chore: Remove ability to create GCP log sinks (#8298)

This has long since been removed in the Clients.
2026-01-27 10:18:54 +00:00 · 2025-02-28 20:57:21 +00:00
parent d71fdbf269
commit cb0bf44815
4 changed files with 0 additions and 171 deletions
--- a/elixir/apps/api/lib/api/client/channel.ex
+++ b/elixir/apps/api/lib/api/client/channel.ex
@@ -1,7 +1,6 @@
 defmodule API.Client.Channel do
  use API, :channel
  alias API.Client.Views
-  alias Domain.Instrumentation
  alias Domain.{Accounts, Clients, Actors, Resources, Gateways, Relays, Policies, Flows}
  require Logger
  require OpenTelemetry.Tracer
@@ -566,40 +565,6 @@ defmodule API.Client.Channel do
  ##### Client-initiated actions #####
  ####################################

-  # This message sent by the client to create a GSC signed url for uploading logs and debug artifacts
-  # TODO: This has been disabled on clients. Remove this when no more clients are requesting log sinks.
-  @impl true
-  def handle_in("create_log_sink", _attrs, socket) do
-    OpenTelemetry.Ctx.attach(socket.assigns.opentelemetry_ctx)
-    OpenTelemetry.Tracer.set_current_span(socket.assigns.opentelemetry_span_ctx)
-
-    account_slug = socket.assigns.subject.account.slug
-
-    actor_name =
-      socket.assigns.subject.actor.name
-      |> String.downcase()
-      |> String.replace(" ", "_")
-      |> String.replace(~r/[^a-zA-Z0-9_-]/iu, "")
-
-    OpenTelemetry.Tracer.with_span "client.create_log_sink" do
-      case Instrumentation.create_remote_log_sink(socket.assigns.client, actor_name, account_slug) do
-        {:ok, signed_url} ->
-          {:reply, {:ok, signed_url}, socket}
-
-        {:error, :disabled} ->
-          {:reply, {:error, %{reason: :disabled}}, socket}
-
-        {:error, reason} ->
-          Logger.error("Failed to create log sink for client",
-            client_id: socket.assigns.client.id,
-            reason: inspect(reason)
-          )
-
-          {:reply, {:error, %{reason: :retry_later}}, socket}
-      end
-    end
-  end
-
  # This message is sent to the client to request a network flow with a gateway that can serve given resource.
  #
  # `connected_gateway_ids` is used to indicate that the client is already connected to some of the gateways,
--- a/elixir/apps/api/test/api/client/channel_test.exs
+++ b/elixir/apps/api/test/api/client/channel_test.exs
@@ -1,6 +1,5 @@
 defmodule API.Client.ChannelTest do
  use API.ChannelCase, async: true
-  alias Domain.Mocks.GoogleCloudPlatform

  setup do
    account =
@@ -1023,67 +1022,6 @@ defmodule API.Client.ChannelTest do
    end
  end

