s

CLDSRV-515: upgrade checkout version
CLDSRV-515: add ft test for multi delete
2024-04-17 19:11:30 +02:00 · 2024-04-17 18:45:49 +02:00 · 2024-04-17 18:45:49 +02:00 · 2024-04-17 18:22:46 +02:00 · 2024-04-15 16:20:10 +02:00 · 2024-04-15 16:02:30 +02:00
32 changed files with 1944 additions and 18 deletions
--- a/.github/docker/docker-compose.yaml
+++ b/.github/docker/docker-compose.yaml
@ -40,6 +40,9 @@ services:
      - DEFAULT_BUCKET_KEY_FORMAT
      - METADATA_MAX_CACHED_BUCKETS
      - ENABLE_NULL_VERSION_COMPAT_MODE
      - SCUBA_HOST
      - SCUBA_PORT
      - SCUBA_HEALTHCHECK_FREQUENCY
    env_file:
      - creds.env
    depends_on:
--- a/.github/workflows/tests.yaml
+++ b/.github/workflows/tests.yaml
@ -363,6 +363,40 @@ jobs:
        source: /tmp/artifacts
      if: always()
  scuba-tests:
    runs-on: ubuntu-latest
    needs: build
    env:
      S3BACKEND: mem
      SCUBA_HOST: localhost
      SCUBA_PORT: 8100
      SCUBA_HEALTHCHECK_FREQUENCY: 100
      CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }}
      MONGODB_IMAGE: ghcr.io/${{ github.repository }}/ci-mongodb:${{ github.sha }}
      JOB_NAME: ${{ github.job }}
    steps:
    - name: Checkout
      uses: actions/checkout@v4
    - name: Setup CI environment
      uses: ./.github/actions/setup-ci
    - name: Setup CI services
      run: docker compose up -d
      working-directory: .github/docker
    - name: Run scuba tests
      run: |-
        set -ex -o pipefail;
        bash wait_for_local_port.bash 8000 40
        yarn run test_scuba | tee /tmp/artifacts/${{ github.job }}/tests.log
    - name: Upload logs to artifacts
      uses: scality/action-artifacts@v3
      with:
        method: upload
        url: https://artifacts.scality.net
        user: ${{ secrets.ARTIFACTS_USER }}
        password: ${{ secrets.ARTIFACTS_PASSWORD }}
        source: /tmp/artifacts
      if: always()
  kmip-ft-tests:
    runs-on: ubuntu-latest
    needs: build
--- a/1
+++ b/1
@ -23,6 +23,7 @@ RUN apt-get update \
 ENV PYTHON=python3
 COPY package.json yarn.lock /usr/src/app/
 RUN npm install typescript -g
 RUN yarn install --production --ignore-optional --frozen-lockfile --ignore-engines --network-concurrency 1
 ################################################################################
--- a/constants.js
+++ b/constants.js
@ -243,6 +243,9 @@ const constants = {
        'objectPutPart',
        'completeMultipartUpload',
    ],
    // if requester is not bucket owner, bucket policy actions should be denied with
    // MethodNotAllowed error
    onlyOwnerAllowed: ['bucketDeletePolicy', 'bucketGetPolicy', 'bucketPutPolicy'],
 };
 module.exports = constants;
--- a/lib/Config.js
+++ b/lib/Config.js
@ -1117,6 +1117,30 @@ class Config extends EventEmitter {
                this.redis.password = config.redis.password;
            }
        }
        if (config.scuba) {
            if (config.scuba.host) {
                assert(typeof config.scuba.host === 'string',
                    'bad config: scuba host must be a string');
                this.scuba = { host: config.scuba.host };
            }
            if (config.scuba.port) {
                assert(Number.isInteger(config.scuba.port)
                    && config.scuba.port > 0,
                    'bad config: scuba port must be a positive integer');
                this.scuba.port = config.scuba.port;
            }
        }
        if (process.env.SCUBA_HOST && process.env.SCUBA_PORT) {
            assert(typeof process.env.SCUBA_HOST === 'string',
                'bad config: scuba host must be a string');
            assert(Number.isInteger(Number(process.env.SCUBA_PORT))
                && Number(process.env.SCUBA_PORT) > 0,
                'bad config: scuba port must be a positive integer');
            this.scuba = {
                host: process.env.SCUBA_HOST,
                port: Number(process.env.SCUBA_PORT),
            };
        }
        if (config.utapi) {
            this.utapi = { component: 's3' };
            if (config.utapi.host) {
--- a/lib/api/api.js
+++ b/lib/api/api.js
@ -7,6 +7,7 @@ const bucketDeleteEncryption = require('./bucketDeleteEncryption');
 const bucketDeleteWebsite = require('./bucketDeleteWebsite');
 const bucketDeleteLifecycle = require('./bucketDeleteLifecycle');
 const bucketDeletePolicy = require('./bucketDeletePolicy');
 const bucketDeleteQuota = require('./bucketDeleteQuota');
 const { bucketGet } = require('./bucketGet');
 const bucketGetACL = require('./bucketGetACL');
 const bucketGetCors = require('./bucketGetCors');
@ -17,6 +18,7 @@ const bucketGetLifecycle = require('./bucketGetLifecycle');
 const bucketGetNotification = require('./bucketGetNotification');
 const bucketGetObjectLock = require('./bucketGetObjectLock');
 const bucketGetPolicy = require('./bucketGetPolicy');
 const bucketGetQuota = require('./bucketGetQuota');
 const bucketGetEncryption = require('./bucketGetEncryption');
 const bucketHead = require('./bucketHead');
 const { bucketPut } = require('./bucketPut');
@ -33,6 +35,7 @@ const bucketPutNotification = require('./bucketPutNotification');
 const bucketPutEncryption = require('./bucketPutEncryption');
 const bucketPutPolicy = require('./bucketPutPolicy');
 const bucketPutObjectLock = require('./bucketPutObjectLock');
 const bucketUpdateQuota = require('./bucketUpdateQuota');
 const bucketGetReplication = require('./bucketGetReplication');
 const bucketDeleteReplication = require('./bucketDeleteReplication');
 const corsPreflight = require('./corsPreflight');
@ -148,6 +151,7 @@ const api = {
        function checkAuthResults(authResults) {
            let returnTagCount = true;
            const isImplicitDeny = {};
            let accountQuotas = {};
            let isOnlyImplicitDeny = true;
            if (apiMethod === 'objectGet') {
                // first item checks s3:GetObject(Version) action
@ -180,12 +184,13 @@ const api = {
                    }
                }
            }
            accountQuotas = authResults?.[0]?.accountQuota;
            // These two APIs cannot use ACLs or Bucket Policies, hence, any
            // implicit deny from vault must be treated as an explicit deny.
            if ((apiMethod === 'bucketPut' || apiMethod === 'serviceGet') && isOnlyImplicitDeny) {
                return errors.AccessDenied;
            }
-            return { returnTagCount, isImplicitDeny };
+            return { returnTagCount, isImplicitDeny, accountQuotas };
        }
        return async.waterfall([
@ -268,6 +273,7 @@ const api = {
                }
                returnTagCount = checkedResults.returnTagCount;
                request.actionImplicitDenies = checkedResults.isImplicitDeny;
                request.accountQuotas = checkedResults.accountQuotas;
            } else {
                // create an object of keys apiMethods with all values to false:
                // for backward compatibility, all apiMethods are allowed by default
@ -276,6 +282,10 @@ const api = {
                    acc[curr] = false;
                    return acc;
                }, {});
                request.accountQuotas = apiMethods.reduce((acc, curr) => {
                    acc[curr] = undefined;
                    return acc;
                }, {});
            }
            if (apiMethod === 'objectPut' || apiMethod === 'objectPutPart') {
                request._response = response;
@ -316,11 +326,14 @@ const api = {
    bucketPutReplication,
    bucketGetReplication,
    bucketDeleteReplication,
    bucketDeleteQuota,
    bucketPutLifecycle,
    bucketUpdateQuota,
    bucketGetLifecycle,
    bucketDeleteLifecycle,
    bucketPutPolicy,
    bucketGetPolicy,
    bucketGetQuota,
    bucketDeletePolicy,
    bucketPutObjectLock,
    bucketPutNotification,
--- a/lib/api/apiUtils/authorization/permissionChecks.js
+++ b/lib/api/apiUtils/authorization/permissionChecks.js
@ -1,8 +1,9 @@
-const { evaluators, actionMaps, RequestContext, requestUtils } = require('arsenal').policies;
+const { evaluators, actionMaps, actionNeedQuotaCheck, RequestContext, requestUtils } = require('arsenal').policies;
 const { errors } = require('arsenal');
 const { parseCIDR, isValid } = require('ipaddr.js');
 const constants = require('../../../../constants');
 const { config } = require('../../../Config');
 const { ScubaClientInstance } = require('../../../scuba/wrapper');
 const {
    allAuthedUsersId,
@ -372,6 +373,124 @@ function processBucketPolicy(requestType, bucket, canonicalID, arn, bucketOwner,
    return processedResult;
 }
 /**
 *
 * @param {BucketInfo} bucket - bucket object
 * @param {Account} account - account object
 * @param {array} apiNames - action names: operations to authorize
 * @param {string} apiMethod - the main API call
 * @param {number} inflight - inflight bytes
 * @param {Logger} log - logger
 * @param {function} callback - callback
 * @returns {boolean} - true if the quota is valid, false otherwise
 */
 async function validateQuotas(bucket, account, apiNames, apiMethod, inflight, log, callback) {
    console.log('evaluate quota with', bucket, account, apiNames, apiMethod, inflight)
    const bucketQuota = bucket.getQuota();
    const accountQuota = account?.quota || 0;
    let bucketQuotaExceeded = false;
    let accountQuotaExceeded = false;
    if ((bucketQuota <= 0 && accountQuota <= 0) || !ScubaClientInstance?.enabled) {
        if (bucketQuota > 0 || accountQuota > 0) {
            log.warn('quota is set for a bucket, but scuba is disabled', {
                bucketName: bucket.getName(),
            });
        }
        return callback();
    }
    const creationDate = new Date(bucket.getCreationDate()).getTime();
    try {
        // A potential optimiation, if inflights are disabled, is to only evaluate
        // the lowest quota.
