Update objects timestamps on cache hit

.bazelci/system-test.sh

@@ -84,6 +84,7 @@ rm -rf $test_cache_dir
 	--s3.access_key_id minioadmin \
 	--s3.secret_access_key minioadmin \
 	--s3.disable_ssl \
+	--s3.update_timestamps \
 	> log.stdout 2> log.stderr &
 test_cache_pid=$!
 echo "Test cache pid: $test_cache_pid"
@@ -141,6 +142,7 @@ rm -rf $test_cache_dir
 	--s3.access_key_id minioadmin \
 	--s3.secret_access_key minioadmin \
 	--s3.disable_ssl \
+	--s3.update_timestamps \
 	> log.stdout 2> log.stderr &
 test_cache_pid=$!
 echo "Test cache pid: $test_cache_pid"
@@ -219,6 +221,7 @@ rm -rf $test_cache_dir
 	--s3.access_key_id minioadmin \
 	--s3.secret_access_key minioadmin \
 	--s3.disable_ssl \
+	--s3.update_timestamps \
 	> log.stdout 2> log.stderr &
 test_cache_pid=$!
 echo "Test cache pid: $test_cache_pid"

README.md

@@ -280,6 +280,10 @@ OPTIONS:
       backend. (default: false, ie enable TLS/SSL)
       [$BAZEL_REMOTE_S3_DISABLE_SSL]
 
+   --s3.update_timestamps Whether to update timestamps of object on cache
+      hit. (default: false)
+      [$BAZEL_REMOTE_S3_UPDATE_TIMESTAMPS]   
+
    --s3.iam_role_endpoint value Endpoint for using IAM security credentials.
       By default it will look for credentials in the standard locations for the
       AWS platform. Applies to s3 auth method(s): iam_role.

cache/s3proxy/minio-test-setup.md

@@ -29,7 +29,9 @@ production use.
     	--s3.auth_method access_key \
     	--s3.access_key_id minioadmin \
     	--s3.secret_access_key minioadmin \
-    	--s3.disable_ssl
+    	--s3.disable_ssl  \
+        --s3.update_timestamps
+
 
 ## Build something with the bazel-remote cache
 

cache/s3proxy/s3proxy.go

@@ -24,14 +24,15 @@ type uploadReq struct {
 }
 
 type s3Cache struct {
-	mcore        *minio.Core
-	prefix       string
-	bucket       string
-	uploadQueue  chan<- uploadReq
-	accessLogger cache.Logger
-	errorLogger  cache.Logger
-	v2mode       bool
-	objectKey    func(hash string, kind cache.EntryKind) string
+	mcore            *minio.Core
+	prefix           string
+	bucket           string
+	uploadQueue      chan<- uploadReq
+	accessLogger     cache.Logger
+	errorLogger      cache.Logger
+	v2mode           bool
+	updateTimestamps bool
+	objectKey        func(hash string, kind cache.EntryKind) string
 }
 
 var (
@@ -56,6 +57,7 @@ func New(
 	Prefix string,
 	Credentials *credentials.Credentials,
 	DisableSSL bool,
+	UpdateTimestamps bool,
 	Region string,
 
 	storageMode string, accessLogger cache.Logger,
@@ -88,12 +90,13 @@ func New(
 	}
 
 	c := &s3Cache{
-		mcore:        minioCore,
-		prefix:       Prefix,
-		bucket:       Bucket,
-		accessLogger: accessLogger,
-		errorLogger:  errorLogger,
-		v2mode:       storageMode == "zstd",
+		mcore:            minioCore,
+		prefix:           Prefix,
+		bucket:           Bucket,
+		accessLogger:     accessLogger,
+		errorLogger:      errorLogger,
+		v2mode:           storageMode == "zstd",
+		updateTimestamps: UpdateTimestamps,
 	}
 
 	if c.v2mode {
@@ -196,6 +199,23 @@ func (c *s3Cache) Put(ctx context.Context, kind cache.EntryKind, hash string, si
 	}
 }
 
+func (c *s3Cache) UpdateModificationTimestamp(ctx context.Context, bucket string, object string) {
+	src := minio.CopySrcOptions{
+		Bucket: bucket,
+		Object: object,
+	}
+
+	dst := minio.CopyDestOptions{
+		Bucket:          bucket,
+		Object:          object,
+		ReplaceMetadata: true,
+	}
+
+	_, err := c.mcore.ComposeObject(context.Background(), dst, src)
+
+	logResponse(c.accessLogger, "COMPOSE", bucket, object, err)
+}
+
 func (c *s3Cache) Get(ctx context.Context, kind cache.EntryKind, hash string) (io.ReadCloser, int64, error) {
 
 	rc, info, _, err := c.mcore.GetObject(
@@ -216,6 +236,10 @@ func (c *s3Cache) Get(ctx context.Context, kind cache.EntryKind, hash string) (i
 	}
 	cacheHits.Inc()
 
+	if c.updateTimestamps {
+		c.UpdateModificationTimestamp(ctx, c.bucket, c.objectKey(hash, kind))
+	}
+
 	logResponse(c.accessLogger, "DOWNLOAD", c.bucket, c.objectKey(hash, kind), nil)
 
 	if kind == cache.CAS && c.v2mode {

config/config.go

@@ -415,6 +415,7 @@ func get(ctx *cli.Context) (*Config, error) {
 			AccessKeyID:              ctx.String("s3.access_key_id"),
 			SecretAccessKey:          ctx.String("s3.secret_access_key"),
 			DisableSSL:               ctx.Bool("s3.disable_ssl"),
+			UpdateTimestamps:         ctx.Bool("s3.update_timestamps"),
 			IAMRoleEndpoint:          ctx.String("s3.iam_role_endpoint"),
 			Region:                   ctx.String("s3.region"),
 			AWSProfile:               ctx.String("s3.aws_profile"),

config/proxy.go

@@ -51,6 +51,7 @@ func (c *Config) setProxy() error {
 			c.S3CloudStorage.Prefix,
 			creds,
 			c.S3CloudStorage.DisableSSL,
+			c.S3CloudStorage.UpdateTimestamps,
 			c.S3CloudStorage.Region,
 			c.StorageMode, c.AccessLogger, c.ErrorLogger, c.NumUploaders, c.MaxQueuedUploads)
 		return nil

config/s3.go

@@ -17,6 +17,7 @@ type S3CloudStorageConfig struct {
 	AccessKeyID              string `yaml:"access_key_id"`
 	SecretAccessKey          string `yaml:"secret_access_key"`
 	DisableSSL               bool   `yaml:"disable_ssl"`
+	UpdateTimestamps         bool   `yaml:"update_timestamps"`
 	IAMRoleEndpoint          string `yaml:"iam_role_endpoint"`
 	Region                   string `yaml:"region"`
 	KeyVersion               *int   `yaml:"key_version"`

utils/flags/flags.go

@@ -249,6 +249,12 @@ func GetCliFlags() []cli.Flag {
 			DefaultText: "false, ie enable TLS/SSL",
 			EnvVars:     []string{"BAZEL_REMOTE_S3_DISABLE_SSL"},
 		},
+		&cli.BoolFlag{
+			Name:        "s3.update_timestamps",
+			Usage:       "Whether to update timestamps of object on cache hit.",
+			DefaultText: "false",
+			EnvVars:     []string{"BAZEL_REMOTE_S3_UPDATE_TIMESTAMPS"},
+		},
 		&cli.StringFlag{
 			Name:    "s3.iam_role_endpoint",
 			Value:   "",