In case of session token (ST) with object IDs search should
return only objects allowed in static session
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
- We can skip full pre-commit run
- On a very slow agent golangci run may take up to 10 minutes
Signed-off-by: Stanislav Bogatyrev <s.bogatyrev@yadro.com>
Fix sending GAS to an empty extra wallets receivers list. Also, send GAS to
extra wallets even if netmap is empty.
Signed-off-by: Pavel Karpy <p.karpy@yadro.com>
GC deletes expired locks and objects sequentially. Expired locks and
objects are now being deleted concurrently in batches. Added a config
parameter that controls the number of concurrent workers and batch size.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
Until #139 is fixed, we can't use root inside Docker container running
CI, but Woodpecker CI can't run non-root containers until they fix
https://github.com/woodpecker-ci/woodpecker/issues/1077, hence we use
temporary kludges with custom image and manual permissions in pipelines.
Signed-off-by: Stanislav Bogatyrev <s.bogatyrev@yadro.com>
In our policy we mark commits not having a PR/Issue yet with a `[#XX]`
reference to be replaced after PR creation.
Signed-off-by: Stanislav Bogatyrev <s.bogatyrev@yadro.com>
This reverts commit 2567f8020e. It assumes
that assembling logic could break some failover scenarios if request
forwarding is done. However, it also breaks requesting big objects via a
non-container node with TTL=2. Failover has been rechecked without that
commit and no problems were found. Any (if found) other bugs related to
the forwarding and object assembling must be solved more carefully.
Signed-off-by: Pavel Karpy <p.karpy@yadro.com>
Allow replication of any (expired too) locked object. Information about
object locking is considered to be presented on the _container nodes_.
Signed-off-by: Pavel Karpy <p.karpy@yadro.com>
Previously a token could've expired in the middle of an object.PUT
stream, leading to upload being interrupted. This is bad, because user
doesn't always now what is the right values for the session token
lifetime. More than that, setting it to a very high value will
eventually blow up the session token database.
In this commit we read the session token once and reuse it for the whole
stream duration.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
Original shellcheck action requires Docker to run and it's not always
available, especially inside Docker containers. Replacing it with python
wrapper to simplify usage with Docker-based CI systems like Drone and
WoodpeckerCI.
Signed-off-by: Stanislav Bogatyrev <s.bogatyrev@yadro.com>
In previous implementation pretty-printer of basic ACL in NeoFS CLI had
mistakes:
* F-bit was set to `Extendable()` property instead of its inversion
* B-bits were set to `acl.RoleInnerRing` rights
Make `PrettyPrintTableBACL` to correctly render mentioned bits.
Signed-off-by: Leonard Lyubich <ctulhurider@gmail.com>