Return 406 if Accept-Encoding doesn't match store Content-Encoding #264
Conversation
|
I think my editor also removed some trailing whitespaces... But getting rid of those is just a bonus I guess. |
jhford
left a comment
jhford
left a comment
There was a problem hiding this comment.
Please use existing code where it makes sense instead of reimplementing functionality. The existing code does much more exhaustive checks.
src/artifacts.js
Outdated
| 'available in one of these encodings.', | ||
| '', | ||
| 'To download this artifact the request must support `Content-Encoding: {{contentEncoding}}`,', | ||
| 'the request can indicating by setting `Accept-Encoding` accordingly.', |
There was a problem hiding this comment.
'the request can indicating by setting
Accept-Encodingaccordingly.',
Let's go all the way and suggest "Try using Accept-Encoding: {{contentEncoding}}" :)
src/data.js
Outdated
| * contentEncoding: Content encoding, such as 'gzip', | ||
| * NOTE: This property is not present if contentEncoding is 'identity'. | ||
| * contentSha256: Hex encoded sha256 hash of the un-encoded artifact | ||
| * contentLength: Size of the un-encoded artifact |
There was a problem hiding this comment.
Number of bytes is more specific, and so more accurate than "size", let's leave it as number of bytes as that's exactly what it is.
| * to determine if the operation would result in an idempotency | ||
| * error | ||
| * contentEncoding: Content encoding, such as 'gzip', | ||
| * NOTE: This property is not present if contentEncoding is 'identity'. |
There was a problem hiding this comment.
I thought if not present, we would store 'identity' there, am I wrong?
There was a problem hiding this comment.
If I look at the code yes... maybe we have default in the schema and I missed that.. but then we have unnecessary special cases in the code.
src/data.js
Outdated
| * NOTE: This property is not present if contentEncoding is 'identity'. | ||
| * transferSha256: Hax encooded sha256 hash of the content-encoding encoded artifact, | ||
| * NOTE: This property is not present if contentEncoding is 'identity'. | ||
| * provider: Always 's3' |
There was a problem hiding this comment.
Knowing this is very likely to change at some point in this year, let's say "Currently always 's3' but might change later"
src/data.js
Outdated
| * transferSha256: Hax encooded sha256 hash of the content-encoding encoded artifact, | ||
| * NOTE: This property is not present if contentEncoding is 'identity'. | ||
| * provider: Always 's3' | ||
| * region: Always 'us-west-2' |
There was a problem hiding this comment.
Knowing this is very likely to change at some point in this year, let's say "Currently always 'us-west-2' but might change later"
test/artifact_test.js
Outdated
| }], | ||
| }); | ||
|
|
||
| debug('### Put first part of artifact'); |
There was a problem hiding this comment.
do you mean the only part :)
| }); | ||
|
|
||
| debug('### Put first part of artifact'); | ||
| const {method, url, headers} = requests[0]; |
There was a problem hiding this comment.
Please match the way that all the other blob-type unit tests run uploads instead of reimplementing it.
let uploadOutcome = await client.runUpload(response.requests, uploadInfo);There was a problem hiding this comment.
I actually want to test the REST APIs work as documented in api.declare?
I'm not interested in testing that some client library works. Our public interface is the REST API, if the REST API breaks I want to know about it.
To be honest, I considered going all the way down to require('http') and use that instead of superagent, because I can about the HTTP level correctness.
note: I don't mind having the other tests, it's great to have more test coverage.
test/artifact_test.js
Outdated
| contentSha256: crypto.createHash('sha256').update(data).digest('hex'), | ||
| transferLength: gzipped.length, | ||
| transferSha256: crypto.createHash('sha256').update(gzipped).digest('hex'), | ||
| parts: [{ |
There was a problem hiding this comment.
This is testing single part uploads according to the test name and all the artifact names used, but you're doing a multipart upload with a single part. Please delete the parts list from the request to do a true single part upload.
There was a problem hiding this comment.
hmm, interesting... :)
I didn't notice this. let's talk about it tomorrow.
| taskId, 0, 'public/singlepart.dat', | ||
| ); | ||
| debug('### Fetching artifact from: %s', artifactUrl); | ||
| const res2 = await request.get(artifactUrl).responseType('blob'); |
There was a problem hiding this comment.
There's already code for doing this:
await verifyDownload(artifact.headers.location, bigfilehash, bigfilesize);Please use this code as it's what we do for all the other tests and handles many more tests than are duplicated here.
There was a problem hiding this comment.
tried adding it that won't work because of content-encoding.
|
|
||
| debug('### Downloading artifact with incorrect "Accept-Encoding"'); | ||
| let e; | ||
| await request.get(artifactUrl).set('Accept-Encoding', 'identity').catch(err => e = err); |
There was a problem hiding this comment.
Let's also test for no Accept-Encoding value set, since that's by far the more likely scenario in reality.
There was a problem hiding this comment.
identity is the same thing as setting no accept-encoding.
There was a problem hiding this comment.
but it should also be one extra line to account for us doing something incorrectly and handling the two different options differently.
jonasfj
force-pushed
the
limit-blob-accept-gzip
branch
from
54561b7 to
d8905a8
Compare
|
@jhford, I'm not sure how well, we want to test this... We basically have to do everything manually with IMO this exercises all aspect of the code added. If we want better tests we'll need to write a lot of low-level, and that won't be nice to maintain. |
|
The code that does the verify stuff is written using the standard library's HTTP library already, so I think we should just use that. Adding support for content-encoding to those functions should be pretty trivial. |
|
in the case of |
|
highly bitrotted.. |
We only do this for new the
blobartifacts, as they are not in wide-spread use yet.Hence, as we adopt them people will have time to switch over.