Immediately return from cleanup endpoint

* Update the cleanup endpoint to immediately return 204 (No Content) status code, and run actual clean up process in the background
Nike-Inc · Jul 13, 2017 · cd7ee64 · cd7ee64
1 parent b172544
commit cd7ee64
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 21 deletions.
diff --git a/src/main/java/com/nike/cerberus/endpoints/admin/CleanUpInactiveOrOrphanedRecords.java b/src/main/java/com/nike/cerberus/endpoints/admin/CleanUpInactiveOrOrphanedRecords.java
@@ -23,7 +23,6 @@
 import com.nike.cerberus.service.CleanUpService;
 import com.nike.riposte.server.http.RequestInfo;
 import com.nike.riposte.server.http.ResponseInfo;
-import com.nike.riposte.server.http.impl.FullResponseInfo;
 import com.nike.riposte.util.AsyncNettyHelper;
 import com.nike.riposte.util.Matcher;
 import io.netty.channel.ChannelHandlerContext;
@@ -50,8 +49,6 @@ public class CleanUpInactiveOrOrphanedRecords extends AdminStandardEndpoint<Clea
 
     private final Logger log = LoggerFactory.getLogger(getClass());
 
-    private static final int DEFAULT_KMS_KEY_INACTIVE_AFTER_N_DAYS = 30;
-
     private final CleanUpService cleanUpService;
 
     @Inject
@@ -64,29 +61,22 @@ public CompletableFuture<ResponseInfo<Void>> doExecute(final RequestInfo<CleanUp
                                                            final Executor longRunningTaskExecutor,
                                                            final ChannelHandlerContext ctx,
                                                            final SecurityContext securityContext) {
-        return CompletableFuture.supplyAsync(
-                AsyncNettyHelper.supplierWithTracingAndMdc(() -> cleanUp(request, securityContext), ctx),
-                longRunningTaskExecutor
-        );
-    }
-
-    private FullResponseInfo<Void> cleanUp(final RequestInfo<CleanUpRequest> request,
-                                           final SecurityContext securityContext) {
 
         final VaultAuthPrincipal vaultAuthPrincipal = (VaultAuthPrincipal) securityContext.getUserPrincipal();
         final String principal = vaultAuthPrincipal.getName();
 
         log.info("Clean Up Event: the principal {} is attempting to clean up kms keys", principal);
 
-        Integer expirationPeriodInDays = request.getContent().getKmsExpirationPeriodInDays();
-        int kmsKeysInactiveAfterNDays = (expirationPeriodInDays == null) ? DEFAULT_KMS_KEY_INACTIVE_AFTER_N_DAYS : expirationPeriodInDays;
-
-        cleanUpService.cleanUpInactiveAndOrphanedKmsKeys(kmsKeysInactiveAfterNDays);
-        cleanUpService.cleanUpOrphanedIamRoles();
+        longRunningTaskExecutor.execute(AsyncNettyHelper.runnableWithTracingAndMdc(
+                () -> cleanUpService.cleanUp(request.getContent()),
+                ctx
+        ));
 
-        return ResponseInfo.<Void>newBuilder()
-                .withHttpStatusCode(HttpResponseStatus.NO_CONTENT.code())
-                .build();
+        return CompletableFuture.completedFuture(
+                ResponseInfo.<Void>newBuilder()
+                        .withHttpStatusCode(HttpResponseStatus.NO_CONTENT.code())
+                        .build()
+        );
     }
 
     @Override

diff --git a/src/main/java/com/nike/cerberus/service/CleanUpService.java b/src/main/java/com/nike/cerberus/service/CleanUpService.java
@@ -20,6 +20,7 @@
 import com.google.inject.Inject;
 import com.google.inject.Singleton;
 import com.nike.cerberus.dao.AwsIamRoleDao;
+import com.nike.cerberus.domain.CleanUpRequest;
 import com.nike.cerberus.record.AwsIamRoleKmsKeyRecord;
 import com.nike.cerberus.record.AwsIamRoleRecord;
 import com.nike.cerberus.util.DateTimeSupplier;
@@ -42,6 +43,8 @@ public class CleanUpService {
 
     private static final int DEFAULT_SLEEP_BETWEEN_KMS_CALLS = 10;  // in seconds
 
+    private static final int DEFAULT_KMS_KEY_INACTIVE_AFTER_N_DAYS = 30;
+
     private final KmsService kmsService;
 
     private final AwsIamRoleDao awsIamRoleDao;
@@ -57,11 +60,19 @@ public CleanUpService(KmsService kmsService,
         this.dateTimeSupplier = dateTimeSupplier;
     }
 
+    public void cleanUp(final CleanUpRequest cleanUpRequest) {
+        Integer expirationPeriodInDays = cleanUpRequest.getKmsExpirationPeriodInDays();
+        int kmsKeysInactiveAfterNDays = (expirationPeriodInDays == null) ? DEFAULT_KMS_KEY_INACTIVE_AFTER_N_DAYS : expirationPeriodInDays;
+
+        cleanUpInactiveAndOrphanedKmsKeys(kmsKeysInactiveAfterNDays);
+        cleanUpOrphanedIamRoles();
+    }
+
     /**
      * Delete all AWS KMS keys and DB records for KMS keys that have not been used recently
      * or are no longer associated with an SDB.
      */
-    public void cleanUpInactiveAndOrphanedKmsKeys(final int kmsKeysInactiveAfterNDays) {
+    protected void cleanUpInactiveAndOrphanedKmsKeys(final int kmsKeysInactiveAfterNDays) {
 
         cleanUpInactiveAndOrphanedKmsKeys(kmsKeysInactiveAfterNDays, DEFAULT_SLEEP_BETWEEN_KMS_CALLS);
     }
@@ -109,7 +120,7 @@ protected void cleanUpInactiveAndOrphanedKmsKeys(final int kmsKeysInactiveAfterN
     /**
      * Delete all IAM role records that are no longer associated with an SDB.
      */
-    public void cleanUpOrphanedIamRoles() {
+    protected void cleanUpOrphanedIamRoles() {
 
         // get orphaned iam role ids
         final List<AwsIamRoleRecord> orphanedIamRoleIds = awsIamRoleDao.getOrphanedIamRoles();