Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement image builder database maintenance (HMS-4244) #1402

Conversation

schuellerf
Copy link
Contributor

@schuellerf schuellerf commented Nov 14, 2024

This implements the retention policy requested in https://issues.redhat.com/browse/HMS-4244

image-builder-maintenance for now runs vacuum
and cleans all composes older than 2 years (by default)
to remove customer related data according to the
retention policy

As this is not really urgent, it's scheduled once
a week on Tuesdays to avoid problems on weekends

…should be merged after #1398
Note: this implementation is almost a copy of https://github.com/osbuild/osbuild-composer/tree/main/cmd/osbuild-service-maintenance to stick to the same mechanism

@schuellerf schuellerf force-pushed the HMS-4244-implement-image-builder-database-maintenance branch from 8e097b5 to 12c937d Compare November 14, 2024 12:58
Copy link

codecov bot commented Nov 14, 2024

Codecov Report

Attention: Patch coverage is 91.89189% with 3 lines in your changes missing coverage. Please review.

Files with missing lines Patch % Lines
cmd/image-builder/main.go 0.00% 3 Missing ⚠️
Files with missing lines Coverage Δ
internal/db/db.go 57.81% <100.00%> (ø)
internal/tutils/psql.go 75.43% <100.00%> (+5.54%) ⬆️
cmd/image-builder/main.go 0.00% <0.00%> (ø)

@schuellerf schuellerf force-pushed the HMS-4244-implement-image-builder-database-maintenance branch from 12c937d to 0e26d6e Compare November 14, 2024 13:06
@schuellerf schuellerf force-pushed the HMS-4244-implement-image-builder-database-maintenance branch from 6af80e6 to dc5cafe Compare November 15, 2024 10:50
@schuellerf
Copy link
Contributor Author

Note: failed code/snyk check just indicates that in our testcases we have a password hardcoded …

lzap
lzap previously approved these changes Nov 15, 2024
Copy link
Collaborator

@lzap lzap left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great. The only concern I have is why this is a separate image, but this could be app-sre requirement, no issues.

cmd/image-builder-maintenance/config.go Show resolved Hide resolved
cmd/image-builder-maintenance/db.go Outdated Show resolved Hide resolved
Makefile Outdated Show resolved Hide resolved
build_deploy.sh Outdated Show resolved Hide resolved
cmd/image-builder-maintenance/main.go Show resolved Hide resolved
@schuellerf
Copy link
Contributor Author

schuellerf commented Nov 15, 2024

@lzap
I forgot to add this to the commit message that this, for now, is almost a copy of
https://github.com/osbuild/osbuild-composer/tree/main/cmd/osbuild-service-maintenance
to stick to the same approach.

@schuellerf
Copy link
Contributor Author

Refactoring this into a separate repo or somehow sharing code with composer was considered but discarded for less effort.
Still this discussion is valid and ongoing.

@schuellerf schuellerf force-pushed the HMS-4244-implement-image-builder-database-maintenance branch 6 times, most recently from e5de212 to e75755c Compare November 19, 2024 09:45
@schuellerf
Copy link
Contributor Author

schuellerf commented Nov 19, 2024

Konflux failure seems to be related to the current rhsm outage… (and it's not a required check here)
… and PR build seems to fail due to ephemeral cluster issues

@schuellerf schuellerf requested a review from lzap November 19, 2024 10:29
@schuellerf schuellerf enabled auto-merge (rebase) November 19, 2024 10:29
@schuellerf
Copy link
Contributor Author

/retest

1 similar comment
@schuellerf
Copy link
Contributor Author

/retest

lzap
lzap previously approved these changes Nov 20, 2024
Copy link
Collaborator

@lzap lzap left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Couple of logging/transactional improvements could be done, but nothing big. I mean, there are not too many records, are there? :-)

cmd/image-builder-maintenance/db.go Show resolved Hide resolved
templates/maintenance.yml Show resolved Hide resolved
cmd/image-builder-maintenance/main.go Show resolved Hide resolved
@schuellerf schuellerf force-pushed the HMS-4244-implement-image-builder-database-maintenance branch from 6ffb370 to 326712c Compare November 21, 2024 13:24
Copy link
Contributor

@mvo5 mvo5 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Quick drive-by: when switching to "cleanenv", please split the commit that changes our code and the part that adds the vendoring to the repo (i.e. two commits, one with vendored stuff, one with switching the code to use it)

Also do we actually need to put the vendored deps into the git repo? We removed all vendoring from "images" because it is not packaged, maybe we could look into doing the same here?

