bucketwarden-server 0.1.0

BucketWarden storage server runtime.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178

use super::*;

pub const METADATA_ARCHITECTURE_CENTRALIZED: &str = "centralized";
pub const METADATA_ARCHITECTURE_EMBEDDED: &str = "embedded";
pub const METADATA_ARCHITECTURE_DISTRIBUTED: &str = "distributed";
pub const METADATA_ARCHITECTURE_SHARDED_NAMESPACE: &str = "sharded-namespace";
pub const METADATA_ARCHITECTURE_QUORUM: &str = "metadata-quorum";

const METADATA_ARCHITECTURE_CAPABILITIES: &[&str] = &[
    "centralized-metadata",
    "distributed-metadata",
    "sharded-namespace",
    "embedded-metadata",
    "metadata-quorum",
    "native-support-state",
    "semantic-parity",
    "configuration-admin-surface",
    "security-governance-impact",
    "observability-evidence",
    "failure-mode-behavior",
    "validation-test-coverage",
    "product-specific-caveats",
];

const METADATA_ARCHITECTURE_CAVEATS: &[&str] = &[
    "BucketWarden supports centralized in-process metadata authority backed by embedded runtime state.",
    "Snapshots and filesystem manifests persist bucket, object, version, lock, encryption, and audit metadata.",
    "Distributed metadata, sharded namespace, and metadata quorum modes are tracked but fail closed outside the current runtime boundary.",
    "Metadata architecture proof is local runtime behavior and does not claim distributed consensus, external metadata services, or namespace resharding.",
];

const METADATA_ARCHITECTURE_FAILURE_MODES: &[&str] = &[
    "unsupported-metadata-architecture-rejected",
    "distributed-metadata-policy-rejected",
    "sharded-namespace-policy-rejected",
    "metadata-quorum-policy-rejected",
    "external-metadata-service-rejected",
];

#[derive(Clone, Debug, Eq, PartialEq, Serialize)]
pub struct MetadataArchitectureSupportEntry {
    pub architecture: &'static str,
    pub native_support: bool,
    pub semantic_parity: &'static str,
    pub namespace_model: &'static str,
    pub persistence_model: &'static str,
    pub failure_mode: &'static str,
    pub caveat: &'static str,
}

#[derive(Clone, Debug, Eq, PartialEq, Serialize)]
pub struct MetadataArchitectureSupportReport {
    pub active_architecture: &'static str,
    pub supported_architectures: Vec<&'static str>,
    pub unsupported_architectures: Vec<&'static str>,
    pub namespace_model: &'static str,
    pub persistence_model: &'static str,
    pub capabilities: Vec<&'static str>,
    pub failure_modes: Vec<&'static str>,
    pub caveats: Vec<&'static str>,
    pub entries: Vec<MetadataArchitectureSupportEntry>,
}

#[derive(Clone, Debug, Default, Eq, PartialEq, Serialize)]
pub struct MetadataArchitecturePolicy {
    pub architecture: String,
    pub namespace_shards: Option<u16>,
    pub quorum_writes: bool,
    pub external_metadata_service: bool,
}

