[Provision alignment] Create a new service to do complete provisioning of namespace

Problem

The current provisionings for GitLab.com and SM/Dedicated follow markedly distinct approaches. While SM/Dedicated relies on licenses (license key or file) to contain all needed info, GitLab.com relies on multiple syncs for a namespace.

To align the provision between the deployment types, the GitLab.com provisioning will be aligned to be similar to the SM/Dedicated. The current multiple syncs to GitLab.com will be replaced by a single sync for a namespace which includes all needed information at once. Each sync will be stored in the database on the CustomersDot side for easier auditing. These records will follow a similar behavior as the license generation for SM/Dedicated and only create a new entry for a sync if the data/info for the new sync has changed compared to the last sync. Timestamps for each sync will still be stored for a better insight into the sync frequency.

On the GitLab side as much logic as possible will be reused to provision the received info. A future iteration could focus on simplifying the GitLab.com side's provisioning. The provisioning will happen directly when receiving the request due to the async part being on the CDot side.

Proposal

Create a new Service provision the namespace with purchased plans and add-ons.

1. Update gitlab_subscriptions table with plan details
2. Update namespaces table with compute_minutes & storage limits
3. Upsert add_on_purchases table with purchased add-ons

If any of the above step fails, we will send an error response back to CDot with 422.

This service will be called from the internal only endpoint that will be created in: [Provision alignment] Create new API endpoint f... (#507291 - closed)

API Contract

customers-gitlab-com#11495 (closed)

Sequence Diagram

sequenceDiagram
    participant BW as CDot Background Worker
    participant DB as CDot Database
    participant GL as GitLab
    participant GLDB as GitLab Database

    Note over BW: Namespace provisioning job starts
    
    BW->>DB: Fetch latest namespace_syncs for namespace_id
    activate DB
    DB-->>BW: Return namespace_sync record
    deactivate DB
    
    Note over BW: Process namespace attributes
    
    BW->>GL: HTTP POST /api/v4/internal/gitlab_subscriptions/namespaces/:id/provision
    activate GL
    
    Note over GL: Step 1: Update gitlab_subscription
    GL->>GLDB: Update gitlab_subscriptions table with plan details
    activate GLDB
    GLDB-->>GL: Confirm subscription update
    deactivate GLDB
    
    Note over GL: Step 2: Update namespace for: compute_minutes & storage
    GL->>GLDB: Update namespaces table with compute_minutes & storage limits
    activate GLDB
    GLDB-->>GL: Confirm namespace update
    deactivate GLDB
    
    Note over GL: Step 3: Provision add_on_purchase
    GL->>GLDB: Upsert add_on_purchases table
    activate GLDB
    GLDB-->>GL: Confirm add-on purchase upserted
    deactivate GLDB
    
    Note over GL: Check for any failures
    alt Any step failed
        GL-->>BW: Return error response (422) with failure details
    else All steps succeeded
        GL-->>BW: Return success response (200)
    end
    deactivate GL
    
    alt Success Response (200)
        Note over BW: Job completed successfully
    else Validation Error (422)
        Note over BW: Log error details
        BW->>DB: Update namespace_sync as partially failed
    else Server Error (5XX)
        Note over BW: Schedule job retry
        BW->>DB: Update job status for retry
    end

Result

Added logic to process new namespace provisioning logic.