You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have been investigating this issue. When Google is facing some problems, the list of groups returned is incomplete and the idp-scim-sync deletes the group on the AWS side. In other words, the users are losing access to our AWS infra :(
We think that this is related to the callback functions (see here and here). According to google-api-go-client code, "Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration." As you can see in the body of the callback functions, we always return nil, so we never stop the iteration upon receiving an error, which might cause an inconsistency 🤔
Best,
L.
The text was updated successfully, but these errors were encountered:
laurentdelosieresfact
changed the title
que: Issue in the ListUsers and ListGroups functions ?
que: Issue in the ListUsers and ListGroups callback functions ?
May 11, 2023
hi @laurentdelosieresfact thank you very much for your analysis, I will check it in deep to try to fix the problem we are experimenting with the deletion of groups because the Google side fails.
@laurentdelosieresfact my PR will probably fix the issue you describe here, the problem I have is how to test it, I was trying to mock the release Google API but it is challenging because of the chaining of different methods and data structures.
I will try again with a different strategy to ensure that when the Pages method fails, propagate the error upstream.
We have been running the PR for over 2 months and we have not experienced any issues. No groups being randomly deleted 👍 Can you please merge the PR with the changes 🙏
Hello,
We have been investigating this issue. When Google is facing some problems, the list of groups returned is incomplete and the idp-scim-sync deletes the group on the AWS side. In other words, the users are losing access to our AWS infra :(
We think that this is related to the callback functions (see here and here). According to google-api-go-client code, "Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration." As you can see in the body of the callback functions, we always return nil, so we never stop the iteration upon receiving an error, which might cause an inconsistency 🤔
Best,
L.
The text was updated successfully, but these errors were encountered: