Fix multipart uploads with checksums on object locked buckets #6794

avantgardnerio · 2024-11-25T18:53:24Z

Which issue does this PR close?

Closes #6793.

Rationale for this change

Described in issue

What changes are included in this PR?

A failing test

Are there any user-facing changes?

Multipart uploads fail

thinkharderdev · 2024-11-25T20:44:39Z

So there are a couple of issues with how multi-part upload is implemented:

The initial PUT request to CreateMultipartUpload must specify the checksum algo or else calling PutPart with the checksum will fail (eg set x-amz-checksum-algorithm: SHA256 on the request)
When calling CompleteMultipartUpload we need to send all the part checksums in the request (see `https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html)

So this means that we need to keep the checksums in the PartId for when we complete the upload

tustvold · 2024-11-27T21:25:36Z

I'm not sure about this, an AWS specific detail now leaks into the public trait for all stores... It also is not immediately obvious when the checksums are needed or not...

I think this needs a bit more thought, I'll try to find some time in the next few weeks

avantgardnerio · 2024-11-27T21:36:01Z

this, an AWS specific detail now leaks into the public trait for all stores... It also is not immediately obvious when the checksums are needed or not...

FWIW: I verified in the new tests we are now writing the checksums at the correct times for when the digest functionality is enabled.

Now I am just trying to get the original tests working for when it isn't.

object_store/src/multipart.rs

thinkharderdev · 2024-11-28T14:53:59Z

It also is not immediately obvious when the checksums are needed or not...

The AWS docs are not very helpful here but we pieced together that to write to an S3 bucket using multi-part with object locking enabled you need to:

Specify the checksum algo in the initial API call to CreateMultiPartUpload
Send the checksum for each part while calling PutPart
When calling CompleteMultipartUpload you need to send the checksum again for each part that was uploaded

The current implementation does 2 but not 1 or 3.

avantgardnerio · 2024-11-28T14:56:21Z

The current implementation does 2 but not 1 or 3.

I'd like to re-iterate that this PR is functionally complete. Although I am unsure about the docs, I am sure it works.

Now I'm just trying to fix the existing s3_test.

thinkharderdev · 2024-11-28T15:00:38Z

The current implementation does 2 but not 1 or 3.

I'd like to re-iterate that this PR is functionally complete. Although I am unsure about the docs, I am sure it works.

Now I'm just trying to fix the existing s3_test.

Sorry, by current implementation I meant what is on master not what is in this PR (which does it correctly) 😄

Was just trying to clarify for @tustvold based on his earlier comment

tustvold · 2024-11-28T16:02:18Z

Was just trying to clarify for @tustvold based on his earlier comment

Right, my comment pertained to the changes to the public API, we now have a somewhat peculiar quirk of AWS leaking out into the public API in a manner that also makes it very unclear when or if I need to specify the checksum or not. I need to find some time to sit down and think about how we could support this, ideally without making a breaking API change.

tustvold · 2024-11-30T10:46:00Z

So I think there is an less intrusive way to support this.

UploadPart is not an issue as the per-part meta is never exposed.

The issue solely concerns MultipartStore, in particular how to carry the checksum through https://docs.rs/object_store/latest/object_store/multipart/struct.PartId.html.

Now we could add a checksum field to this, but this would be a breaking change. However, the content id is intentionally opaque. We could therefore just use the XML encoded https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompletedPart.html instead of an ETag when necessary.

There would need to still be logic to handle an ETag based PartId, as these may have been stored in a database, but detecting this should be trivial e.g. by attempting to decode the XML.

This would avoid needing to make any breaking changes, whilst also being future proof for any of the other checksum types

avantgardnerio · 2024-12-03T18:44:06Z

We could therefore just use the XML encoded

@tustvold done

object_store/src/aws/client.rs

tustvold

I think it is important we don't add implicit checksum enablement, not only because this could break workloads (e.g. those that aren't actually S3), but also because S3 recently added a load of new checksum algorithms

object_store/src/aws/client.rs

object_store/src/client/s3.rs

object_store/src/aws/client.rs

tustvold

Just some minor nits

object_store/src/client/s3.rs

object_store/src/aws/client.rs

avantgardnerio · 2024-12-08T12:59:55Z

@tustvold some unrelated tests started failing. Do you know what's up?

https://github.com/apache/arrow-rs/actions/runs/12221975779/job/34091689971?pr=6794

github-actions bot added the object-store Object Store Interface label Nov 25, 2024

avantgardnerio changed the title ~~Failing test for multipart uploads with signatures~~ Failing test for multipart uploads with digests Nov 25, 2024

avantgardnerio changed the title ~~Failing test for multipart uploads with digests~~ Failing test for multipart uploads with checksums Nov 25, 2024

avantgardnerio force-pushed the bg_multipart_sig branch from 5537c29 to 74f0c9c Compare November 26, 2024 23:36

avantgardnerio requested a review from tustvold November 27, 2024 20:13

tustvold added the api-change Changes to the arrow API label Nov 27, 2024

thinkharderdev reviewed Nov 28, 2024

View reviewed changes

object_store/src/multipart.rs Outdated Show resolved Hide resolved

avantgardnerio force-pushed the bg_multipart_sig branch 3 times, most recently from fc51b10 to 6757413 Compare December 3, 2024 18:43

avantgardnerio requested a review from thinkharderdev December 3, 2024 18:43

tustvold reviewed Dec 3, 2024

View reviewed changes