feat(repo)gcs: add support for versioning and retention

[guestisp]

still a WIP but this PR aim to add support for versioning and retention for malware protection to the native Google Cloud Storage backend

backup and retention extension are working as expected
point in time still doesn't work, probably i need some help in this regard.

[codecov]

Codecov Report

Attention: Patch coverage is 33.33333% with 8 lines in your changes are missing coverage. Please review.

Project coverage is 75.83%. Comparing base (e389d92) to head (22ab4e7).
Report is 124 commits behind head on master.

❗ Current head 22ab4e7 differs from pull request most recent head 2cb602f. Consider uploading reports for the commit 2cb602f to get more accurate results

Files	Patch %	Lines
cli/storage_gcs.go	33.33%	7 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #3564      +/-   ##
==========================================
+ Coverage   75.81%   75.83%   +0.01%     
==========================================
  Files         465      465              
  Lines       37171    37183      +12     
==========================================
+ Hits        28183    28199      +16     
+ Misses       7059     7056       -3     
+ Partials     1929     1928       -1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[guestisp]

Can someone help a bit ?

[KastenMike]

Suggested change

	Mode: "Unlocked",
	Mode: blob.Locked,

[KastenMike]

Suggested change

	retentionMode := "Unlocked" // TODO: properly handle lock mode
	retentionMode := blob.Locked

[KastenMike]

in general the Println's can go

[kreare]

i know, it's a WIP . i've opened the PR asking for help because im stuck in object sorting

[KastenMike]

I'll look into it Today, see if I notice anything

[kreare]

main issue i had is that GCS doesn't allow sorting object versions by creation time so i had to list all versions, sort manually by creation time, cycle the result and keep the newestthan (or older then). but im not a Go programmer, i had huge issues trying to sort and debug this thing. i have an apparently working version on my laptop but i'm not confident on why It works 🤣

(probably on Discord i can explain better)

[KastenMike]

So a couple notes from looking at it.

• blob versions are automatically sorted from oldest to most recently created so no need to add sorting anywhere
• IsDeleteMarker needs to consider not only if Deleted is set but also if it was deleted after the PIT e.g. !oi.Deleted.IsZero() && (gcs.PointInTime == nil || oi.Deleted.Before(*gcs.PointInTime)). This is because GCS decided to mark every previous version as being deleted. For convenience you can change infoToVersionMetadata to be a method instead of func
• newestAtUnlessDeleted needs to return !v.IsDeleteMarker as mentioned in another comment
• getOlderThan needs return vs[:i] like Azure since they're ascending

If you make these changes then PIT will work as expected

Not really to PIT in particular:
I guess better if Timestamp is .Created rather than .Updated

[KastenMike]

They might not have custom sorting, but we don't need it. Or manual sorting. You can delete your sort calls and create 10 versions of a blob and every list command will have them in ascending order at the PRE SORT log you added

[kreare]

You can see the changes I mentioned here

return v, true is not correct since it would return deleted blobs e.g. PIT=15:00, blob deleted 14:00 even when it is the latest/only blob version

I've seen your branch. If it works, i can safely drop this PR and fork yours as mine was just a wip and not a working one.

[KastenMike]

Probably they just added sorting to blobs in the time since you created this PR

[kreare]

They might not have custom sorting, but we don't need it. Or manual sorting. You can delete your sort calls and create 10 versions of a blob and every list command will have them in ascending order at the PRE SORT log you added

When i did this PR it wasn't stable, that's why i've added a sort function, trying to make that stable. Probably they have changed something .....

[kreare]

Probably they just added sorting to blobs in the time since you created this PR

Honestly, looking carefully at the versioning list, probably they don't have a sorting option for object NAMES, but the versions are named with the timestamp and even if you sort them lexicographically (https://pkg.go.dev/cloud.google.com/go/storage#BucketHandle.Objects) a timestamp is always sorted properly (as long as you don't add digits). So, probably, it always worked in this way, i've added a buggy code for a non-existant issue. Shame on me.

