fix(archiveupload): improve performance of archive uploads and validation

.gitignore

@@ -8,6 +8,7 @@ build/
 target/
 bin/
 
+archive/
 conf/
 truststore/
 clientlib/

HTTP_API.md

@@ -2,6 +2,7 @@
 
 * [V1](#V1-API)
 * [V2](#V2-API)
+* [Beta](#Beta-API)
 
 ## V1 API
 
@@ -1696,3 +1697,29 @@ The handler-specific descriptions below describe how each handler populates the
     $ curl -F cert=@vertx-fib-demo.cer localhost:8181/api/v2/certificates
     {"meta":{"type":"text/plain","status":"OK"},"data":{"result":"/truststore/vertx-fib-demo.cer"}}
     ```
+
+## Beta API
+
+### Quick Reference
+
+| What you want to do                                                       | Which handler you should use                                                    |
+| ------------------------------------------------------------------------- | --------------------------------------------------------------------------------|
+| **Miscellaneous**                                                         |                                                                                 |
+| View targets in overall deployment environment                            | [`DiscoveryGetHandler`](#DiscoveryGetHandler)                                   |
+
+### Miscellaneous
+
+* #### `DiscoveryGetHandler`
+
+    ###### synopsis
+    Queries the platform client(s) for the discoverable targets and constructs a
+    hierarchical tree view of the full deployment environment with targets
+    belonging to ex. Pods, belonging to Deployments, etc.
+
+    ###### request
+    `GET /api/beta/discovery`
+
+    ###### response
+    `200` - The result is the path of the saved file in the server's storage.
+
+    `401` - The user does not have sufficient permissions.

pom.xml

@@ -68,7 +68,7 @@
   <org.apache.commons.io.version>2.8.0</org.apache.commons.io.version>
   <org.apache.httpcomponents.version>4.5.13</org.apache.httpcomponents.version>
   <io.fabric8.client.version>5.4.1</io.fabric8.client.version>
-  <io.vertx.web.version>3.9.7</io.vertx.web.version>
+  <io.vertx.web.version>3.9.9</io.vertx.web.version>
   <org.slf4j.version>1.7.30</org.slf4j.version>
   <com.google.code.gson.version>2.8.6</com.google.code.gson.version>
   <com.github.ben-manes.caffeine.version>3.0.1</com.github.ben-manes.caffeine.version>

run.sh

@@ -48,6 +48,10 @@ if [ -z "$KEYSTORE_PATH" ] && [ -f "$(dirname $0)/certs/cryostat-keystore.p12" ]
     KEYSTORE_PASS="$(cat $(dirname $0)/certs/keystore.pass)"
 fi
 
+if [ ! -d "$(dirname $0)/archive" ]; then
+    mkdir "$(dirname $0)/archive"
+fi
+
 if [ ! -d "$(dirname $0)/conf" ]; then
     mkdir "$(dirname $0)/conf"
 fi
@@ -79,8 +83,8 @@ fi
 podman run \
     --pod cryostat \
     --memory 512M \
-    --mount type=tmpfs,target=/opt/cryostat.d/recordings.d \
     --mount type=tmpfs,target=/opt/cryostat.d/templates.d \
+    --mount type=bind,source="$(dirname $0)/archive",destination=/opt/cryostat.d/recordings.d,relabel=shared,bind-propagation=shared \
     --mount type=bind,source="$(dirname $0)/conf",destination=/opt/cryostat.d/conf.d,relabel=shared,bind-propagation=shared \
     --mount type=bind,source="$(dirname $0)/truststore",destination=/truststore,relabel=shared,bind-propagation=shared \
     --mount type=bind,source="$(dirname $0)/certs",destination=/certs,relabel=shared,bind-propagation=shared \

src/main/java/io/cryostat/net/web/http/api/v1/RecordingsPostBodyHandler.java

@@ -37,10 +37,16 @@
  */
 package io.cryostat.net.web.http.api.v1;
 
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
 import java.util.Set;
 
 import javax.inject.Inject;
+import javax.inject.Named;
 
+import io.cryostat.MainModule;
+import io.cryostat.core.sys.FileSystem;
 import io.cryostat.net.AuthManager;
 import io.cryostat.net.security.ResourceAction;
 import io.cryostat.net.web.http.AbstractAuthenticatedRequestHandler;
@@ -55,9 +61,21 @@ class RecordingsPostBodyHandler extends AbstractAuthenticatedRequestHandler {
     private final BodyHandler bodyHandler;
 
