There is an issue with bottomless as it relies on the fact that last connection will perform checkpoint. This is true if DB is valid, but in case of malformed DB last connection will just exit silently and leave DB empty (4KB DB file and some data in WAL). Current implementation will ignore this situation and just restore empty DB
Changes
Add validation that after drop of the last connection there will be no WAL files on the disk. In other case now bottomless will fail to restore because most probably DB were malformed
Added simple restore_from_partial_db test which drops several files from S3 and check that DB will be able to start from this partial backup
Added simple do_not_restore_from_corrupted_db test which corrupts the DB in S3 and check that sqld is unable to startup from this broken configuration
Change bottomless test structure - now we are spawning separate s3 in every test. This will be more tokio/async friendly as tokio test can shutdown runtime and silently kill our shared server
Context
There is an issue with
bottomless
as it relies on the fact that last connection will perform checkpoint. This is true if DB is valid, but in case of malformed DB last connection will just exit silently and leave DB empty (4KB DB file and some data in WAL). Current implementation will ignore this situation and just restore empty DBChanges
restore_from_partial_db
test which drops several files from S3 and check that DB will be able to start from this partial backupdo_not_restore_from_corrupted_db
test which corrupts the DB in S3 and check thatsqld
is unable to startup from this broken configuration