Replace custom transaction retries with centralized logic

This reduces the code surface to cover in tests and improves readability.

Signed-off-by: nscuro <[email protected]>

Author: nscuro

src/main/java/org/dependencytrack/event/kafka/processor/RepositoryMetaResultProcessor.java

@@ -21,7 +21,7 @@
 import alpine.common.logging.Logger;
 import com.github.packageurl.MalformedPackageURLException;
 import com.github.packageurl.PackageURL;
-import org.apache.commons.lang3.exception.ExceptionUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.kafka.clients.consumer.ConsumerRecord;
 import org.dependencytrack.event.kafka.processor.api.Processor;
 import org.dependencytrack.event.kafka.processor.exception.ProcessingException;
@@ -31,13 +31,10 @@
 import org.dependencytrack.model.RepositoryType;
 import org.dependencytrack.persistence.QueryManager;
 import org.dependencytrack.proto.repometaanalysis.v1.AnalysisResult;
-import org.postgresql.util.PSQLState;
+import org.dependencytrack.util.PersistenceUtil;
 
-import javax.jdo.JDODataStoreException;
 import javax.jdo.PersistenceManager;
 import javax.jdo.Query;
-import javax.jdo.Transaction;
-import java.sql.SQLException;
 import java.util.Date;
 import java.util.Optional;
 
@@ -79,83 +76,70 @@ private IntegrityMetaComponent synchronizeIntegrityMetadata(final QueryManager q
         }
     }
 
-    private void synchronizeRepositoryMetadata(final QueryManager queryManager, final ConsumerRecord<String, AnalysisResult> record) throws Exception {
-        PersistenceManager pm = queryManager.getPersistenceManager();
+    private void synchronizeRepositoryMetadata(final QueryManager qm, final ConsumerRecord<String, AnalysisResult> record) throws Exception {
+        final PersistenceManager pm = qm.getPersistenceManager();
         final AnalysisResult result = record.value();
-        PackageURL purl = new PackageURL(result.getComponent().getPurl());
+        final var purl = new PackageURL(result.getComponent().getPurl());
 
         // It is possible that the same meta info is reported for multiple components in parallel,
         // causing unique constraint violations when attempting to insert into the REPOSITORY_META_COMPONENT table.
         // In such cases, we can get away with simply retrying to SELECT+UPDATE or INSERT again. We'll attempt
         // up to 3 times before giving up.
-        for (int i = 0; i < 3; i++) {
-            final Transaction trx = pm.currentTransaction();
-            try {
-                RepositoryMetaComponent repositoryMetaComponentResult = createRepositoryMetaResult(record, pm, purl);
-                if (repositoryMetaComponentResult != null) {
-                    trx.begin();
-                    pm.makePersistent(repositoryMetaComponentResult);
-                    trx.commit();
-                    break; // this means that transaction was successful and we do not need to retry
-                }
-            } catch (JDODataStoreException e) {
-                // TODO: DataNucleus doesn't map constraint violation exceptions very well,
-                // so we have to depend on the exception of the underlying JDBC driver to
-                // tell us what happened. We currently only handle PostgreSQL, but we'll have
-                // to do the same for at least H2 and MSSQL.
-                if (ExceptionUtils.getRootCause(e) instanceof final SQLException se
-                        && PSQLState.UNIQUE_VIOLATION.getState().equals(se.getSQLState())) {
-                    continue; // Retry
-                }
-
-                throw e;
-            } finally {
-                if (trx.isActive()) {
-                    trx.rollback();
-                }
+        qm.runInRetryableTransaction(() -> {
+            final RepositoryMetaComponent repositoryMetaComponentResult = createRepositoryMetaResult(record, pm, purl);
+            if (repositoryMetaComponentResult != null) {
+                pm.makePersistent(repositoryMetaComponentResult);
             }
-        }
+
+            return null;
+        }, PersistenceUtil::isUniqueConstraintViolation);
     }
 