     @Inject
-    RecordingsPostBodyHandler(AuthManager auth) {
+    RecordingsPostBodyHandler(
+            AuthManager auth,
+            @Named(MainModule.RECORDINGS_PATH) Path recordingsPath,
+            FileSystem fs) {
         super(auth);
-        this.bodyHandler = BodyHandler.create(true);
+        Path fileUploads = recordingsPath.resolve("file-uploads");
+        this.bodyHandler = BodyHandler.create(fileUploads.toAbsolutePath().toString());
+        try {
+            // FIXME put this somewhere more appropriate
+            if (!fs.isDirectory(fileUploads)) {
+                Files.createDirectories(fileUploads);
+            }
+        } catch (IOException ioe) {
+            throw new RuntimeException(ioe);
+        }
     }
 
     @Override

src/main/java/io/cryostat/net/web/http/api/v1/RecordingsPostHandler.java

@@ -37,7 +37,8 @@
  */
 package io.cryostat.net.web.http.api.v1;
 
-import java.io.File;
+import java.io.BufferedInputStream;
+import java.io.FileInputStream;
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;
@@ -51,7 +52,8 @@
 import javax.inject.Named;
 
 import org.openjdk.jmc.flightrecorder.CouldNotLoadRecordingException;
-import org.openjdk.jmc.flightrecorder.JfrLoaderToolkit;
+import org.openjdk.jmc.flightrecorder.internal.FlightRecordingLoader;
+import org.openjdk.jmc.flightrecorder.internal.InvalidJfrFileException;
 
 import io.cryostat.MainModule;
 import io.cryostat.core.log.Logger;
@@ -154,7 +156,9 @@ public void handleAuthenticated(RoutingContext ctx) throws Exception {
             // ignore unrecognized form fields
             if ("recording".equals(fu.name())) {
                 upload = fu;
-                break;
+            } else {
+                Path p = savedRecordingsPath.resolve("file-uploads").resolve(fu.uploadedFileName());
+                vertx.fileSystem().deleteBlocking(p.toString());
             }
         }
 
@@ -207,8 +211,6 @@ public void handleAuthenticated(RoutingContext ctx) throws Exception {
                                                     HttpMimeType.JSON.mime())
                                             .end(gson.toJson(Map.of("name", res2.result())));
 
-                                    logger.info("Recording saved as {}", res2.result());
-
                                     notificationFactory
                                             .createBuilder()
                                             .metaCategory(NOTIFICATION_CATEGORY)
@@ -223,9 +225,14 @@ private void validateRecording(String recordingFile, Handler<AsyncResult<Void>>
         vertx.executeBlocking(
                 event -> {
                     try {
-                        JfrLoaderToolkit.loadEvents(
-                                new File(recordingFile)); // try loading events to see if
-                        // it's a valid file
+                        // try loading chunk info to see if it's a valid file
+                        try (var is = new BufferedInputStream(new FileInputStream(recordingFile))) {
+                            var supplier = FlightRecordingLoader.createChunkSupplier(is);
+                            var chunks = FlightRecordingLoader.readChunkInfo(supplier);
+                            if (chunks.size() < 1) {
+                                throw new InvalidJfrFileException();
+                            }
+                        }
                         event.complete();
                     } catch (CouldNotLoadRecordingException | IOException e) {
                         event.fail(e);
@@ -241,6 +248,7 @@ private void validateRecording(String recordingFile, Handler<AsyncResult<Void>>
                         } else {
                             t = res.cause();
                         }
+                        vertx.fileSystem().deleteBlocking(recordingFile);
 
                         handler.handle(makeFailedAsyncResult(t));
                         return;

src/main/java/io/cryostat/net/web/http/api/v1/TargetRecordingOptionsPatchBodyHandler.java

@@ -52,7 +52,7 @@
 
 class TargetRecordingOptionsPatchBodyHandler extends AbstractAuthenticatedRequestHandler {
 
-    static final BodyHandler BODY_HANDLER = BodyHandler.create(true);
+    static final BodyHandler BODY_HANDLER = BodyHandler.create(true).setHandleFileUploads(false);
 
     @Inject
     TargetRecordingOptionsPatchBodyHandler(AuthManager auth) {

src/main/java/io/cryostat/net/web/http/api/v1/TargetRecordingPatchBodyHandler.java

@@ -52,7 +52,7 @@
 
 class TargetRecordingPatchBodyHandler extends AbstractAuthenticatedRequestHandler {
 
-    static final BodyHandler BODY_HANDLER = BodyHandler.create(true);
+    static final BodyHandler BODY_HANDLER = BodyHandler.create(true).setHandleFileUploads(false);
 
     @Inject
     TargetRecordingPatchBodyHandler(AuthManager auth) {

src/main/java/io/cryostat/net/web/http/api/v1/TargetRecordingsPostBodyHandler.java

@@ -57,7 +57,7 @@ class TargetRecordingsPostBodyHandler extends AbstractAuthenticatedRequestHandle
     @Inject
     TargetRecordingsPostBodyHandler(AuthManager auth) {
         super(auth);
-        this.bodyHandler = BodyHandler.create(true);
+        this.bodyHandler = BodyHandler.create(true).setHandleFileUploads(false);
     }
 
     @Override

src/main/java/io/cryostat/net/web/http/api/v1/TemplatesPostHandler.java

@@ -113,16 +113,16 @@ public boolean isAsync() {
 
     @Override
     public void handleAuthenticated(RoutingContext ctx) throws Exception {
+        boolean handledUpload = false;
         try {
             for (FileUpload u : ctx.fileUploads()) {
                 Path path = fs.pathOf(u.uploadedFileName());
+                if (!"template".equals(u.name())) {
+                    fs.deleteIfExists(path);
+                    continue;
+                }
+                handledUpload = true;
                 try (InputStream is = fs.newInputStream(path)) {
-                    if (!"template".equals(u.name())) {
-                        throw new HttpStatusException(
-                                400,
-                                String.format(
-                                        "Received unexpected file upload named {}", u.name()));
-                    }
                     notificationFactory
                             .createBuilder()
                             .metaCategory(NOTIFICATION_CATEGORY)
@@ -138,6 +138,9 @@ public void handleAuthenticated(RoutingContext ctx) throws Exception {
         } catch (InvalidXmlException | InvalidEventTemplateException e) {
             throw new HttpStatusException(400, e.getMessage(), e);
         }
+        if (!handledUpload) {
+            throw new HttpStatusException(400, "No template submission");
+        }
         ctx.response().end();
     }
 }

src/main/java/io/cryostat/net/web/http/api/v2/RulesPostBodyHandler.java

@@ -52,7 +52,7 @@
 
 class RulesPostBodyHandler extends AbstractAuthenticatedRequestHandler {
 
-    static final BodyHandler BODY_HANDLER = BodyHandler.create(true);
+    static final BodyHandler BODY_HANDLER = BodyHandler.create(true).setHandleFileUploads(false);
 
     @Inject
     RulesPostBodyHandler(AuthManager auth) {

src/main/java/io/cryostat/net/web/http/api/v2/TargetCredentialsPostBodyHandler.java

@@ -52,7 +52,7 @@
 
 class TargetCredentialsPostBodyHandler extends AbstractAuthenticatedRequestHandler {
 
-    static final BodyHandler BODY_HANDLER = BodyHandler.create(true);
+    static final BodyHandler BODY_HANDLER = BodyHandler.create(true).setHandleFileUploads(false);
 
     @Inject
     TargetCredentialsPostBodyHandler(AuthManager auth) {

src/main/java/io/cryostat/net/web/http/api/v2/TargetsPostBodyHandler.java

@@ -52,7 +52,7 @@
 
 class TargetsPostBodyHandler extends AbstractAuthenticatedRequestHandler {
 
-    static final BodyHandler BODY_HANDLER = BodyHandler.create(true);
+    static final BodyHandler BODY_HANDLER = BodyHandler.create(true).setHandleFileUploads(false);
 
     @Inject
     TargetsPostBodyHandler(AuthManager auth) {

src/test/java/io/cryostat/net/web/http/api/v1/TemplatesPostHandlerTest.java

@@ -121,6 +121,7 @@ void shouldHaveExpectedRequiredPermissions() {
     void shouldThrowIfWriteFails() throws Exception {
         RoutingContext ctx = Mockito.mock(RoutingContext.class);
         FileUpload upload = Mockito.mock(FileUpload.class);
+        Mockito.when(upload.name()).thenReturn("template");
         Mockito.when(ctx.fileUploads()).thenReturn(Set.of(upload));
         Mockito.when(upload.uploadedFileName()).thenReturn("/file-uploads/abcd-1234");
 
@@ -170,9 +171,6 @@ void shouldThrowIfTemplateUploadNameInvalid() throws Exception {
         Path uploadPath = Mockito.mock(Path.class);
         Mockito.when(fs.pathOf("/file-uploads/abcd-1234")).thenReturn(uploadPath);
 
-        InputStream stream = Mockito.mock(InputStream.class);
-        Mockito.when(fs.newInputStream(Mockito.any())).thenReturn(stream);
-
         HttpStatusException ex =
                 Assertions.assertThrows(
                         HttpStatusException.class, () -> handler.handleAuthenticated(ctx));