Add realization store support

docs/DOCUMENTATION.md

@@ -989,6 +989,10 @@ var (
     ErrNoUserContext     = ErrBaseDb.With("Permission denied because userInformation is missing")
     ErrUserNotAuthorized = ErrBaseDb.With("User is not authorized to access this API")
     ErrMissingInstanceId = ErrBaseDb.With("Instance ID is not configured in the context")
+
+    ErrMarkingEnforcementFailed = ErrBaseDb.With("Failed to mark resource's enforcement status")
+    ErrGettingRealizationStatus = ErrBaseDb.With("Failed to get resource's realization status")
+    ErrResourceStillExists      = ErrBaseDb.With("Resource still exists")
 )
 ```
 

go.mod

@@ -13,23 +13,23 @@ require (
 	google.golang.org/grpc v1.58.2
 	google.golang.org/protobuf v1.31.0
 	gorm.io/driver/postgres v1.5.2
-	gorm.io/gorm v1.25.2
+	gorm.io/gorm v1.25.4
 )
 
 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
 	github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a // indirect
-	github.com/jackc/pgx/v5 v5.3.1 // indirect
+	github.com/jackc/pgx/v5 v5.4.3 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/jinzhu/now v1.1.5 // indirect
 	github.com/kr/text v0.2.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/rogpeppe/go-internal v1.11.0 // indirect
-	golang.org/x/crypto v0.11.0 // indirect
-	golang.org/x/sys v0.10.0 // indirect
-	golang.org/x/text v0.11.0 // indirect
+	golang.org/x/crypto v0.13.0 // indirect
+	golang.org/x/sys v0.12.0 // indirect
+	golang.org/x/text v0.13.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
 
-replace gorm.io/gorm => github.com/go-gorm/gorm v1.25.2
+replace gorm.io/gorm => github.com/go-gorm/gorm v1.25.4

go.sum

@@ -6,8 +6,8 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/go-gorm/gorm v1.25.2 h1:+kg2OobcNtV45/aVwqQSbynr+PK9GTeOJFdcvpsTVUg=
-github.com/go-gorm/gorm v1.25.2/go.mod h1:L4uxeKpfBml98NYqVqwAdmV1a2nBtAec/cf3fpucW/k=
+github.com/go-gorm/gorm v1.25.4 h1:Cuta7ou119zvPMC2aNImEVoTo7d4rWrkepCSiPks0eo=
+github.com/go-gorm/gorm v1.25.4/go.mod h1:L4uxeKpfBml98NYqVqwAdmV1a2nBtAec/cf3fpucW/k=
 github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
@@ -18,8 +18,8 @@ github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsI
 github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
 github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a h1:bbPeKD0xmW/Y25WS6cokEszi5g+S0QxI/d45PkRi7Nk=
 github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
-github.com/jackc/pgx/v5 v5.3.1 h1:Fcr8QJ1ZeLi5zsPZqQeUZhNhxfkkKBOgJuYkJHoBOtU=
-github.com/jackc/pgx/v5 v5.3.1/go.mod h1:t3JDKnCBlYIc0ewLF0Q7B8MXmoIaBOZj/ic7iHozM/8=
+github.com/jackc/pgx/v5 v5.4.3 h1:cxFyXhxlvAifxnkKKdlxv8XqUf59tDlYjnV5YYfsJJY=
+github.com/jackc/pgx/v5 v5.4.3/go.mod h1:Ig06C2Vu0t5qXC60W8sqIthScaEnFvojjj9dSljmHRA=
 github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
 github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
 github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
@@ -40,13 +40,13 @@ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UV
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
 github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
-golang.org/x/crypto v0.11.0 h1:6Ewdq3tDic1mg5xRO4milcWCfMVQhI4NkqWWvqejpuA=
-golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio=
+golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck=
+golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA=
-golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4=
-golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
+golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
+golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/grpc v1.58.2 h1:SXUpjxeVF3FKrTYQI4f4KvbGD5u2xccdYdurwowix5I=
 google.golang.org/grpc v1.58.2/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0=

pkg/datastore/database.go

@@ -707,9 +707,9 @@ func (db *relationalDb) GetInstancer() authorizer.Instancer {
 
 // Uses an authorizer to get user's org. ID and a matching DB role.
 // With the default MetadataBasedAuthorizer, does the following:
-// Gets user's org ID and a DB role that matches one of its CSP roles.
-// Returns an error if there are no role mappings for the given table, if user's org. ID cannot be retrieved from CSP,
-// or if there is no matching DB role for any one of the user's CSP roles.
+// Gets user's org ID and a DB role that matches one of its user roles.
+// Returns an error if there are no role mappings for the given table, if user's org. ID cannot be retrieved from AuthProvider
+// or if there is no matching DB role for any one of the user's roles.
 func (db *relationalDb) getTenancyInfoFromCtx(ctx context.Context, tableNames ...string) (err error, tenancyInfo TenancyInfo) {
 	// Get the matching DB role
 	tenancyInfo.DbRole, err = db.authorizer.GetMatchingDbRole(ctx, tableNames...)

