feat(repository): Add support for Azure DeleteBlob operations where immutability protection is on

[KastenMike]

Currently kopia does not support Azure where blobs are protected by something like a policy. A session file might be prevented by a 5 day protection window but it wants to be deleted immediately. This gets around that issue e.g.

Other related Azure changes in a PR train:

• feat(repository): Add ExtendBlobRetention support for Azure
• feat(repository): Add support for Azure immutability protection
• feat(repository): Add Azure PIT support
• docs(site): Add Azure ransomware protection section

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (1ea14a0) 75.82% compared to head (8ebc27a) 75.81%.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #3394      +/-   ##
==========================================
- Coverage   75.82%   75.81%   -0.01%     
==========================================
  Files         465      465              
  Lines       37165    37165              
==========================================
- Hits        28179    28178       -1     
  Misses       7055     7055              
- Partials     1931     1932       +1     

see 3 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[julio-lopez]

@KastenMike See inline comments. Thanks.

[julio-lopez]

A response from the server is an "external input" and should be validated. Check that VersionID is set before de-referencing it.

[KastenMike]

Since this path is only reached for those with versioning + immutability support enabled the VersionID can assumed to be populated like how things like *it.Properties.ContentLength are also not checked for...but will add some checks

[julio-lopez]

Understood.
Nevertheless,

• a client should always validate the response and never trust that the server is sending a valid response;
• similarly, a server should never trust that a client is sending a correct request.

[julio-lopez]

It may make sense to simply log the error and return success in this case. WDYT?

Something like:

Suggested change

	return errors.Wrap(err, "failed to get versioned blob client")
	log(ctx).Info("failed to get versioned client for deleting blob version for delete marker", err)
	return nil

[KastenMike]

There's no logging in any of the client funcs but I can silently return null if preferred, but I guess the odds of an error being hit are very low

[julio-lopez]

The odds of the error occurring seem low, however at a large enough scale, the error will certainly happen. Silently ignoring the error makes it really hard to debug when the error does occur. We can add the log message. This is unlikely to become noisy, but if it does, we can change the level to Debug, or we can consider other alternatives such as adding a counter for "handled" errors, or some other mechanism.

[julio-lopez]

Same here, if the 0-byte blob version could not be deleted, it seems OK to not fail the blob delete operation. Removing the specific blob version could happen in the background via a 3rd party process such as lifecycle policy in the blob store.

Suggested change

	return errors.Wrap(err, "failed to delete the delete marker blob version")
	log(ctx).Info("failed to delete the delete marker blob version", err)

[julio-lopez]

Running provider tests as well, and the Azure tests passed. https://github.com/kopia/kopia/actions/runs/6636153104/job/18028167562?pr=3394

[julio-lopez]

This works, however the pattern elsewhere is to have a package-level variable.

[julio-lopez]

isn't this going to require a blank line before the return statement?
Same below.

[julio-lopez]

Apparently not.

[julio-lopez]

Core provider tests => https://github.com/kopia/kopia/actions/runs/6646559684/job/18060262479?pr=3394

[julio-lopez]

Thanks @KastenMike