1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
18 "git.arvados.org/arvados.git/sdk/go/arvados"
19 "git.arvados.org/arvados.git/sdk/go/arvadosclient"
20 "git.arvados.org/arvados.git/sdk/go/arvadostest"
21 "git.arvados.org/arvados.git/sdk/go/keepclient"
22 "github.com/AdRoll/goamz/aws"
23 "github.com/AdRoll/goamz/s3"
24 check "gopkg.in/check.v1"
29 ac *arvadosclient.ArvadosClient
30 kc *keepclient.KeepClient
33 coll arvados.Collection
37 func (s *IntegrationSuite) s3setup(c *check.C) s3stage {
38 var proj arvados.Group
39 var coll arvados.Collection
40 arv := arvados.NewClientFromEnv()
41 arv.AuthToken = arvadostest.ActiveToken
42 err := arv.RequestAndDecode(&proj, "POST", "arvados/v1/groups", nil, map[string]interface{}{
43 "group": map[string]interface{}{
44 "group_class": "project",
45 "name": "keep-web s3 test",
47 "ensure_unique_name": true,
49 c.Assert(err, check.IsNil)
50 err = arv.RequestAndDecode(&coll, "POST", "arvados/v1/collections", nil, map[string]interface{}{"collection": map[string]interface{}{
51 "owner_uuid": proj.UUID,
52 "name": "keep-web s3 test collection",
53 "manifest_text": ". d41d8cd98f00b204e9800998ecf8427e+0 0:0:emptyfile\n./emptydir d41d8cd98f00b204e9800998ecf8427e+0 0:0:.\n",
55 c.Assert(err, check.IsNil)
56 ac, err := arvadosclient.New(arv)
57 c.Assert(err, check.IsNil)
58 kc, err := keepclient.MakeKeepClient(ac)
59 c.Assert(err, check.IsNil)
60 fs, err := coll.FileSystem(arv, kc)
61 c.Assert(err, check.IsNil)
62 f, err := fs.OpenFile("sailboat.txt", os.O_CREATE|os.O_WRONLY, 0644)
63 c.Assert(err, check.IsNil)
64 _, err = f.Write([]byte("⛵\n"))
65 c.Assert(err, check.IsNil)
67 c.Assert(err, check.IsNil)
69 c.Assert(err, check.IsNil)
70 err = arv.RequestAndDecode(&coll, "GET", "arvados/v1/collections/"+coll.UUID, nil, nil)
71 c.Assert(err, check.IsNil)
73 auth := aws.NewAuth(arvadostest.ActiveTokenUUID, arvadostest.ActiveToken, "", time.Now().Add(time.Hour))
75 Name: s.testServer.Addr,
76 S3Endpoint: "http://" + s.testServer.Addr,
78 client := s3.New(*auth, region)
79 client.Signature = aws.V4Signature
85 projbucket: &s3.Bucket{
90 collbucket: &s3.Bucket{
97 func (stage s3stage) teardown(c *check.C) {
98 if stage.coll.UUID != "" {
99 err := stage.arv.RequestAndDecode(&stage.coll, "DELETE", "arvados/v1/collections/"+stage.coll.UUID, nil, nil)
100 c.Check(err, check.IsNil)
102 if stage.proj.UUID != "" {
103 err := stage.arv.RequestAndDecode(&stage.proj, "DELETE", "arvados/v1/groups/"+stage.proj.UUID, nil, nil)
104 c.Check(err, check.IsNil)
108 func (s *IntegrationSuite) TestS3Signatures(c *check.C) {
109 stage := s.s3setup(c)
110 defer stage.teardown(c)
112 bucket := stage.collbucket
113 for _, trial := range []struct {
119 {true, aws.V2Signature, arvadostest.ActiveToken, "none"},
120 {false, aws.V2Signature, "none", "none"},
121 {false, aws.V2Signature, "none", arvadostest.ActiveToken},
123 {true, aws.V4Signature, arvadostest.ActiveTokenUUID, arvadostest.ActiveToken},
124 {true, aws.V4Signature, arvadostest.ActiveToken, arvadostest.ActiveToken},
125 {false, aws.V4Signature, arvadostest.ActiveToken, ""},
