sneak/vaultik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
vaultik/TODO-verify.md
sneak e29a995120 Refactor: Move Vaultik struct and methods to internal/vaultik package 
- Created new internal/vaultik package with unified Vaultik struct
- Moved all command methods (snapshot, info, prune, verify) from CLI to vaultik package
- Implemented single constructor that handles crypto capabilities automatically
- Added CanDecrypt() method to check if decryption is available
- Updated all CLI commands to use the new vaultik.Vaultik struct
- Removed old fragmented App structs and WithCrypto wrapper
- Fixed context management - Vaultik now owns its context lifecycle
- Cleaned up package imports and dependencies

This creates a cleaner separation between CLI/Cobra code and business logic,
with all vaultik operations now centralized in the internal/vaultik package.
2025-07-26 14:47:26 +02:00

2.9 KiB
Raw Permalink Blame History

TODO: Implement Verify Command

Overview

Implement the verify command to check snapshot integrity. Both shallow and deep verification require the age_secret_key from config to decrypt the database index.

Implementation Steps

1. Update Config Structure

  • Add AgeSecretKey string field to the Config struct in internal/config/config.go
  • Add corresponding age_secret_key YAML tag
  • Ensure the field is properly loaded from config file

2. Remove Command Line Flags

  • Remove --bucket, --prefix, and --snapshot flags from:
    • internal/cli/verify.go
    • internal/cli/restore.go
    • internal/cli/fetch.go
  • Update all commands to use bucket/prefix from config instead of flags
  • Update verify command to take snapshot ID as first positional argument

3. Implement Shallow Verification

Requires age_secret_key from config

  1. Download from S3:

    • metadata/{snapshot-id}/manifest.json.zst
    • metadata/{snapshot-id}/db.zst.age

  2. Process files:

    • Decompress manifest (not encrypted)
    • Decrypt db.zst.age using age_secret_key
    • Decompress decrypted database
    • Load SQLite database from dump

  3. Verify integrity:

    • Query snapshot_blobs table for all blobs in this snapshot
    • Compare DB blob list against manifest blob list
    • FAIL IMMEDIATELY if lists don't match exactly

  4. For each blob in manifest:

    • Use S3 HeadObject to check existence
    • FAIL IMMEDIATELY if blob is missing
    • Verify blob hash matches filename
    • FAIL IMMEDIATELY if hash mismatch

  5. Only report success if ALL checks pass

4. Implement Deep Verification

Requires age_secret_key from config

  1. Run all shallow verification first (fail on any error)

  2. For each blob referenced in snapshot:

    • Download blob from S3
    • Decrypt using age_secret_key (streaming)
    • Decompress (streaming)
    • Parse blob structure to extract chunks

  3. For each chunk in blob:

    • Calculate SHA256 of chunk data
    • Query database for expected chunk hash
    • FAIL IMMEDIATELY if calculated != expected
    • Verify chunks are ordered correctly by offset
    • FAIL IMMEDIATELY if chunks out of order

  4. Progress reporting:

    • Show blob-by-blob progress
    • Show chunk verification within each blob
    • But continue only if no errors

  5. Only report success if ALL blobs and ALL chunks verify

5. Error Handling

  • FAIL IMMEDIATELY if age_secret_key missing from config
  • FAIL IMMEDIATELY on decryption failure
  • FAIL IMMEDIATELY on any verification mismatch
  • Use log.Fatal() or return error to ensure non-zero exit code
  • Provide clear error messages indicating exactly what failed

Success Criteria

  • Verify command exits with code 0 only if ALL checks pass
  • Any failure results in non-zero exit code
  • Clear error messages for each failure type
  • Progress reporting during verification
  • Works with remote-only snapshots (not in local DB)