chore: remove all dangerous deleteAll and removeAll mutations

Makefile

@@ -76,9 +76,6 @@ PUBLISH_PLATFORM_ARCH := linux/amd64,linux/arm64
 # Skip image scanning by default to make building images substantially faster
 SCAN_IMAGES := false
 
-# Clear all data from the API on a retest run, usually to clear up after a failure. Set false to preserve
-CLEAR_API_DATA ?= true
-
 # Init the file that is used to hold the image tag cross-reference table
 $(shell >build.txt)
 $(shell >scan.txt)
@@ -528,7 +525,6 @@ k3d/test: k3d/setup
 			USE_CALICO_CNI=false \
 			LAGOON_SSH_PORTAL_LOADBALANCER=$(LAGOON_SSH_PORTAL_LOADBALANCER) \
 			LAGOON_FEATURE_FLAG_DEFAULT_ROOTLESS_WORKLOAD=enabled \
-			CLEAR_API_DATA=$(CLEAR_API_DATA) \
 		&& docker run --rm --network host --name ct-$(CI_BUILD_TAG) \
 			--volume "$$(pwd)/test-suite-run.ct.yaml:/etc/ct/ct.yaml" \
 			--volume "$$(pwd):/workdir" \
@@ -731,7 +727,6 @@ k3d/retest:
 			USE_CALICO_CNI=false \
 			LAGOON_SSH_PORTAL_LOADBALANCER=$(LAGOON_SSH_PORTAL_LOADBALANCER) \
 			LAGOON_FEATURE_FLAG_DEFAULT_ROOTLESS_WORKLOAD=enabled \
-			CLEAR_API_DATA=$(CLEAR_API_DATA) \
 		&& docker run --rm --network host --name ct-$(CI_BUILD_TAG) \
 			--volume "$$(pwd)/test-suite-run.ct.yaml:/etc/ct/ct.yaml" \
 			--volume "$$(pwd):/workdir" \

docs/interacting/rbac.md

@@ -392,7 +392,6 @@ Here is a table that lists the roles and the access they have:
     | addKubernetes | kubernetes | add |  |
     | updateKubernetes | kubernetes | update |  |
     | deleteKubernetes | kubernetes | delete |  |
-    | deleteAllKubernetes| kubernetes | deleteAll |  |
     | getAllOpenshifts | openshift | viewAll |  |
     | getAllProjects | project | viewAll |  |
     | addSshKey | ssh\_key | add | userID |
@@ -522,27 +521,17 @@ Here is a table that lists the roles and the access they have:
 
     | **Name** | **Resource** | **Scope** | **Attributes** |
     | :--- | :--- | :--- | :--- |
-    | deleteAllBackups | backup | deleteAll |  |
-    | deleteAllEnvironments | environment | deleteAll |  |
     | getEnvironmentStorageMonthBy<br />EnvironmentId | environment | storage |  |
     | getEnvironmentHoursMonthBy<br />EnvironmentId | environment | storage |  |
     | getEnvironmentHitsMonthBy<br />EnvironmentId | environment | storage |  |
-    | deleteAllGroups | group | deleteAll |  |
-    | deleteAllNotificationSlacks | notification | deleteAll |  |
-    | removeAllNotificationsFrom<br />AllProjects | notification | removeAll |  |
     | getAllOpenshifts | openshift | viewAll |  |
-    | deleteAllProjects | project | deleteAll |  |
-    | deleteAllSshKeys | ssh\_key | deleteAll |  |
-    | removeAllSshKeysFromAllUsers | ssh\_key | removeAll |  |
-    | deleteAllUsers | user | deleteAll |  |
     | addOrUpdateEnvironment<br />Storage | environment | storage |  |
     | addNotificationSlack | notification | add |  |
     | updateNotificationSlack | notification | update |  |
     | deleteNotificationSlack | notification | delete |  |
     | addKubernetes | kubernetes | add |  |
     | updateKubernetes | kubernetes | update |  |
     | deleteKubernetes | kubernetes | delete |  |
-    | deleteAllKubernetes| kubernetes | deleteAll |  |
     | getAllProjects | project | viewAll |  |
     | addSshKey | ssh\_key | add | userID |
     | updateSshKey | ssh\_key | update | userID |