126 {false, aws.V4Signature, arvadostest.ActiveToken, "none"},
127 {false, aws.V4Signature, "none", arvadostest.ActiveToken},
128 {false, aws.V4Signature, "none", "none"},
131 bucket.S3.Auth = *(aws.NewAuth(trial.accesskey, trial.secretkey, "", time.Now().Add(time.Hour)))
132 bucket.S3.Signature = trial.signature
133 _, err := bucket.GetReader("emptyfile")
135 c.Check(err, check.IsNil)
137 c.Check(err, check.NotNil)
142 func (s *IntegrationSuite) TestS3HeadBucket(c *check.C) {
143 stage := s.s3setup(c)
144 defer stage.teardown(c)
146 for _, bucket := range []*s3.Bucket{stage.collbucket, stage.projbucket} {
147 c.Logf("bucket %s", bucket.Name)
148 exists, err := bucket.Exists("")
149 c.Check(err, check.IsNil)
150 c.Check(exists, check.Equals, true)
154 func (s *IntegrationSuite) TestS3CollectionGetObject(c *check.C) {
155 stage := s.s3setup(c)
156 defer stage.teardown(c)
157 s.testS3GetObject(c, stage.collbucket, "")
159 func (s *IntegrationSuite) TestS3ProjectGetObject(c *check.C) {
160 stage := s.s3setup(c)
161 defer stage.teardown(c)
162 s.testS3GetObject(c, stage.projbucket, stage.coll.Name+"/")
164 func (s *IntegrationSuite) testS3GetObject(c *check.C, bucket *s3.Bucket, prefix string) {
165 rdr, err := bucket.GetReader(prefix + "emptyfile")
166 c.Assert(err, check.IsNil)
167 buf, err := ioutil.ReadAll(rdr)
168 c.Check(err, check.IsNil)
169 c.Check(len(buf), check.Equals, 0)
171 c.Check(err, check.IsNil)
174 rdr, err = bucket.GetReader(prefix + "missingfile")
175 c.Check(err, check.ErrorMatches, `404 Not Found`)
178 exists, err := bucket.Exists(prefix + "missingfile")
179 c.Check(err, check.IsNil)
180 c.Check(exists, check.Equals, false)
183 rdr, err = bucket.GetReader(prefix + "sailboat.txt")
184 c.Assert(err, check.IsNil)
185 buf, err = ioutil.ReadAll(rdr)
186 c.Check(err, check.IsNil)
187 c.Check(buf, check.DeepEquals, []byte("⛵\n"))
189 c.Check(err, check.IsNil)
192 resp, err := bucket.Head(prefix+"sailboat.txt", nil)
193 c.Check(err, check.IsNil)
194 c.Check(resp.StatusCode, check.Equals, http.StatusOK)
195 c.Check(resp.ContentLength, check.Equals, int64(4))
198 func (s *IntegrationSuite) TestS3CollectionPutObjectSuccess(c *check.C) {
199 stage := s.s3setup(c)
200 defer stage.teardown(c)
201 s.testS3PutObjectSuccess(c, stage.collbucket, "")
203 func (s *IntegrationSuite) TestS3ProjectPutObjectSuccess(c *check.C) {
204 stage := s.s3setup(c)
205 defer stage.teardown(c)
206 s.testS3PutObjectSuccess(c, stage.projbucket, stage.coll.Name+"/")
208 func (s *IntegrationSuite) testS3PutObjectSuccess(c *check.C, bucket *s3.Bucket, prefix string) {
209 for _, trial := range []struct {
217 contentType: "application/octet-stream",
219 path: "newdir/newfile",
221 contentType: "application/octet-stream",
223 path: "newdir1/newdir2/newfile",
225 contentType: "application/octet-stream",
227 path: "newdir1/newdir2/newdir3/",
229 contentType: "application/x-directory",
232 c.Logf("=== %v", trial)
234 objname := prefix + trial.path
236 _, err := bucket.GetReader(objname)
237 c.Assert(err, check.ErrorMatches, `404 Not Found`)
239 buf := make([]byte, trial.size)