[KastenMike]

here you assume a blob is never deleted

[KastenMike]

You're sorting both here and in newestAtUnlessDeleted

[KastenMike]

We also should error if attrs.ObjectRetentionMode != "Enabled"
Otherwise connecting/creating to a repo fails: ERROR cannot initialize repository: unable to write blobcfg blob: PutBlob() failed for "kopia.blobcfg": unable to complete PutBlob(kopia.blobcfg) despite 10 retries: unexpected GCS error: googleapi: Error 400: Bucket does not have object retention enabled., invalid

[KastenMike]

A separate check would be better. That way you can highlight that ObjectRetention is the problem in the err

[KastenMike]

it should be func (gcs *gcsStorage) infoToVersionMetadata for this to work

[KastenMike]

Suggested change

	Mode: blob.Locked,
	Mode: string(blob.Locked),

[KastenMike]

Suggested change

	Mode: retentionMode,
	Mode: string(blob.Locked),

[KastenMike]

It seems this isn't used and can be removed

[KastenMike]

Suggested change

	func (gcs *gcsStorage) listBlobVersions(ctx context.Context, prefix blob.ID, callback versionMetadataCallback) error {
	func (gcs *gcsPointInTimeStorage) listBlobVersions(ctx context.Context, prefix blob.ID, callback versionMetadataCallback) error {

I guess everything in here should be gcsPointInTimeStorage rather than gcsStorage

[KastenMike]

Suggested change

	return blob.ID(prefix + strings.TrimPrefix(blobName, prefix))
	return blob.ID(strings.TrimPrefix(blobName, prefix))

[KastenMike]

imo it would be better to do the Azure style where getVersionedBlobMeta calls az.getBlobMeta(it). This way there is only 1 place in the code where versionMetadata is created & (there should be, but I missed a bit) 1 place where blob.Metadata is created.

Also it would mean the non-versioned code doesn't touch the versioned side which imo is better. e.g. this calls GetMetadata rather than GetMetadata calling this & discarding things

getVersionedBlobMeta also sounds better than infoToVersionMetadata imo

[KastenMike]

Some follow up comments based on the current state of the PR, I also left a few more on this PR:

• Can you create an isCreate check on Connect like Azure/AWS has
• separate out !attrs.VersioningEnabled || attrs.ObjectRetentionMode != "Enabled" checks
• string(blob.Locked) as mentioned in a comment to get around compilation issues-
• remove the sorts
• remove the print statements

Otherwise it looks ok 👍

Finally could you add some test coverage and a documentation section for this PR as 2 separate PRs? The test coverage can be a new branch based off this one (PR train~) to avoid the PR getting to big
Docs can just be a small section added like this for Azure
For tests you could mimic azure_versioned_test.go and azure_immu_test.go

[kreare]

Some follow up comments based on the current state of the PR, I also left a few more on this PR:

• Can you create an isCreate check on Connect like Azure/AWS has
• separate out !attrs.VersioningEnabled || attrs.ObjectRetentionMode != "Enabled" checks
• string(blob.Locked) as mentioned in a comment to get around compilation issues-
• remove the sorts
• remove the print statements

Otherwise it looks ok 👍

Finally could you add some test coverage and a documentation section for this PR as 2 separate PRs? The test coverage can be a new branch based off this one (PR train~) to avoid the PR getting to big Docs can just be a small section added like this for Azure For tests you could mimic azure_versioned_test.go and azure_immu_test.go

currently i'm a little bit busy at work and my current version rebuilt locally (a couple of days ago) with the new laptop and newer Go version doesn't work anymore, it crash and i don't have time to troubleshoot due to lack of time

i can do the above suggested fixes but i don't have time to test or write docs, in a short time

[KastenMike]

Suggested change

	ObjectRetention := &storage.ObjectRetention{
	objectRetention := &storage.ObjectRetention{

[julio-lopez]

Implemented.