feat: replace sandboxes-api with editor-service sessions API

[odinuv]

https://linear.app/keboola/issue/AJDA-1942

Description

Replaces all usages of the sandboxes-api PHP client with the editor-service sessions API (SQL workspaces) and the sandboxes-service-api-client (Python/R sandboxes), as the sandboxes API is being turned off. Introduces a lightweight EditorServiceClient with list and delete endpoints, adds Python/R sandbox deletion via Job Queue jobs, and removes the now-obsolete DeleteProjectSandboxes command.

Ownership model

The two resource types use different identity anchors:

• Editor sessions are bound to userId, which is stable for the entire lifetime of the user in the system. A session is ownerless when userId is no longer present among any active project token's admin.id.
• Python/R sandbox configs are bound to creatorToken.id, which is re-issued every time a user leaves and re-enters a project (the old token is deleted, a new one issued). A config is ownerless when its creatorToken.id no longer exists in listTokens(). A user who rejoins the project keeps their editor sessions but loses their old sandbox configs — this is intentional and matches the previous sandboxes-api behavior.

Job-queue deletion fallback

The normal deletion path enqueues a keboola.sandboxes job with task=delete; the job deletes the app on success. If job creation fails, the app may already be in a partially-deleted state, so the catch block calls deleteApp() + double-deleteConfiguration() to finish cleanup directly rather than leaving things inconsistent.

Release Notes

Change Type
Refactoring / internal improvement — migrates from sandboxes-api to editor-service and sandbox-service APIs; adds Python/R sandbox handling to ownerless workspace cleanup commands.

Justification
The sandboxes API is being turned off. SQL workspace sessions are now listed via the editor-service and deleted by removing the associated storage configuration (double-call pattern to purge from trash). Python/R sandboxes are listed via the sandbox-service API and deleted via a Job Queue job of keboola.sandboxes.

Plans for Customer Communication
No customer-facing changes; these are internal maintenance CLI commands.

Impact Analysis
Low risk. Affects three commands (DeleteOwnerlessWorkspaces, DeleteOrganizationOwnerlessWorkspaces, MassDeleteProjectWorkspaces) and removes one (DeleteProjectSandboxes). No breaking changes to command interfaces. Adds dependency on keboola/sandboxes-service-api-client and keboola/service-client.

⚠️ Blocker: composer.json currently references keboola/sandboxes-service-api-client: dev-odin/AJDA-1942 (the upstream branch that adds the types filter to AppsApiClient::listApps()). This must be replaced with a stable tagged release (^1.8.0) before merging. Tracked in keboola/sandboxes-service-api-php-client.

Deployment Plan
Standard CI/CD continuous deployment across all stacks.

Rollback Plan
Standard git revert if issues detected post-deployment.

Post-Release Support Plan
No follow-up actions needed.

[linear]

AJDA-1942 [kbc-cli] Upravit zakladani sandboxu

[ondrajodas]

Code review

Found 2 issues:

1. deleteConfiguration() is called twice consecutively with identical arguments in all three modified command files. If this is intentional (e.g. soft-delete then purge from trash), a comment should explain it — the previous implementation in PR add cmd 'manage:mass-delete-project-workspaces' #69 included such a comment. If unintentional, the second call will hit a 404 since the configuration was already deleted, crashing the loop mid-execution.

cli-utils/src/Keboola/Console/Command/DeleteOrganizationOwnerlessWorkspaces.php

Lines 162 to 165 in 8fe9a50

	$components = new Components($branchClient);
	$components->deleteConfiguration($session['componentId'], $session['configurationId']);
	$components->deleteConfiguration($session['componentId'], $session['configurationId']);
	}

Same pattern in:

• cli-utils/src/Keboola/Console/Command/DeleteOwnerlessWorkspaces.php

  Lines 107 to 110 in 8fe9a50

  	$components = new Components($branchClient);
  	$components->deleteConfiguration($componentId, $configurationId);
  	$components->deleteConfiguration($componentId, $configurationId);
  	}

• cli-utils/src/Keboola/Console/Command/MassDeleteProjectWorkspaces.php

  Lines 117 to 120 in 8fe9a50

  	$components = new Components($branchClient);
  	$components->deleteConfiguration($session['componentId'], $session['configurationId']);
  	$components->deleteConfiguration($session['componentId'], $session['configurationId']);

2. EditorServiceClient queries /sql/sessions only. The endpoint name suggests SQL-scoped sessions, whereas the old sandboxes-api client covered all workspace types (Python, Jupyter, RStudio, database workspaces). If editor-service has separate endpoints for non-SQL session types, this PR would silently stop cleaning up those sessions without any error or log output.

cli-utils/src/Keboola/Console/Command/EditorServiceClient.php

Lines 24 to 28 in 8fe9a50

	public function listSessions(): array
	{
	$response = $this->httpClient->request('GET', '/sql/sessions', [
	'query' => ['listAll' => '1'],
	]);

🤖 Generated with Claude Code

_{- If this code review was useful, please react with 👍. Otherwise, react with 👎.}

[ondrajodas]

1 - je to pokaždé jiný use-case, takže v pohodě
2 - to je pravda no, že tímto budeme mazat jen SQL worksapces

[odinuv]

ad 2. no to není pravda ne? tam byly podmínky

       if (!in_array($sandbox->getType(), Sandbox::CONTAINER_TYPES)) {
            // it is a database workspace
            if (empty($sandbox->getPhysicalId())) {
                $output->writeln('No underlying storage workspace found for sandboxId ' . $sandbox->getId());

Takže to mazalo jen DB workspaces, ne?

[ondrajodas]

no ale když vezmeš celý kus kódu:
https://github.com/keboola/cli-utils/blob/main/src/Keboola/Console/Command/DeleteOwnerlessWorkspaces.php#L95C13-L117C14

tak je to mazalo... konkrétně na řádku 116

[odinuv]

A kuš, tak to jsem přehlídl!

Tak zpátky do výroby

[odinuv]

@ondrajodas Je to nakonec celkem dost předělaný - snažil jsem se to spíš udělat tak, aby to dávalo nějakej smysl než nutně přesně tak jak to bylo předtím :D

[ondrajodas]

asi to bude v pohodě, jen drobnosti

[ondrajodas]

[ondrajodas]

dřív tu byl check jestli existuje token a teď se kontroluje jestli je uživatel v projektu?

asi ok, ale zůstanou tu WSs které mají neplatný token

[ondrajodas]

platí pro oba commandy

[odinuv]

Upravil jsem popis a doplnil tam comment aby to bylo jasnější, editor je vázáný na uživatele (a jinak není v UI vidět), sandbox na token