242 err = bucket.PutReader(objname, bytes.NewReader(buf), int64(len(buf)), trial.contentType, s3.Private, s3.Options{})
243 c.Check(err, check.IsNil)
245 rdr, err := bucket.GetReader(objname)
246 if strings.HasSuffix(trial.path, "/") && !s.testServer.Config.cluster.Collections.S3FolderObjects {
247 c.Check(err, check.NotNil)
249 } else if !c.Check(err, check.IsNil) {
252 buf2, err := ioutil.ReadAll(rdr)
253 c.Check(err, check.IsNil)
254 c.Check(buf2, check.HasLen, len(buf))
255 c.Check(bytes.Equal(buf, buf2), check.Equals, true)
259 func (s *IntegrationSuite) TestS3ProjectPutObjectNotSupported(c *check.C) {
260 stage := s.s3setup(c)
261 defer stage.teardown(c)
262 bucket := stage.projbucket
264 for _, trial := range []struct {
272 contentType: "application/octet-stream",
274 path: "newdir/newfile",
276 contentType: "application/octet-stream",
280 contentType: "application/x-directory",
283 c.Logf("=== %v", trial)
285 _, err := bucket.GetReader(trial.path)
286 c.Assert(err, check.ErrorMatches, `404 Not Found`)
288 buf := make([]byte, trial.size)
291 err = bucket.PutReader(trial.path, bytes.NewReader(buf), int64(len(buf)), trial.contentType, s3.Private, s3.Options{})
292 c.Check(err, check.ErrorMatches, `400 Bad Request`)
294 _, err = bucket.GetReader(trial.path)
295 c.Assert(err, check.ErrorMatches, `404 Not Found`)
299 func (s *IntegrationSuite) TestS3CollectionDeleteObject(c *check.C) {
300 stage := s.s3setup(c)
301 defer stage.teardown(c)
302 s.testS3DeleteObject(c, stage.collbucket, "")
304 func (s *IntegrationSuite) TestS3ProjectDeleteObject(c *check.C) {
305 stage := s.s3setup(c)
306 defer stage.teardown(c)
307 s.testS3DeleteObject(c, stage.projbucket, stage.coll.Name+"/")
309 func (s *IntegrationSuite) testS3DeleteObject(c *check.C, bucket *s3.Bucket, prefix string) {
310 s.testServer.Config.cluster.Collections.S3FolderObjects = true
311 for _, trial := range []struct {
322 objname := prefix + trial.path
323 comment := check.Commentf("objname %q", objname)
325 err := bucket.Del(objname)
326 if trial.path == "/" {
327 c.Check(err, check.NotNil)
330 c.Check(err, check.IsNil, comment)
331 _, err = bucket.GetReader(objname)
332 c.Check(err, check.NotNil, comment)
336 func (s *IntegrationSuite) TestS3CollectionPutObjectFailure(c *check.C) {
337 stage := s.s3setup(c)
338 defer stage.teardown(c)
339 s.testS3PutObjectFailure(c, stage.collbucket, "")
341 func (s *IntegrationSuite) TestS3ProjectPutObjectFailure(c *check.C) {
342 stage := s.s3setup(c)
343 defer stage.teardown(c)
344 s.testS3PutObjectFailure(c, stage.projbucket, stage.coll.Name+"/")
346 func (s *IntegrationSuite) testS3PutObjectFailure(c *check.C, bucket *s3.Bucket, prefix string) {
347 s.testServer.Config.cluster.Collections.S3FolderObjects = false
349 // Can't use V4 signature for these tests, because
350 // double-slash is incorrectly cleaned by the aws.V4Signature,
351 // resulting in a "bad signature" error. (Cleaning the path is
352 // appropriate for other services, but not in S3 where object
353 // names "foo//bar" and "foo/bar" are semantically different.)
