Add metrics/DLQ record for records getting silently dropped with a warning in reverse replication

[aasthabharill]

https://b.corp.google.com/issues/432145898

Summary

This PR addresses critical issues in the SpannerToSourceDb pipeline where certain error conditions were being silently dropped or causing inefficient worker retries. A thorough investigation of LOG warnings and exceptions revealed that invalid DML generation and specific JSON parsing failures were not being handled robustly.

Changes

1. DML Generation Integrity

• Problem: Previously, when the DMLGenerator encountered invalid requests (e.g., missing primary keys or schema mismatches), it returned an empty string ("") and logged a warning. This caused SourceWriterFn to mistakenly treat the record as "processed" or simply skip it, leading to silent data loss without alerting the user or routing to the Dead Letter Queue (DLQ).
• Fix: Updated MySQLDMLGenerator and CassandraDMLGenerator to throw a new InvalidDMLGenerationException
  instead of returning an empty string.
• Classification: This exception is classified as a Severe Error because its caused due to schema issues that will not resolve upon retry.
• Propagation: The exception is now propagated from DMLGenerator -> InputRecordProcessor -> SourceWriterFn
  It is then caught in SourceWriterFn, correctly unwrapped and identified by SpannerToSourceDbExceptionClassifier, and finally routed to the DLQ with a PERMANENT_ERROR_TAG to ensure visibility and prevent data loss.

2. Robust JSON Parsing & Retry Prevention

• Context: In Dataflow, unchecked exceptions thrown within a DoFn or ParDo cause the worker to retry the bundle indefinitely or until failure, which can stall the pipeline for errors like malformed JSON.
• Problem: FileBasedDeadLetterQueueReconsumer, ConvertChangeStreamErrorRecordToFailsafeElementFn, and
  ConvertDlqRecordToTrimmedShardedDataChangeRecordFn lacked sufficient error handling for malformed input, allowing parsing exceptions to bubble up unchecked.
• Fix: Implemented "Log and Drop" logic for these specific deterministic parsing errors. We now wrap the parsing logic in try-catch blocks to catch IOException and other format exceptions, logging the failure and dropping the refined record instead of crashing the worker. This ensures pipeline stability and prevents one bad record from stalling execution.

[gemini-code-assist]

Summary of Changes

Hello @aasthabharill, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on enhancing the observability and understanding of record processing within the reverse replication pipeline. It introduces a series of detailed comments to existing logging statements across several core components. These comments serve to identify and categorize various error and warning conditions, explicitly noting where records might be silently dropped, where exceptions are handled (or not), and how different issues interact with the Dead Letter Queue (DLQ) and retry mechanisms. This work lays the groundwork for future improvements in error handling, metrics, and DLQ integration by clearly documenting current behaviors and potential points of failure.

Highlights

• Identification of Silently Dropped Records: Extensive comments have been added to LOG.warn statements, particularly within DML generators (CassandraDMLGenerator, MySQLDMLGenerator) and InputRecordProcessor, to explicitly flag instances where records are currently dropped without being sent to a Dead Letter Queue (DLQ).
• Clarification of Error Handling Paths: New comments delineate the expected behavior of various error and warning logs, indicating whether an issue is "severe", "retryable", "seems fine", or "problematic" and how it impacts record processing or DLQ mechanisms.
• Pinpointing Unhandled Exceptions: Specific comments highlight potential code paths where exceptions might occur but are not adequately caught or handled, such as in AssignShardIdFn and ShardingLogicImplFetcher, suggesting areas for robustness improvements.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[codecov]

Codecov Report

❌ Patch coverage is 83.01887% with 9 lines in your changes missing coverage. Please review.
✅ Project coverage is 50.87%. Comparing base (368d6f5) to head (a131cb6).
⚠️ Report is 8 commits behind head on main.

Files with missing lines	Patch %	Lines
...rt/v2/templates/dbutils/dml/MySQLDMLGenerator.java	64.28%	5 Missing ⚠️
...2/templates/dbutils/dml/CassandraDMLGenerator.java	73.33%	4 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##               main    #3200      +/-   ##
============================================
+ Coverage     50.80%   50.87%   +0.06%     
- Complexity     5124     5511     +387     
============================================
  Files           976      976              
  Lines         60058    60098      +40     
  Branches       6569     6572       +3     
============================================
+ Hits          30511    30573      +62     
+ Misses        27406    27370      -36     
- Partials       2141     2155      +14     

Components	Coverage Δ
spanner-templates	71.00% <82.69%> (+<0.01%)	⬆️
spanner-import-export	68.96% <ø> (-0.04%)	⬇️
spanner-live-forward-migration	80.10% <ø> (+<0.01%)	⬆️
spanner-live-reverse-replication	77.75% <82.69%> (+0.03%)	⬆️
spanner-bulk-migration	88.43% <ø> (-0.02%)	⬇️

Files with missing lines	Coverage Δ
...v2/cdc/dlq/FileBasedDeadLetterQueueReconsumer.java	71.26% <100.00%> (+3.08%)	⬆️
...ertChangeStreamErrorRecordToFailsafeElementFn.java	100.00% <100.00%> (ø)
...rtDlqRecordToTrimmedShardedDataChangeRecordFn.java	100.00% <100.00%> (ø)
...es/utils/SpannerToSourceDbExceptionClassifier.java	95.23% <ø> (ø)
...2/templates/dbutils/dml/CassandraDMLGenerator.java	81.48% <73.33%> (-0.23%)	⬇️
...rt/v2/templates/dbutils/dml/MySQLDMLGenerator.java	88.73% <64.28%> (+0.39%)	⬆️

... and 9 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[VardhanThigle]

Should this be InvalidDMLGenerationException instead of a catch all?

[VardhanThigle]

[nit] please consider rewording the comment. Likewise for other places having aastha warning -

[shreyakhajanchi]

Can you test for cases where if the schema is fixed and the severe dlq errors classified as part of the current pr are replayed then they get successfully migrated?

[shreyakhajanchi]

This code is common across other templates, non spanner templates as well. Why do we need to make the change here?

[shreyakhajanchi]

handle the log in InputProcessor as well:
LOG.warn("DML statement is empty for table: " + tableName);

[shreyakhajanchi]

We should not drop the record. Have we encountered any case where the current code was not working or trying indefinitely as mentioned in the description?