        // eslint-disable-next-line no-restricted-syntax
        for (const apiName of apiNames) {
            let shouldEvaluateCopyObject = false;
            if (apiName === 'objectGet' && (apiMethod === 'objectCopy' || apiMethod === 'objectPutCopyPart')) {
                shouldEvaluateCopyObject = true;
                // eslint-disable-next-line no-param-reassign
                inflight = Math.abs(inflight);
            }
            if (!shouldEvaluateCopyObject && !actionNeedQuotaCheck[apiName]) {
                continue;
            }
            // eslint-disable-next-line no-await-in-loop
            const bucketMetrics = await ScubaClientInstance.getLatestMetrics('bucket',
                `${bucket.getName()}_${creationDate}`, null, {
                action: apiName,
                inflight,
            });
            if (bucketMetrics.bytesTotal > bucketQuota) {
                log.debug('Bucket quota exceeded', {
                    bucket: bucket.getName(),
                    action: apiName,
                    inflight,
                    quota: bucketQuota,
                    bytesTotal: bucketMetrics.bytesTotal,
                });
                bucketQuotaExceeded = true;
            }
            if (accountQuota > 0 && account?.account) {
                // eslint-disable-next-line no-await-in-loop
                const accountMetrics = await ScubaClientInstance.getLatestMetrics('account',
                    `${account.account}_${creationDate}`, null, {
                    action: apiName,
                    inflight,
                });
                if (accountMetrics.bytesTotal > account.quota) {
                    log.debug('Account quota exceeded', {
                        accountId: account.account,
                        action: apiName,
                        inflight,
                        quota: account.quota,
                        bytesTotal: accountMetrics.bytesTotal,
                    });
                    accountQuotaExceeded = true;
                }
            }
        }
        if (bucketQuotaExceeded || accountQuotaExceeded) {
            if (apiMethod?.endsWith('Delete')) {
                return callback();
            }
            // clean any inflight bytes
            if (inflight > 0) {
                // eslint-disable-next-line no-await-in-loop
                await ScubaClientInstance.getLatestMetrics('bucket',
                    `${bucket.getName()}_${creationDate}`, null, {
                    action: apiMethod,
                    inflight: -inflight,
                });
                if (account?.quota) {
                    // eslint-disable-next-line no-await-in-loop
                    await ScubaClientInstance.getLatestMetrics('account',
                        `${account.account}_${creationDate}`, null, {
                        action: apiMethod,
                        inflight: -inflight,
                    });
                }
            }
            return callback(errors.QuotaExceeded);
        }
        return callback();
    } catch (err) {
        log.warn('Error getting metrics from scuba, allowing the request', {
            error: err.name,
            description: err.message,
        });
        if (bucketQuotaExceeded || accountQuotaExceeded) {
            return callback(errors.QuotaExceeded);
        }
        return callback();
    }
 }
 function isBucketAuthorized(bucket, requestTypesInput, canonicalID, authInfo, log, request,
    actionImplicitDeniesInput = {}, isWebsite = false) {
    const requestTypes = Array.isArray(requestTypesInput) ? requestTypesInput : [requestTypesInput];
@ -626,6 +745,7 @@ function isLifecycleSession(arn) {
 }
 module.exports = {
    validateQuotas,
    isBucketAuthorized,
    isObjAuthorized,
    getServiceAccountProperties,
--- a/lib/api/apiUtils/object/objectRestore.js
+++ b/lib/api/apiUtils/object/objectRestore.js
@ -59,6 +59,7 @@ function objectRestore(metadata, mdUtils, userInfo, request, log, callback) {
        objectKey,
        versionId: decodedVidResult,
        requestType: request.apiMethods || 'restoreObject',
        request,
    };
    return async.waterfall([
--- a/lib/api/bucketDeleteQuota.js
+++ b/lib/api/bucketDeleteQuota.js
@ -0,0 +1,57 @@
 const { waterfall } = require('async');
 const collectCorsHeaders = require('../utilities/collectCorsHeaders');
 const { standardMetadataValidateBucket } = require('../metadata/metadataUtils');
 const metadata = require('../metadata/wrapper');
 const { pushMetric } = require('../utapi/utilities');
 const monitoring = require('../utilities/monitoringHandler');
 /**
 * Bucket Update Quota - Update bucket quota
 * @param {AuthInfo} authInfo - Instance of AuthInfo class with requester's info
 * @param {object} request - http request object
 * @param {object} log - Werelogs logger
 * @param {function} callback - callback to server
 * @return {undefined}
 */
 function bucketDeleteQuota(authInfo, request, log, callback) {
    log.debug('processing request', { method: 'bucketDeleteQuota' });
    const { bucketName } = request;
    const metadataValParams = {
        authInfo,
        bucketName,
        requestType: request.apiMethods || 'bucketDeleteQuota',
        request,
    };
    return waterfall([
        next => standardMetadataValidateBucket(metadataValParams, request.actionImplicitDenies, log,
            (err, bucket) => next(err, bucket)),
        (bucket, next) => {
            bucket.setQuota(0);
            metadata.updateBucket(bucket.getName(), bucket, log, err =>
                next(err, bucket));
        },
    ], (err, bucket) => {
        const corsHeaders = collectCorsHeaders(request.headers.origin,
            request.method, bucket);
        if (err) {
            log.debug('error processing request', {
                error: err,
                method: 'bucketDeleteQuota'
            });
            monitoring.promMetrics('DELETE', bucketName, err.code,
                'bucketDeleteQuota');
            return callback(err, err.code, corsHeaders);
        } else {
            monitoring.promMetrics(
                'DELETE', bucketName, '204', 'bucketDeleteQuota');
            pushMetric('bucketDeleteQuota', log, {
                authInfo,
                bucket: bucketName,
            });
        }
        return callback(null, 204, corsHeaders);
    });
 }
 module.exports = bucketDeleteQuota;
--- a/lib/api/bucketGetQuota.js
+++ b/lib/api/bucketGetQuota.js
@ -0,0 +1,58 @@
 const { errors } = require('arsenal');
 const { pushMetric } = require('../utapi/utilities');
 const { standardMetadataValidateBucket } = require('../metadata/metadataUtils');
 const collectCorsHeaders = require('../utilities/collectCorsHeaders');
 /**
 * bucketGetQuota - Get the bucket quota
 * @param {AuthInfo} authInfo - Instance of AuthInfo class with requester's info
 * @param {object} request - http request object
 * @param {object} log - Werelogs logger
 * @param {function} callback - callback to server
 * @return {undefined}
 */
 function bucketGetQuota(authInfo, request, log, callback) {
    log.debug('processing request', { method: 'bucketGetQuota' });
    const { bucketName, headers, method } = request;
    const metadataValParams = {
        authInfo,
        bucketName,
        requestType: request.apiMethods || 'bucketGetQuota',
        request,
    };
    const xml = [];
    xml.push(
        '<?xml version="1.0" encoding="UTF-8"?>',
        '<GetBucketQuota>',
        '<Name>', bucketName, '</Name>',
    );
    return standardMetadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {
        const corsHeaders = collectCorsHeaders(headers.origin, method, bucket);
        if (err) {
            log.debug('error processing request', {
                error: err,
                method: 'bucketGetQuota',
            });
            return callback(err, null, corsHeaders);
        }
        const bucketQuota = bucket.getQuota();
        if (!bucketQuota) {
            log.debug('bucket has no quota', {
                method: 'bucketGetQuota',
            });
            return callback(errors.NoSuchQuota, null,
                corsHeaders);
        }
        xml.push('<Quota>', bucketQuota, '</Quota>',
            '</GetBucketQuota>');
        pushMetric('getBucketQuota', log, {
            authInfo,
            bucket: bucketName,
        });
        return callback(null, xml.join(''), corsHeaders);
    });
 }
 module.exports = bucketGetQuota;
--- a/lib/api/bucketUpdateQuota.js
+++ b/lib/api/bucketUpdateQuota.js
@ -0,0 +1,81 @@
 const { waterfall } = require('async');
 const { errors } = require('arsenal');
 const collectCorsHeaders = require('../utilities/collectCorsHeaders');
 const { standardMetadataValidateBucket } = require('../metadata/metadataUtils');
 const metadata = require('../metadata/wrapper');
 const { pushMetric } = require('../utapi/utilities');
 const monitoring = require('../utilities/monitoringHandler');
 /**
 * Bucket Update Quota - Update bucket quota
 * @param {AuthInfo} authInfo - Instance of AuthInfo class with requester's info
 * @param {object} request - http request object
 * @param {object} log - Werelogs logger
 * @param {function} callback - callback to server
 * @return {undefined}
 */
 function bucketUpdateQuota(authInfo, request, log, callback) {
    log.debug('processing request', { method: 'bucketUpdateQuota' });
    const { bucketName } = request;
    const metadataValParams = {
        authInfo,
        bucketName,
        requestType: request.apiMethods || 'bucketUpdateQuota',
        request,
    };
    let bucket = null;
    return waterfall([
        next => standardMetadataValidateBucket(metadataValParams, request.actionImplicitDenies, log,
            (err, b) => {
                bucket = b;
                return next(err, bucket);
            }),
        (bucket, next) => {
            let requestBody;
            try {
                requestBody = JSON.parse(request.post);
            } catch (parseError) {
                return next(errors.InvalidArgument.customizeDescription('Invalid JSON format in request'));
            }
            if (typeof requestBody !== 'object' || Array.isArray(requestBody)) {
                return next(errors.InvalidArgument.customizeDescription('Request body must be a JSON object'));
            }
            return next(null, bucket, requestBody);
        },
        (bucket, requestBody, next) => {
            const quota = parseInt(requestBody.quota, 10);
            if (Number.isNaN(quota)) {
                return next(errors.InvalidArgument.customizeDescription('Quota Value should be a number'));
            }
            if (quota <= 0) {
                return next(errors.InvalidArgument.customizeDescription('Quota value must be a positive number'));
            }
            // Update the bucket quota
            bucket.setQuota(quota);
            return metadata.updateBucket(bucket.getName(), bucket, log, next);
        },
    ], (err, bucket) => {
        const corsHeaders = collectCorsHeaders(request.headers.origin,
            request.method, bucket);
        if (err) {
            log.debug('error processing request', {
                error: err,
                method: 'bucketUpdateQuota'
            });
            monitoring.promMetrics('PUT', bucketName, err.code,
                'updateBucketQuota');
            return callback(err, err.code, corsHeaders);
        } else {
            monitoring.promMetrics(
                'PUT', bucketName, '200', 'updateBucketQuota');
            pushMetric('updateBucketQuota', log, {
                authInfo,
                bucket: bucketName,
            });
        }
        return callback(null, corsHeaders);
    });
 }
 module.exports = bucketUpdateQuota;
--- a/lib/api/multiObjectDelete.js
+++ b/lib/api/multiObjectDelete.js
@ -11,7 +11,7 @@ const collectCorsHeaders = require('../utilities/collectCorsHeaders');
 const metadata = require('../metadata/wrapper');
 const services = require('../services');
 const vault = require('../auth/vault');
-const { isBucketAuthorized, evaluateBucketPolicyWithIAM } =
+const { isBucketAuthorized, evaluateBucketPolicyWithIAM, validateQuotas } =
    require('./apiUtils/authorization/permissionChecks');
 const { preprocessingVersioningDelete }
    = require('./apiUtils/object/versioning');
@ -332,6 +332,11 @@ function getObjMetadataAndDelete(authInfo, canonicalID, request,
                    return callback(null, objMD, versionId);
                },
                // TODO handle inflightsd here
                (objMD, versionId, callback) => validateQuotas(
                    bucket, request.accountQuotas, ['objectDelete'], 'objectDelete',
                        objMD?.['content-length'] || 0, log, err =>
                            callback(err, objMD, versionId)),
                (objMD, versionId, callback) => {
                    const options = preprocessingVersioningDelete(
                        bucketName, bucket, objMD, versionId, config.nullVersionCompatMode);
--- a/lib/api/objectPutCopyPart.js
+++ b/lib/api/objectPutCopyPart.js
@ -14,6 +14,7 @@ const setUpCopyLocator = require('./apiUtils/object/setUpCopyLocator');
 const { standardMetadataValidateBucketAndObj } = require('../metadata/metadataUtils');
 const monitoring = require('../utilities/monitoringHandler');
 const { verifyColdObjectAvailable } = require('./apiUtils/object/coldStorage');
 const { validateQuotas } = require('./apiUtils/authorization/permissionChecks');
 const versionIdUtils = versioning.VersionID;
@ -181,9 +182,17 @@ function objectPutCopyPart(authInfo, request, sourceBucket,
                    }
                    return next(null, copyLocator.dataLocator, destBucketMD,
                        copyLocator.copyObjectSize, sourceVerId,
-                        sourceLocationConstraintName);
+                        sourceLocationConstraintName, sourceObjMD);
                });
        },
        function _validateQuotas(dataLocator, destBucketMD,
            copyObjectSize, sourceVerId,
            sourceLocationConstraintName, sourceObjMD, next) {
                return validateQuotas(destBucketMD, request.accountQuotas, valPutParams.requestType, request.apiMethod,
                    sourceObjMD?.['content-length'] || 0, log, err => next(err, dataLocator, destBucketMD,
                        copyObjectSize, sourceVerId,
                        sourceLocationConstraintName));
            },
        // get MPU shadow bucket to get splitter based on MD version
        function getMpuShadowBucket(dataLocator, destBucketMD,
            copyObjectSize, sourceVerId,
--- a/lib/api/objectPutPart.js
+++ b/lib/api/objectPutPart.js
@ -6,7 +6,7 @@ const collectCorsHeaders = require('../utilities/collectCorsHeaders');
 const constants = require('../../constants');
 const { data } = require('../data/wrapper');
 const { dataStore } = require('./apiUtils/object/storeObject');
-const { isBucketAuthorized } =
+const { isBucketAuthorized, validateQuotas } =
    require('./apiUtils/authorization/permissionChecks');
 const kms = require('../kms/wrapper');
 const metadata = require('../metadata/wrapper');
@ -103,6 +103,9 @@ function objectPutPart(authInfo, request, streamingV4Params, log,
    const mpuBucketName = `${constants.mpuBucketPrefix}${bucketName}`;
    const { objectKey } = request;
    const originalIdentityAuthzResults = request.actionImplicitDenies;
    // For validating the request at the destinationBucket level the
    // `requestType` is the general 'objectPut'.
    const requestType = request.apiMethods || 'objectPutPart';
    return async.waterfall([
        // Get the destination bucket.
