4e0b

Copy link
Copy Markdown
Collaborator Author

@rasika-chivate rasika-chivate Mar 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@copilot apply changes based on this feedback

Copy link
Copy Markdown
Contributor

Copilot AI Mar 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The description of ldapUserCacheInvalidationInterval is already present in the file (line 130) from commit abd4e0b. No further changes are needed.

@rasika-chivate
Update docs/authorization.md
34ca858 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@rasika-chivate
Update docs/authorization.md
829a92f 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
igorsol
igorsol approved these changes Mar 27, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@igorsol igorsol left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved but please fix issues found by copilot

@rasika-chivate
Add description of ldapUserCacheInvalidationInterval parameter
abd4e0b 
Agent-Logs-Url: https://github.com/percona/psmdb-docs/sessions/81d763b8-97e9-4465-9940-7a368d54973c

Co-authored-by: rasika-chivate <95711051+rasika-chivate@users.noreply.github.com>
@it-percona it-percona temporarily deployed to PSMDB-1947-LDAP-User-Cache-Refresh-options - psmdb-docs-7.0 PR #1115 March 27, 2026 12:14 — with Render Destroyed
@rasika-chivate rasika-chivate merged commit 657bf2a into 7.0 Mar 30, 2026
1 check passed
@rasika-chivate rasika-chivate deleted the PSMDB-1947-LDAP-User-Cache-Refresh-options branch March 30, 2026 12:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@igorsol igorsol igorsol approved these changes

@olexandr-havryliak olexandr-havryliak olexandr-havryliak approved these changes

+1 more reviewer

Copilot code review Copilot Copilot left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@rasika-chivate @igorsol @olexandr-havryliak @it-percona