fix: improve delete queries for janitor command

[flavioleggio]

Related issue

#2513
@aeneasr @Benehiko

Proposed changes

Improve delete queries by separating the data extraction from actual delete.
Extraction is made with a configurable limit, using --limit flag, then deletes are made in batch mode with a configurable batch size, using --batch-size flag.
I chose default values for limit and batch size of respectively 100000 records and 100 records.

Checklist

• I have read the contributing guidelines.
• I have read the security policy.
• I confirm that this pull request does not address a security
  vulnerability. If this pull request addresses a security. vulnerability, I
  confirm that I got green light (please contact
  security@ory.sh) from the maintainers to push
  the changes.
• I have added tests that prove my fix is effective or that my feature
  works.
• I have added or changed the documentation.

Further comments

I chose to remove the transaction in cleanup for login and consent requests, which I think could be part of the problem with table locking.

[CLAassistant]

All committers have signed the CLA.

[Benehiko]

I think this is looking good! :)
Great job!

[Benehiko]

So this limit here is 10K instead of 100k as suggested in the comment?

[flavioleggio]

Yes, my mistake. Should I fix the comment or change the default value in the config? What do you think about this?

[Benehiko]

I think you can adjust the defaults to what has worked for you

[flavioleggio]

Actually, my limit was 1 million records, but it takes an hour for the select only and delete is a long process (not affecting database resources nor service though). I tought that a lower default would be more reasonable for common use cases.

[Benehiko]

Then we stick with the lower limits :)

[flavioleggio]

Well then, we just have to decide between 10k and 100k.
In my database setup a single 100 batch delete for consent (the slowest table, I guess because of many cascade deletes) takes 1 second or so. A default limit of 10k would take a total of 100 seconds, while a limit of 100k would take 1000 seconds (i.e. almost 17 minutes). We could stick with one of these (I would take the 100k limit, if I have to choose) or get a value in the middle.

[flavioleggio]

@aeneasr what is your opinion on this?

[aeneasr]

Great job @flavioleggio ! I have some ideas here :)

[aeneasr]

Can challenge be null here?

[flavioleggio]

Yes, LEFT JOIN selects records matching in both tables and records only present in left table: in that case, column from right tables will we NULL, so that check should mean "give me unhandled requests".

[aeneasr]

I see, thank you for the explanation. I'll keep this comment open so that I can re-check the SQL query when I'm back in the office to ensure nothing gets deleted that shouldn't be deleted.

[flavioleggio]

Did you have a chance to check the query?

[Benehiko]

I think this is looking quite good! Nice job @flavioleggio :)

I just have one request on the tests, maybe there should be a test to verify setting the limit and the batch size to confirm it actually does work, meaning if we have 5 rows in the database and you limit to 2, then we should have 3 rows still in the database - assuming the rows were all invalid/expired. Since testing the batch size isn't really possible on increments, e.g. on batch size 1 we get X, on batch size 2 we get XY. I think we should just have a test setting it to 0 and another setting it to an arbitrary number to verify 0 does not delete anything and some number above 0 does delete the rows according to the limit size.

[aeneasr]

Let me know when I should take a final look :)

[aeneasr]

While the PR is being worked on I will mark it as a draft. That declutters our review backlog :)

Once you're done with your changes and would like someone to review them, mark the PR as ready and request a review from one of the maintainers.

Thank you!

[flavioleggio]

Looks like there are problems with the dependency check with some transitive dependencies. The command states the following:

pkg:golang/github.com/gobuffalo/packr@1.22.0
1 known vulnerabilities affecting installed version

I tried with a simple go mod tidy and also upgrading transitive dependencies, but that upgraded them all and caused even more errors. Can someone give me a pointer on this field?

UPDATE
I upgraded only the indirect packr dependency, resulting in this line in go.mod
github.com/gobuffalo/packr v1.30.1 // indirect
This made dependency check job pass in tests.

[codecov]

Codecov Report

Merging #2540 (12661f2) into master (a8675dd) will increase coverage by 0.26%.
The diff coverage is 91.46%.

@@            Coverage Diff             @@
##           master    #2540      +/-   ##
==========================================
+ Coverage   52.47%   52.73%   +0.26%     
==========================================
  Files         234      234              
  Lines       13905    13995      +90     
==========================================
+ Hits         7296     7380      +84     
- Misses       5986     5989       +3     
- Partials      623      626       +3     

Impacted Files	Coverage Δ
oauth2/handler.go	67.01% <0.00%> (ø)
persistence/sql/persister_consent.go	78.40% <82.60%> (-2.06%)	⬇️
cmd/cli/handler_janitor.go	77.90% <86.66%> (+2.90%)	⬆️
persistence/sql/persister_oauth2.go	82.86% <95.00%> (+2.15%)	⬆️
cmd/janitor.go	100.00% <100.00%> (ø)
internal/testhelpers/janitor_test_helper.go	100.00% <100.00%> (ø)
oauth2/fosite_store_helpers.go	100.00% <100.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a8675dd...12661f2. Read the comment docs.

[Benehiko]

nice job! @flavioleggio
The changes make sense to me and from my side I don't have any major suggestions or change requests :)

As for the dependency issues, I'm not too sure. Maybe @aeneasr knows something about it?

[aeneasr]

Nice, thank you! I will review it next week together with @Benehiko :)

[Benehiko]

LGTM! :)

[aeneasr]

Just have to verify one thing, otherwise this looks good! :)

[aeneasr]

Congratulations, thank you for the hard work @flavioleggio !!!

[aeneasr]

Looks like we got a flaky test :/

https://app.circleci.com/pipelines/github/ory/hydra/2826/workflows/fa46fe2b-54e0-453c-a0f8-96be01aff245/jobs/32749?invite=true#step-128-49

[aeneasr]

@flavioleggio would you be open to investigate the test flake? It's unfortunately plaguing almost 50% of runs with a failure

[flavioleggio]

I'll take a look this weekend, hopefully. If I can't find an answer on my own I will ask for some help on slack chat, maybe, but I will be in touch.

[aeneasr]

Thank you!!

[vinckr]

Hello @flavioleggio
Congrats on merging your first PR in Ory 🎉 !
Your contribution will soon be helping secure millions of identities around the globe 🌏.
Don't stress about the test flake, I am sure it will get sorted out.
As a small token of appreciation we send all our first time contributors a gift package to welcome them to the community.
Please drop me an email and I will forward you the form to claim your Ory swag!