-    private RepositoryMetaComponent createRepositoryMetaResult(ConsumerRecord<String, AnalysisResult> incomingAnalysisResultRecord, PersistenceManager pm, PackageURL purl) throws Exception {
+    private RepositoryMetaComponent createRepositoryMetaResult(ConsumerRecord<String, AnalysisResult> incomingAnalysisResultRecord, PersistenceManager pm, PackageURL purl) {
         final AnalysisResult result = incomingAnalysisResultRecord.value();
-        if (result.hasLatestVersion()) {
-            try (final Query<RepositoryMetaComponent> query = pm.newQuery(RepositoryMetaComponent.class)) {
-                query.setFilter("repositoryType == :repositoryType && namespace == :namespace && name == :name");
-                query.setParameters(
-                        RepositoryType.resolve(purl),
-                        purl.getNamespace(),
-                        purl.getName()
-                );
-                RepositoryMetaComponent persistentRepoMetaComponent = query.executeUnique();
-                if (persistentRepoMetaComponent == null) {
-                    persistentRepoMetaComponent = new RepositoryMetaComponent();
-                }
-
-                if (persistentRepoMetaComponent.getLastCheck() != null
-                        && persistentRepoMetaComponent.getLastCheck().after(new Date(incomingAnalysisResultRecord.timestamp()))) {
-                    LOGGER.warn("""
-                            Received repository meta information for %s that is older\s
-                            than what's already in the database; Discarding
-                            """.formatted(purl));
-                    return null;
-                }
-
-                persistentRepoMetaComponent.setRepositoryType(RepositoryType.resolve(purl));
-                persistentRepoMetaComponent.setNamespace(purl.getNamespace());
-                persistentRepoMetaComponent.setName(purl.getName());
-                if (result.hasLatestVersion()) {
-                    persistentRepoMetaComponent.setLatestVersion(result.getLatestVersion());
-                }
-                if (result.hasPublished()) {
-                    persistentRepoMetaComponent.setPublished(new Date(result.getPublished().getSeconds() * 1000));
-                }
-                persistentRepoMetaComponent.setLastCheck(new Date(incomingAnalysisResultRecord.timestamp()));
-                return persistentRepoMetaComponent;
-            }
-        } else {
+        if (!result.hasLatestVersion()) {
+            return null;
+        }
+
+        final Query<RepositoryMetaComponent> query = pm.newQuery(RepositoryMetaComponent.class);
+        query.setFilter("repositoryType == :repositoryType && namespace == :namespace && name == :name");
+        query.setParameters(
+                RepositoryType.resolve(purl),
+                purl.getNamespace(),
+                purl.getName()
+        );
+
+        RepositoryMetaComponent persistentRepoMetaComponent;
+        try {
+            persistentRepoMetaComponent = query.executeUnique();
+        } finally {
+            query.closeAll();
+        }
+
+        if (persistentRepoMetaComponent == null) {
+            persistentRepoMetaComponent = new RepositoryMetaComponent();
+        }
+
+        if (persistentRepoMetaComponent.getLastCheck() != null
+            && persistentRepoMetaComponent.getLastCheck().after(new Date(incomingAnalysisResultRecord.timestamp()))) {
+            LOGGER.warn("""
+                    Received repository meta information for %s that is older\s
+                    than what's already in the database; Discarding
+                    """.formatted(purl));
             return null;
         }
+
+        persistentRepoMetaComponent.setRepositoryType(RepositoryType.resolve(purl));
+        persistentRepoMetaComponent.setNamespace(purl.getNamespace());
+        persistentRepoMetaComponent.setName(purl.getName());
+        if (result.hasLatestVersion()) {
+            persistentRepoMetaComponent.setLatestVersion(result.getLatestVersion());
+        }
+        if (result.hasPublished()) {
+            persistentRepoMetaComponent.setPublished(new Date(result.getPublished().getSeconds() * 1000));
+        }
+        persistentRepoMetaComponent.setLastCheck(new Date(incomingAnalysisResultRecord.timestamp()));
+        return persistentRepoMetaComponent;
     }
 