@ -122,9 +125,6 @@ function objectPutPart(authInfo, request, streamingV4Params, log,
            }),
        // Check the bucket authorization.
        (destinationBucket, next) => {
            // For validating the request at the destinationBucket level the
            // `requestType` is the general 'objectPut'.
            const requestType = request.apiMethods || 'objectPutPart';
            if (!isBucketAuthorized(destinationBucket, requestType, canonicalID, authInfo,
                log, request, request.actionImplicitDenies)) {
                log.debug('access denied for user on bucket', { requestType });
@ -132,6 +132,9 @@ function objectPutPart(authInfo, request, streamingV4Params, log,
            }
            return next(null, destinationBucket);
        },
        (destinationBucket, next) => validateQuotas(
            destinationBucket, request.accountQuotas, requestType, request.apiMethod, size, log, err =>
                next(err, destinationBucket)),
        // Get bucket server-side encryption, if it exists.
        (destinationBucket, next) => getObjectSSEConfiguration(
            request.headers, destinationBucket, log,
--- a/lib/metadata/metadataUtils.js
+++ b/lib/metadata/metadataUtils.js
@ -3,9 +3,10 @@ const { errors } = require('arsenal');
 const metadata = require('./wrapper');
 const BucketInfo = require('arsenal').models.BucketInfo;
-const { isBucketAuthorized, isObjAuthorized } =
+const { isBucketAuthorized, isObjAuthorized, validateQuotas } =
    require('../api/apiUtils/authorization/permissionChecks');
 const bucketShield = require('../api/apiUtils/bucket/bucketShield');
 const { onlyOwnerAllowed } = require('../../constants');
 /** getNullVersionFromMaster - retrieves the null version
 * metadata via retrieving the master key
@ -152,9 +153,6 @@ function validateBucket(bucket, params, log, actionImplicitDenies = {}) {
        });
        return errors.NoSuchBucket;
    }
    // if requester is not bucket owner, bucket policy actions should be denied with
    // MethodNotAllowed error
    const onlyOwnerAllowed = ['bucketDeletePolicy', 'bucketGetPolicy', 'bucketPutPolicy'];
    const canonicalID = authInfo.getCanonicalID();
    if (!Array.isArray(requestType)) {
        requestType = [requestType];
@ -229,6 +227,22 @@ function standardMetadataValidateBucketAndObj(params, actionImplicitDenies, log,
            }
            return next(null, bucket, objMD);
        },
        (bucket, objMD, next) => {
            let contentLength = request?.parsedContentLength || 0;
            if (!contentLength && objMD?.['content-length']) {
                // object is being deleted
                contentLength = -Number.parseInt(objMD['content-length'], 10);
            } else if (request.apiMethod === 'objectRestore') {
                // object is being restored
                contentLength = Number.parseInt(objMD['content-length'], 10);
            } else if (contentLength && objMD?.['content-length']) {
                // object is being replaced: store the diff
                contentLength = Number.parseInt(objMD['content-length'], 10) - contentLength;
            }
            // Otherwise, object is either written or will be filtered out when evaluating the quota against actions
            return validateQuotas(bucket, request.accountQuotas, requestType, request.apiMethod,
                contentLength, log, err => next(err, bucket, objMD));
        },
        (bucket, objMD, next) => {
            const canonicalID = authInfo.getCanonicalID();
            if (!isObjAuthorized(bucket, objMD, requestType, canonicalID, authInfo, log, request,
--- a/lib/scuba/wrapper.js
+++ b/lib/scuba/wrapper.js
@ -0,0 +1,60 @@
 const { default: ScubaClient } = require('scubaclient');
 const { config } = require('../Config');
 const { externalBackendHealthCheckInterval } = require('../../constants');
 class ScubaClientImpl extends ScubaClient {
    constructor(config) {
        super(config.scuba);
        this.enabled = false;
        this._healthCheckTimer = null;
        this._log = null;
        if (config.scuba) {
            this.enabled = true;
        } else {
            this.enabled = false;
        }
    }
    setup(log) {
        this._log = log;
        if (this.enabled) {
            this.periodicHealthCheck();
        }
    }
    _healthCheck() {
        return this.healthCheck().then(() => {
            if (!this.enabled) {
                this._log.info('Scuba health check passed, enabling quotas');
            }
            this.enabled = true;
        }).catch(err => {
            if (this.enabled) {
                this._log.warn('Scuba health check failed, disabling quotas', {
                    err: err.name,
                    description: err.message,
                });
            }
            this.enabled = false;
        });
    }
    periodicHealthCheck() {
        if (this._healthCheckTimer) {
            clearInterval(this._healthCheckTimer);
        }
        this._healthCheck();
        this._healthCheckTimer = setInterval(async () => {
            this._healthCheck();
        }, Number(process.env.SCUBA_HEALTHCHECK_FREQUENCY)
            || externalBackendHealthCheckInterval);
    }
 }
 const ScubaClientInstance = new ScubaClientImpl(config);
 module.exports = {
    ScubaClientInstance,
    ScubaClientImpl,
 };
--- a/lib/server.js
+++ b/lib/server.js
@ -25,6 +25,7 @@ const {
 } = require('./management/agentClient');
 const HttpAgent = require('agentkeepalive');
 const { ScubaClientInstance } = require('./scuba/wrapper');
 const routes = arsenal.s3routes.routes;
 const { parseLC, MultipleBackendGateway } = arsenal.storage.data;
 const websiteEndpoints = _config.websiteEndpoints;
@ -321,6 +322,9 @@ class S3Server {
                this._startServer(this.routeAdminRequest, _config.metricsPort);
            }
            // Start ScubaClient health checks
            ScubaClientInstance.setup(log);
            // TODO this should wait for metadata healthcheck to be ok
            // TODO only do this in cluster master
            if (enableRemoteManagement) {
--- a/package.json
+++ b/package.json
@ -21,7 +21,7 @@
  "dependencies": {
    "@azure/storage-blob": "^12.12.0",
    "@hapi/joi": "^17.1.0",
-    "arsenal": "git+https://github.com/scality/arsenal#8.1.127",
+    "arsenal": "git+https://github.com/scality/arsenal#77e9b92f3e775e39f5f903a00b702a86b2aa75a1",
    "async": "~2.5.0",
    "aws-sdk": "2.905.0",
    "bucketclient": "scality/bucketclient#8.1.9",
@ -41,6 +41,7 @@
    "npm-run-all": "~4.1.5",
    "prom-client": "14.2.0",
    "request": "^2.81.0",
    "scubaclient": "git+https://github.com/scality/scubaclient.git",
    "sql-where-parser": "~2.2.1",
    "utapi": "github:scality/utapi#8.1.13",
    "utf-8-validate": "^5.0.8",
@ -113,6 +114,7 @@
    "test_versionid_base62": "S3_VERSION_ID_ENCODING_TYPE=base62 CI=true S3BACKEND=mem mocha --reporter mocha-multi-reporters --reporter-options configFile=$INIT_CWD/tests/reporter-config.json --recursive tests/unit/api",
    "test_legacy_location": "CI=true S3_LOCATION_FILE=tests/locationConfig/locationConfigLegacy.json S3BACKEND=mem mocha --reporter mocha-multi-reporters --reporter-options configFile=$INIT_CWD/tests/reporter-config.json --recursive tests/unit",
    "test_utapi_v2": "mocha --reporter mocha-multi-reporters --reporter-options configFile=$INIT_CWD/tests/reporter-config.json --recursive tests/utapi",
    "test_scuba": "mocha --reporter mocha-multi-reporters --reporter-options configFile=$INIT_CWD/tests/reporter-config.json --recursive tests/scuba",
    "multiple_backend_test": "CI=true S3BACKEND=mem S3DATA=multiple mocha --reporter mocha-multi-reporters --reporter-options configFile=$INIT_CWD/tests/reporter-config.json -t 20000 --recursive tests/multipleBackend",
    "unit_coverage": "CI=true mkdir -p coverage/unit/ && S3BACKEND=mem istanbul cover --dir coverage/unit _mocha -- --reporter mocha-multi-reporters --reporter-options configFile=$INIT_CWD/tests/reporter-config.json --recursive tests/unit",
    "unit_coverage_legacy_location": "CI=true mkdir -p coverage/unitlegacylocation/ && S3_LOCATION_FILE=tests/locationConfig/locationConfigLegacy.json S3BACKEND=mem istanbul cover --dir coverage/unitlegacylocation _mocha -- --reporter mocha-multi-reporters --reporter-options configFile=$INIT_CWD/tests/reporter-config.json --reporter mocha-junit-reporter --recursive tests/unit"
--- a/tests/functional/aws-node-sdk/test/bucket/deleteBucketQuota.js
+++ b/tests/functional/aws-node-sdk/test/bucket/deleteBucketQuota.js
@ -0,0 +1,39 @@
 const AWS = require('aws-sdk');
 const S3 = AWS.S3;
 const assert = require('assert');
 const getConfig = require('../support/config');
 const sendRequest = require('../quota/tooling').sendRequest;
 const bucket = 'deletequotatestbucket';
 const nonExistantBucket = 'deletequotatestnonexistantbucket';
 describe('Test delete bucket quota', () => {
    let s3;
    before(() => {
        const config = getConfig('default', { signatureVersion: 'v4' });
        s3 = new S3(config);
        AWS.config.update(config);
    });
    beforeEach(done => s3.createBucket({ Bucket: bucket }, done));
    afterEach(done => s3.deleteBucket({ Bucket: bucket }, done));
    it('should delete the bucket quota', async () => {
        try {
            await sendRequest('DELETE', '127.0.0.1:8000', `/${bucket}/?quota=true`);
            assert.ok(true);
        } catch (err) {
            assert.fail(`Expected no error, but got ${err}`);
        }
    });
    it('should return no such bucket error', async () => {
        try {
            await sendRequest('DELETE', '127.0.0.1:8000', `/${nonExistantBucket}/?quota=true`);
        } catch (err) {
            assert.strictEqual(err.Error.Code[0], 'NoSuchBucket');
        }
    });
 });
--- a/tests/functional/aws-node-sdk/test/bucket/getBucketQuota.js
+++ b/tests/functional/aws-node-sdk/test/bucket/getBucketQuota.js
@ -0,0 +1,77 @@
 const AWS = require('aws-sdk');
 const S3 = AWS.S3;
 const assert = require('assert');
 const getConfig = require('../support/config');
 const sendRequest = require('../quota/tooling').sendRequest;
 const bucket = 'getquotatestbucket';
 const quota = { quota: 1000 };
 describe('Test get bucket quota', () => {
    let s3;
    before(() => {
        const config = getConfig('default', { signatureVersion: 'v4' });
        s3 = new S3(config);
        AWS.config.update(config);
    });
    beforeEach(done => s3.createBucket({ Bucket: bucket }, done));
    afterEach(done => s3.deleteBucket({ Bucket: bucket }, done));
    it('should return the quota', async () => {
        try {
            await sendRequest('PUT', '127.0.0.1:8000', `/${bucket}/?quota=true`, JSON.stringify(quota));
            const data = await sendRequest('GET', '127.0.0.1:8000', `/${bucket}/?quota=true`);
            assert.strictEqual(data.GetBucketQuota.Name[0], bucket);
            assert.strictEqual(data.GetBucketQuota.Quota[0], '1000');
        } catch (err) {
            assert.fail(`Expected no error, but got ${err}`);
        }
    });
    it('should return no such bucket error', async () => {
        try {
