When creating or destroying a database, the operation does not seem to be wrapped in a transaction

[dhilton]

https://github.com/tsuru/postgres-api/blob/master/postgresapi/models.py#L85 From the above line, the series of commands to create or delete a postgres database seems to be not be wrapped in a transaction. If one of the statements fails but the others succeed then the database could be left in an incorrect state.

Is this appraisal of the code correct? Thoughts?

[andrewsmedina]

@dhilton you are right. I believe that a good way to fix it is to do something similar to tsuru action pipeline: https://github.com/tsuru/tsuru/blob/master/action/action.go#L57 to ensure the database integrity.

Each command must be an action with a forward and backward methods. If one of the forward methods fail, the pipeline will make the rollback running the backward for the executed actions.

[keymon]

Actually postgres transactions can be used for most of the operations, except DB creation/destruction.

Additionally, in the delete/unbind operation we should try to delete the DB, roles and permissions, but carry on if they are missing. For instance, if drop_database(), the api should not fail if if the DB is not present, instead carry on and delete the roles as well.

[dhilton]

:+1: to what @keymon said - I'd worry about the pipeline being overly complex and adding possibly more points of failure - Postgres can handle most of this, and as long as the outcome from postgres is returned through the API the user can then take the appropriate action to deal with any failures.