Page MenuHomeSoftware Heritage

Handle TOCTOU in azure objstorage add()
ClosedPublic

Authored by olasd on Fri, May 15, 10:30 AM.

Details

Summary

There's an unavoidable race condition in the azure objstorage between the
existence check and upload. When this race condition happens and we upload the
same blob twice, one of the uploads is rejected with a ResourceExistsError.

This change brings the azure objstorage back to idempotence.

Fixes sentry error SWH-STORAGE-G6.

Test Plan

new tox test added, adding the same object twice (and forcing the
ResourceExistsError).

Diff Detail

Repository
rDOBJS Object storage
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

olasd created this revision.Fri, May 15, 10:30 AM

Build is green

Patch application report for D3155 (id=11209)

Rebasing onto f485201c26...

Current branch diff-target is up to date.
Changes applied before test
commit d61fd8afc61226d5471da5dbcfcd95da093fc283
Author: Nicolas Dandrimont <nicolas@dandrimont.eu>
Date:   Fri May 15 10:27:06 2020 +0200

    Handle TOCTOU in azure objstorage add()
    
    There's an unavoidable race condition in the azure objstorage between the
    existence check and upload. When this race condition happens and we upload the
    same blob twice, one of the uploads is rejected with a `ResourceExistsError`.
    
    This change brings the azure objstorage back to idempotence.
    
    Fixes sentry error SWH-STORAGE-G6.

See https://jenkins.softwareheritage.org/job/DOBJS/job/tests-on-diff/10/ for more details.

ardumont accepted this revision.Fri, May 15, 10:34 AM
This revision is now accepted and ready to land.Fri, May 15, 10:34 AM
This revision was automatically updated to reflect the committed changes.