move prune-oauth-code from db event to healthcheck

FAQ.md

@@ -18,7 +18,15 @@ make the minimal idx of pushboxv1 >= `required_id` by `update pushboxv1 set idx
 `max_id` = select max(id)+1 from pushboxv1
 
 How to mitigate?
-1. do not do clean up job (defined in init.sql)  , so the records keep , and mysql will calc right idx from current records.
-2. or a very long `PUSHBOX_TTL`
-3. upgrade mysql to 8.0 ( https://dba.stackexchange.com/questsions/80564)
+	1. do not do clean up job (defined in init.sql)  , so the records keep , and mysql will calc right idx from current records.
+	2. or a very long `PUSHBOX_TTL`
+	3. upgrade mysql to 8.0 ( https://dba.stackexchange.com/questsions/80564)
+
+2. Why channelserver keep restarting.
+
+Because the latest channelserver update rust version , but not debian version which causing a glibc mismatch issue.
+
+How to mitigate?
+
+use sha256 tag `docker pull mozilla/channelserver@sha256:01f9251637cc3679b8cf31493569a79a27b41f952d4eb3d5306e1ee8d9d3feea`
 

_init/mysql/init.sql

@@ -2,7 +2,5 @@ CREATE DATABASE IF NOT EXISTS sync;
 CREATE DATABASE IF NOT EXISTS pushbox;
 DROP TABLE IF EXISTS pushbox.__diesel_schema_migrations;
 CREATE DEFINER = 'root'@'localhost' EVENT IF NOT EXISTS pushbox.pushbox_cleanup ON SCHEDULE EVERY 1 DAY STARTS CURRENT_TIMESTAMP + INTERVAL 1 DAY COMMENT 'Clean up pushbox' DO DELETE FROM pushbox.pushboxv1 WHERE TTL < unix_timestamp();
-CREATE DATABASE IF NOT EXISTS fxa_oauth;
-CREATE DEFINER = 'root'@'localhost' EVENT IF NOT EXISTS fxa_oauth.prune_oauth_authorization_codes ON SCHEDULE EVERY 1 DAY STARTS CURRENT_TIMESTAMP + INTERVAL 1 DAY COMMENT 'Prune oauth authorization codes older than 1 day' DO DELETE FROM fxa_oauth.codes WHERE TIMESTAMPDIFF(SECOND, createdAt, NOW()) > 86400;
 CREATE DEFINER = 'root'@'localhost' EVENT IF NOT EXISTS sync.not_expire ON SCHEDULE EVERY 1 DAY STARTS CURRENT_TIMESTAMP + INTERVAL 1 DAY DISABLE COMMENT 'sync bso not expire' DO UPDATE sync.bso set ttl=2147483647 WHERE  EXISTS ( SELECT data_type FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema="sync" and table_name="bso" and column_name="ttl" and data_type="int" ) AND ttl !=2147483647 ;
 ALTER DEFINER = 'root'@'localhost' EVENT sync.not_expire DISABLE;

_init/mysql/init_bso_ttl.sql

@@ -2,7 +2,5 @@ CREATE DATABASE IF NOT EXISTS sync;
 CREATE DATABASE IF NOT EXISTS pushbox;
 DROP TABLE IF EXISTS pushbox.__diesel_schema_migrations;
 CREATE DEFINER = 'root'@'localhost' EVENT IF NOT EXISTS pushbox.pushbox_cleanup ON SCHEDULE EVERY 1 DAY STARTS CURRENT_TIMESTAMP + INTERVAL 1 DAY COMMENT 'Clean up pushbox' DO DELETE FROM pushbox.pushboxv1 WHERE TTL < unix_timestamp();
-CREATE DATABASE IF NOT EXISTS fxa_oauth;
-CREATE DEFINER = 'root'@'localhost' EVENT IF NOT EXISTS fxa_oauth.prune_oauth_authorization_codes ON SCHEDULE EVERY 1 DAY STARTS CURRENT_TIMESTAMP + INTERVAL 1 DAY COMMENT 'Prune oauth authorization codes older than 1 day' DO DELETE FROM fxa_oauth.codes WHERE TIMESTAMPDIFF(SECOND, createdAt, NOW()) > 86400;
 CREATE DEFINER = 'root'@'localhost' EVENT IF NOT EXISTS sync.not_expire ON SCHEDULE EVERY 1 DAY STARTS CURRENT_TIMESTAMP + INTERVAL 1 DAY DISABLE COMMENT 'sync bso not expire' DO UPDATE sync.bso set ttl=2147483647 WHERE  EXISTS ( SELECT data_type FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema="sync" and table_name="bso" and column_name="ttl" and data_type="int" ) AND ttl !=2147483647 ;
 ALTER DEFINER = 'root'@'localhost' EVENT sync.not_expire ENABLE;

docker-compose.tmpl.yml

@@ -367,7 +367,9 @@ services:
     command: sh -c "node scripts/gen_keys.js; node scripts/oauth_gen_keys.js ; node scripts/gen_vapid_keys.js  && /wait && node bin/key_server.js"
     #! docker inspect to see health result
     healthcheck:
-      test: node scripts/prune-tokens.js --maxTokenAge='1 month' --maxCodeAge='1 month' || exit 1
+      #! ttl 86400000 -> 1day in ms
+      #! Note: prune-oauth-authorization-codes has limit to 10000
+      test: ( node scripts/prune-tokens.js --maxTokenAge='1 month' --maxCodeAge='1 month'; node scripts/prune-oauth-authorization-codes.js --ttl 86400000 )  || exit 1
       interval: 24h
       retries: 0
       timeout: 10m