Add Get/Put Bucket Lock Configuration API support (#8120)

This feature implements [PUT Bucket object lock configuration][1] and
[GET Bucket object lock configuration][2]. After object lock
configuration is set, existing and new objects are set to WORM for
specified duration. Currently Governance mode works exactly like
Compliance mode.

Fixes #8101

[1] https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTObjectLockConfiguration.html
[2] https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETObjectLockConfiguration.html

cmd/notification.go

@@ -789,6 +789,35 @@ func (sys *NotificationSys) load(buckets []BucketInfo, objAPI ObjectLayer) error
 	return nil
 }
 
+func (sys *NotificationSys) initBucketRetentionConfig(objAPI ObjectLayer) error {
+	buckets, err := objAPI.ListBuckets(context.Background())
+	if err != nil {
+		return err
+	}
+	for _, bucket := range buckets {
+		ctx := logger.SetReqInfo(context.Background(), &logger.ReqInfo{BucketName: bucket.Name})
+		configFile := path.Join(bucketConfigPrefix, bucket.Name, objectLockConfig)
+		configData, err := readConfig(ctx, objAPI, configFile)
+		if err != nil {
+			if err == errConfigNotFound {
+				continue
+			}
+
+			return err
+		}
+
+		config, err := parseObjectLockConfig(bytes.NewReader(configData))
+		if err != nil {
+			return err
+		}
+
+		if config.Rule != nil {
+			globalBucketRetentionConfig.Set(bucket.Name, config.ToRetention())
+		}
+	}
+	return nil
+}
+
 // Init - initializes notification system from notification.xml and listener.json of all buckets.
 func (sys *NotificationSys) Init(buckets []BucketInfo, objAPI ObjectLayer) error {
 	if objAPI == nil {
@@ -808,7 +837,8 @@ func (sys *NotificationSys) Init(buckets []BucketInfo, objAPI ObjectLayer) error
 	//  - Read quorum is lost just after the initialization
 	//    of the object layer.
 	retryTimerCh := newRetryTimerSimple(doneCh)
-	for {
+	stop := false
+	for !stop {
 		select {
 		case <-retryTimerCh:
 			if err := sys.load(buckets, objAPI); err != nil {
@@ -820,6 +850,26 @@ func (sys *NotificationSys) Init(buckets []BucketInfo, objAPI ObjectLayer) error
 				}
 				return err
 			}
+			stop = true
+		case <-globalOSSignalCh:
+			return fmt.Errorf("Initializing Notification sub-system gracefully stopped")
+		}
+	}
+
+	// Initializing bucket retention config needs a retry mechanism if
+	// read quorum is lost just after the initialization of the object layer.
+	for {
+		select {
+		case <-retryTimerCh:
+			if err := sys.initBucketRetentionConfig(objAPI); err != nil {
+				if err == errDiskNotFound ||
+					strings.Contains(err.Error(), InsufficientReadQuorum{}.Error()) ||
+					strings.Contains(err.Error(), InsufficientWriteQuorum{}.Error()) {
+					logger.Info("Waiting for bucket retention configuration to be initialized..")
+					continue
+				}
+				return err
+			}
 			return nil
 		case <-globalOSSignalCh:
 			return fmt.Errorf("Initializing Notification sub-system gracefully stopped")
@@ -926,6 +976,25 @@ func (sys *NotificationSys) Send(args eventArgs) []event.TargetIDErr {
 	return sys.send(args.BucketName, args.ToEvent(), targetIDs...)
 }
 
+// PutBucketObjectLockConfig - put bucket object lock configuration to all peers.
+func (sys *NotificationSys) PutBucketObjectLockConfig(ctx context.Context, bucketName string, retention Retention) {
+	var wg sync.WaitGroup
+	for _, client := range sys.peerClients {
+		if client == nil {
+			continue
+		}
+		wg.Add(1)
+		go func(client *peerRESTClient) {
+			defer wg.Done()
+			if err := client.PutBucketObjectLockConfig(bucketName, retention); err != nil {
+				logger.GetReqInfo(ctx).AppendTags("remotePeer", client.host.Name)
+				logger.LogIf(ctx, err)
+			}
+		}(client)
+	}
+	wg.Wait()
+}
+
 // NetReadPerfInfo - Network read performance information.
 func (sys *NotificationSys) NetReadPerfInfo(size int64) []ServerNetReadPerfInfo {
 	reply := make([]ServerNetReadPerfInfo, len(sys.peerClients))