354 bucket.S3.Auth = *(aws.NewAuth(arvadostest.ActiveToken, "none", "", time.Now().Add(time.Hour)))
355 bucket.S3.Signature = aws.V2Signature
357 var wg sync.WaitGroup
358 for _, trial := range []struct {
362 path: "emptyfile/newname", // emptyfile exists, see s3setup()
364 path: "emptyfile/", // emptyfile exists, see s3setup()
366 path: "emptydir", // dir already exists, see s3setup()
389 c.Logf("=== %v", trial)
391 objname := prefix + trial.path
393 buf := make([]byte, 1234)
396 err := bucket.PutReader(objname, bytes.NewReader(buf), int64(len(buf)), "application/octet-stream", s3.Private, s3.Options{})
397 if !c.Check(err, check.ErrorMatches, `400 Bad.*`, check.Commentf("PUT %q should fail", objname)) {
401 if objname != "" && objname != "/" {
402 _, err = bucket.GetReader(objname)
403 c.Check(err, check.ErrorMatches, `404 Not Found`, check.Commentf("GET %q should return 404", objname))
410 func (stage *s3stage) writeBigDirs(c *check.C, dirs int, filesPerDir int) {
411 fs, err := stage.coll.FileSystem(stage.arv, stage.kc)
412 c.Assert(err, check.IsNil)
413 for d := 0; d < dirs; d++ {
414 dir := fmt.Sprintf("dir%d", d)
415 c.Assert(fs.Mkdir(dir, 0755), check.IsNil)
416 for i := 0; i < filesPerDir; i++ {
417 f, err := fs.OpenFile(fmt.Sprintf("%s/file%d.txt", dir, i), os.O_CREATE|os.O_WRONLY, 0644)
418 c.Assert(err, check.IsNil)
419 c.Assert(f.Close(), check.IsNil)
422 c.Assert(fs.Sync(), check.IsNil)
425 func (s *IntegrationSuite) TestS3GetBucketVersioning(c *check.C) {
426 stage := s.s3setup(c)
427 defer stage.teardown(c)
428 for _, bucket := range []*s3.Bucket{stage.collbucket, stage.projbucket} {
429 req, err := http.NewRequest("GET", bucket.URL("/"), nil)
430 c.Check(err, check.IsNil)
431 req.Header.Set("Authorization", "AWS "+arvadostest.ActiveTokenV2+":none")
432 req.URL.RawQuery = "versioning"
433 resp, err := http.DefaultClient.Do(req)
434 c.Assert(err, check.IsNil)
435 c.Check(resp.Header.Get("Content-Type"), check.Equals, "application/xml")
436 buf, err := ioutil.ReadAll(resp.Body)
437 c.Assert(err, check.IsNil)
438 c.Check(string(buf), check.Equals, "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<VersioningConfiguration xmlns=\"http://s3.amazonaws.com/doc/2006-03-01/\"/>\n")
442 // If there are no CommonPrefixes entries, the CommonPrefixes XML tag
443 // should not appear at all.