-  # TODO: This has been disabled on clients. Remove this when no more clients are requesting log sinks.
-  describe "handle_in/3 create_log_sink" do
-    test "returns error when feature is disabled", %{socket: socket} do
-      Domain.Config.put_env_override(Domain.Instrumentation, client_logs_enabled: false)
-
-      ref = push(socket, "create_log_sink", %{})
-      assert_reply ref, :error, %{reason: :disabled}
-    end
-
-    test "returns error when google api is not available", %{socket: socket} do
-      bypass = Bypass.open()
-
-      GoogleCloudPlatform.override_endpoint_url(
-        :metadata_endpoint_url,
-        "http://localhost:#{bypass.port}/"
-      )
-
-      GoogleCloudPlatform.override_endpoint_url(
-        :sign_endpoint_url,
-        "http://localhost:#{bypass.port}/service_accounts/"
-      )
-
-      Bypass.down(bypass)
-
-      ref = push(socket, "create_log_sink", %{})
-      assert_reply ref, :error, %{reason: :retry_later}
-    end
-
-    test "returns a signed URL which can be used to upload the logs", %{
-      account: account,
-      socket: socket,
-      client: client
-    } do
-      bypass = Bypass.open()
-      GoogleCloudPlatform.mock_instance_metadata_token_endpoint(bypass)
-      GoogleCloudPlatform.mock_sign_blob_endpoint(bypass, "foo")
-
-      actor = Repo.get(Domain.Actors.Actor, client.actor_id)
-
-      actor_name =
-        actor.name
-        |> String.downcase()
-        |> String.replace(" ", "_")
-        |> String.replace(~r/[^a-zA-Z0-9_-]/iu, "")
-
-      ref = push(socket, "create_log_sink", %{})
-      assert_reply ref, :ok, signed_url
-
-      assert signed_uri = URI.parse(signed_url)
-      assert signed_uri.scheme == "https"
-      assert signed_uri.host == "storage.googleapis.com"
-
-      assert String.starts_with?(
-               signed_uri.path,
-               "/logs/clients/#{account.slug}/#{actor_name}/#{client.id}/"
-             )
-
-      assert String.ends_with?(signed_uri.path, ".json")
-    end
-  end
-
  describe "handle_in/3 create_flow" do
    test "returns error when resource is not found", %{socket: socket} do
      resource_id = Ecto.UUID.generate()
--- a/elixir/apps/domain/lib/domain/instrumentation.ex
+++ b/elixir/apps/domain/lib/domain/instrumentation.ex
@@ -1,29 +0,0 @@
-defmodule Domain.Instrumentation do
-  alias Domain.Clients
-  alias Domain.GoogleCloudPlatform
-
-  # TODO: Remove this when clients aren't requesting log sinks
-  def create_remote_log_sink(%Clients.Client{} = client, actor_name, account_slug) do
-    config = config!()
-    enabled? = Keyword.fetch!(config, :client_logs_enabled)
-
-    if enabled? and GoogleCloudPlatform.enabled?() do
-      now = DateTime.utc_now() |> DateTime.to_iso8601()
-
-      bucket =
-        Application.fetch_env!(:domain, __MODULE__)
-        |> Keyword.fetch!(:client_logs_bucket)
-
-      filename =
-        "clients/#{account_slug}/#{actor_name}/#{client.id}/#{now}-#{System.unique_integer([:positive])}.json"
-
-      GoogleCloudPlatform.sign_url(bucket, filename, verb: "PUT")
-    else
-      {:error, :disabled}
-    end
-  end
-
-  defp config! do
-    Domain.Config.fetch_env!(:domain, __MODULE__)
-  end
-end
--- a/elixir/apps/domain/test/domain/instrumentation_test.exs
+++ b/elixir/apps/domain/test/domain/instrumentation_test.exs
@@ -1,45 +0,0 @@
-defmodule Domain.InstrumentationTest do
-  use Domain.DataCase, async: true
-  import Domain.Instrumentation
-  alias Domain.Mocks.GoogleCloudPlatform
-
-  # TODO: Remove this when clients aren't requesting log sinks
-  describe "create_remote_log_sink/1" do
-    test "returns an error if feature is disabled" do
-      client = Fixtures.Clients.create_client()
-
-      Domain.Config.put_env_override(Domain.Instrumentation, client_logs_enabled: false)
-
-      assert create_remote_log_sink(client, "acct_slug", "john_doe") == {:error, :disabled}
-    end
-
-    test "returns a signed URL" do
-      bypass = Bypass.open()
-      GoogleCloudPlatform.mock_instance_metadata_token_endpoint(bypass)
-      GoogleCloudPlatform.mock_sign_blob_endpoint(bypass, "foo")
-
-      account = Fixtures.Accounts.create_account()
-      actor = Fixtures.Actors.create_actor(account: account)
-      client = Fixtures.Clients.create_client(account: account, actor: actor)
-
-      actor_name =
-        actor.name
-        |> String.downcase()
-        |> String.replace(" ", "_")
-        |> String.replace(~r/[^a-zA-Z0-9_-]/iu, "")
-
-      assert {:ok, signed_url} = create_remote_log_sink(client, actor_name, account.slug)
-
-      assert signed_uri = URI.parse(signed_url)
-      assert signed_uri.scheme == "https"
-      assert signed_uri.host == "storage.googleapis.com"
-
-      assert String.starts_with?(
-               signed_uri.path,
-               "/logs/clients/#{account.slug}/#{actor_name}/#{client.id}/"
-             )
-
-      assert String.ends_with?(signed_uri.path, ".json")
-    end
-  end
-end