     private IntegrityMetaComponent synchronizeIntegrityMetaResult(final ConsumerRecord<String, AnalysisResult> incomingAnalysisResultRecord, QueryManager queryManager, PackageURL purl) {
@@ -173,10 +157,10 @@ private IntegrityMetaComponent synchronizeIntegrityMetaResult(final ConsumerReco
 
         if (result.getIntegrityMeta().hasMd5() || result.getIntegrityMeta().hasSha1() || result.getIntegrityMeta().hasSha256()
                 || result.getIntegrityMeta().hasSha512() || result.getIntegrityMeta().hasCurrentVersionLastModified()) {
-            Optional.ofNullable(result.getIntegrityMeta().getMd5()).ifPresent(persistentIntegrityMetaComponent::setMd5);
-            Optional.ofNullable(result.getIntegrityMeta().getSha1()).ifPresent(persistentIntegrityMetaComponent::setSha1);
-            Optional.ofNullable(result.getIntegrityMeta().getSha256()).ifPresent(persistentIntegrityMetaComponent::setSha256);
-            Optional.ofNullable(result.getIntegrityMeta().getSha512()).ifPresent(persistentIntegrityMetaComponent::setSha512);
+            Optional.of(result.getIntegrityMeta().getMd5()).filter(StringUtils::isNotBlank).ifPresent(persistentIntegrityMetaComponent::setMd5);
+            Optional.of(result.getIntegrityMeta().getSha1()).filter(StringUtils::isNotBlank).ifPresent(persistentIntegrityMetaComponent::setSha1);
+            Optional.of(result.getIntegrityMeta().getSha256()).filter(StringUtils::isNotBlank).ifPresent(persistentIntegrityMetaComponent::setSha256);
+            Optional.of(result.getIntegrityMeta().getSha512()).filter(StringUtils::isNotBlank).ifPresent(persistentIntegrityMetaComponent::setSha512);
             persistentIntegrityMetaComponent.setPurl(result.getComponent().getPurl());
             persistentIntegrityMetaComponent.setRepositoryUrl(result.getIntegrityMeta().getMetaSourceUrl());
             persistentIntegrityMetaComponent.setPublishedAt(result.getIntegrityMeta().hasCurrentVersionLastModified() ? new Date(result.getIntegrityMeta().getCurrentVersionLastModified().getSeconds() * 1000) : null);

src/test/java/org/dependencytrack/model/RepositoryTypeTest.java

@@ -83,4 +83,29 @@ public void testResolveCpan() throws Exception {
         PackageURL purl = new PackageURL("pkg:cpan/[email protected]");
         Assert.assertEquals(RepositoryType.CPAN, RepositoryType.resolve(purl));
     }
+
+    @Test
+    public void testResolveComposer() throws Exception {
+        final var purl = new PackageURL("pkg:composer/[email protected]");
+        Assert.assertEquals(RepositoryType.COMPOSER, RepositoryType.resolve(purl));
+    }
+
+    @Test
+    public void testResolveCargo() throws Exception {
+        final var purl = new PackageURL("pkg:cargo/[email protected]");
+        Assert.assertEquals(RepositoryType.CARGO, RepositoryType.resolve(purl));
+    }
+
+    @Test
+    public void testResolveGoModules() throws Exception {
+        final var purl = new PackageURL("pkg:golang/[email protected]");
+        Assert.assertEquals(RepositoryType.GO_MODULES, RepositoryType.resolve(purl));
+    }
+
+    @Test
+    public void testResolveGitHub() throws Exception {
+        final var purl = new PackageURL("pkg:github/[email protected]");
+        Assert.assertEquals(RepositoryType.GITHUB, RepositoryType.resolve(purl));
+    }
+
 }