docs/ja/interacting/rbac.md

@@ -389,7 +389,6 @@ Lagoon バージョン 1.0 では、プロジェクトへのアクセス方法
     | addKubernetes | kubernetes | add |  |
     | updateKubernetes | kubernetes | update |  |
     | deleteKubernetes | kubernetes | delete |  |
-    | deleteAllKubernetes| kubernetes | deleteAll |  |
     | getAllOpenshifts | openshift | viewAll |  |
     | getAllProjects | project | viewAll |  |
     | addSshKey | ssh\_key | add | userID |
@@ -519,27 +518,17 @@ Lagoon バージョン 1.0 では、プロジェクトへのアクセス方法
 
     | **名前** | **リソース** | **スコープ** | **属性** |
     | :--- | :--- | :--- | :--- |
-    | deleteAllBackups | backup | deleteAll |  |
-    | deleteAllEnvironments | environment | deleteAll |  |
     | getEnvironmentStorageMonthBy<br />EnvironmentId | environment | storage |  |
     | getEnvironmentHoursMonthBy<br />EnvironmentId | environment | storage |  |
     | getEnvironmentHitsMonthBy<br />EnvironmentId | environment | storage |  |
-    | deleteAllGroups | group | deleteAll |  |
-    | deleteAllNotificationSlacks | notification | deleteAll |  |
-    | removeAllNotificationsFrom<br />AllProjects | notification | removeAll |  |
     | getAllOpenshifts | openshift | viewAll |  |
-    | deleteAllProjects | project | deleteAll |  |
-    | deleteAllSshKeys | ssh\_key | deleteAll |  |
-    | removeAllSshKeysFromAllUsers | ssh\_key | removeAll |  |
-    | deleteAllUsers | user | deleteAll |  |
     | addOrUpdateEnvironment<br />Storage | environment | storage |  |
     | addNotificationSlack | notification | add |  |
     | updateNotificationSlack | notification | update |  |
     | deleteNotificationSlack | notification | delete |  |
     | addKubernetes | kubernetes | add |  |
     | updateKubernetes | kubernetes | update |  |
     | deleteKubernetes | kubernetes | delete |  |
-    | deleteAllKubernetes| kubernetes | deleteAll |  |
     | getAllProjects | project | viewAll |  |
     | addSshKey | ssh\_key | add | userID |
     | updateSshKey | ssh\_key | update | userID |

local-dev/api-data-watcher-pusher/data-init-push.sh

@@ -3,7 +3,6 @@
 # inject variables from environment into the GQL template
 envsubst '$GIT_HOST $GIT_PORT $INGRESS_IP $CONSOLE_URL $TOKEN' < /home/api-data/03-populate-api-data-ci-local-control-k8s.gql | sponge /home/api-data/03-populate-api-data-ci-local-control-k8s.gql
 
-clear_gql_file_path="/home/api-data/00-clear-api-data.gql"
 populate_demo_lagoon_gql_file_path="/home/api-data/01-populate-api-data-lagoon-demo.gql"
 populate_demo_lagoon_org_gql_file_path="/home/api-data/02-populate-api-data-lagoon-demo-org.gql"
 populate_ci_local_control_k8s_gql_file_path="/home/api-data/03-populate-api-data-ci-local-control-k8s.gql"
@@ -55,12 +54,6 @@ send_task_data() {
 # Waiting for the API to be ready
 wait_for_services
 
-# Optionally clear *some* API data prior to reloading - not really necessary any more
-if expr "$CLEAR_API_DATA" : '[Tt][Rr][Uu][Ee]' > /dev/null; then
-  echo "Clearing Lagoon data first"
-  send_graphql_query $clear_gql_file_path
-fi
-
 # Create the lagoon-demo project and associated users, groups, deployments, tasks etc
 send_graphql_query $populate_demo_lagoon_gql_file_path
 

services/api/src/mocks.js

@@ -643,52 +643,40 @@ mocks.Mutation = () => ({
   addOrUpdateEnvironment: () => mocks.Environment(),
   updateEnvironment: () => mocks.Environment(),
   deleteEnvironment: () => faker.random.arrayElement(['success', `Error: unknown deploy type ${mocks.DeployType()}`]),
-  deleteAllEnvironments: () => 'success',
   addOrUpdateEnvironmentStorage: () => mocks.EnvironmentStorage(),
   addNotificationSlack: () => mocks.NotificationSlack(),
   updateNotificationSlack: () => mocks.NotificationSlack(),
   deleteNotificationSlack: () => faker.random.arrayElement(['success', "Can't delete notification linked to projects"]),
-  deleteAllNotificationSlacks: () => 'success',
   addNotificationRocketChat: () => mocks.NotificationRocketChat(),
   updateNotificationRocketChat: () => mocks.NotificationRocketChat(),
   deleteNotificationRocketChat: () => faker.random.arrayElement(['success', "Can't delete notification linked to projects"]),
-  deleteAllNotificationRocketChats: () => 'success',
   addNotificationMicrosoftTeams: () => mocks.NotificationMicrosoftTeams(),
   updateNotificationMicrosoftTeams: () => mocks.NotificationMicrosoftTeams(),
   deleteNotificationMicrosoftTeams: () => faker.random.arrayElement(['success', "Can't delete notification linked to projects"]),
-  deleteAllNotificationMicrosoftTeams: () => 'success',
   addNotificationEmail: () => mocks.NotificationEmail(),
   updateNotificationEmail: () => mocks.NotificationEmail(),
   deleteNotificationEmail: () => faker.random.arrayElement(['success', "Can't delete notification linked to projects"]),
-  deleteAllNotificationEmails: () => 'success',
   addNotificationToProject: () => mocks.Project(),
   removeNotificationFromProject: () => mocks.Project(),
-  removeAllNotificationsFromAllProjects: () => 'success',
   addOpenshift: () => mocks.Openshift(),
   updateOpenshift: () => mocks.Openshift(),
   deleteOpenshift: () => 'success',
-  deleteAllOpenshifts: () => 'success',
   addProject: () => mocks.Project(),
   updateProject: () => mocks.Project(),
   deleteProject: () => 'success',
-  deleteAllProjects: () => 'success',
   addSshKey: () => mocks.SshKey(),
   updateSshKey: () => mocks.SshKey(),
   deleteSshKey: () => 'success',
   deleteSshKeyById: () => 'success',
-  deleteAllSshKeys: () => 'success',
-  removeAllSshKeysFromAllUsers: () => 'success',
   addUser: () => mocks.User(),
   updateUser: () => mocks.User(),
   deleteUser: () => 'success',
-  deleteAllUsers: () => 'success',
   addDeployment: () => mocks.Deployment(),
   deleteDeployment: () => 'success',
   updateDeployment: () => mocks.Deployment(),
   cancelDeployment: () => faker.random.arrayElement(['success', 'Deployment not cancelled, reason: Too slow.']),
   addBackup: () => mocks.Backup(),
   deleteBackup: () => 'success',
-  deleteAllBackups: () => 'success',
   addRestore: () => mocks.Restore(),
   updateRestore: () => mocks.Restore(),
   addEnvVariable: () => mocks.EnvKeyValue(),
@@ -714,7 +702,6 @@ mocks.Mutation = () => ({
   addGroup: () => mocks.Group(),
   updateGroup: () => mocks.Group(),
   deleteGroup: () => 'success',
-  deleteAllGroups: () => 'success',
   addUserToGroup: () => mocks.Group(),
   removeUserFromGroup: () => mocks.Group(),
   addGroupsToProject: () => mocks.Project(),

services/api/src/models/group.ts

@@ -258,7 +258,7 @@ export const Group = (clients: {
     // briefRepresentation pulls all the group information from keycloak including the attributes
     // this means we don't need to iterate over all the groups one by one anymore to get the full group information
     const fullGroups = await keycloakAdminClient.groups.find({briefRepresentation: false});
-    // no need to transform, just return the full response, only the `allGroups` and `deleteAllGroups` resolvers use this
+    // no need to transform, just return the full response, only the `allGroups` resolvers use this
     // and the `sync-groups-opendistro-security` consumption of this helper sync script is going to
     // go away in the future when we move to the `lagoon-opensearch-sync` supporting service
     return fullGroups;

services/api/src/resolvers.js

@@ -117,7 +117,6 @@ const {
   getEnvironmentsByProjectId,
   updateEnvironment,
   getAllEnvironments,
-  deleteAllEnvironments,
   userCanSshToEnvironment,
   getEnvironmentUrl,
   getEnvironmentsByKubernetes,
@@ -158,12 +157,6 @@ const {
   addNotificationEmail,
   updateNotificationEmail,
   deleteNotificationEmail,
-  deleteAllNotificationEmails,
-  deleteAllNotificationSlacks,
-  deleteAllNotificationMicrosoftTeams,
-  deleteAllNotificationRocketChats,
-  deleteAllNotificationWebhook,
-  removeAllNotificationsFromAllProjects,
 } = require('./resources/notification/resolvers');
 
