Remove 5 cross-database foreign keys referencing `namespaces`
namespaces is referenced as a foreign key from other 5 other tables in a different database
The intention of this issue is to determine any risks when changing all of the below foreign keys referencing namespaces to become Loose foreign keys. Loose foreign keys are cleaned up asynchronously which means when we perform a DELETE FROM namespaces
we will queue a cleanup task that will be executed in ~5 mins to cleanup all of the rows that reference this record. This can mean there are sometimes strange UX bugs where they may see a link to something that no longer exists and clicking it may give an error or it may mean there is a background job that runs and errors due to an invalid foreign key or it may mean a 500 when rendering a certain page containing any of the below tables. Some more details about risks and mitigations are being documented in !76626 (merged) .
The groupsharding will be responsible for actually doing the work to convert the foreign keys to loose foreign keys but will likely need help from impacted teams to asses the risk and potentially determine or implement appropriate mitigation for any risks. Sometimes mitigation may mean refactoring code slightly to avoid errors or explicitly handling certain riskier cases by checking if there is a pending deletion for a record. It is also possible that we can optimize the 5 minute latency for cleanup in certain cases determined to be urgent.
-
ci_group_variables.group_id
->namespaces.id
-ON DELETE CASCADE
-
Best team to review (@fabiopitino): grouppipeline execution devopsverify -
MR: !77322 (merged) !77494 (merged) -
No way for user to access once parent is deleted. Please explain: Group variables are accessed through the group
object. If it's deleted then we don't access this records directly. -
Possible to access once parent deleted but low user impact. Please explain: <DETAIL>
-
Possible Sidekiq workers that may load directly and possibly lead to exceptions. Please explain: <DETAIL>
-
Possible user impact to be evaluated or mitigated. Please explain: <DETAIL>
-
-
ci_daily_build_group_report_results.group_id
->namespaces.id
-ON DELETE CASCADE
-
Best team to review (check off when reviewed): grouptesting devopsverify -
MR: !77636 (merged) !77721 (merged) -
No way for user to access once parent is deleted. Please explain: @morefice: We use
Ci::DailyBuildGroupReportResult.group_id
to build coverage analytic at the group level. Impossible to access the analytic page (groups/group_id/-/analytics/repository_analytics
) without agroup_id
. -
Possible to access once parent deleted but low user impact. Please explain: <DETAIL>
-
Possible Sidekiq workers that may load directly and possibly lead to exceptions. Please explain: <DETAIL>
-
Possible user impact to be evaluated or mitigated. Please explain: <DETAIL>
-
-
ci_pending_builds.namespace_id
->namespaces.id
-ON DELETE CASCADE
-
Best team to review (@fabiopitino): grouppipeline execution devopsverify -
MR: !77636 (merged) !77724 (merged) -
No way for user to access once parent is deleted. Please explain: Ci::PendingBuilds
is generally accessed regardless of thenamespace_id
. For group-level runners we don't usenamespace_id
column directly but we usetraversal_ids
instead. One other point of access of pending builds via namespace is here but this won't show orphan records since thenamespace
access point will be deleted. -
Possible to access once parent deleted but low user impact. Please explain: <DETAIL>
-
Possible Sidekiq workers that may load directly and possibly lead to exceptions. Please explain: <DETAIL>
-
Possible user impact to be evaluated or mitigated. Please explain: <DETAIL>
-
-
ci_runner_namespaces.namespace_id
->namespaces.id
-ON DELETE CASCADE
-
Best team to review (check off when reviewed): grouprunner devopsverify -
MR: !77636 (merged) !77727 (merged) -
No way for user to access once parent is deleted. Please explain: <DETAIL>
-
Possible to access once parent deleted but low user impact. Please explain: Accessing the parent group will become possible in the near future due to an upcoming
group
GraphQL field that will be introduced inCiRunnerType
which will allow you to query it for the associated group, but we can try to exclude the unreachable group from the results. Another minor situation that comes to mind is thatUser.ci_owned_runners
might return runners for groups that have been deleted (exposed through REST API and used inRunnerPolicy
for CRUD permissions). -
Possible Sidekiq workers that may load directly and possibly lead to exceptions. Please explain: <DETAIL>
-
Possible user impact to be evaluated or mitigated. Please explain: <DETAIL>
-
-
ci_minutes_additional_packs.namespace_id
->namespaces.id
-ON DELETE CASCADE
-
Best team to review (check off when reviewed): grouputilization devopsfulfillment -
MR: !77322 (merged) !77550 (merged) -
No way for user to access once parent is deleted. Please explain: The records are currently unused. Only two interfaces are via API which is only used by CustomersDot
-
Possible to access once parent deleted but low user impact. Please explain: <DETAIL>
-
Possible Sidekiq workers that may load directly and possibly lead to exceptions. Please explain: <DETAIL>
-
Possible user impact to be evaluated or mitigated. Please explain: <DETAIL>
-