@schuellerf
Copy link
Contributor Author

@mvo5

Quick drive-by: when switching to "cleanenv", please split the commit that changes our code and the part that adds the vendoring to the repo (i.e. two commits, one with vendored stuff, one with switching the code to use it)

I can split it, although that actually results in a somewhat inconsistent commit (as it has dependencies no one needs, only one commit later) 🤔
but I get the idea from the standpoint of reviewing…

Also do we actually need to put the vendored deps into the git repo? We removed all vendoring from "images" because it is not packaged, maybe we could look into doing the same here?

Don't know - we can follow up on this, vendoring makes things strange for sure 👌

@schuellerf schuellerf force-pushed the HMS-4244-implement-image-builder-database-maintenance branch 3 times, most recently from eb6caf2 to ef9f5b7 Compare November 22, 2024 10:10
@schuellerf schuellerf requested a review from mvo5 November 22, 2024 10:11
@schuellerf schuellerf requested a review from lzap November 22, 2024 10:11
lzap
lzap previously approved these changes Nov 25, 2024
Copy link
Collaborator

@lzap lzap left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perfect.

cmd/image-builder-maintenance/main.go Show resolved Hide resolved
templates/maintenance.yml Show resolved Hide resolved
@schuellerf schuellerf force-pushed the HMS-4244-implement-image-builder-database-maintenance branch from e07fe65 to 7dce7d5 Compare November 25, 2024 13:34
@schuellerf schuellerf requested a review from lzap November 25, 2024 13:50
Copy link
Member

@croissanne croissanne left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

In addition to the comments, could you also clean up the commit messages a bit?

The body of the commit should be full sentences ( so capital letters & periods). There are also some spelling errors (depentent -> dependent, our selfs -> ourselves). And there's a trailing s in the distribution/Dockerfile-ubi-maintenance: fix entrypoint commit.

internal/tutils/db_tutils.go Show resolved Hide resolved
cmd/image-builder-maintenance/db.go Outdated Show resolved Hide resolved
Makefile Outdated Show resolved Hide resolved
cmd/image-builder-maintenance/config.go Outdated Show resolved Hide resolved
internal/tutils/db_tutils.go Outdated Show resolved Hide resolved
cmd/image-builder-maintenance/config.go Show resolved Hide resolved
build_deploy.sh Outdated Show resolved Hide resolved
cmd/image-builder-maintenance/main.go Show resolved Hide resolved
@croissanne
Copy link
Member

@mvo5

Also do we actually need to put the vendored deps into the git repo? We removed all vendoring from "images" because it is not packaged, maybe we could look into doing the same here?

Don't know - we can follow up on this, vendoring makes things strange for sure 👌

I don't think there's any really good reason at this point time. We can remove them in image builder, a separate PR though.

@mvo5
Copy link
Contributor

mvo5 commented Nov 25, 2024

[..]

In addition to the comments, could you also clean up the commit messages a bit?

Quick drive-by (as I was tagged): maybe also worth squashing a few commits

@schuellerf
Copy link
Contributor Author

[..]

Quick drive-by (as I was tagged): maybe also worth squashing a few commits

This was on purpose to be able to follow along the comments easier, but I'll squash some.

@schuellerf schuellerf force-pushed the HMS-4244-implement-image-builder-database-maintenance branch 2 times, most recently from 83b2fb2 to d7185ec Compare November 25, 2024 17:47
@schuellerf schuellerf force-pushed the HMS-4244-implement-image-builder-database-maintenance branch from d7185ec to 6297665 Compare November 26, 2024 10:26
Will be used in more database tests like the
image-builder-maintenance.
image-builder-maintenance for now runs vacuum
and cleans all composes older than 2 years (by default).
To remove customer related data according to the
retention policy.

As this is not really urgent, it's scheduled once
a week on Tuesdays to avoid problems on weekends.

Also introduces a github action test if
the container can still be built.
This avoids problems with snyk code checker.
The password is set in the environment anyway,
so this is not needed here.
This touches also other code, due to dependent functions.
The time is just a first starting point.
Two hours should be sufficient.
Graceful shutdown on SIGTERM and SIGINT, even when currently
executing SQL statements.
Clones are implicitly deleted by `ON DELETE CASCADE`.
Adds the `image-builder-maintenance` binary to the existing
container `quay.io/cloudservices/image-builder`, to avoid
duplicating all the necessary build jobs.
@schuellerf schuellerf force-pushed the HMS-4244-implement-image-builder-database-maintenance branch from 02b4375 to 1722b09 Compare November 26, 2024 15:55
Copy link
Member

@croissanne croissanne left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

cmd/image-builder-maintenance/config.go Show resolved Hide resolved
@croissanne croissanne disabled auto-merge November 27, 2024 16:27
@croissanne croissanne merged commit 4ecc626 into osbuild:main Nov 27, 2024
15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants