Staging database restore DAG: base restore

[AetherUnbound]

Fixes

This is a step towards #1989 but does not address it completely (steps 12+ from the implementation plan will be added in follow-up PRs).

Description

This PR adds the initial restore-from-snapshot steps of the staging database restore DAG. See the linked IP above for the full definition.

I recommend reviewing in the following order:

• constants.py
• utils.py
• staging_database_restore.py
• staging_database_restore_dag.py

Since this doesn't have the last required steps for the DAG, we won't enable it once this is merged. I felt that splitting this up into several PRs was a better route to take though, otherwise the full DAG would have been huge!

Testing Instructions

Tests should pass locally. You can also set the SKIP_STAGING_DATABASE_RESTORE Airflow Variable to true and kick off the DAG to see that it should skip everything.

Warning
If you want to test the actual restore operations, you can do so by setting the following environment variables:
AWS_RDS_CONN_ID=aws_rds
AIRFLOW_CONN_AWS_RDS=aws://<access-key>:<access-secret>@?region_name=us-east-1

This will run the restore & delete operations, so be advised!

Checklist

• My pull request has a descriptive title (not a vague title likeUpdate index.md).
• My pull request targets the default branch of the repository (main) or a parent feature branch.
• My commit messages follow best practices.
• My code follows the established code style of the repository.
• I added or updated tests for the changes I made (if applicable).
• I added or updated documentation (if applicable).
• I tried running the project locally and verified that there are no visible errors.
• I ran the DAG documentation generator (if applicable).

Developer Certificate of Origin

Developer Certificate of Origin

Developer Certificate of Origin
Version 1.1

Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
1 Letterman Drive
Suite D4700
San Francisco, CA, 94129

Everyone is permitted to copy and distribute verbatim copies of this
license document, but changing it is not allowed.


Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I
    have the right to submit it under the open source license
    indicated in the file; or

(b) The contribution is based upon previous work that, to the best
    of my knowledge, is covered under an appropriate open source
    license and I have the right under that license to submit that
    work with modifications, whether created in whole or in part
    by me, under the same open source license (unless I am
    permitted to submit under a different license), as indicated
    in the file; or

(c) The contribution was provided directly to me by some other
    person who certified (a), (b) or (c) and I have not modified
    it.

(d) I understand and agree that this project and the contribution
    are public and that a record of the contribution (including all
    personal information I submit with it, including my sign-off) is
    maintained indefinitely and may be redistributed consistent with
    this project or the open source license(s) involved.

[stacimc]

🥳 This looks great! No blocking feedback. Code lgtm and I did test locally with SKIP_STAGING_DATABASE_RESTORE. Splitting this into another PR with the next steps makes total sense to me as well.

I learned so much about TaskFlow reviewing this 😄 Very, very cool.

[stacimc]

This all works as is, but I'm curious why we didn't need to explicitly set either:

latest_snapshot >> ensure_snapshot_ready

or

staging_details >> restore_snapshot

[AetherUnbound]

This is a little sneaky, behind the scenes stuff from the TaskFlow API 😅 the restore_snapshot = restore_staging_from_snapshot(latest_snapshot, staging_details) line creates an inherent dependency relationship from latest_snapshot and staging_details to restore_snapshot, without us having to explicitly define that relationship with the >> operator. Same for ensure_snapshot_ready - it has latest_snapshot as one of its params, so Airflow knows implicitly it has to run that step first!

[stacimc]

Is filtering out sensitive values only important for logging? Ie, could we only restrict logging to REQUIRED_DB_INFO, but use everything to create the new db? Would that provide any extra resilience to configuration drift, or can we expect that REQUIRED_DB_INFO will never need to change?

[AetherUnbound]

I think there are a few reasons why the current approach might be best:

• Easy prevention of logging secrets accidentally
• REQUIRED_DB_INFO isn't likely to change on the features that we care about at least
• There are some values that are returned from the details API that have to have their shape changed before they can be fed into the create from snapshot API (see the lines below on subnet group name and VPC security group IDs). There are dozens of values returned from the former API, so trying to manage the appropriate transformations on all of them so they can be fed into the latter API seems unnecessary at this point IMO.

[stacimc]

Why does this take should_skip as an argument? Will a value ever be passed this way?

[AetherUnbound]

It won't be passed in normal control flow, but it's useful for testing! See: https://github.com/WordPress/openverse/pull/2099/files#diff-cbfa38a24878311bad02d5a1140c5bc6ab29e4e8a468c0c7e90433cdaf45a904R23-R24

[stacimc]

Very cool, TIL!

[AetherUnbound]

Stumbled across this one by accident while looking for something else, couldn't help but use it!

[stacimc]

Neat!

[stacimc]

💯

[stacimc]

This might be a little confusing, since the TEMP identifiers also work, right? Maybe The target function must be called with a non-production database identifier?

[AetherUnbound]

Oh shoot, that's a great point. This function went through a few iterations (initially it was only staging, then SAFE_TO_MUTATE came about). I'll update this!

[stacimc]

Should we add tests that mock the SKIP_STAGING_DATABASE_RESTORE variable?

[AetherUnbound]

I think since that's a Variable.get with a simple or comparison between that and should_skip, that testing the conditions there is sufficient. This seemed easier than mocking the Variable.get step, but I can change it to that kind of test and remove the should_skip param if you think that's best!

[stacimc]

😄

[stacimc]

🥳 This looks great! No blocking feedback. Code lgtm and I did test locally with SKIP_STAGING_DATABASE_RESTORE. Splitting this into another PR with the next steps makes total sense to me as well.

I learned so much about TaskFlow reviewing this 😄 Very, very cool.

[obulat]

Tested this locally, and it skipped all of the steps :)
Oh, and got scared at first of all the errors when I set the variable value to True (capitalized as in Python). So everything worked as expected.