API for metadata removal: GDPR compliance

[chmouel]

Provide an API which effectively do those SQL queries :

Find the jenkins namespace associated with the user - say ${user_jenkins_namespace}

DELETE FROM statistics WHERE namespace = '${user_jenkins_namespace}';
DELETE FROM requests WHERE namespace = '${user_jenkins_namespace}';

https://openshift.io/openshiftio/Openshift_io/plan/detail/805

[kishansagathiya]

@chmouel Thinking of picking this up how about DELETE https://localhost:9091/api/metadataremoval/$namespace

[chmouel]

what about /api/clear/metadata/${namespace} ?

[kishansagathiya]

@chmouel /api/clear/metadata/${namespace} seems more appropriate

[kishansagathiya]

@chmouel I see a function to soft delete requests. I can't imagine why we would need this info in future(except for doing some analytics). I am inclined towards not keeping separate soft-delete and hard-delete function, and just hard-delete them both. Let me know if you think I should keep soft-delete

Don't see deleted_at column

[kishansagathiya]

hhmm, this would require authorization header as well as well, and then we won't need to pass namespace parameter

[chmouel]

sounds good 👍

[kishansagathiya]

Task list

• [ ] Create an OpenShift secret for adding a service account for f8-jenkins-proxy https://fabric8-services.github.io/fabric8-auth/reference.html#_service_accounts (Take help from service-del here)
• [ ] API Structure

  curl -X DELETE http://localhost:9091/api/clear/metadata/ksagthi-preview-jenkins -H "Authorization: Bearer $SERVICE_ACCOUNT_TOKEN"

  @sbose78 Can you verify if above is the expected API structure?