pkg/datastore/datastore_test.go

@@ -45,8 +45,6 @@ import (
 	"github.com/vmware-labs/multi-tenant-persistence-for-saas/test/pb"
 )
 
-var LOG *logrus.Entry
-
 // TODO - add a test that would show that the DB users are not able to create, drop, or truncate tables
 
 func TestHasTable(t *testing.T) {
@@ -479,10 +477,10 @@ func TestDALRegistration(t *testing.T) {
 /*
 Checks if DAL is able to select the least restrictive available DB role to perform SQL operations on one table.
 */
-func TestDeleteWithMultipleCSPRoles(t *testing.T) {
+func TestDeleteWithMultipleUserRoles(t *testing.T) {
 	const APP_ADMIN = "app_admin"
 	assert := assert.New(t)
-	ds, _ := SetupDataStore("TestDeleteWithMultipleCSPRoles")
+	ds, _ := SetupDataStore("TestDeleteWithMultipleUserRoles")
 	defer ds.Reset()
 
 	// Create context for custom admin who will have 2 service roles

pkg/errors/error_codes.go

@@ -217,4 +217,8 @@ var (
 	ErrNoUserContext     = ErrBaseDb.With("Permission denied because userInformation is missing")
 	ErrUserNotAuthorized = ErrBaseDb.With("User is not authorized to access this API")
 	ErrMissingInstanceId = ErrBaseDb.With("Instance ID is not configured in the context")
+
+	ErrMarkingEnforcementFailed = ErrBaseDb.With("Failed to mark resource's enforcement status")
+	ErrGettingRealizationStatus = ErrBaseDb.With("Failed to get resource's realization status")
+	ErrResourceStillExists      = ErrBaseDb.With("Resource still exists")
 )

pkg/realization_store/configure.go

@@ -0,0 +1,35 @@
+// Copyright 2023 VMware, Inc.
+// Licensed to VMware, Inc. under one or more contributor
+// license agreements. See the NOTICE file distributed with
+// this work for additional information regarding copyright
+// ownership. VMware, Inc. licenses this file to you under
+// the Apache License, Version 2.0 (the "License"); you may
+// not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package realization_store
+
+import (
+	"github.com/sirupsen/logrus"
+
+	"github.com/vmware-labs/multi-tenant-persistence-for-saas/pkg/datastore"
+	"github.com/vmware-labs/multi-tenant-persistence-for-saas/pkg/protostore"
+)
+
+func GetRealizationStore(d datastore.DataStore, p protostore.ProtoStore, logger *logrus.Entry) IRealizationStore {
+	log := logger.WithField("sub-comp", "realization-store")
+	return &realizationStoreV0{
+		dataStore:  d,
+		protoStore: p,
+		logger:     log,
+	}
+}

pkg/realization_store/constants.go

@@ -0,0 +1,57 @@
+// Copyright 2023 VMware, Inc.
+// Licensed to VMware, Inc. under one or more contributor
+// license agreements. See the NOTICE file distributed with
+// this work for additional information regarding copyright
+// ownership. VMware, Inc. licenses this file to you under
+// the Apache License, Version 2.0 (the "License"); you may
+// not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package realization_store
+
+// Constants for logger field names & values.
+const (
+	ORG_ID            = "orgId"
+	RESOURCE_ID       = "resourceId"
+	ENFORCEMENT_POINT = "enforcementPoint"
+	ALL               = "*"
+)
+
+// Logging statements.
+const (
+	RESOURCE           = "resource"
+	OVERALL_STATUS     = "overall status"
+	ENFORCEMENT_STATUS = "enforcement status"
+	ENFORCEMENT        = "enforcement"
+	INTENT             = "intent"
+
+	PERSISTING    = "Persisting"
+	SETTING       = "Setting"
+	RESETTING     = "Resetting"
+	SOFT_DELETING = "Soft-Deleting"
+	DELETING      = "Deleting"
+	PURGING       = "Purging"
+	FETCHING      = "Fetching"
+	REGISTERING   = "Registering"
+	MARKING       = "Marking"
+
+	STARTED  = "..."
+	FAILED   = "failed: "
+	ERRORED  = "errored: "
+	FINISHED = "finished."
+
+	AS_PENDING           = "as pending"
+	AS_SUCCESS           = "as success"
+	AS_ERROR             = "as error"
+	AS_DELETION_PENDING  = "as deletion pending"
+	AS_DELETION_REALIZED = "as deletion realized"
+)

pkg/realization_store/models.go

@@ -0,0 +1,102 @@
+// Copyright 2023 VMware, Inc.