            await sendRequest('GET', '127.0.0.1:8000', '/test/?quota=true');
        } catch (err) {
            assert.strictEqual(err.Error.Code[0], 'NoSuchBucket');
        }
    });
    it('should return no such bucket quota', async () => {
        try {
            await sendRequest('DELETE', '127.0.0.1:8000', `/${bucket}/?quota=true`);
            try {
                await sendRequest('GET', '127.0.0.1:8000', `/${bucket}/?quota=true`);
                assert.fail('Expected NoSuchQuota error');
            } catch (err) {
                assert.strictEqual(err.Error.Code[0], 'NoSuchQuota');
            }
        } catch (err) {
            assert.fail(`Expected no error, but got ${err}`);
        }
    });
    it('should return no such bucket error', async () => {
        try {
            await sendRequest('GET', '127.0.0.1:8000', '/test/?quota=true');
        } catch (err) {
            assert.strictEqual(err.Error.Code[0], 'NoSuchBucket');
        }
    });
    it('should return no such bucket quota', async () => {
        try {
            await sendRequest('DELETE', '127.0.0.1:8000', `/${bucket}/?quota=true`);
            try {
                await sendRequest('GET', '127.0.0.1:8000', `/${bucket}/?quota=true`);
                assert.fail('Expected NoSuchQuota error');
            } catch (err) {
                assert.strictEqual(err.Error.Code[0], 'NoSuchQuota');
            }
        } catch (err) {
            assert.fail(`Expected no error, but got ${err}`);
        }
    });
 });
--- a/tests/functional/aws-node-sdk/test/bucket/updateBucketQuota.js
+++ b/tests/functional/aws-node-sdk/test/bucket/updateBucketQuota.js
@ -0,0 +1,61 @@
 const AWS = require('aws-sdk');
 const S3 = AWS.S3;
 const assert = require('assert');
 const getConfig = require('../support/config');
 const sendRequest = require('../quota/tooling').sendRequest;
 const bucket = 'updatequotatestbucket';
 const nonExistantBucket = 'updatequotatestnonexistantbucket';
 const quota = { quota: 2000 };
 const negativeQuota = { quota: -1000 };
 const wrongquotaFromat = '1000';
 describe('Test update bucket quota', () => {
    let s3;
    before(() => {
        const config = getConfig('default', { signatureVersion: 'v4' });
        s3 = new S3(config);
        AWS.config.update(config);
    });
    beforeEach(done => s3.createBucket({ Bucket: bucket }, done));
    afterEach(done => s3.deleteBucket({ Bucket: bucket }, done));
    it('should update the quota', async () => {
        try {
            await sendRequest('PUT', '127.0.0.1:8000', `/${bucket}/?quota=true`, JSON.stringify(quota));
            assert.ok(true);
        } catch (err) {
            assert.fail(`Expected no error, but got ${err}`);
        }
    });
    it('should return no such bucket error', async () => {
        try {
            await sendRequest('PUT', '127.0.0.1:8000', `/${nonExistantBucket}/?quota=true`, JSON.stringify(quota));
        } catch (err) {
            assert.strictEqual(err.Error.Code[0], 'NoSuchBucket');
        }
    });
    it('should return error when quota is negative', async () => {
        try {
            await sendRequest('PUT', '127.0.0.1:8000', `/${bucket}/?quota=true`, JSON.stringify(negativeQuota));
        } catch (err) {
            assert.strictEqual(err.Error.Code[0], 'InvalidArgument');
            assert.strictEqual(err.Error.Message[0], 'Quota value must be a positive number');
        }
    });
    it('should return error when quota is not in correct format', async () => {
        try {
            await sendRequest('PUT', '127.0.0.1:8000', `/${bucket}/?quota=true`, wrongquotaFromat);
        } catch (err) {
            assert.strictEqual(err.Error.Code[0], 'InvalidArgument');
            assert.strictEqual(err.Error.Message[0], 'Request body must be a JSON object');
        }
    });
 });
--- a/tests/functional/aws-node-sdk/test/legacy/authV2QueryTests.js
+++ b/tests/functional/aws-node-sdk/test/legacy/authV2QueryTests.js
@ -33,7 +33,7 @@ describe('aws-node-sdk v2auth query tests', function testSuite() {
    let s3;
    before(() => {
-        const config = getConfig('default');
+        const config = getConfig('default', { signatureVersion: 'v2' });
        s3 = new S3(config);
    });
--- a/tests/functional/aws-node-sdk/test/quota/tooling.js
+++ b/tests/functional/aws-node-sdk/test/quota/tooling.js
@ -0,0 +1,52 @@
 const fetch = require('node-fetch');
 const AWS = require('aws-sdk');
 const xml2js = require('xml2js');
 const sendRequest = async (method, host, path, body = '', config = null) =>
    new Promise(async (resolve, reject) => {
        const service = 's3';
        const endpoint = new AWS.Endpoint(host);
        const request = new AWS.HttpRequest(endpoint);
        request.method = method.toUpperCase();
        request.path = path;
        request.body = body;
        request.headers.Host = host;
        request.headers['X-Amz-Date'] = new Date().toISOString().replace(/[:\-]|\.\d{3}/g, '');
        const sha256hash = AWS.util.crypto.sha256(request.body || '', 'hex');
        request.headers['X-Amz-Content-SHA256'] = sha256hash;
        request.region = 'us-east-1';
        const signer = new AWS.Signers.V4(request, service);
        const accessKeyId = config?.accessKey || AWS.config.credentials?.accessKeyId;
        const secretAccessKey = config?.secretKey || AWS.config.credentials?.secretAccessKey;
        const credentials = new AWS.Credentials(accessKeyId, secretAccessKey);
        signer.addAuthorization(credentials, new Date());
        const url = `http://${host}${path}`;
        const options = {
            method: request.method,
            headers: request.headers,
        };
        if (method !== 'GET') {
            options.body = request.body;
        }
        try {
            const response = await fetch(url, options);
            const text = await response.text();
            const result = await xml2js.parseStringPromise(text);
            if (result && result.Error) {
                reject(result);
            } else {
                resolve(result);
            }
        } catch (error) {
            reject(error);
        }
    });
 module.exports = {
    sendRequest,
 };
--- a/tests/scuba/awsNodeSdk.js
+++ b/tests/scuba/awsNodeSdk.js
@ -0,0 +1,479 @@
 const async = require('async');
 const assert = require('assert');
 const { S3 } = require('aws-sdk');
 const getConfig = require('../functional/aws-node-sdk/test/support/config');
 const { Scuba: MockScuba, inflightFlushFrequencyMS } = require('../utilities/mock/Scuba');
 const sendRequest = require('../functional/aws-node-sdk/test/quota/tooling').sendRequest;
 const memCredentials = require('../functional/aws-node-sdk/lib/json/mem_credentials.json');
 let s3Client = null;
 const quota = { quota: 1000 };
 function wait(timeoutMs, cb) {
    setTimeout(cb, timeoutMs);
 }
 function createBucket(bucket, cb) {
    return s3Client.createBucket({
        Bucket: bucket,
    }, (err, data) => {
        assert.ifError(err);
        return cb(err, data);
    });
 }
 function deleteBucket(bucket, cb) {
    return s3Client.deleteBucket({
        Bucket: bucket,
    }, err => {
        assert.ifError(err);
        return cb(err);
    });
 }
 function putObject(bucket, key, size, cb) {
    return s3Client.putObject({
        Bucket: bucket,
        Key: key,
        Body: Buffer.alloc(size),
    }, cb);
 }
 function copyObject(bucket, key, cb) {
    return s3Client.copyObject({
        Bucket: bucket,
        CopySource: `/${bucket}/${key}`,
        Key: `${key}-copy`,
    }, cb);
 }
 function deleteObject(bucket, key, cb) {
    return s3Client.deleteObject({
        Bucket: bucket,
        Key: key,
    }, err => {
        assert.ifError(err);
        return cb(err);
    });
 }
 function objectMPU(bucket, key, parts, partSize, callback) {
    let ETags = [];
    let uploadId = null;
    const partNumbers = Array.from(Array(parts).keys());
    const initiateMPUParams = {
        Bucket: bucket,
        Key: key,
    };
    return async.waterfall([
        next => s3Client.createMultipartUpload(initiateMPUParams,
            (err, data) => {
                if (err) {
                    return next(err);
                }
                uploadId = data.UploadId;
                return next();
            }),
        next =>
            async.mapLimit(partNumbers, 1, (partNumber, callback) => {
                const uploadPartParams = {
                    Bucket: bucket,
                    Key: key,
                    PartNumber: partNumber + 1,
                    UploadId: uploadId,
                    Body: Buffer.alloc(partSize),
                };
                return s3Client.uploadPart(uploadPartParams,
                    (err, data) => {
                        if (err) {
                            return callback(err);
                        }
                        return callback(null, data.ETag);
                    });
            }, (err, results) => {
                if (err) {
                    return next(err);
                }
                ETags = results;
                return next();
            }),
        next => {
            const params = {
                Bucket: bucket,
                Key: key,
                MultipartUpload: {
                    Parts: partNumbers.map(n => ({
                        ETag: ETags[n],
                        PartNumber: n + 1,
                    })),
                },
                UploadId: uploadId,
            };
            return s3Client.completeMultipartUpload(params, next);
        },
    ], err => callback(err, uploadId));
 }
 function abortMPU(bucket, key, uploadId, callback) {
    return s3Client.abortMultipartUpload({
        Bucket: bucket,
        Key: key,
        UploadId: uploadId,
    }, callback);
 }
 function uploadPartCopy(bucket, key, partNumber, partSize, sleepDuration, keyToCopy, callback) {
    const ETags = [];
    let uploadId = null;
    const parts = 5;
    const partNumbers = Array.from(Array(parts).keys());
    const initiateMPUParams = {
        Bucket: bucket,
        Key: key,
    };
    return async.waterfall([
        next => s3Client.createMultipartUpload(initiateMPUParams,
            (err, data) => {
                if (err) {
                    return next(err);
                }
                uploadId = data.UploadId;
                return next();
            }),
        next => {
            const uploadPartParams = {
                Bucket: bucket,
                Key: key,
                PartNumber: partNumber + 1,
                UploadId: uploadId,
                Body: Buffer.alloc(partSize),
            };
            return s3Client.uploadPart(uploadPartParams, (err, data) => {
                if (err) {
                    return next(err);
                }
                ETags[partNumber] = data.ETag;
                return next();
            });
        },
        next => wait(sleepDuration, next),
        next => {
            const copyPartParams = {
                Bucket: bucket,
                CopySource: `/${bucket}/${keyToCopy}`,
                Key: `${key}-copy`,
                PartNumber: partNumber + 1,
                UploadId: uploadId,
            };
            return s3Client.uploadPartCopy(copyPartParams, (err, data) => {
                if (err) {
                    return next(err);
                }
                ETags[partNumber] = data.ETag;
                return next(null, data.ETag);
            });
        },
        next => {
            const params = {
                Bucket: bucket,
                Key: key,
                MultipartUpload: {
                    Parts: partNumbers.map(n => ({
                        ETag: ETags[n],
                        PartNumber: n + 1,
                    })),
                },
                UploadId: uploadId,
            };
            return s3Client.completeMultipartUpload(params, next);
        },
    ], err => callback(err, uploadId));
 }
 function restoreObject(bucket, key, callback) {
    return s3Client.restoreObject({
        Bucket: bucket,
        Key: key,
        RestoreRequest: {
            Days: 1,
        },
    }, callback);
 }
 function multiObjectDelete(bucket, keys, callback) {
    return s3Client.deleteObjects({
        Bucket: bucket,
        Delete: {
            Objects: keys.map(key => ({ Key: key })),
        },
    }, callback);
 }
 describe('quota evaluation with scuba metrics', function t() {
    this.timeout(30000);
    const scuba = new MockScuba();
    const putQuotaVerb = 'PUT';
    const config = {
        accessKey: memCredentials.default.accessKey,
        secretKey: memCredentials.default.secretKey,
    };
    before(done => {
        const config = getConfig('default', { signatureVersion: 'v4' });
        s3Client = new S3(config);
        scuba.start();
        return wait(2000, done);
    });
    afterEach(() => {
        scuba.reset();
    });
    after(() => {
        scuba.stop();
    });
    it('should return QuotaExceeded when trying to PutObject in a bucket with quota', done => {
        const bucket = 'quota-test-bucket1';
        const key = 'quota-test-object';
        const size = 1024;
        return async.series([
            next => createBucket(bucket, next),
            next => sendRequest(putQuotaVerb, '127.0.0.1:8000', `/${bucket}/?quota=true`,
                JSON.stringify(quota), config).then(() => next()).catch(err => next(err)),
            next => putObject(bucket, key, size, err => {
                assert.strictEqual(err.code, 'QuotaExceeded');
                return next();
            }),
            next => deleteBucket(bucket, next),
        ], done);
    });
    it('should return QuotaExceeded when trying to CopyObject in a bucket with quota', done => {
        const bucket = 'quota-test-bucket2';
        const key = 'quota-test-object';
        const size = 900;
        return async.series([
            next => createBucket(bucket, next),
            next => sendRequest(putQuotaVerb, '127.0.0.1:8000', `/${bucket}/?quota=true`,
                JSON.stringify(quota), config).then(() => next()).catch(err => next(err)),
            next => putObject(bucket, key, size, next),
            next => wait(inflightFlushFrequencyMS * 2, next),
            next => copyObject(bucket, key, err => {
                assert.strictEqual(err.code, 'QuotaExceeded');
                return next();
            }),
            next => deleteObject(bucket, key, next),
            next => deleteBucket(bucket, next),
        ], done);
    });
    it('should return QuotaExceeded when trying to complete MPU in a bucket with quota', done => {
        const bucket = 'quota-test-bucket3';
        const key = 'quota-test-object';
        const parts = 5;
        const partSize = 1024 * 1024 * 6;
        let uploadId = null;
        return async.series([
            next => createBucket(bucket, next),
            next => sendRequest(putQuotaVerb, '127.0.0.1:8000', `/${bucket}/?quota=true`,
                JSON.stringify(quota), config).then(() => next()).catch(err => next(err)),
            next => objectMPU(bucket, key, parts, partSize, (err, _uploadId) => {
                uploadId = _uploadId;
                assert.strictEqual(err.code, 'QuotaExceeded');
                return next();
            }),
            next => abortMPU(bucket, key, uploadId, next),
            next => wait(inflightFlushFrequencyMS * 2, next),
            next => {
                assert.strictEqual(scuba.getInflightsForBucket(bucket), 0);
                return next();
            },
            next => deleteBucket(bucket, next),
        ], done);
    });
    it('should not return QuotaExceeded if the quota is not exceeded', done => {
        const bucket = 'quota-test-bucket4';
        const key = 'quota-test-object';
        const size = 300;
        return async.series([
            next => createBucket(bucket, next),
            next => sendRequest(putQuotaVerb, '127.0.0.1:8000', `/${bucket}/?quota=true`,
                JSON.stringify(quota), config).then(() => next()).catch(err => next(err)),
            next => putObject(bucket, key, size, err => {
                assert.ifError(err);
                return next();
            }),
            next => deleteObject(bucket, key, next),
            next => deleteBucket(bucket, next),
        ], done);
    });
    it('should not evaluate quotas if the backend is not available', done => {
        scuba.stop();
        const bucket = 'quota-test-bucket5';
        const key = 'quota-test-object';
        const size = 1024;
        return async.series([
            next => createBucket(bucket, next),
            next => sendRequest(putQuotaVerb, '127.0.0.1:8000', `/${bucket}/?quota=true`,
                JSON.stringify(quota), config).then(() => next()).catch(err => next(err)),
            next => putObject(bucket, key, size, err => {
                assert.ifError(err);
                return next();
            }),
            next => deleteObject(bucket, key, next),
            next => deleteBucket(bucket, next),
        ], err => {
            assert.ifError(err);
            scuba.start();
            return wait(2000, done);
        });
    });
    it('should return QuotaExceeded when trying to copy a part in a bucket with quota', done => {
        const bucket = 'quota-test-bucket6';
        const key = 'quota-test-object-copy';
        const keyToCopy = 'quota-test-existing';
        const parts = 5;
        const partSize = 1024 * 1024 * 6;
        let uploadId = null;
        return async.series([
            next => createBucket(bucket, next),
            next => sendRequest(putQuotaVerb, '127.0.0.1:8000', `/${bucket}/?quota=true`,
                JSON.stringify({ quota: Math.round(partSize * 2.5) }), config)
                    .then(() => next()).catch(err => next(err)),
            next => putObject(bucket, keyToCopy, partSize, next),
            next => uploadPartCopy(bucket, key, parts, partSize, inflightFlushFrequencyMS * 2, keyToCopy,
                (err, _uploadId) => {
                    uploadId = _uploadId;
                    assert.strictEqual(err.code, 'QuotaExceeded');
                    return next();
                }),
            next => abortMPU(bucket, key, uploadId, next),
            next => deleteObject(bucket, keyToCopy, next),
            next => deleteBucket(bucket, next),
        ], done);
    });
    it('should return QuotaExceeded when trying to restore an object in a bucket with quota', done => {
        const bucket = 'quota-test-bucket7';
        const key = 'quota-test-object';
        const size = 900;
        return async.series([
            next => createBucket(bucket, next),
            next => sendRequest(putQuotaVerb, '127.0.0.1:8000', `/${bucket}/?quota=true`,
                JSON.stringify(quota), config).then(() => next()).catch(err => next(err)),
            next => putObject(bucket, key, size, err => {
                assert.ifError(err);
                return next();
            }),
            next => wait(inflightFlushFrequencyMS * 2, next),
            next => restoreObject(bucket, key, err => {
                assert.strictEqual(err.code, 'QuotaExceeded');
                return next();
            }),
            next => deleteObject(bucket, key, next),
            next => deleteBucket(bucket, next),
        ], done);
    });
    it('should allow writes after deleting data with quotas', done => {
        const bucket = 'quota-test-bucket8';
        const key = 'quota-test-object';
        const size = 400;
        return async.series([
            next => createBucket(bucket, next),
            next => sendRequest(putQuotaVerb, '127.0.0.1:8000', `/${bucket}/?quota=true`,
                JSON.stringify(quota), config).then(() => next()).catch(err => next(err)),
            next => putObject(bucket, `${key}1`, size, err => {
                assert.ifError(err);
                return next();
            }),
            next => putObject(bucket, `${key}2`, size, err => {
                assert.ifError(err);
                return next();
            }),
            next => wait(inflightFlushFrequencyMS * 2, next),
            next => putObject(bucket, `${key}3`, size, err => {
                assert.strictEqual(err.code, 'QuotaExceeded');
                return next();
            }),
            next => wait(inflightFlushFrequencyMS * 2, next),
            next => {
                assert.strictEqual(scuba.getInflightsForBucket(bucket), size * 2);
                return next();
            },
            next => wait(inflightFlushFrequencyMS * 2, next),
            next => deleteObject(bucket, `${key}2`, next),
            next => wait(inflightFlushFrequencyMS * 2, next),
            next => putObject(bucket, `${key}4`, size, err => {
                assert.ifError(err);
                return next();
            }),
            next => deleteObject(bucket, `${key}1`, next),
            next => deleteObject(bucket, `${key}3`, next),
            next => deleteObject(bucket, `${key}4`, next),
            next => deleteBucket(bucket, next),
        ], done);
    });
    it('should not increase the inflights when the object is being rewritten with a smaller object', done => {
        const bucket = 'quota-test-bucket9';
        const key = 'quota-test-object';
        const size = 400;
        return async.series([
            next => createBucket(bucket, next),
            next => sendRequest(putQuotaVerb, '127.0.0.1:8000', `/${bucket}/?quota=true`,
                JSON.stringify(quota), config).then(() => next()).catch(err => next(err)),
            next => putObject(bucket, key, size, err => {
                assert.ifError(err);
                return next();
            }),
            next => wait(inflightFlushFrequencyMS * 2, next),
            next => putObject(bucket, key, size - 100, err => {
                assert.ifError(err);
                return next();
            }),
            next => {
                assert.strictEqual(scuba.getInflightsForBucket(bucket), size);
                return next();
            },
            next => deleteObject(bucket, key, next),
            next => deleteBucket(bucket, next),
        ], done);
    });