444 func (s *IntegrationSuite) TestS3ListNoCommonPrefixes(c *check.C) {
445 stage := s.s3setup(c)
446 defer stage.teardown(c)
448 req, err := http.NewRequest("GET", stage.collbucket.URL("/"), nil)
449 c.Assert(err, check.IsNil)
450 req.Header.Set("Authorization", "AWS "+arvadostest.ActiveTokenV2+":none")
451 req.URL.RawQuery = "prefix=asdfasdfasdf&delimiter=/"
452 resp, err := http.DefaultClient.Do(req)
453 c.Assert(err, check.IsNil)
454 buf, err := ioutil.ReadAll(resp.Body)
455 c.Assert(err, check.IsNil)
456 c.Check(string(buf), check.Not(check.Matches), `(?ms).*CommonPrefixes.*`)
459 // If there is no delimiter in the request, or the results are not
460 // truncated, the NextMarker XML tag should not appear in the response
462 func (s *IntegrationSuite) TestS3ListNoNextMarker(c *check.C) {
463 stage := s.s3setup(c)
464 defer stage.teardown(c)
466 for _, query := range []string{"prefix=e&delimiter=/", ""} {
467 req, err := http.NewRequest("GET", stage.collbucket.URL("/"), nil)
468 c.Assert(err, check.IsNil)
469 req.Header.Set("Authorization", "AWS "+arvadostest.ActiveTokenV2+":none")
470 req.URL.RawQuery = query
471 resp, err := http.DefaultClient.Do(req)
472 c.Assert(err, check.IsNil)
473 buf, err := ioutil.ReadAll(resp.Body)
474 c.Assert(err, check.IsNil)
475 c.Check(string(buf), check.Not(check.Matches), `(?ms).*NextMarker.*`)
479 func (s *IntegrationSuite) TestS3CollectionList(c *check.C) {
480 stage := s.s3setup(c)
481 defer stage.teardown(c)
484 for markers, s.testServer.Config.cluster.Collections.S3FolderObjects = range []bool{false, true} {
487 stage.writeBigDirs(c, dirs, filesPerDir)
488 // Total # objects is:
489 // 2 file entries from s3setup (emptyfile and sailboat.txt)
490 // +1 fake "directory" marker from s3setup (emptydir) (if enabled)
491 // +dirs fake "directory" marker from writeBigDirs (dir0/, dir1/) (if enabled)
492 // +filesPerDir*dirs file entries from writeBigDirs (dir0/file0.txt, etc.)
493 s.testS3List(c, stage.collbucket, "", 4000, markers+2+(filesPerDir+markers)*dirs)
494 s.testS3List(c, stage.collbucket, "", 131, markers+2+(filesPerDir+markers)*dirs)
495 s.testS3List(c, stage.collbucket, "dir0/", 71, filesPerDir+markers)
498 func (s *IntegrationSuite) testS3List(c *check.C, bucket *s3.Bucket, prefix string, pageSize, expectFiles int) {
499 c.Logf("testS3List: prefix=%q pageSize=%d S3FolderObjects=%v", prefix, pageSize, s.testServer.Config.cluster.Collections.S3FolderObjects)
500 expectPageSize := pageSize
501 if expectPageSize > 1000 {
502 expectPageSize = 1000
504 gotKeys := map[string]s3.Key{}
508 resp, err := bucket.List(prefix, "", nextMarker, pageSize)
509 if !c.Check(err, check.IsNil) {
512 c.Check(len(resp.Contents) <= expectPageSize, check.Equals, true)
513 if pages++; !c.Check(pages <= (expectFiles/expectPageSize)+1, check.Equals, true) {
516 for _, key := range resp.Contents {
517 gotKeys[key.Key] = key
518 if strings.Contains(key.Key, "sailboat.txt") {
519 c.Check(key.Size, check.Equals, int64(4))
522 if !resp.IsTruncated {
523 c.Check(resp.NextMarker, check.Equals, "")
526 if !c.Check(resp.NextMarker, check.Not(check.Equals), "") {
529 nextMarker = resp.NextMarker
531 c.Check(len(gotKeys), check.Equals, expectFiles)
534 func (s *IntegrationSuite) TestS3CollectionListRollup(c *check.C) {
535 for _, s.testServer.Config.cluster.Collections.S3FolderObjects = range []bool{false, true} {
536 s.testS3CollectionListRollup(c)
540 func (s *IntegrationSuite) testS3CollectionListRollup(c *check.C) {
541 stage := s.s3setup(c)
542 defer stage.teardown(c)
546 stage.writeBigDirs(c, dirs, filesPerDir)
