fix(azuresink): delete freshly created blob on write failure

appendBlobClient.Create() runs before content decryption and copy. If MaybeDecryptContent or CopyFromChunkViews fails, an empty blob is left behind, silently replacing any previous valid data. Add cleanup that deletes the blob on content write errors when we were the ones who created it.
2026-05-18 07:41:31 +00:00 · 2026-04-05 15:25:21 -07:00
parent 69cd5fa37b
commit fb3aa607be
1 changed files with 25 additions and 2 deletions
--- a/weed/replication/sink/azuresink/azure_sink.go
+++ b/weed/replication/sink/azuresink/azure_sink.go
@@ -138,6 +138,7 @@ func (g *AzureSink) CreateEntry(key string, entry *filer_pb.Entry, signatures []
 	_, err := appendBlobClient.Create(ctxCreate, nil)

 	needsWrite := true
+	freshlyCreated := false
 	if err != nil {
 		if bloberror.HasCode(err, bloberror.BlobAlreadyExists) {
 			// Handle existing blob - check if overwrite is needed and perform it if necessary
@@ -149,6 +150,8 @@ func (g *AzureSink) CreateEntry(key string, entry *filer_pb.Entry, signatures []
 		} else {
 			return fmt.Errorf("azure create append blob %s/%s: %w", g.container, key, err)
 		}
+	} else {
+		freshlyCreated = true
 	}

 	// If we don't need to write (blob is up-to-date), return early
@@ -156,6 +159,23 @@ func (g *AzureSink) CreateEntry(key string, entry *filer_pb.Entry, signatures []
 		return nil
 	}

+	// cleanupOnError deletes a freshly created blob when content write fails,
+	// preventing empty blobs from being left behind.
+	cleanupOnError := func(writeErr error) error {
+		if !freshlyCreated {
+			return writeErr
+		}
+		glog.Warningf("azure sink: cleaning up empty blob %s/%s after write failure: %v", g.container, key, writeErr)
+		ctxCleanup, cancelCleanup := context.WithTimeout(context.Background(), azure.DefaultAzureOpTimeout)
+		defer cancelCleanup()
+		if _, delErr := appendBlobClient.Delete(ctxCleanup, nil); delErr != nil {
+			if !bloberror.HasCode(delErr, bloberror.BlobNotFound) {
+				glog.Warningf("azure sink: failed to clean up blob %s/%s: %v", g.container, key, delErr)
+			}
+		}
+		return writeErr
+	}
+
 	writeFunc := func(data []byte) error {
 		ctxWrite, cancelWrite := context.WithTimeout(context.Background(), azure.DefaultAzureOpTimeout)
 		defer cancelWrite()
@@ -164,11 +184,14 @@ func (g *AzureSink) CreateEntry(key string, entry *filer_pb.Entry, signatures []
 	}

 	if len(entry.Content) > 0 {
-		return writeFunc(entry.Content)
+		if err := writeFunc(entry.Content); err != nil {
+			return cleanupOnError(err)
+		}
+		return nil
 	}

 	if err := repl_util.CopyFromChunkViews(chunkViews, g.filerSource, writeFunc); err != nil {
-		return err
+		return cleanupOnError(err)
 	}

 	return nil