[sql-54] firewalldb: handle deleted sessions during the kv stores + privacy mapper migration

[ViktorT-11]

If the user has deleted their session.db file, but kept their rules.db file, there can exist kv entries + privacy mapper pairs that point to a now deleted session ID. Such kv entries and privacy mapper pairs should be ignored during the migration, as they are cannot be used anymore.

This PR addresses that edge case.

[gemini-code-assist]

Summary of Changes

Hello @ViktorT-11, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses a critical edge case in the firewalldb migration where kv entries and privacy mapper pairs might exist for sessions that have been deleted. It introduces logic to identify and ignore such orphaned data during the migration from the bbolt database to SQL, preventing the transfer of invalid or unusable information. This enhancement significantly improves the reliability and correctness of the database migration process, especially in scenarios where users might have partially cleaned up their database files.

Highlights

• Session Map Introduction: A map of existing sessions is now created at the beginning of the firewalldb migration process, which is then passed to subsequent migration functions.
• KV Store Migration Handling: The KV store migration now checks against this pre-fetched session map and gracefully skips migrating entries associated with sessions that have been deleted.
• Privacy Mapper Migration Handling: Similarly, the privacy mapper migration now utilizes the session map to identify and skip migrating privacy pairs linked to deleted sessions.
• Action Migration Refinement: The action migration process has been updated to accept and use the pre-fetched session map, streamlining the session lookup and removing redundant session listing.
• New Test Cases: Comprehensive test cases have been added to validate the correct handling of deleted sessions during both KV store and privacy mapper migrations, ensuring robustness in edge scenarios.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request addresses an edge case in the database migration where kv entries and privacy mapper pairs could point to a deleted session. The solution is to fetch all existing sessions at the start of the migration and pass them as a map to the migration functions. This map is then used to check for a session's existence before migrating any session-specific data, correctly ignoring data for deleted sessions. This approach is not only correct but also improves performance by replacing multiple database queries with in-memory map lookups. The changes are well-structured and include thorough test cases for the new logic. I have one minor suggestion to clean up an unused parameter.

[gemini-code-assist]

The ctx parameter is no longer used in this function after the refactoring and can be removed to improve code clarity. Remember to also update the call site in migratePrivacyMapperDBToSQL.

Suggested change

	func collectPrivacyPairs(ctx context.Context, kvStore *bbolt.DB,
	sqlTx SQLQueries) (privacyPairs, error) {
	sessMap map[[4]byte]sqlc.Session) (privacyPairs, error) {
	func collectPrivacyPairs(kvStore *bbolt.DB,
	sessMap map[[4]byte]sqlc.Session) (privacyPairs, error) {