Add SQL wipeout action in QA (#1035)

* Add SQL wipeout action in QA Added the WipeOutSqlAction that deletes all data in Cloud SQL. Wipe out is restricted to the QA environment, which will get production data during migration testing. Also added a cron job that invokes wipeout on every saturday morning. This is part of the privacy requirments for using production data in QA. Tested in QA.
2025-07-07 03:33:28 +02:00 · 2021-03-25 16:59:09 -04:00 · 2021-03-25 16:59:09 -04:00 · 3c65ad0f8a
commit 3c65ad0f8a
parent 2bfd02f977
8 changed files with 262 additions and 0 deletions
--- a/core/src/test/java/google/registry/batch/WipeOutCloudSqlActionTest.java
+++ b/core/src/test/java/google/registry/batch/WipeOutCloudSqlActionTest.java
@ -0,0 +1,101 @@
+// Copyright 2021 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.batch;
+
+import static com.google.common.truth.Truth.assertThat;
+import static javax.servlet.http.HttpServletResponse.SC_FORBIDDEN;
+import static javax.servlet.http.HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
+import static javax.servlet.http.HttpServletResponse.SC_OK;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.Mockito.doThrow;
+import static org.mockito.Mockito.lenient;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.verifyNoInteractions;
+import static org.mockito.Mockito.verifyNoMoreInteractions;
+import static org.mockito.Mockito.when;
+
+import google.registry.testing.FakeClock;
+import google.registry.testing.FakeResponse;
+import google.registry.testing.FakeSleeper;
+import google.registry.util.Retrier;
+import java.sql.Connection;
+import java.sql.Statement;
+import org.flywaydb.core.api.FlywayException;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+
+/** Unit tests for {@link WipeOutCloudSqlAction}. */
+@ExtendWith(MockitoExtension.class)
+public class WipeOutCloudSqlActionTest {
+
+  @Mock private Statement stmt;
+  @Mock private Connection conn;
+
+  private FakeResponse response = new FakeResponse();
+  private Retrier retrier = new Retrier(new FakeSleeper(new FakeClock()), 2);
+
+  @BeforeEach
+  void beforeEach() throws Exception {
+    lenient().when(conn.createStatement()).thenReturn(stmt);
+  }
+
+  @Test
+  void run_projectAllowed() throws Exception {
+    WipeOutCloudSqlAction action =
+        new WipeOutCloudSqlAction("domain-registry-qa", () -> conn, response, retrier);
+    action.run();
+    assertThat(response.getStatus()).isEqualTo(SC_OK);
+    verify(stmt, times(1)).execute(anyString());
+    verify(stmt, times(1)).close();
+    verifyNoMoreInteractions(stmt);
+  }
+
+  @Test
+  void run_projectNotAllowed() {
+    WipeOutCloudSqlAction action =
+        new WipeOutCloudSqlAction("domain-registry", () -> conn, response, retrier);
+    action.run();
+    assertThat(response.getStatus()).isEqualTo(SC_FORBIDDEN);
+    verifyNoInteractions(stmt);
+  }
+
+  @Test
+  void run_nonRetrieableFailure() throws Exception {
+    doThrow(new FlywayException()).when(stmt).execute(anyString());
+    WipeOutCloudSqlAction action =
+        new WipeOutCloudSqlAction("domain-registry-qa", () -> conn, response, retrier);
+    action.run();
+    assertThat(response.getStatus()).isEqualTo(SC_INTERNAL_SERVER_ERROR);
+    verify(stmt, times(1)).execute(anyString());
+    verify(stmt, times(1)).close();
+    verifyNoMoreInteractions(stmt);
+  }
+
+  @Test
+  void run_retrieableFailure() throws Exception {
+    when(stmt.execute(anyString())).thenThrow(new RuntimeException()).thenReturn(true);
+    WipeOutCloudSqlAction action =
+        new WipeOutCloudSqlAction("domain-registry-qa", () -> conn, response, retrier);
+    action.run();
+    assertThat(response.getStatus()).isEqualTo(SC_OK);
+    verify(stmt, times(2)).execute(anyString());
+    verify(stmt, times(2)).close();
+    verifyNoMoreInteractions(stmt);
+  }
+}
--- a/core/src/test/resources/google/registry/module/backend/backend_routing.txt
+++ b/core/src/test/resources/google/registry/module/backend/backend_routing.txt
@ -43,3 +43,4 @@ PATH                                   CLASS                              METHOD
 /_dr/task/updateRegistrarRdapBaseUrls  UpdateRegistrarRdapBaseUrlsAction  GET      y  INTERNAL,API APP ADMIN
 /_dr/task/updateSnapshotView           UpdateSnapshotViewAction           POST     n  INTERNAL,API APP ADMIN
 /_dr/task/uploadDatastoreBackup        UploadDatastoreBackupAction        POST     n  INTERNAL,API APP ADMIN
+/_dr/task/wipeOutCloudSql              WipeOutCloudSqlAction              GET      n  INTERNAL,API APP ADMIN