From d1914a894e43f86458d3a63eb3a80a4d2d0ac07d Mon Sep 17 00:00:00 2001
From: Michael Schulte <65006436+mschulte-tsi@users.noreply.github.com>
Date: Fri, 3 Dec 2021 13:07:01 +0100
Subject: [PATCH] Feat/add logging and locking (#111)

* added logging

* added shedlock
---
 pom.xml                                       | 10 +++++++
 .../testresult/TestResultCleanup.java         |  9 ++++--
 .../testresult/config/MtlsSecurityConfig.java |  6 ++--
 .../testresult/config/TestResultConfig.java   |  2 +-
 src/main/resources/application.yml            |  6 ++--
 src/main/resources/db/changelog.yml           |  3 ++
 .../db/changelog/v004-add-shedlock.yml        | 29 +++++++++++++++++++
 .../coronawarn/testresult/SchedulerLock.java  |  4 +++
 .../testresult/TestResultCleanupTest.java     |  4 +--
 9 files changed, 64 insertions(+), 9 deletions(-)
 create mode 100644 src/main/resources/db/changelog/v004-add-shedlock.yml
 create mode 100644 src/test/java/app/coronawarn/testresult/SchedulerLock.java

diff --git a/pom.xml b/pom.xml
index 5e48ee7..0e45977 100644
--- a/pom.xml
+++ b/pom.xml
@@ -184,6 +184,16 @@
       <artifactId>rxjava</artifactId>
       <version>1.3.8</version>
     </dependency>
+    <dependency>
+      <groupId>net.javacrumbs.shedlock</groupId>
+      <artifactId>shedlock-spring</artifactId>
+      <version>4.25.0</version>
+    </dependency>
+    <dependency>
+      <groupId>net.javacrumbs.shedlock</groupId>
+      <artifactId>shedlock-provider-jdbc-template</artifactId>
+      <version>4.25.0</version>
+    </dependency>
   </dependencies>
 
   <build>
diff --git a/src/main/java/app/coronawarn/testresult/TestResultCleanup.java b/src/main/java/app/coronawarn/testresult/TestResultCleanup.java
index ef88318..b98f0ca 100644
--- a/src/main/java/app/coronawarn/testresult/TestResultCleanup.java
+++ b/src/main/java/app/coronawarn/testresult/TestResultCleanup.java
@@ -7,6 +7,7 @@
 import javax.transaction.Transactional;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import net.javacrumbs.shedlock.spring.annotation.SchedulerLock;
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.stereotype.Component;
 
@@ -22,8 +23,10 @@ public class TestResultCleanup {
    * All test results that are older than configured days should be marked as redeemed.
    */
   @Scheduled(
-    fixedDelayString = "${testresult.cleanup.redeem.rate}"
+    cron = "${testresult.cleanup.redeem.cron}"
   )
+  @SchedulerLock(name = "TestresultCleanupService_redeem", lockAtLeastFor = "PT0S",
+    lockAtMostFor = "${testresult.cleanup.redeem.locklimit}")
   @Transactional
   public void redeem() {
     Integer redeemed = testResultRepository.updateResultByCreatedAtBefore(
@@ -36,8 +39,10 @@ public void redeem() {
    * All test results that are older than configured days should get deleted.
    */
   @Scheduled(
-    fixedDelayString = "${testresult.cleanup.delete.rate}"
+    cron = "${testresult.cleanup.delete.cron}"
   )
+  @SchedulerLock(name = "TestresultCleanupService_delete", lockAtLeastFor = "PT0S",
+    lockAtMostFor = "${testresult.cleanup.delete.locklimit}")
   @Transactional
   public void delete() {
     Integer deleted = testResultRepository.deleteByCreatedAtBefore(
diff --git a/src/main/java/app/coronawarn/testresult/config/MtlsSecurityConfig.java b/src/main/java/app/coronawarn/testresult/config/MtlsSecurityConfig.java
index dcfbc9c..b4e9c35 100644
--- a/src/main/java/app/coronawarn/testresult/config/MtlsSecurityConfig.java
+++ b/src/main/java/app/coronawarn/testresult/config/MtlsSecurityConfig.java
@@ -78,7 +78,6 @@ protected void configure(HttpSecurity http) throws Exception {
   @Override
   public UserDetailsService userDetailsService() {
     return hash -> {
-
       boolean allowed = Stream.of(testResultConfig.getAllowedClientCertificates()
         .split(","))
         .map(String::trim)
@@ -103,8 +102,11 @@ private ThumbprintX509PrincipalExtractor() throws NoSuchAlgorithmException {
 
