Skip to main content

Architecture: hbf-data-retention

C4 Component Diagram

Key Flows

Main Retention Cycle

  1. AppService.run() wakes up after EXECUTION_INTERVAL_IN_HOURS hours.
  2. Calls HbfCoreService.getOrganizationsWithDataRetentionPolicy() — fetches all orgs from hbf-core, filters to those with dataRetentionPeriod set.
  3. Calls HbfCoreService.getTenantsWithDataRetentionPolicy() — same pattern for tenants, returning full Tenant objects (needed for organizationId and dataRetentionPeriod).
  4. Calls HbfCoreService.getOrganizationsWithAuditLogRetentionPolicy() — orgs with auditLogsRetentionPeriod set.
  5. If none of the three lists has entries, skips the cycle and sleeps.
  6. For each tenant: calls HbfCoreService.deleteDataTenant, then calls AttachmentsService.deleteOldAttachments(orgId, tenantId, retentionDays).
  7. For each org: calls HbfCoreService.deleteData(orgId).
  8. For each org with audit log policy: calls HbfCoreService.deleteAuditLogs(orgId).
  9. Any item that fails is collected and retried up to THRESHOLD_OF_DELETION_RETIRES times. Remaining failures are logged as warnings.

S3 Attachment Cleanup

  1. AttachmentsService.deleteOldAttachments builds a cutoff date (now - retentionDays).
  2. Paginates ListObjectsV2 over {orgId}/{tenantId}/attachments/.
  3. Filters objects where LastModified < cutoffDate.
  4. Sends DeleteObjectsCommand in batches of up to 1000 keys (S3 API limit).
  5. Logs partial S3 failures (individual key errors) as warnings; returns total deleted count.