impl BucketWarden {
    pub fn metadata_architecture_support_report(&self) -> MetadataArchitectureSupportReport {
        MetadataArchitectureSupportReport {
            active_architecture: METADATA_ARCHITECTURE_EMBEDDED,
            supported_architectures: vec![
                METADATA_ARCHITECTURE_CENTRALIZED,
                METADATA_ARCHITECTURE_EMBEDDED,
            ],
            unsupported_architectures: vec![
                METADATA_ARCHITECTURE_DISTRIBUTED,
                METADATA_ARCHITECTURE_SHARDED_NAMESPACE,
                METADATA_ARCHITECTURE_QUORUM,
            ],
            namespace_model: "single-authority-btree-namespace",
            persistence_model: "runtime-snapshot-and-filesystem-manifest",
            capabilities: METADATA_ARCHITECTURE_CAPABILITIES.to_vec(),
            failure_modes: METADATA_ARCHITECTURE_FAILURE_MODES.to_vec(),
            caveats: METADATA_ARCHITECTURE_CAVEATS.to_vec(),
            entries: vec![
                MetadataArchitectureSupportEntry {
                    architecture: METADATA_ARCHITECTURE_CENTRALIZED,
                    native_support: true,
                    semantic_parity: "Bucket, object, version, multipart, policy, and audit metadata are resolved through one runtime authority.",
                    namespace_model: "single authoritative namespace map.",
                    persistence_model: "snapshot and filesystem manifest round-trip the authoritative metadata graph.",
                    failure_mode: "External metadata service selection is rejected.",
                    caveat: "Centralized metadata is scoped to one BucketWarden runtime process.",
                },
                MetadataArchitectureSupportEntry {
                    architecture: METADATA_ARCHITECTURE_EMBEDDED,
                    native_support: true,
                    semantic_parity: "Embedded metadata travels with the local runtime snapshot and filesystem store manifest.",
                    namespace_model: "bucket-local object namespace persisted in runtime state.",
                    persistence_model: "metadata is serialized with object versions and restored before reads are accepted.",
                    failure_mode: "Invalid shard or quorum policy is rejected.",
                    caveat: "Embedded metadata does not claim an external DB, Raft log, or multi-node metadata service.",
                },
                MetadataArchitectureSupportEntry {
                    architecture: METADATA_ARCHITECTURE_DISTRIBUTED,
                    native_support: false,
                    semantic_parity: "No distributed metadata ownership, lease, or consensus semantics are claimed.",
                    namespace_model: "distributed namespace is out of the current runtime boundary.",
                    persistence_model: "no external distributed metadata journal is written.",
                    failure_mode: "Distributed metadata architecture selection is rejected.",
                    caveat: "Distributed metadata requires explicit node membership and consensus contracts.",
                },
                MetadataArchitectureSupportEntry {
                    architecture: METADATA_ARCHITECTURE_SHARDED_NAMESPACE,
                    native_support: false,
                    semantic_parity: "No namespace shard ownership, split, merge, or resharding semantics are claimed.",
                    namespace_model: "sharded namespace is out of the current runtime boundary.",
                    persistence_model: "no shard map or shard placement manifest is written.",
                    failure_mode: "Sharded namespace architecture selection is rejected.",
                    caveat: "Sharded namespace support needs shard maps, routing, and migration proof.",
                },
                MetadataArchitectureSupportEntry {
                    architecture: METADATA_ARCHITECTURE_QUORUM,
                    native_support: false,
                    semantic_parity: "No metadata quorum read/write, leader election, or quorum repair semantics are claimed.",
                    namespace_model: "quorum metadata is out of the current runtime boundary.",
                    persistence_model: "no quorum journal or replicated metadata log is written.",
                    failure_mode: "Metadata quorum architecture selection is rejected.",
                    caveat: "Metadata quorum support needs replica membership and read/write quorum contracts.",
                },
            ],
        }
    }

    pub fn ensure_metadata_architecture_supported(
        &self,
        architecture: &str,
    ) -> Result<(), RuntimeError> {
        let report = self.metadata_architecture_support_report();
        if report.supported_architectures.contains(&architecture) {
            Ok(())
        } else {
            Err(RuntimeError::UnsupportedMetadataArchitecture(
                architecture.to_string(),
            ))
        }
    }

    pub fn validate_metadata_architecture_policy(
        &self,
        policy: &MetadataArchitecturePolicy,
    ) -> Result<(), RuntimeError> {
        self.ensure_metadata_architecture_supported(&policy.architecture)?;
        if policy.external_metadata_service {
            return Err(RuntimeError::InvalidMetadataArchitecturePolicy(
                "external metadata service is outside the current metadata boundary".to_string(),
            ));
        }
        if policy.namespace_shards.is_some_and(|shards| shards > 1) {
            return Err(RuntimeError::InvalidMetadataArchitecturePolicy(
                "namespace sharding is unsupported by the embedded metadata architecture"
                    .to_string(),
            ));
        }
        if policy.quorum_writes {
            return Err(RuntimeError::InvalidMetadataArchitecturePolicy(
                "metadata quorum writes are unsupported by the embedded metadata architecture"
                    .to_string(),
            ));
        }
        Ok(())
    }
}