Add S3 guard to prevent publishing existing jars #9492
Merged
+38
−10
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Ben-El
added
exclude-changelog
Ben-El
temporarily deployed
to
Treeverse signing
GitHub Actions
Inactive
Ben-El
changed the title
Ben-El
temporarily deployed
to
Treeverse signing
GitHub Actions
Inactive
… mapping in Makefile
Ben-El
temporarily deployed
to
Treeverse signing
GitHub Actions
Inactive
Ben-El
temporarily deployed
to
Treeverse signing
GitHub Actions
Inactive
Ben-El
had a problem deploying
to
Treeverse signing
GitHub Actions
Failure
Ben-El
temporarily deployed
to
Treeverse signing
GitHub Actions
Inactive
…oved accuracy and error handling in Makefile
Ben-El
had a problem deploying
to
Treeverse signing
GitHub Actions
Failure
…n, additional debug logs, and stricter error handling
Ben-El
had a problem deploying
to
Treeverse signing
GitHub Actions
Failure
…ivation logic, fallback handling, and additional debug logs
Ben-El
had a problem deploying
to
Treeverse signing
GitHub Actions
Failure
…d key derivation processes and improving error handling.
Ben-El
had a problem deploying
to
Treeverse signing
GitHub Actions
Failure
… debug logs and simplifying host, bucket, and key derivation processes.
… and enhancing error messaging
…standardize S3 URL formatting in logs.
nopcoder
requested changes
Sep 15, 2025
…ils for maintainers
nopcoder
requested changes
Sep 16, 2025
| val region = "us-east-1" | ||
|
|
||
| val cmd = Seq( | ||
| "aws","s3api","put-object", |
There was a problem hiding this comment.
search for non 's3api' command - aws s3 is preferred.
There was a problem hiding this comment.
Using aws s3 cp instead of s3api put-object is possible with some "overhead tweak", but there are trade-offs:
aws s3 cp can perform multipart uploads, however, it does not support the If-None-Match: "*" condition. That means you cannot guarantee an atomic “create-if-absent” operation with aws s3 cp.
If we switch to aws s3 cp, the only workaround would be something like -
- checking first:
aws s3api head-object --bucket "$bucket" --key "$key" .... - And then uploading:
aws s3 cp "$jar" "s3://$bucket/$key"....
But this is not atomic.
For our use case, since the assembly jar is always < 5GB, I think s3api put-object would fit nicely (it supports single-object uploads up to 5GB).
If one day we publish artifacts larger than 5GB, we would need multipart upload (and lose the atomic “no-overwrite” guarantee).
…ad`, update related Makefile and build logic, and remove outdated README publishing details.
…s3Upload` error handling.
…ogic in Spark client build
…lish-scala` task via Makefile.
… bucket and key details.
nopcoder
requested changes
Sep 16, 2025
… logging in Spark client
…redundant error handling.
nopcoder
requested changes
Sep 16, 2025
…ove `publishBucket` handling in Spark client build
Isan-Rivkin
approved these changes
Sep 16, 2025
Works fine ! |
nopcoder
pushed a commit
that referenced
this pull request
Sep 18, 2025
* Update AWS S3 configurations and add debug step in publish workflow * Revert project version to 0.16.0-demo-9 in Spark client build configuration * Add S3 overwrite guard to Scala publish process in Makefile * Remove AWS debug step from publish workflow * Update S3 bucket name in Makefile * Refine S3 overwrite guard logic and update handling of bucket and key mapping in Makefile * Simplify S3 overwrite guard logic in Makefile and streamline error handling * Refactor S3 overwrite guard logic in Makefile to improve readability and robustness * Enhance S3 overwrite guard to use HTTP status check via curl for improved accuracy and error handling in Makefile * Improve S3 overwrite guard in Makefile with enhanced bucket extraction, additional debug logs, and stricter error handling * Remove redundant comment from Makefile's S3 bucket extraction logic * Enhance S3 overwrite guard in Makefile with improved host and key derivation logic, fallback handling, and additional debug logs * Simplify S3 overwrite guard logic in Makefile by streamlining host and key derivation processes and improving error handling. * Streamline S3 overwrite guard logic in Makefile by removing redundant debug logs and simplifying host, bucket, and key derivation processes. * Improve S3 overwrite guard in Makefile by refining HTTP status checks and enhancing error messaging * Bump Spark client version to 0.16.0-demo-10 in build.sbt * Simplify S3 overwrite guard logic in Makefile by refining host and bucket derivation steps. * Enhance S3 overwrite guard in Makefile by refining key derivation logic with name, version, and jar details * Refine S3 overwrite guard in Makefile by enhancing bucket and key extraction logic with stricter validations and improved error handling * Refine S3 overwrite guard in Makefile by simplifying bucket and key derivation logic using mappings and removing redundant validations. * Refine S3 overwrite guard in Makefile by adding sbt flags for no colors and disabling supershell. * Simplify S3 overwrite guard in Makefile by removing redundant sbt flags for no colors and supershell. * Simplify S3 overwrite guard in Makefile by refining host, bucket, and key derivation logic and consolidating HTTP status checks. * Simplify S3 overwrite guard in Makefile by inlining bucket derivation into URL creation. * Bump Spark client version to 0.16.0-demo-11 in build.sbt * Revert Spark client version to 0.16.0-demo-10 in build.sbt and simplify S3 URL derivation in Makefile by removing redundant bucket resolution. * Bump Spark client version to 0.16.0-demo-12 in build.sbt * Update S3 bucket and host details; rename Spark client and bump version to 0.16.0-demo-1. * Update S3 bucket and host references to use benel-public-test. * Replace S3 upload logic with atomic safe upload using `If-None-Match`, bump Spark client version to 0.16.0-demo-14, and add build-time dependencies for AWS SDK. * Add placeholder for safe S3 upload logic using `If-None-Match`. * Remove commented placeholder for safe S3 upload logic in build.sbt. * Refactor safe S3 upload logic to use `RequestOverrideConfiguration` for `If-None-Match`. * Remove redundant `contentType` specification from S3 upload request in build.sbt. * Simplify `safeS3Upload` task definition and fix incorrect import in build.sbt. * Move AWS SDK dependencies to plugins.sbt for build-time use and add `aws-core` dependency. * Replace `safeS3Upload` with `s3PutIfAbsent` using AWS CLI for atomic S3 uploads. * No changes made; reformat file to ensure proper newline at EOF. * Bump Spark client version to 0.16.0-demo-15. * Refactor `s3PutIfAbsent` to improve error handling and include region specification in S3 upload logic. * Remove redundant assembly trigger from `s3PutIfAbsent` definition in build.sbt. * Refactor `s3PutIfAbsent` to simplify variable naming and improve error handling. * Bump Spark client version to 0.16.0-demo-16. * Enhance `s3PutIfAbsent` with dynamic S3 host, improved URL handling, and success logging. * Refactor `s3PutIfAbsent` to extract region as a variable for better maintainability. * Add `sys.process` import to `s3PutIfAbsent` task in build.sbt * Simplify `s3PutIfAbsent` by removing unused `s3Upload` settings and refactoring bucket URL handling. * Refactor `s3PutIfAbsent` error handling by removing redundant success logging. * Update `s3PutIfAbsent` URL to use S3-standard format for bucket URLs. * Bump Spark client version to 0.16.0-demo-17. * Add success logging for `s3PutIfAbsent` uploads in build.sbt. * Bump Spark client version to 0.16.0-demo-19. * Bump Spark client version to 0.16.0-demo-20 and enable public-read ACL for S3 uploads. * commit * commit * Improve `s3PutIfAbsent` error handling: surface AWS CLI errors, refine artifact existence checks, and update bucket target. * Refine `s3PutIfAbsent`: remove unused variable, adjust comments, and standardize S3 URL formatting in logs. * Update Spark client README: add publishing requirements and flow details for maintainers * Refactor Spark client S3 upload: replace `s3PutIfAbsent` with `s3Upload`, update related Makefile and build logic, and remove outdated README publishing details. * Update `s3Upload` task description for clarity in Spark client build logic * Make `publishBucket` configurable in Spark client build and improve `s3Upload` error handling. * Update `publish-scala` description in Makefile and refine S3 upload logic in Spark client build * Remove unused `sbts3` plugin from Spark client build configuration. * Make `S3_PUBLISH_BUCKET` configurable in workflow and pass it to `publish-scala` task via Makefile. * Improve error handling in `s3Upload`: enhance S3 failure message with bucket and key details. * Make `PUBLISH_BUCKET_FLAG` optional in Makefile and improve S3 upload logging in Spark client * Refine `s3Upload` in Spark client build: simplify logging and remove redundant error handling. * Remove conditional `PUBLISH_BUCKET_FLAG` logic from Makefile and improve `publishBucket` handling in Spark client build
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes #9387
This PR strengthens the deployment workflow to prevent overwriting released Spark client jars
on the treeverse-clients-us-east bucket.
Changes
s3PutIfAbsent) that usesIf-None-Match: *, ensuring S3 rejects uploads if the object already exists.publish-scalato runs3PutIfAbsent.aws s3 cp --acl public-read ...step.Public readability right now is applied by adding
"--acl","public-read"flag addition to thes3PutIfAbsentcommand, but in the near future it will be enforced at the bucket level, not via ACLs.Testing
As elaborated in the issue discussion.
Verified:
"--acl","public-read"flag addition in thes3PutIfAbsentcommand).Follow ups:
treeverse-clients-us-east bucket- switchObject OwnershiptoBucket owner enforced(disable acl's), to make objects public via bucket policy."--acl","public-read"flag addition in thes3PutIfAbsentcommand(Remove public acl flag from s3PutIfAbsent task in spark/build.sbt #9512).