SAML expired Metadata delete does not work for CIFS K8S PVC

[Robert Oschwald]

We’re storing SAML Metadata in a K8S PVC which is CIFS backed (Azure).

UrlResourceMetadataResolver.cleanUpExpiredBackupMetadataFilesFor() fails, because the used FileUtils::forceDelete performs a PathUtils.deleteFile() with StandardDeleteOption.OVERRIDE_READ_ONLY, which is not supported on CIFS PVCs.

This underlying PathUtils code fails:

if (overrideReadOnly(deleteOptions) && exists) {

            setReadOnly(file, false, linkOptions);

}

Also, as Unchecked.consumer(FileUtils::forceDelete)) is used, the underlying exception is suppressed, which makes it hard to find the culprit.

Caused by: java.nio.file.FileSystemException: /shared/cas/saml/metadata-backups/e85c6203e36abf9bf4a0a912e198ead31a95584a.xml: Operation not supported

at sun.nio.fs.UnixException.translateToIOException(Unknown Source) ~[?:?]

at sun.nio.fs.UnixException.rethrowAsIOException(Unknown Source) ~[?:?]

at sun.nio.fs.UnixException.rethrowAsIOException(Unknown Source) ~[?:?]

at sun.nio.fs.LinuxDosFileAttributeView.updateDosAttribute(Unknown Source) ~[?:?]

at sun.nio.fs.LinuxDosFileAttributeView.setReadOnly(Unknown Source) ~[?:?]

at org.apache.commons.io.file.PathUtils.setReadOnly(PathUtils.java:914) ~[commons-io-2.11.0.jar:2.11.0]

at org.apache.commons.io.file.PathUtils.deleteFile(PathUtils.java:485) ~[commons-io-2.11.0.jar:2.11.0]

at org.apache.commons.io.file.PathUtils.delete(PathUtils.java:392) ~[commons-io-2.11.0.jar:2.11.0]

at org.apache.commons.io.FileUtils.forceDelete(FileUtils.java:1341) ~[commons-io-2.11.0.jar:2.11.0]

Using NIO Files.deleteIfExists() works without this problem. 

For now, we have extended UrlResourceMetadataResolver class.

See also: https://github.com/Azure/azure-storage-fuse/issues/1193