Skip to content

fix(transfer): 8 behavioral fixes from post-merge bug-hunt#2130

Merged
vieiralucas merged 1 commit into
mainfrom
worktree-transfer-bugfix
Jul 4, 2026
Merged

fix(transfer): 8 behavioral fixes from post-merge bug-hunt#2130
vieiralucas merged 1 commit into
mainfrom
worktree-transfer-bugfix

Conversation

@vieiralucas

@vieiralucas vieiralucas commented Jul 4, 2026

Copy link
Copy Markdown
Member

Summary

Post-merge bug-hunt on the Transfer Family crate (#2129) found 8 real (MED/LOW) behavioral divergences. Round-trip integrity and persistence/concurrency were clean; these are error-code, defaulting, and computed-field fixes.

  • ResourceExistsException 400 -> 409 (resource_exists()) — model httpError: 409; affects duplicate CreateUser/CreateAccess/ImportSshPublicKey.
  • Server Protocols defaulted to ["SFTP"] on create when absent (DescribeServer always returns it; omission -> terraform aws_transfer_server drift).
  • Host-key Type derived from the key body (ssh-ed25519 / ecdsa-sha2-nistp256|384|521, default ssh-rsa) instead of hardcoded ssh-rsa.
  • DeleteServer cascades child tags — removes tag entries for cascaded users/accesses/host-keys/agreements (was leaking).
  • UpdateServer excludes Domain — added an update-specific field list (Domain is not an UpdateServer input member).
  • ListTagsForResource paginates — model's response has NextToken; applied the shared paginate helper (MaxResults/NextToken round-trip) + echoes Arn.
  • create_server single write-lock — insert + tags in one guard scope.
  • Certificate computed dates — parse the PEM (x509-cert, as fakecloud-sns) to populate Serial (hex) + NotBeforeDate/NotAfterDate (epoch-seconds); parse failure leaves unset, no panic.

Test plan

  • 7 new regression tests (one per behavioral fix) + existing suite: 18/18 pass.
  • Conformance unchanged: cargo run -p fakecloud-conformance -- run --services transfer = 71/71 ops, 2756/2756 variants. Audit PASS.
  • cargo clippy --all-targets -- -D warnings clean.

No non-code surface change (behavioral fixes; op set/counts unchanged).


Summary by cubic

Fixes eight Transfer behavior mismatches to align with AWS, covering error codes, defaults, computed fields, cascading tag cleanup, update validation, pagination, and a small locking improvement. Adds regression tests; no API changes.

  • Bug Fixes

    • Return HTTP 409 for ResourceExistsException (was 400).
    • Default Server Protocols to ["SFTP"] on create to match DescribeServer and avoid drift.
    • Derive HostKey Type from key body (ssh-ed25519/ecdsa-sha2-nistp256|384|521; default ssh-rsa).
    • DeleteServer also removes tags for cascaded users/accesses/host-keys/agreements.
    • UpdateServer ignores create-only Domain.
    • ListTagsForResource paginates (MaxResults/NextToken) and includes Arn in the response.
    • CreateServer uses a single write lock for insert + tags.
    • ImportCertificate parses PEM to populate Serial/NotBeforeDate/NotAfterDate; leaves unset on parse failure.
  • Dependencies

    • Add x509-cert (with pem feature) for certificate parsing.

Written for commit 21ee835. Summary will update on new commits.

Review in cubic

- ResourceExistsException now returns HTTP 409 (per model httpError), not 400
- CreateServer defaults Protocols to ["SFTP"] so DescribeServer never omits it
- ImportHostKey derives Type (ssh-ed25519/ecdsa-sha2-nistp*/ssh-rsa) from the key body
- DeleteServer now removes the tag entries of every cascaded child resource
- UpdateServer ignores the create-only Domain member (update-specific field list)
- ListTagsForResource honours MaxResults/NextToken (model has NextToken)
- CreateServer folds insert + tag storage into a single write lock
- ImportCertificate parses the PEM to populate Serial/NotBeforeDate/NotAfterDate

Adds a regression test per fix; conformance stays 71/71 ops, 2756/2756 variants.
@vieiralucas vieiralucas merged commit d57635c into main Jul 4, 2026
121 checks passed
@vieiralucas vieiralucas deleted the worktree-transfer-bugfix branch July 4, 2026 05:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant