fleetforge_storage/

retention.rs

use anyhow::Result;
use object_store::path::Path;
use object_store::{Error as ObjectStoreError, ObjectStore};
use sqlx::PgPool;
use tracing::{info, warn};
use uuid::Uuid;

/// Configuration for data retention sweeps.
#[derive(Debug, Clone, Copy)]
pub struct RetentionConfig {
    pub run_days: i64,
    pub artifact_days: i64,
}

impl RetentionConfig {
    pub fn is_enabled(&self) -> bool {
        self.run_days > 0 || self.artifact_days > 0
    }
}

/// Deletes terminal runs and aged artifacts according to the provided configuration.
pub async fn delete_expired(
    pool: &PgPool,
    store: &dyn ObjectStore,
    cfg: &RetentionConfig,
) -> Result<()> {
    if cfg.run_days > 0 {
        let deleted_runs: Vec<Uuid> = sqlx::query_scalar(
            r#"
            delete from runs
            where status in ('succeeded', 'failed', 'canceled')
              and created_at < now() - ($1 * interval '1 day')
            returning run_id
            "#,
        )
        .bind(cfg.run_days)
        .fetch_all(pool)
        .await?;

        if !deleted_runs.is_empty() {
            info!(
                count = deleted_runs.len(),
                "deleted terminal runs past retention window"
            );
        }
    }

    if cfg.artifact_days > 0 {
        let digests: Vec<Vec<u8>> = sqlx::query_scalar(
            r#"
            select sha256
            from artifacts
            where created_at < now() - ($1 * interval '1 day')
            "#,
        )
        .bind(cfg.artifact_days)
        .fetch_all(pool)
        .await?;

        if !digests.is_empty() {
            for digest in &digests {
                let path = digest_path(digest);
                match store.delete(&path).await {
                    Ok(_) => {}
                    Err(ObjectStoreError::NotFound { .. }) => {
                        warn!(path = %path, "artifact already removed from object store");
                    }
                    Err(err) => {
                        warn!(path = %path, error = %err, "failed to delete artifact from object store");
                    }
                }
            }

            sqlx::query(
                r#"
                delete from artifacts
                where created_at < now() - ($1 * interval '1 day')
                "#,
            )
            .bind(cfg.artifact_days)
            .execute(pool)
            .await?;

            info!(
                count = digests.len(),
                "deleted artifact rows past retention window"
            );
        }
    }

    Ok(())
}

fn digest_path(digest: &[u8]) -> Path {
    let hex = hex::encode(digest);
    let prefix_a = &hex[0..2];
    let prefix_b = &hex[2..4];
    Path::from(format!("sha256/{}/{}/{}", prefix_a, prefix_b, hex))
}

#[cfg(test)]
mod tests {
    use super::*;
    use bytes::Bytes;
    use object_store::memory::InMemory;
    use sqlx::postgres::PgPoolOptions;
    use testcontainers::clients::Cli;
    use testcontainers::images::postgres::Postgres;
    use tokio::time::Duration;

    fn docker_available() -> bool {
        std::fs::metadata("/var/run/docker.sock").is_ok() || std::env::var("DOCKER_HOST").is_ok()
    }

    #[tokio::test]
    async fn deletes_runs_and_artifacts() -> Result<()> {
        if !docker_available() {
            eprintln!("Skipping retention test because Docker is unavailable");
            return Ok(());
        }

        let docker = Cli::default();
        let container = docker.run(Postgres::default());
        let port = container.get_host_port_ipv4(5432);
        let database_url = format!("postgres://postgres:postgres@127.0.0.1:{port}/postgres");

        let pool = PgPoolOptions::new()
            .max_connections(2)
            .acquire_timeout(Duration::from_secs(5))
            .connect(&database_url)
            .await?;

        // Seed runs with terminal status and old timestamp.
        let run_id: Uuid = sqlx::query_scalar("select gen_random_uuid()")
            .fetch_one(&pool)
            .await?;
        sqlx::query(
            r#"
            insert into runs (run_id, status, dag_json, input_ctx, seed, created_at)
            values ($1, 'succeeded', '{}'::jsonb, '{}'::jsonb, 0, now() - interval '10 days')
            "#,
        )
        .bind(run_id)
        .execute(&pool)
        .await?;

        // Seed artifacts row.
        let sha = hex::decode("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")
            .expect("valid hex");
        sqlx::query(
            r#"
            insert into artifacts (sha256, media_type, size_bytes, metadata, created_at)
            values ($1, 'application/octet-stream', 4, '{}'::jsonb, now() - interval '10 days')
            "#,
        )
        .bind(&sha)
        .execute(&pool)
        .await?;

        // Populate in-memory object store with matching path.
        let store = InMemory::new();
        let path = digest_path(&sha);
        store
            .put(
                &path,
                object_store::PutPayload::from_bytes(Bytes::from_static(b"test")),
            )
            .await
            .expect("write artifact");

        let cfg = RetentionConfig {
            run_days: 7,
            artifact_days: 7,
        };
        delete_expired(&pool, &store, &cfg).await?;

        let remaining_runs: i64 = sqlx::query_scalar("select count(*) from runs where run_id = $1")
            .bind(run_id)
            .fetch_one(&pool)
            .await?;
        assert_eq!(remaining_runs, 0);

        let remaining_artifacts: i64 =
            sqlx::query_scalar("select count(*) from artifacts where sha256 = $1")
                .bind(&sha)
                .fetch_one(&pool)
                .await?;
        assert_eq!(remaining_artifacts, 0);

        // Ensure object store object is gone.
        let get_res = store.get(&path).await;
        assert!(
            matches!(get_res, Err(ObjectStoreError::NotFound { .. })),
            "expected object to be removed"
        );

        drop(container);
        Ok(())
    }
}