Remove 3 cross-database foreign keys referencing `users`
users is referenced as a foreign key from other 3 other tables in a different database
The intention of this issue is to determine any risks when changing all of the below foreign keys referencing users to become Loose foreign keys. Loose foreign keys are cleaned up asynchronously which means when we perform a DELETE FROM users
we will queue a cleanup task that will be executed in ~5 mins to cleanup all of the rows that reference this record. This can mean there are sometimes strange UX bugs where they may see a link to something that no longer exists and clicking it may give an error or it may mean there is a background job that runs and errors due to an invalid foreign key or it may mean a 500 when rendering a certain page containing any of the below tables. Some more details about risks and mitigations are being documented in !76626 (merged) .
The groupsharding will be responsible for actually doing the work to convert the foreign keys to loose foreign keys but will likely need help from impacted teams to asses the risk and potentially determine or implement appropriate mitigation for any risks. Sometimes mitigation may mean refactoring code slightly to avoid errors or explicitly handling certain riskier cases by checking if there is a pending deletion for a record. It is also possible that we can optimize the 5 minute latency for cleanup in certain cases determined to be urgent.
-
ci_pipeline_schedules.owner_id
->users.id
-ON DELETE SET NULL
-
Best team to review (check off when reviewed): grouppipeline execution devopsverify -
MR: !77492 (merged), !78163 (merged) -
No way for user to access once parent is deleted. Please explain: This is safe because this is only ever accessed as .owner
or.owner&.id
which already had to handlenil
as this was nullable.git grep 'schedule.owner_id'
and andgit grep 'schedule.owner'
and ignore false positives to see the usages. -
Possible to access once parent deleted but low user impact. Please explain: -
Possible Sidekiq workers that may load directly and possibly lead to exceptions. Please explain: <DETAIL>
-
Possible user impact to be evaluated or mitigated. Please explain: <DETAIL>
-
-
ci_triggers.owner_id
->users.id
-ON DELETE CASCADE
-
Best team to review (check off when reviewed): grouptesting devopsverify -
MR: !78563 (merged) -
No way for user to access once parent is deleted. Please explain: The trigger can be accessed: - in the CI/CD settings page, but it shows as invalid
- using the API, but it returns 40X status on POST/PUT
-
Possible to access once parent deleted but low user impact. Please explain: <DETAIL>
-
Possible Sidekiq workers that may load directly and possibly lead to exceptions. Please explain: <DETAIL>
-
Possible user impact to be evaluated or mitigated. Please explain: <DETAIL>
-
-
ci_job_token_project_scope_links.added_by_id
->users.id
-ON DELETE SET NULL
-
Best team to review (@fabiopitino): grouppipeline execution devopsverify -
MR: !77493 (merged), !78162 (merged) -
No way for user to access once parent is deleted. Please explain: The added_by
is used only for tracking purpose and it's not currently displayed. -
Possible to access once parent deleted but low user impact. Please explain: <DETAIL>
-
Possible Sidekiq workers that may load directly and possibly lead to exceptions. Please explain: <DETAIL>
-
Possible user impact to be evaluated or mitigated. Please explain: <DETAIL>
-