+// Licensed to VMware, Inc. under one or more contributor
+// license agreements. See the NOTICE file distributed with
+// this work for additional information regarding copyright
+// ownership. VMware, Inc. licenses this file to you under
+// the Apache License, Version 2.0 (the "License"); you may
+// not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package realization_store
+
+import (
+	"strings"
+	"time"
+
+	"google.golang.org/protobuf/proto"
+
+	"github.com/vmware-labs/multi-tenant-persistence-for-saas/pkg/datastore"
+	"github.com/vmware-labs/multi-tenant-persistence-for-saas/pkg/protostore"
+)
+
+type ProtobufWithMetadata struct {
+	proto.Message
+	protostore.Metadata
+}
+
+type OverallStatus struct {
+	Id                string `gorm:"primaryKey"`
+	OrgId             string `gorm:"primaryKey"`
+	RealizationStatus Status
+	AdditionalDetails string
+	Revision          int64  `gorm:"column:resource_revision"`
+	XTableName        string `gorm:"-"`
+	CreatedAt         time.Time
+	UpdatedAt         time.Time
+}
+
+func (o *OverallStatus) TableName() string {
+	return o.XTableName
+}
+
+type EnforcementStatus struct {
+	Id                 string `gorm:"primaryKey"`
+	OrgId              string `gorm:"primaryKey"`
+	EnforcementPointId string `gorm:"primaryKey"`
+	RealizationStatus  Status
+	AdditionalDetails  string
+	Revision           int64  `gorm:"column:resource_revision"`
+	XTableName         string `gorm:"-"`
+	CreatedAt          time.Time
+	UpdatedAt          time.Time
+}
+
+func (e *EnforcementStatus) TableName() string {
+	return e.XTableName
+}
+
+func GetOverallStatusTableName(msg proto.Message) string {
+	return strings.Join([]string{"overall", "status", datastore.GetTableName(msg)}, "_")
+}
+
+func GetEnforcementStatusTableName(msg proto.Message) string {
+	return strings.Join([]string{"enforcement", "status", datastore.GetTableName(msg)}, "_")
+}
+
+func GetModelEnforcementStatusRecordWithoutRevision(resource *ProtobufWithMetadata, orgId string) *EnforcementStatus {
+	enforcementStatusRecord := EnforcementStatus{
+		Id:         resource.Id,
+		OrgId:      orgId,
+		XTableName: GetEnforcementStatusTableName(resource.Message),
+	}
+	return &enforcementStatusRecord
+}
+
+func GetModelEnforcementStatusRecord(resource *ProtobufWithMetadata, orgId string) *EnforcementStatus {
+	enforcementStatusRecord := EnforcementStatus{
+		Id:         resource.Id,
+		OrgId:      orgId,
+		XTableName: GetEnforcementStatusTableName(resource.Message),
+		Revision:   resource.Revision,
+	}
+	return &enforcementStatusRecord
+}
+
+func GetModelOverallStatusRecord(resource *ProtobufWithMetadata, orgId string) *OverallStatus {
+	overallStatusRecord := OverallStatus{
+		Id:         resource.Id,
+		OrgId:      orgId,
+		XTableName: GetOverallStatusTableName(resource.Message),
+		Revision:   resource.Revision,
+	}
+	return &overallStatusRecord
+}

pkg/realization_store/models_test.go

@@ -0,0 +1,43 @@
+// Copyright 2023 VMware, Inc.
+// Licensed to VMware, Inc. under one or more contributor
+// license agreements. See the NOTICE file distributed with
+// this work for additional information regarding copyright
+// ownership. VMware, Inc. licenses this file to you under
+// the Apache License, Version 2.0 (the "License"); you may
+// not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package realization_store_test
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"gorm.io/gorm/schema"
+
+	. "github.com/vmware-labs/multi-tenant-persistence-for-saas/pkg/realization_store"
+	"github.com/vmware-labs/multi-tenant-persistence-for-saas/test/pb"
+)
+
+func TestStatusDbTableNames(t *testing.T) {
+	assert := assert.New(t)
+
+	cpuOverallStatusRecord := GetModelOverallStatusRecord(&ProtobufWithMetadata{Message: &pb.CPU{}}, "")
+	memoryOverallStatusRecord := GetModelOverallStatusRecord(&ProtobufWithMetadata{Message: &pb.Memory{}}, "")
+	assert.NotEqual(schema.Tabler(cpuOverallStatusRecord).TableName(), schema.Tabler(memoryOverallStatusRecord).TableName(),
+		"Expected the names of overall status DB tables for 2 entities not to be the same")
+
+	cpuEnforcementStatusRecord := GetModelEnforcementStatusRecord(&ProtobufWithMetadata{Message: &pb.CPU{}}, "")
+	memoryEnforcementStatusRecord := GetModelEnforcementStatusRecord(&ProtobufWithMetadata{Message: &pb.Memory{}}, "")
+	assert.NotEqual(schema.Tabler(cpuEnforcementStatusRecord).TableName(), schema.Tabler(memoryEnforcementStatusRecord).TableName(),
+		"Expected the names of enforcement status DB tables for 2 entities not to be the same")
+}