    it('should decrease the inflights when performing multi object delete', done => {
        const bucket = 'quota-test-bucket10';
        const key = 'quota-test-object';
        const size = 400;
        return async.series([
            next => createBucket(bucket, next),
            next => sendRequest(putQuotaVerb, '127.0.0.1:8000', `/${bucket}/?quota=true`,
                JSON.stringify(quota), config).then(() => next()).catch(err => next(err)),
            next => putObject(bucket, `${key}1`, size, err => {
                assert.ifError(err);
                return next();
            }
            ),
            next => putObject(bucket, `${key}2`, size, err => {
                assert.ifError(err);
                return next();
            }),
            next => wait(inflightFlushFrequencyMS * 2, next),
            next => multiObjectDelete(bucket, [`${key}1`, `${key}2`], err => {
                assert.ifError(err);
                return next();
            }),
            next => {
                assert.strictEqual(scuba.getInflightsForBucket(bucket), 0);
                return next();
            },
            next => deleteBucket(bucket, next),
        ], done);
    });
 });
--- a/tests/unit/Config.js
+++ b/tests/unit/Config.js
@ -350,6 +350,49 @@ describe('Config', () => {
        });
    });
    describe('scuba option setup', () => {
        let oldConfig;
        before(() => {
            oldConfig = process.env.S3_CONFIG_FILE;
            process.env.S3_CONFIG_FILE =
                'tests/unit/testConfigs/allOptsConfig/config.json';
        });
        after(() => {
            process.env.S3_CONFIG_FILE = oldConfig;
        });
        it('should set up scuba', () => {
            const { ConfigObject } = require('../../lib/Config');
            const config = new ConfigObject();
            assert.deepStrictEqual(
                config.scuba,
                {
                    host: 'localhost',
                    port: 8100,
                },
            );
        });
        it('should use environment variables for scuba', () => {
            setEnv('SCUBA_HOST', 'scubahost');
            setEnv('SCUBA_PORT', 1234);
            const { ConfigObject } = require('../../lib/Config');
            const config = new ConfigObject();
            assert.deepStrictEqual(
                config.scuba,
                {
                    host: 'scubahost',
                    port: 1234,
                },
            );
        });
    });
    describe('utapi option setup', () => {
        let oldConfig;
--- a/tests/unit/api/multiObjectDelete.js
+++ b/tests/unit/api/multiObjectDelete.js
@ -39,7 +39,7 @@ describe('getObjMetadataAndDelete function for multiObjectDelete', () => {
        headers: {},
        parsedContentLength: contentLength,
    }, postBody);
-    const bucket = { getVersioningConfiguration: () => null };
+    const bucket = { getVersioningConfiguration: () => null, getQuota: () => 0 };
    beforeEach(done => {
        cleanup();
--- a/tests/unit/auth/permissionChecks.js
+++ b/tests/unit/auth/permissionChecks.js
@ -1,13 +1,33 @@
 const sinon = require('sinon');
 const assert = require('assert');
 const {
    checkBucketAcls,
    checkObjectAcls,
    validatePolicyConditions,
    validateQuotas,
 } = require('../../../lib/api/apiUtils/authorization/permissionChecks');
 const constants = require('../../../constants');
 const { ScubaClientInstance } = require('../../../lib/scuba/wrapper');
 const { bucketOwnerActions, logId } = constants;
 const mockBucket = {
    getQuota: () => 100,
    getName: () => 'bucketName',
    getCreationDate: () => '2022-01-01T00:00:00.000Z',
 };
 const mockBucketNoQuota = {
    getQuota: () => 100,
    getName: () => 'bucketName',
    getCreationDate: () => '2022-01-01T00:00:00.000Z',
 };
 const mockLog = {
    warn: sinon.stub(),
    debug: sinon.stub(),
 };
 describe('checkBucketAcls', () => {
    const mockBucket = {
        getOwner: () => 'ownerId',
@ -534,3 +554,307 @@ describe('validatePolicyConditions', () => {
        });
    });
 });
 describe('validateQuotas (buckets)', () => {
    beforeEach(() => {
        ScubaClientInstance.enabled = true;
        ScubaClientInstance.getLatestMetrics = sinon.stub().resolves({});
    });
    afterEach(() => {
        sinon.restore();
    });
    it('should return null if quota is <= 0 or scuba is disabled', done => {
        validateQuotas(mockBucketNoQuota, {}, [], '', false, mockLog, err => {
            assert.ifError(err);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.called, false);
            done();
        });
    });
    it('should return null if scuba is disabled', done => {
        ScubaClientInstance.enabled = false;
        validateQuotas(mockBucket, {}, [], '', false, mockLog, err => {
            assert.ifError(err);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.called, false);
            done();
        });
    });
    it('should return null if metrics retrieval fails', done => {
        ScubaClientInstance.enabled = true;
        const error = new Error('Failed to get metrics');
        ScubaClientInstance.getLatestMetrics.rejects(error);
        validateQuotas(mockBucket, {}, ['objectPut', 'getObject'], 'objectPut', 1, mockLog, err => {
            assert.ifError(err);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.calledOnce, true);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.calledWith(
                'bucket',
                'bucketName_1640995200000',
                null,
                {
                    action: 'objectPut',
                    inflight: 1,
                }
            ), true);
            done();
        });
    });
    it('should return errors.QuotaExceeded if quota is exceeded', done => {
        const result1 = {
            bytesTotal: 150,
        };
        const result2 = {
            bytesTotal: 120,
        };
        ScubaClientInstance.getLatestMetrics.resolves(result1);
        ScubaClientInstance.getLatestMetrics.resolves(result2);
        validateQuotas(mockBucket, {}, ['objectPut', 'getObject'], 'objectPut', 1, mockLog, err => {
            assert.strictEqual(err.is.QuotaExceeded, true);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.calledTwice, true);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.calledWith(
                'bucket',
                'bucketName_1640995200000',
                null,
                {
                    action: 'objectPut',
                    inflight: 1,
                }
            ), true);
            done();
        });
    });
    it('should not return QuotaExceeded if the quotas are exceeded but operation is a delete', done => {
        const result1 = {
            bytesTotal: 150,
        };
        const result2 = {
            bytesTotal: 120,
        };
        ScubaClientInstance.getLatestMetrics.resolves(result1);
        ScubaClientInstance.getLatestMetrics.resolves(result2);
        validateQuotas(mockBucket, {}, ['objectDelete'], 'objectDelete', -50, mockLog, err => {
            assert.ifError(err);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.calledOnce, true);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.calledWith(
                'bucket',
                'bucketName_1640995200000',
                null,
                {
                    action: 'objectDelete',
                    inflight: -50,
                }
            ), true);
            done();
        });
    });
    it('should return null if quota is not exceeded', done => {
        const result1 = {
            bytesTotal: 80,
        };
        const result2 = {
            bytesTotal: 90,
        };
        ScubaClientInstance.getLatestMetrics.resolves(result1);
        ScubaClientInstance.getLatestMetrics.resolves(result2);
        validateQuotas(mockBucket, {}, ['objectRestore', 'objectPut'], 'objectRestore',
            true, mockLog, err => {
                assert.ifError(err);
                assert.strictEqual(ScubaClientInstance.getLatestMetrics.calledTwice, true);
                assert.strictEqual(ScubaClientInstance.getLatestMetrics.calledWith(
                    'bucket',
                    'bucketName_1640995200000',
                    null,
                    {
                        action: 'objectRestore',
                        inflight: true,
                    }
                ), true);
            done();
        });
    });
 });
 describe('validateQuotas (with accounts)', () => {
    beforeEach(() => {
        ScubaClientInstance.enabled = true;
        ScubaClientInstance.getLatestMetrics = sinon.stub().resolves({});
    });
    afterEach(() => {
        sinon.restore();
    });
    it('should return null if quota is <= 0 or scuba is disabled', done => {
        validateQuotas(mockBucketNoQuota, {
            account: 'test_1',
            quota: 0,
        }, [], '', false, mockLog, err => {
            assert.ifError(err);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.called, false);
            done();
        });
    });
    it('should not return null if bucket quota is <= 0 but account quota is > 0', done => {
        validateQuotas(mockBucketNoQuota, {
            account: 'test_1',
            quota: 1000,
        }, [], '', false, mockLog, err => {
            assert.ifError(err);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.called, false);
            done();
        });
    });
    it('should return null if scuba is disabled', done => {
        ScubaClientInstance.enabled = false;
        validateQuotas(mockBucket, {
            account: 'test_1',
            quota: 1000,
        }, [], '', false, mockLog, err => {
            assert.ifError(err);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.called, false);
            done();
        });
    });
    it('should return null if metrics retrieval fails', done => {
        ScubaClientInstance.enabled = true;
        const error = new Error('Failed to get metrics');
        ScubaClientInstance.getLatestMetrics.rejects(error);
        validateQuotas(mockBucket, {
            account: 'test_1',
            quota: 1000,
        }, ['objectPut', 'getObject'], 'objectPut', 1, mockLog, err => {
            assert.ifError(err);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.calledOnce, true);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.calledWith(
                'bucket',
                'bucketName_1640995200000',
                null,
                {
                    action: 'objectPut',
                    inflight: 1,
                }
            ), true);
            done();
        });
    });
    it('should return errors.QuotaExceeded if quota is exceeded', done => {
        const result1 = {
            bytesTotal: 150,
        };
        const result2 = {
            bytesTotal: 120,
        };
        ScubaClientInstance.getLatestMetrics.resolves(result1);
        ScubaClientInstance.getLatestMetrics.resolves(result2);
        validateQuotas(mockBucket, {
            account: 'test_1',
            quota: 100,
        }, ['objectPut', 'getObject'], 'objectPut', 1, mockLog, err => {
