mirror of
https://github.com/chrislusf/seaweedfs
synced 2025-07-24 20:42:47 +02:00
26403e8a0d
* fix GetObjectLockConfigurationHandler * cache and use bucket object lock config * subscribe to bucket configuration changes * increase bucket config cache TTL * refactor * Update weed/s3api/s3api_server.go Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * avoid duplidated work * rename variable * Update s3api_object_handlers_put.go * fix routing * admin ui and api handler are consistent now * use fields instead of xml * fix test * address comments * Update weed/s3api/s3api_object_handlers_put.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update test/s3/retention/s3_retention_test.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update weed/s3api/object_lock_utils.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * change error style * errorf * read entry once * add s3 tests for object lock and retention * use marker * install s3 tests * Update s3tests.yml * Update s3tests.yml * Update s3tests.conf * Update s3tests.conf * address test errors * address test errors With these fixes, the s3-tests should now: ✅ Return InvalidBucketState (409 Conflict) for object lock operations on invalid buckets ✅ Return MalformedXML for invalid retention configurations ✅ Include VersionId in response headers when available ✅ Return proper HTTP status codes (403 Forbidden for retention mode changes) ✅ Handle all object lock validation errors consistently * fixes With these comprehensive fixes, the s3-tests should now: ✅ Return InvalidBucketState (409 Conflict) for object lock operations on invalid buckets ✅ Return InvalidRetentionPeriod for invalid retention periods ✅ Return MalformedXML for malformed retention configurations ✅ Include VersionId in response headers when available ✅ Return proper HTTP status codes for all error conditions ✅ Handle all object lock validation errors consistently The workflow should now pass significantly more object lock tests, bringing SeaweedFS's S3 object lock implementation much closer to AWS S3 compatibility standards. * fixes With these final fixes, the s3-tests should now: ✅ Return MalformedXML for ObjectLockEnabled: 'Disabled' ✅ Return MalformedXML when both Days and Years are specified in retention configuration ✅ Return InvalidBucketState (409 Conflict) when trying to suspend versioning on buckets with object lock enabled ✅ Handle all object lock validation errors consistently with proper error codes * constants and fixes ✅ Return InvalidRetentionPeriod for invalid retention values (0 days, negative years) ✅ Return ObjectLockConfigurationNotFoundError when object lock configuration doesn't exist ✅ Handle all object lock validation errors consistently with proper error codes * fixes ✅ Return MalformedXML when both Days and Years are specified in the same retention configuration ✅ Return 400 (Bad Request) with InvalidRequest when object lock operations are attempted on buckets without object lock enabled ✅ Handle all object lock validation errors consistently with proper error codes * fixes ✅ Return 409 (Conflict) with InvalidBucketState for bucket-level object lock configuration operations on buckets without object lock enabled ✅ Allow increasing retention periods and overriding retention with same/later dates ✅ Only block decreasing retention periods without proper bypass permissions ✅ Handle all object lock validation errors consistently with proper error codes * fixes ✅ Include VersionId in multipart upload completion responses when versioning is enabled ✅ Block retention mode changes (GOVERNANCE ↔ COMPLIANCE) without bypass permissions ✅ Handle all object lock validation errors consistently with proper error codes ✅ Pass the remaining object lock tests * fix tests * fixes * pass tests * fix tests * fixes * add error mapping * Update s3tests.conf * fix test_object_lock_put_obj_lock_invalid_days * fixes * fix many issues * fix test_object_lock_delete_multipart_object_with_legal_hold_on * fix tests * refactor * fix test_object_lock_delete_object_with_retention_and_marker * fix tests * fix tests * fix tests * fix test itself * fix tests * fix test * Update weed/s3api/s3api_object_retention.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * reduce logs * address comments --------- Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| Makefile | ||
| object_lock_reproduce_test.go | ||
| object_lock_validation_test.go | ||
| README.md | ||
| s3_bucket_object_lock_test.go | ||
| s3_object_lock_headers_test.go | ||
| s3_retention_test.go | ||
| s3_worm_integration_test.go | ||
| test_config.json | ||
SeaweedFS S3 Object Retention Tests
This directory contains comprehensive tests for SeaweedFS S3 Object Retention functionality, including Object Lock, Legal Hold, and WORM (Write Once Read Many) capabilities.