     @Override
     public Object extractPrincipal(X509Certificate x509Certificate) {
+
       try {
-        return String.valueOf(Hex.encode(messageDigest.digest(x509Certificate.getEncoded())));
+        String ret = String.valueOf(Hex.encode(messageDigest.digest(x509Certificate.getEncoded())));
+        log.debug("Accessed by Subject {} Hash {}",x509Certificate.getSubjectDN().getName(), ret);
+        return ret;
       } catch (CertificateEncodingException e) {
         log.error("Failed to extract bytes from certificate");
         return null;
diff --git a/src/main/java/app/coronawarn/testresult/config/TestResultConfig.java b/src/main/java/app/coronawarn/testresult/config/TestResultConfig.java
index 918359e..b453c3d 100644
--- a/src/main/java/app/coronawarn/testresult/config/TestResultConfig.java
+++ b/src/main/java/app/coronawarn/testresult/config/TestResultConfig.java
@@ -28,7 +28,7 @@ public static class Cleanup {
   @Setter
   public static class Scheduled {
 
-    private Integer days;
+    private int days;
 
   }
 
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index 3478596..dd1ccde 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -48,8 +48,10 @@ testresult:
   cleanup:
     redeem:
       days: 21
-      rate: 3600000
+      cron: 0 1 * * * *
+      locklimit: 600
     delete:
       days: 60
-      rate: 3600000
+      cron: 0 0 * * * *
+      locklimit: 600
   allowed-client-certificates:
diff --git a/src/main/resources/db/changelog.yml b/src/main/resources/db/changelog.yml
index e235690..d6eee7e 100644
--- a/src/main/resources/db/changelog.yml
+++ b/src/main/resources/db/changelog.yml
@@ -11,3 +11,6 @@ databaseChangeLog:
 - include:
     file: changelog/v003-add-labid-column.yml
     relativeToChangelogFile: true
+- include:
+    file: changelog/v004-add-shedlock.yml
+    relativeToChangelogFile: true
diff --git a/src/main/resources/db/changelog/v004-add-shedlock.yml b/src/main/resources/db/changelog/v004-add-shedlock.yml
new file mode 100644
index 0000000..1a61dba
--- /dev/null
+++ b/src/main/resources/db/changelog/v004-add-shedlock.yml
@@ -0,0 +1,29 @@
+databaseChangeLog:
+- changeSet:
+    id: add-shedlock
+    author: mschulte-tsi
+    changes:
+      - createTable:
+          tableName: shedlock
+          columns:
+            - column:
+                name: name
+                type: varchar(64)
+                constraints:
+                  nullable: false
+                  primaryKey: true
+            - column:
+                name: lock_until
+                type: datetime(2)
+                constraints:
+                  nullable: false
+            - column:
+                name: locked_at
+                type: datetime(2)
+                constraints:
+                  nullable: false
+            - column:
+                name: locked_by
+                type: varchar(255)
+                constraints:
+                  nullable: false
diff --git a/src/test/java/app/coronawarn/testresult/SchedulerLock.java b/src/test/java/app/coronawarn/testresult/SchedulerLock.java
new file mode 100644
index 0000000..24c3556
--- /dev/null
+++ b/src/test/java/app/coronawarn/testresult/SchedulerLock.java
@@ -0,0 +1,4 @@
+package app.coronawarn.testresult;
+
+public @interface SchedulerLock {
+}
diff --git a/src/test/java/app/coronawarn/testresult/TestResultCleanupTest.java b/src/test/java/app/coronawarn/testresult/TestResultCleanupTest.java
index 7c025b2..f9b8fab 100644
--- a/src/test/java/app/coronawarn/testresult/TestResultCleanupTest.java
+++ b/src/test/java/app/coronawarn/testresult/TestResultCleanupTest.java
@@ -20,9 +20,9 @@
 @SpringBootTest(
   properties = {
     "testresult.cleanup.redeem.days=21",
-    "testresult.cleanup.redeem.rate=1000",
+    "testresult.cleanup.redeem.cron=* * * * * *",
     "testresult.cleanup.delete.days=60",
-    "testresult.cleanup.delete.rate=1000"
+    "testresult.cleanup.delete.cron=* * * * * *"
   }
 )
 @ContextConfiguration(classes = TestResultApplication.class)