            assert.strictEqual(err.is.QuotaExceeded, true);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.callCount, 4);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.calledWith(
                'bucket',
                'bucketName_1640995200000',
                null,
                {
                    action: 'objectPut',
                    inflight: 1,
                }
            ), true);
            done();
        });
    });
    it('should not return QuotaExceeded if the quotas are exceeded but operation is a delete', done => {
        const result1 = {
            bytesTotal: 150,
        };
        const result2 = {
            bytesTotal: 120,
        };
        ScubaClientInstance.getLatestMetrics.resolves(result1);
        ScubaClientInstance.getLatestMetrics.resolves(result2);
        validateQuotas(mockBucket, {
            account: 'test_1',
            quota: 1000,
        }, ['objectDelete'], 'objectDelete', -50, mockLog, err => {
            assert.ifError(err);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.calledTwice, true);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.calledWith(
                'bucket',
                'bucketName_1640995200000',
                null,
                {
                    action: 'objectDelete',
                    inflight: -50,
                }
            ), true);
            done();
        });
    });
    it('should return null if quota is not exceeded', done => {
        const result1 = {
            bytesTotal: 80,
        };
        const result2 = {
            bytesTotal: 90,
        };
        ScubaClientInstance.getLatestMetrics.resolves(result1);
        ScubaClientInstance.getLatestMetrics.resolves(result2);
        validateQuotas(mockBucket, {
            account: 'test_1',
            quota: 1000,
        }, ['objectRestore', 'objectPut'], 'objectRestore', true, mockLog, err => {
            assert.ifError(err);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.callCount, 4);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.calledWith(
                'bucket',
                'bucketName_1640995200000',
                null,
                {
                    action: 'objectRestore',
                    inflight: true,
                }
            ), true);
            done();
        });
    });
    it('should return quota exceeded if account and bucket quotas are different', done => {
        const result1 = {
            bytesTotal: 150,
        };
        const result2 = {
            bytesTotal: 120,
        };
        ScubaClientInstance.getLatestMetrics.resolves(result1);
        ScubaClientInstance.getLatestMetrics.resolves(result2);
        validateQuotas(mockBucket, {
            account: 'test_1',
            quota: 1000,
        }, ['objectPut', 'getObject'], 'objectPut', 1, mockLog, err => {
            assert.strictEqual(err.is.QuotaExceeded, true);
            assert.strictEqual(ScubaClientInstance.getLatestMetrics.callCount, 4);
            done();
        });
    });
 });
--- a/tests/unit/scuba/wrapper.js
+++ b/tests/unit/scuba/wrapper.js
@ -0,0 +1,86 @@
 const assert = require('assert');
 const sinon = require('sinon');
 const { ScubaClientImpl } = require('../../../lib/scuba/wrapper');
 describe('ScubaClientImpl', () => {
    let client;
    let log;
    beforeEach(() => {
        client = new ScubaClientImpl({ scuba: true });
        log = {
            info: sinon.spy(),
            warn: sinon.spy(),
        };
        client.setup(log);
    });
    afterEach(() => {
        sinon.restore();
    });
    describe('setup', () => {
        it('should enable Scuba and start periodic health check', () => {
            client.setup(log);
            assert.strictEqual(client.enabled, true);
        });
        it('should not enable Scuba if config.scuba is falsy', () => {
            client = new ScubaClientImpl({ scuba: false });
            client.setup(log);
            assert.strictEqual(client.enabled, false);
        });
    });
    describe('_healthCheck', () => {
        it('should enable Scuba if health check passes', async () => {
            sinon.stub(client, 'healthCheck').resolves();
            await client._healthCheck();
            assert.strictEqual(client.enabled, true);
        });
        it('should disable Scuba if health check fails', async () => {
            const error = new Error('Health check failed');
            sinon.stub(client, 'healthCheck').rejects(error);
            await client._healthCheck();
            assert.strictEqual(client.enabled, false);
        });
    });
    describe('periodicHealthCheck', () => {
        let healthCheckStub;
        let setIntervalStub;
        let clearIntervalStub;
        beforeEach(() => {
            healthCheckStub = sinon.stub(client, '_healthCheck');
            setIntervalStub = sinon.stub(global, 'setInterval');
            clearIntervalStub = sinon.stub(global, 'clearInterval');
        });
        it('should call _healthCheck and start periodic health check', () => {
            client._healthCheckTimer = null;
            client.periodicHealthCheck();
            assert(healthCheckStub.calledOnce);
            assert(setIntervalStub.calledOnce);
            assert(clearIntervalStub.notCalled);
        });
        it('should clear previous health check timer before starting a new one', () => {
            client._healthCheckTimer = 123;
            client.periodicHealthCheck();
            assert(healthCheckStub.calledOnce);
            assert(setIntervalStub.calledOnce);
            assert(clearIntervalStub.calledOnceWith(123));
        });
    });
 });
--- a/tests/unit/testConfigs/allOptsConfig/config.json
+++ b/tests/unit/testConfigs/allOptsConfig/config.json
@ -100,6 +100,10 @@
        "name": "zenko",
        "sentinels": "localhost:6379"
    },
    "scuba": {
        "host": "localhost",
        "port": 8100
    },
    "utapi": {
        "redis": {
            "host": "localhost",
--- a/tests/utilities/mock/Scuba.js
+++ b/tests/utilities/mock/Scuba.js
@ -0,0 +1,104 @@
 const { errors } = require('arsenal');
 const express = require('express');
 const inflightFlushFrequencyMS = 200;
 class Scuba {
    constructor() {
        this._server = null;
        this._port = 8100;
        this._data = {
            bucket: new Map(),
        };
        this._app = express();
    }
    _initiateRoutes() {
        this._app.use(express.json());
        this._app.get('/health/deep', (req, res) => {
            const headerValue = req.header('error');
            if (headerValue) {
                return res.status(500).send(errors.InternalError);
            }
            return res.status(204).end();
        });
        this._app.post('/metrics/bucket/:bucket/latest', (req, res) => {
            const bucketName = req.params.bucket;
            const inflight = Number(req.body?.inflight) || 0;
            this._updateData({
                action: req.body?.action,
                bucket: bucketName,
                inflight,
            });
            const immediateInflights = req.body?.action === 'objectRestore' ? 0 : inflight;
            res.json({
                bytesTotal: (this._data.bucket.get(bucketName)?.current || 0) +
                    (this._data.bucket.get(bucketName)?.nonCurrent || 0) +
                    (this._data.bucket.get(bucketName)?.inflight || 0) +
                    immediateInflights,
            });
        });
    }
    _updateData(event) {
        const { action, inflight, bucket } = event;
        let timeout = inflightFlushFrequencyMS;
        if (action === 'objectRestore') {
            timeout = 0;
        }
        if (!this._data.bucket.get(bucket)) {
            this._data.bucket.set(bucket, { current: 0, nonCurrent: 0, inflight: 0 });
        }
        if (timeout) {
            setTimeout(() => {
                if (this._data.bucket.get(bucket)) {
                    this._data.bucket.set(bucket, {
                        current: this._data.bucket.get(bucket).current,
                        nonCurrent: this._data.bucket.get(bucket).nonCurrent,
                        inflight: this._data.bucket.get(bucket).inflight + inflight,
                    });
                }
            }, timeout);
        } else {
            if (this._data.bucket.get(bucket)) {
                this._data.bucket.set(bucket, {
                    current: this._data.bucket.get(bucket).current,
                    nonCurrent: this._data.bucket.get(bucket).nonCurrent,
                    inflight: this._data.bucket.get(bucket).inflight + inflight,
                });
            }
        }
    }
    start() {
        this._initiateRoutes();
        this._server = this._app.listen(this._port);
    }
    reset() {
        this._data = {
            bucket: new Map(),
        };
    }
    stop() {
        this._server.close();
    }
    getInflightsForBucket(bucketName) {
        let inflightCount = 0;
        this._data.bucket.forEach((value, key) => {
            if (key.startsWith(`${bucketName}_`)) {
            inflightCount += value.inflight;
            }
        });
        return inflightCount;
    }
 }
 module.exports = {
    Scuba,
    inflightFlushFrequencyMS,
 };
--- a/tests/utilities/mock/index.js
+++ b/tests/utilities/mock/index.js
@ -1,6 +1,7 @@
 /* eslint-disable global-require */
 const index = {
    Utapi: require('./Utapi'),
    Scuba: require('./Scuba'),
 };
 module.exports = index;
--- a/yarn.lock
+++ b/yarn.lock
@ -2,6 +2,57 @@
 # yarn lockfile v1
 "@aws-crypto/crc32@3.0.0":
  version "3.0.0"
  resolved "https://registry.yarnpkg.com/@aws-crypto/crc32/-/crc32-3.0.0.tgz#07300eca214409c33e3ff769cd5697b57fdd38fa"
  integrity sha512-IzSgsrxUcsrejQbPVilIKy16kAT52EwB6zSaI+M3xxIhKh5+aldEyvI+z6erM7TCLB2BJsFrtHjp6/4/sr+3dA==
  dependencies:
    "@aws-crypto/util" "^3.0.0"
    "@aws-sdk/types" "^3.222.0"
    tslib "^1.11.1"
 "@aws-crypto/sha256-js@^5.2.0":
  version "5.2.0"
  resolved "https://registry.yarnpkg.com/@aws-crypto/sha256-js/-/sha256-js-5.2.0.tgz#c4fdb773fdbed9a664fc1a95724e206cf3860042"
  integrity sha512-FFQQyu7edu4ufvIZ+OadFpHHOt+eSTBaYaki44c+akjg7qZg9oOQeLlk77F6tSYqjDAFClrHJk9tMf0HdVyOvA==
  dependencies:
    "@aws-crypto/util" "^5.2.0"
    "@aws-sdk/types" "^3.222.0"
    tslib "^2.6.2"
 "@aws-crypto/util@^3.0.0":
  version "3.0.0"
  resolved "https://registry.yarnpkg.com/@aws-crypto/util/-/util-3.0.0.tgz#1c7ca90c29293f0883468ad48117937f0fe5bfb0"
  integrity sha512-2OJlpeJpCR48CC8r+uKVChzs9Iungj9wkZrl8Z041DWEWvyIHILYKCPNzJghKsivj+S3mLo6BVc7mBNzdxA46w==
  dependencies:
    "@aws-sdk/types" "^3.222.0"
    "@aws-sdk/util-utf8-browser" "^3.0.0"
    tslib "^1.11.1"
 "@aws-crypto/util@^5.2.0":
  version "5.2.0"
  resolved "https://registry.yarnpkg.com/@aws-crypto/util/-/util-5.2.0.tgz#71284c9cffe7927ddadac793c14f14886d3876da"
  integrity sha512-4RkU9EsI6ZpBve5fseQlGNUWKMa1RLPQ1dnjnQoe07ldfIzcsGb5hC5W0Dm7u423KWzawlrpbjXBrXCEv9zazQ==
  dependencies:
    "@aws-sdk/types" "^3.222.0"
    "@smithy/util-utf8" "^2.0.0"
    tslib "^2.6.2"
 "@aws-sdk/types@^3.222.0":
  version "3.535.0"
  resolved "https://registry.yarnpkg.com/@aws-sdk/types/-/types-3.535.0.tgz#5e6479f31299dd9df170e63f4d10fe739008cf04"