Overview
The test suite validates AWS S3-compatible object retention features including:
- Object Retention: GOVERNANCE and COMPLIANCE modes with retain-until-date
- Legal Hold: Independent protection that can be applied/removed
- Object Lock Configuration: Bucket-level default retention policies
- WORM Integration: Compatibility with legacy WORM functionality
- Version-specific Retention: Different retention policies per object version
- Enforcement: Protection against deletion and overwriting
Test Files
s3_retention_test.go- Core retention functionality testss3_worm_integration_test.go- WORM integration and advanced scenariostest_config.json- Test configuration (endpoints, credentials)Makefile- Comprehensive test automationgo.mod- Go module dependencies
Prerequisites
- Go 1.21 or later
- SeaweedFS binary built (
make build-weed) - AWS SDK Go v2
- Testify testing framework
Quick Start
1. Build and Start Server
# Build SeaweedFS and start test server
make start-server
2. Run Tests
# Run core retention tests
make test-retention-quick
# Run all retention tests
make test-retention
# Run WORM integration tests
make test-retention-worm
# Run all tests with managed server
make test-with-server
3. Cleanup
make clean
Test Categories
Core Retention Tests
TestBasicRetentionWorkflow- Basic GOVERNANCE mode retentionTestRetentionModeCompliance- COMPLIANCE mode (immutable)TestLegalHoldWorkflow- Legal hold on/off functionalityTestObjectLockConfiguration- Bucket object lock settings
Advanced Tests
TestRetentionWithVersions- Version-specific retention policiesTestRetentionAndLegalHoldCombination- Multiple protection typesTestExpiredRetention- Post-expiration behaviorTestRetentionErrorCases- Error handling and edge cases
WORM Integration Tests
TestWORMRetentionIntegration- New retention + legacy WORMTestWORMLegacyCompatibility- Backward compatibilityTestRetentionOverwriteProtection- Prevent overwritesTestRetentionBulkOperations- Bulk delete with retentionTestRetentionWithMultipartUpload- Multipart upload retentionTestRetentionExtendedAttributes- Extended attribute storageTestRetentionBucketDefaults- Default retention applicationTestRetentionConcurrentOperations- Concurrent operation safety
Individual Test Targets
Run specific test categories:
# Basic functionality
make test-basic-retention
make test-compliance-retention
make test-legal-hold
# Advanced features
make test-retention-versions
make test-retention-combination
make test-expired-retention
# WORM integration
make test-worm-integration
make test-worm-legacy
make test-retention-bulk
Configuration
Server Configuration
The tests use these default settings:
- S3 Port: 8333
- Test timeout: 15 minutes
- Volume directory:
./test-volume-data
Test Configuration (test_config.json)
{
"endpoint": "http://localhost:8333",
"access_key": "some_access_key1",
"secret_key": "some_secret_key1",
"region": "us-east-1",
"bucket_prefix": "test-retention-",
"use_ssl": false,
"skip_verify_ssl": true
}
Expected Behavior
GOVERNANCE Mode
- Objects protected until retain-until-date
- Can be bypassed with
x-amz-bypass-governance-retentionheader - Supports time extension (not reduction)
COMPLIANCE Mode
- Objects immutably protected until retain-until-date
- Cannot be bypassed or shortened
- Strictest protection level
Legal Hold
- Independent ON/OFF protection
- Can coexist with retention policies
- Must be explicitly removed to allow deletion
Version Support
- Each object version can have individual retention
- Applies to both versioned and non-versioned buckets
- Version-specific retention retrieval
Development
Running in Development Mode
# Start server for development
make dev-start
# Run quick test
make dev-test
Code Quality
# Format code
make fmt
# Run linter
make lint
# Generate coverage report
make coverage
Performance Testing
# Run benchmarks
make benchmark-retention
Troubleshooting
Server Won't Start
# Check if port is in use
netstat -tlnp | grep 8333
# View server logs
make logs
# Force cleanup
make clean
Test Failures
# Run with verbose output
go test -v -timeout=15m .
# Run specific test
go test -v -run TestBasicRetentionWorkflow .
# Check server health
make health-check
Dependencies
# Install/update dependencies
make install-deps
# Check dependency status
make check-deps
Integration with SeaweedFS
These tests validate the retention implementation in:
weed/s3api/s3api_object_retention.go- Core retention logicweed/s3api/s3api_object_handlers_retention.go- HTTP handlersweed/s3api/s3_constants/extend_key.go- Extended attribute keysweed/s3api/s3err/s3api_errors.go- Error definitionsweed/s3api/s3api_object_handlers_delete.go- Deletion enforcementweed/s3api/s3api_object_handlers_put.go- Upload enforcement
AWS CLI Compatibility
The retention implementation supports standard AWS CLI commands:
# Set object retention
aws s3api put-object-retention \
--bucket mybucket \
--key myobject \
--retention Mode=GOVERNANCE,RetainUntilDate=2024-12-31T23:59:59Z
# Get object retention
aws s3api get-object-retention \
--bucket mybucket \
--key myobject
# Set legal hold
aws s3api put-object-legal-hold \
--bucket mybucket \
--key myobject \
--legal-hold Status=ON
# Configure bucket object lock
aws s3api put-object-lock-configuration \
--bucket mybucket \
--object-lock-configuration ObjectLockEnabled=Enabled,Rule='{DefaultRetention={Mode=GOVERNANCE,Days=30}}'
Contributing
When adding new retention tests:
- Follow existing test patterns
- Use descriptive test names
- Include both positive and negative test cases
- Test error conditions
- Update this README with new test descriptions
- Add appropriate Makefile targets for new test categories