547 err := stage.collbucket.PutReader("dingbats", &bytes.Buffer{}, 0, "application/octet-stream", s3.Private, s3.Options{})
548 c.Assert(err, check.IsNil)
549 var allfiles []string
550 for marker := ""; ; {
551 resp, err := stage.collbucket.List("", "", marker, 20000)
552 c.Check(err, check.IsNil)
553 for _, key := range resp.Contents {
554 if len(allfiles) == 0 || allfiles[len(allfiles)-1] != key.Key {
555 allfiles = append(allfiles, key.Key)
558 marker = resp.NextMarker
564 if s.testServer.Config.cluster.Collections.S3FolderObjects {
567 c.Check(allfiles, check.HasLen, dirs*(filesPerDir+markers)+3+markers)
569 gotDirMarker := map[string]bool{}
570 for _, name := range allfiles {
571 isDirMarker := strings.HasSuffix(name, "/")
573 c.Check(isDirMarker, check.Equals, false, check.Commentf("name %q", name))
574 } else if isDirMarker {
575 gotDirMarker[name] = true
576 } else if i := strings.LastIndex(name, "/"); i >= 0 {
577 c.Check(gotDirMarker[name[:i+1]], check.Equals, true, check.Commentf("name %q", name))
578 gotDirMarker[name[:i+1]] = true // skip redundant complaints about this dir marker
582 for _, trial := range []struct {
597 {"dir0", "/", "dir0/file14.txt"}, // no commonprefixes
598 {"", "", "dir0/file14.txt"}, // middle page, skip walking dir1
599 {"", "", "dir1/file14.txt"}, // middle page, skip walking dir0
600 {"", "", "dir1/file498.txt"}, // last page of results
601 {"dir1/file", "", "dir1/file498.txt"}, // last page of results, with prefix
602 {"dir1/file", "/", "dir1/file498.txt"}, // last page of results, with prefix + delimiter
603 {"dir1", "Z", "dir1/file498.txt"}, // delimiter "Z" never appears
604 {"dir2", "/", ""}, // prefix "dir2" does not exist
607 c.Logf("\n\n=== trial %+v markers=%d", trial, markers)
610 resp, err := stage.collbucket.List(trial.prefix, trial.delimiter, trial.marker, maxKeys)
611 c.Check(err, check.IsNil)
612 if resp.IsTruncated && trial.delimiter == "" {
613 // goamz List method fills in the missing
614 // NextMarker field if resp.IsTruncated, so
615 // now we can't really tell whether it was
616 // sent by the server or by goamz. In cases
617 // where it should be empty but isn't, assume
618 // it's goamz's fault.
622 var expectKeys []string
623 var expectPrefixes []string
624 var expectNextMarker string
625 var expectTruncated bool
626 for _, key := range allfiles {
627 full := len(expectKeys)+len(expectPrefixes) >= maxKeys
628 if !strings.HasPrefix(key, trial.prefix) || key < trial.marker {
630 } else if idx := strings.Index(key[len(trial.prefix):], trial.delimiter); trial.delimiter != "" && idx >= 0 {
631 prefix := key[:len(trial.prefix)+idx+1]
632 if len(expectPrefixes) > 0 && expectPrefixes[len(expectPrefixes)-1] == prefix {
633 // same prefix as previous key
635 expectNextMarker = key
636 expectTruncated = true
638 expectPrefixes = append(expectPrefixes, prefix)
641 if trial.delimiter != "" {
642 expectNextMarker = key
644 expectTruncated = true
647 expectKeys = append(expectKeys, key)
652 for _, key := range resp.Contents {
653 gotKeys = append(gotKeys, key.Key)
655 var gotPrefixes []string
656 for _, prefix := range resp.CommonPrefixes {
657 gotPrefixes = append(gotPrefixes, prefix)
659 commentf := check.Commentf("trial %+v markers=%d", trial, markers)
660 c.Check(gotKeys, check.DeepEquals, expectKeys, commentf)
661 c.Check(gotPrefixes, check.DeepEquals, expectPrefixes, commentf)
662 c.Check(resp.NextMarker, check.Equals, expectNextMarker, commentf)
663 c.Check(resp.IsTruncated, check.Equals, expectTruncated, commentf)
664 c.Logf("=== trial %+v keys %q prefixes %q nextMarker %q", trial, gotKeys, gotPrefixes, resp.NextMarker)