 const {
@@ -175,7 +168,6 @@ const {
   getOpenshiftByEnvironmentId,
   getProjectUser,
   updateOpenshift,
-  deleteAllOpenshifts,
   getToken,
   getConsoleUrl,
   getMonitoringConfig,
@@ -191,7 +183,6 @@ const {
   getProjectsByMetadata,
   getAllProjects,
   updateProject,
-  deleteAllProjects,
   getProjectUrl,
   updateProjectMetadata,
   removeProjectMetadataByKey,
@@ -205,8 +196,6 @@ const {
   updateSshKey,
   deleteSshKey,
   deleteSshKeyById,
-  deleteAllSshKeys,
-  removeAllSshKeysFromAllUsers
 } = require('./resources/sshKey/resolvers');
 
 const {
@@ -219,7 +208,6 @@ const {
   removeUserFromOrganization,
   resetUserPassword,
   deleteUser,
-  deleteAllUsers,
   getAllUsers,
   getUserByEmail,
 } = require('./resources/user/resolvers');
@@ -234,7 +222,6 @@ const {
   getAllProjectsByGroupId,
   updateGroup,
   deleteGroup,
-  deleteAllGroups,
   addUserToGroup,
   removeUserFromGroup,
   addGroupsToProject,
@@ -279,7 +266,6 @@ const {
   addBackup,
   getBackupsByEnvironmentId,
   deleteBackup,
-  deleteAllBackups,
   addRestore,
   getRestoreByBackupId,
   updateRestore,
@@ -610,7 +596,6 @@ const resolvers = {
     addOrUpdateEnvironment,
     updateEnvironment,
     deleteEnvironment,
-    deleteAllEnvironments,
     addOrUpdateEnvironmentStorage,
     addOrUpdateStorageOnEnvironment: addOrUpdateEnvironmentStorage,
     addNotificationSlack,
@@ -619,35 +604,26 @@ const resolvers = {
     addNotificationWebhook,
     updateNotificationWebhook,
     deleteNotificationWebhook,
-    deleteAllNotificationSlacks,
-    deleteAllNotificationWebhook,
     addNotificationRocketChat,
     updateNotificationRocketChat,
     deleteNotificationRocketChat,
-    deleteAllNotificationRocketChats,
     addNotificationMicrosoftTeams,
     updateNotificationMicrosoftTeams,
     deleteNotificationMicrosoftTeams,
-    deleteAllNotificationMicrosoftTeams,
     addNotificationEmail,
     updateNotificationEmail,
     deleteNotificationEmail,
-    deleteAllNotificationEmails,
     addNotificationToProject,
     removeNotificationFromProject,
-    removeAllNotificationsFromAllProjects,
     addOpenshift,
     updateOpenshift,
     deleteOpenshift,
-    deleteAllOpenshifts,
     addKubernetes: addOpenshift,
     updateKubernetes: updateOpenshift,
     deleteKubernetes: deleteOpenshift,
-    deleteAllKubernetes: deleteAllOpenshifts,
     addProject,
     updateProject,
     deleteProject,
-    deleteAllProjects,
     updateProjectMetadata,
     removeProjectMetadataByKey,
     addSshKey,
@@ -657,23 +633,19 @@ const resolvers = {
     addUserSSHPublicKey: addSshKey,
     updateUserSSHPublicKey: updateSshKey,
     deleteUserSSHPublicKey: deleteSshKeyById,
-    deleteAllSshKeys,
-    removeAllSshKeysFromAllUsers,
     addUser,
     updateUser,
     addUserToOrganization,
     removeUserFromOrganization,
     resetUserPassword,
     deleteUser,
-    deleteAllUsers,
     addDeployment,
     deleteDeployment,
     updateDeployment,
     cancelDeployment,
     bulkDeployEnvironmentLatest,
     addBackup,
     deleteBackup,
-    deleteAllBackups,
     addRestore,
     updateRestore,
     addEnvVariable,
@@ -706,7 +678,6 @@ const resolvers = {
     addGroup,
     updateGroup,
     deleteGroup,
-    deleteAllGroups,
     addUserToGroup,
     removeUserFromGroup,
     addGroupsToProject,

services/api/src/resources/backup/resolvers.ts

@@ -228,21 +228,6 @@ export const deleteBackup: ResolverFn = async (
   return 'success';
 };
 
-export const deleteAllBackups: ResolverFn = async (
-  root,
-  args,
-  { sqlClientPool, hasPermission, userActivityLogger }
-) => {
-  await hasPermission('backup', 'deleteAll');
-
-  await query(sqlClientPool, Sql.truncateBackup());
-
-  userActivityLogger(`User deleted all backups`);
-
-  // TODO: Check rows for success
-  return 'success';
-};
-
 export const addRestore: ResolverFn = async (
   root,
   { input: { id, backupId, status, restoreLocation, created, execute } },