  integrity sha512-aY4MYfduNj+sRR37U7XxYR8wemfbKP6lx00ze2M2uubn7mZotuVrWYAafbMSXrdEMSToE5JDhr28vArSOoLcSg==
  dependencies:
    "@smithy/types" "^2.12.0"
    tslib "^2.6.2"
 "@aws-sdk/util-utf8-browser@^3.0.0":
  version "3.259.0"
  resolved "https://registry.yarnpkg.com/@aws-sdk/util-utf8-browser/-/util-utf8-browser-3.259.0.tgz#3275a6f5eb334f96ca76635b961d3c50259fd9ff"
  integrity sha512-UvFa/vR+e19XookZF8RzFZBrw2EUkQWxiBW0yYQAhvk3C+QVGl0H3ouca8LDBlBfQKXwmW3huo/59H8rwb1wJw==
  dependencies:
    tslib "^2.3.1"
 "@azure/abort-controller@^1.0.0":
  version "1.1.0"
  resolved "https://registry.yarnpkg.com/@azure/abort-controller/-/abort-controller-1.1.0.tgz#788ee78457a55af8a1ad342acb182383d2119249"
@ -404,6 +455,82 @@
  resolved "https://registry.yarnpkg.com/@sinonjs/text-encoding/-/text-encoding-0.7.2.tgz#5981a8db18b56ba38ef0efb7d995b12aa7b51918"
  integrity sha512-sXXKG+uL9IrKqViTtao2Ws6dy0znu9sOaP1di/jKGW1M6VssO8vlpXCQcpZ+jisQ1tTFAC5Jo/EOzFbggBagFQ==
 "@smithy/eventstream-codec@^2.2.0":
  version "2.2.0"
  resolved "https://registry.yarnpkg.com/@smithy/eventstream-codec/-/eventstream-codec-2.2.0.tgz#63d74fa817188995eb55e792a38060b0ede98dc4"
  integrity sha512-8janZoJw85nJmQZc4L8TuePp2pk1nxLgkxIR0TUjKJ5Dkj5oelB9WtiSSGXCQvNsJl0VSTvK/2ueMXxvpa9GVw==
  dependencies:
    "@aws-crypto/crc32" "3.0.0"
    "@smithy/types" "^2.12.0"
    "@smithy/util-hex-encoding" "^2.2.0"
    tslib "^2.6.2"
 "@smithy/is-array-buffer@^2.2.0":
  version "2.2.0"
  resolved "https://registry.yarnpkg.com/@smithy/is-array-buffer/-/is-array-buffer-2.2.0.tgz#f84f0d9f9a36601a9ca9381688bd1b726fd39111"
  integrity sha512-GGP3O9QFD24uGeAXYUjwSTXARoqpZykHadOmA8G5vfJPK0/DC67qa//0qvqrJzL1xc8WQWX7/yc7fwudjPHPhA==
  dependencies:
    tslib "^2.6.2"
 "@smithy/signature-v4@^2.1.1":
  version "2.2.0"
  resolved "https://registry.yarnpkg.com/@smithy/signature-v4/-/signature-v4-2.2.0.tgz#8fe6a574188b71fba6056111b88d50c84babb060"
  integrity sha512-+B5TNzj/fRZzVW3z8UUJOkNx15+4E0CLuvJmJUA1JUIZFp3rdJ/M2H5r2SqltaVPXL0oIxv/6YK92T9TsFGbFg==
  dependencies:
    "@smithy/eventstream-codec" "^2.2.0"
    "@smithy/is-array-buffer" "^2.2.0"
    "@smithy/types" "^2.12.0"
    "@smithy/util-hex-encoding" "^2.2.0"
    "@smithy/util-middleware" "^2.2.0"
    "@smithy/util-uri-escape" "^2.2.0"
    "@smithy/util-utf8" "^2.3.0"
    tslib "^2.6.2"
 "@smithy/types@^2.12.0":
  version "2.12.0"
  resolved "https://registry.yarnpkg.com/@smithy/types/-/types-2.12.0.tgz#c44845f8ba07e5e8c88eda5aed7e6a0c462da041"
  integrity sha512-QwYgloJ0sVNBeBuBs65cIkTbfzV/Q6ZNPCJ99EICFEdJYG50nGIY/uYXp+TbsdJReIuPr0a0kXmCvren3MbRRw==
  dependencies:
    tslib "^2.6.2"
 "@smithy/util-buffer-from@^2.2.0":
  version "2.2.0"
  resolved "https://registry.yarnpkg.com/@smithy/util-buffer-from/-/util-buffer-from-2.2.0.tgz#6fc88585165ec73f8681d426d96de5d402021e4b"
  integrity sha512-IJdWBbTcMQ6DA0gdNhh/BwrLkDR+ADW5Kr1aZmd4k3DIF6ezMV4R2NIAmT08wQJ3yUK82thHWmC/TnK/wpMMIA==
  dependencies:
    "@smithy/is-array-buffer" "^2.2.0"
    tslib "^2.6.2"
 "@smithy/util-hex-encoding@^2.2.0":
  version "2.2.0"
  resolved "https://registry.yarnpkg.com/@smithy/util-hex-encoding/-/util-hex-encoding-2.2.0.tgz#87edb7c88c2f422cfca4bb21f1394ae9602c5085"
  integrity sha512-7iKXR+/4TpLK194pVjKiasIyqMtTYJsgKgM242Y9uzt5dhHnUDvMNb+3xIhRJ9QhvqGii/5cRUt4fJn3dtXNHQ==
  dependencies:
    tslib "^2.6.2"
 "@smithy/util-middleware@^2.2.0":
  version "2.2.0"
  resolved "https://registry.yarnpkg.com/@smithy/util-middleware/-/util-middleware-2.2.0.tgz#80cfad40f6cca9ffe42a5899b5cb6abd53a50006"
  integrity sha512-L1qpleXf9QD6LwLCJ5jddGkgWyuSvWBkJwWAZ6kFkdifdso+sk3L3O1HdmPvCdnCK3IS4qWyPxev01QMnfHSBw==
  dependencies:
    "@smithy/types" "^2.12.0"
    tslib "^2.6.2"
 "@smithy/util-uri-escape@^2.2.0":
  version "2.2.0"
  resolved "https://registry.yarnpkg.com/@smithy/util-uri-escape/-/util-uri-escape-2.2.0.tgz#56f5764051a33b67bc93fdd2a869f971b0635406"
  integrity sha512-jtmJMyt1xMD/d8OtbVJ2gFZOSKc+ueYJZPW20ULW1GOp/q/YIM0wNh+u8ZFao9UaIGz4WoPW8hC64qlWLIfoDA==
  dependencies:
    tslib "^2.6.2"
 "@smithy/util-utf8@^2.0.0", "@smithy/util-utf8@^2.3.0":
  version "2.3.0"
  resolved "https://registry.yarnpkg.com/@smithy/util-utf8/-/util-utf8-2.3.0.tgz#dd96d7640363259924a214313c3cf16e7dd329c5"
  integrity sha512-R8Rdn8Hy72KKcebgLiv8jQcQkXoLMOGGv5uI1/k0l+snqkOzQ1R0ChUBCxWMlBsFMekWjq0wRudIweFs7sKT5A==
  dependencies:
    "@smithy/util-buffer-from" "^2.2.0"
    tslib "^2.6.2"
 "@socket.io/component-emitter@~3.1.0":
  version "3.1.0"
  resolved "https://registry.yarnpkg.com/@socket.io/component-emitter/-/component-emitter-3.1.0.tgz#96116f2a912e0c02817345b3c10751069920d553"
@ -794,9 +921,9 @@ arraybuffer.slice@~0.0.7:
  optionalDependencies:
    ioctl "^2.0.2"
-"arsenal@git+https://github.com/scality/arsenal#8.1.127":
+"arsenal@git+https://github.com/scality/arsenal#77e9b92f3e775e39f5f903a00b702a86b2aa75a1":
-  version "8.1.127"
+  version "8.1.128"
-  resolved "git+https://github.com/scality/arsenal#c2ab4a2052e46a19504ba7014d3c4030aa04aa41"
+  resolved "git+https://github.com/scality/arsenal#77e9b92f3e775e39f5f903a00b702a86b2aa75a1"
  dependencies:
    "@azure/identity" "^3.1.1"
    "@azure/storage-blob" "^12.12.0"
@ -937,6 +1064,15 @@ axios@^0.18.0:
    follow-redirects "1.5.10"
    is-buffer "^2.0.2"
 axios@^1.3.4:
  version "1.6.8"
  resolved "https://registry.yarnpkg.com/axios/-/axios-1.6.8.tgz#66d294951f5d988a00e87a0ffb955316a619ea66"
  integrity sha512-v/ZHtJDU39mDpyBoFVkETcd/uNdxrWRrg3bKpOKzXFA6Bvqopts6ALSMU3y6ijYxbw2B+wPrIv46egTzJXCLGQ==
  dependencies:
    follow-redirects "^1.15.6"
    form-data "^4.0.0"
    proxy-from-env "^1.1.0"
 babel-code-frame@^6.26.0:
  version "6.26.0"
  resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.26.0.tgz#63fd43f7dc1e3bb7ce35947db8fe369a3f58c74b"
@ -2356,6 +2492,11 @@ follow-redirects@^1.0.0:
  resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.2.tgz#b460864144ba63f2681096f274c4e57026da2c13"
  integrity sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==
 follow-redirects@^1.15.6:
  version "1.15.6"
  resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.6.tgz#7f815c0cda4249c74ff09e95ef97c23b5fd0399b"
  integrity sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==
 for-each@^0.3.3:
  version "0.3.3"
  resolved "https://registry.yarnpkg.com/for-each/-/for-each-0.3.3.tgz#69b447e88a0a5d32c3e7084f3f1710034b21376e"
@ -4674,6 +4815,11 @@ proxy-addr@~2.0.7:
    forwarded "0.2.0"
    ipaddr.js "1.9.1"
 proxy-from-env@^1.1.0:
  version "1.1.0"
  resolved "https://registry.yarnpkg.com/proxy-from-env/-/proxy-from-env-1.1.0.tgz#e102f16ca355424865755d2c9e8ea4f24d58c3e2"
  integrity sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==
 prr@~0.0.0:
  version "0.0.0"
  resolved "https://registry.yarnpkg.com/prr/-/prr-0.0.0.tgz#1a84b85908325501411853d0081ee3fa86e2926a"
@ -5030,6 +5176,14 @@ sax@>=0.6.0, sax@^1.2.4:
  resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9"
  integrity sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==
 "scubaclient@git+https://github.com/scality/scubaclient.git":
  version "1.0.0"
  resolved "git+https://github.com/scality/scubaclient.git#4b8584d02e8ac3cbffbf08e68715eac45182b5d0"
  dependencies:
    "@aws-crypto/sha256-js" "^5.2.0"
    "@smithy/signature-v4" "^2.1.1"
    axios "^1.3.4"
 "semver@2 || 3 || 4 || 5", semver@^5.3.0, semver@^5.5.0, semver@^5.6.0:
  version "5.7.1"
  resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7"
@ -5653,11 +5807,21 @@ tsconfig-paths@^3.14.1:
    minimist "^1.2.6"
    strip-bom "^3.0.0"
 tslib@^1.11.1:
  version "1.14.1"
  resolved "https://registry.yarnpkg.com/tslib/-/tslib-1.14.1.tgz#cf2d38bdc34a134bcaf1091c41f6619e2f672d00"
  integrity sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg==
 tslib@^2.2.0:
  version "2.5.2"
  resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.5.2.tgz#1b6f07185c881557b0ffa84b111a0106989e8338"
  integrity sha512-5svOrSA2w3iGFDs1HibEVBGbDrAY82bFQ3HZ3ixB+88nsbsWQoKqDRb5UBYAUPEzbBn6dAp5gRNXglySbx1MlA==
 tslib@^2.3.1, tslib@^2.6.2:
  version "2.6.2"
  resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.6.2.tgz#703ac29425e7b37cd6fd456e92404d46d1f3e4ae"
  integrity sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q==
 tunnel-agent@^0.6.0:
  version "0.6.0"
  resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.6.0.tgz#27a5dea06b36b04a0a9966774b290868f0fc40fd"
Author	SHA1	Message	Date
williamlardier	d85efe8f79	s	2024-04-17 19:11:30 +02:00
williamlardier	a45cb8340f	CLDSRV-515: upgrade checkout version	2024-04-17 18:45:49 +02:00
williamlardier	156f971970	CLDSRV-515: add ft test for multi delete	2024-04-17 18:45:49 +02:00
williamlardier	2228657bbe	CLDSRV-515: check quotas during multi deletes	2024-04-17 18:22:46 +02:00
williamlardier	0402466a06	[tmp] will be removed after rebase to latest branches	2024-04-15 16:20:10 +02:00
williamlardier	9dac38ef57	CLDSRV-515: improve quota API tooling	2024-04-15 16:02:30 +02:00
williamlardier	f31e4a4b08	CLDSRV-515: install typescript in docker builder	2024-04-15 16:02:30 +02:00
williamlardier	98edc0c696	CLDSRV-515: add account quota evaluation logic and tests Also converts the function to a callback function, to better handle error within APIs.	2024-04-15 16:02:30 +02:00
williamlardier	21c9055fa1	CLDSRV-515: add functional tests	2024-04-15 16:02:30 +02:00
williamlardier	4429f37366	CLDSRV-515: add unit tests	2024-04-15 14:28:56 +02:00
williamlardier	9578819cac	CLDSRV-515: add quota evaluation logic for buckets	2024-04-15 14:28:56 +02:00
williamlardier	f5bcceda2c	CLDSRV-515: bootstrap scuba on startup	2024-04-15 14:09:40 +02:00
williamlardier	98d06e4b1b	CLDSRV-515: add a wrapper for scubaclient and healthchecks	2024-04-15 14:09:40 +02:00
williamlardier	6a6a7763d2	CLDSRV-515: handle scuba config	2024-04-15 14:09:40 +02:00
williamlardier	0b96e4ef4d	CLDSRV-515: do not recreate variable at every authz	2024-04-15 14:09:40 +02:00
williamlardier	04e39940c0	CLDSRV-515: update dependencies	2024-04-15 14:09:40 +02:00
Maha Benzekri	a9e65ef91e	wip	2024-04-09 15:24:52 +02:00
Maha Benzekri	4dd2b06e10	wip	2024-04-09 15:21:53 +02:00
Maha Benzekri	d2eafe4aa6	wip	2024-04-09 14:07:24 +02:00
Maha Benzekri	be486d3303	fixup on legacy test	2024-04-05 15:49:26 +02:00
Maha Benzekri	c8ade032c6	fixup on legacy test	2024-04-05 15:49:26 +02:00
Maha Benzekri	b45c80fa18	fixup on legacy test	2024-04-05 15:49:25 +02:00
Maha Benzekri	8fb0569b5e	wip	2024-04-05 15:49:25 +02:00
Maha Benzekri	28e697b95f	wip	2024-04-05 15:49:25 +02:00
Maha Benzekri	9a4873379e	wup	2024-04-05 15:49:25 +02:00
Maha Benzekri	9df036137d	wip	2024-04-05 15:49:25 +02:00
Maha Benzekri	208bb0d3fb	wip	2024-04-05 15:49:24 +02:00
Maha Benzekri	8b3bb32e8a	wip	2024-04-05 15:49:24 +02:00
Maha Benzekri	7e3130c071	wip	2024-04-05 15:49:24 +02:00
Maha Benzekri	fd9140e1d1	wip	2024-04-05 15:49:24 +02:00
Maha Benzekri	026cf9d4d1	wip	2024-04-05 15:49:24 +02:00
Maha Benzekri	f36becbc25	wip	2024-04-05 15:49:23 +02:00
Maha Benzekri	b6bea08b90	wip	2024-04-05 15:49:23 +02:00
Maha Benzekri	837cdb2705	wip	2024-04-05 15:49:23 +02:00
Maha Benzekri	6c5b5a0bf5	wip	2024-04-05 15:49:23 +02:00
Maha Benzekri	1ca4ffadd4	wip	2024-04-05 15:49:23 +02:00
Maha Benzekri	f906076a0e	wip	2024-04-05 15:49:22 +02:00