Add file storage option

[nucleogenesis]

Summary

In order to allow us to use a cloud backend for the File Storage in Django, this adds a value to options.py which defaults to the Django FileSystemStorage (which... it did anyway but now we make sure of it).

This should make it configurable on BCK such that if there is a module that is a Google cloud backend class that implements the Django Storage class, then it can be added as the value for the settings.

For example, if we have a new class "GCloudStorage" in kolibri.core.storage then we would use that class if we set the option added here to kolibri.core.storage.GCloudStorage.

---

This is very much a first whack -- one thing I'm not clear on is if by naming the option by the name that Django would look to in the env vars DEFAULT_FILE_STORAGE does the Kolibri options.py stuff automatically apply that setting because of the matching name?

References

Fixes #9441 (or at least begins to address it)

Reviewer guidance

@pcenov - could you please test all workflows that involve:

• importing from CSV
• generating a CSV
• downloading a generated CSV

The changes I've made here should basically have no effect to the user for any of those workflows.

Once this passes regression testing, we can deploy it to a BCK instance and do final testing there.

---

Testing checklist

• Contributor has fully tested the PR manually
• If there are any front-end changes, before/after screenshots are included
• Critical user journeys are covered by Gherkin stories
• Critical and brittle code paths are covered by unit tests

PR process

• PR has the correct target branch and milestone
• PR has 'needs review' or 'work-in-progress' label
• If PR is ready for review, a reviewer has been added. (Don't use 'Assignees')
• If this is an important user-facing change, PR or related issue has a 'changelog' label
• If this includes an internal dependency change, a link to the diff is provided

Reviewer checklist

• PR is fully functional
• PR has been tested for accessibility regressions
• External dependency files were updated if necessary (yarn and pip)
• Documentation is updated
• Contributor is in AUTHORS.md

[github-actions]

Build Artifacts

Asset type	Download link
PEX file	kolibri-0.18.0a2.dev0_git.12.geec74ea6.pex
Windows Installer (EXE)	kolibri-0.18.0a2.dev0+git.12.geec74ea6-windows-setup-unsigned.exe
Debian Package	kolibri_0.18.0a2.dev0+git.12.geec74ea6-0ubuntu1_all.deb
Mac Installer (DMG)	kolibri-0.18.0a2.dev0+git.12.geec74ea6.dmg
Android Package (APK)	kolibri-0.18.0a2.dev0+git.12.geec74ea6-0.1.4-debug.apk
Raspberry Pi Image	kolibri-pi-image-0.18.0a2.dev0+git.12.geec74ea6.zip
TAR file	kolibri-0.18.0a2.dev0+git.12.geec74ea6.tar.gz
WHL file	kolibri-0.18.0a2.dev0+git.12.geec74ea6-py2.py3-none-any.whl

[rtibbles]

I think we probably want to keep the options.py interface restricted, others can override settings if they see fit, but we should focus on enabling the specific options we need.

Hint: if you do kolibri configure list-env you will see a complete list of available env vars for configuration (which will also show how your new option can be set as an env var).

[rtibbles]

I think I'd want to hew closer to the pattern we have for the Cache and Database options here - and offer simple, pre-specified string options that refer to specific backends. If someone really wants to run a custom backend, they can override the settings file and do what they like.

That way, with specific backends in mind, we can then explicitly enumerate the additional things that need to be specified in each case - for example the default "file_system" backend value will need a path, if it's a GCS backend then other things might be required (or may be automagically configured in some cases).

[rtibbles]

Shouldn't ever be catching a bare Exception, unless for very good reason - it can hide a multitude of sins.

[rtibbles]

Note that Django exposes a utility called import_string which we already use in this module for loading classes by a string dot path, so this seems preferable to use here.

[nucleogenesis]

This is probably why flake8 wouldn't let pre-commit pass but it didn't give me useful output

[jredrejo]

how will this work with database based cache?

[nucleogenesis]

Hm - I'm not sure. I assumed this was only related to validation on initialization

[rtibbles]

I don't see that this would affect anything to do with the cache.

[nucleogenesis]

@jredrejo I've tried several things around here, but no matter what I do I the file always shows size 0... I've confirmed that there are users (usernames is full of data, for example) -- so I'm not sure why the writer isn't updating the file object here...

[jredrejo]

The problem was not in reading the file info, but writing it. It had 0 bytes. I have made a commit in this PR to ensure data is flushed into the BytesIO and now it's working:

INFO     2024-12-26 20:45:45,313 Invoking command bulkexportusers
INFO     2024-12-26 20:45:45,373 Creating users csv file /home/jose/.kolibri/log_export/Kolibri en casa de admin_3da4_users.csv
  [#######################################################################################################################################################################################-------------------------------------------------------------]   75%INFO     2024-12-26 20:45:46,767 File saved - Path: https://storage.googleapis.com/kdp-csv-reporting-develop/Kolibri_en_casa_de_admin_3da4_users.csv
INFO     2024-12-26 20:45:47,073 File saved - Size: 482
INFO     2024-12-26 20:45:47,073 Created csv file /home/jose/.kolibri/log_export/Kolibri en casa de admin_3da4_users.csv with 4 lines

(I've also rebased develop in the branch because there was already a conflict and more might appear soon)

[nucleogenesis]

I think here we can override the default values for the location if needed

[rtibbles]

Not clear to me why this file is necessary - we can just directly use the GoogleCloudStorage class and use settings (with their own options in options.py to allow them to be defined).

https://django-storages.readthedocs.io/en/latest/backends/gcloud.html#settings

[nucleogenesis]

In hindsight, I think that maybe just cleaning up the files after each test could have avoided needing this.

[nucleogenesis]

Looking back at this, the reassignment of source makes this a it odd to read in a way that it wasn't when they were created inside of with statements.

I'll come back through and do some cleaning

[rtibbles]

There seems to be a problem with how files are being handled that is leaving file handles open - this is why things are erroring on windows, because it is much more sensitive to files not being closed:

PermissionError: [WinError 32] The process cannot access the file because it is being used by another process: 'D:\\a\\kolibri\\kolibri\\.pytest_kolibri_home\\media\\UserImportCommandTestCase.csv'

I haven't looked through the code in detail to see where this might be happening, but it suggests that something isn't being handled entirely properly.

[rtibbles]

The changes here seem to have completely ignored the purpose of the two helper functions open_csv_for_writing and open_csv_for_reading - I think the diff could be significantly reduced by leaning into the existence of these two functions and consolidating the logic in there - with the small tweak as you have done that we change filepath to filename, so that it is clear it is not a literal disk file path.

We can also probably conditionalize whether we write directly to the file or to memory. Writing large CSV files to memory in a non-cloud environment is probably not going to be a great idea.

The other alternative is we could just write directly to the storage object in either case unless we know absolutely that it is too slow when writing to GCS? Given it's happening in an asynchronous task, and we have to write to it eventually... I am not sure how writing to memory first necessarily helps.

[rtibbles]

Why are we using io.StringIO() here but io.BytesIO below?

[rtibbles]

We should have a BUCKET NAME option in our options.py as well - we definitely should not be hard coding anything specific about any platform in here.

If GCS_BUCKET_NAME is an environment variable that is set by default on GCP (but I don't think it is) we can specify specific env vars in the options configuration to draw values from.

[rtibbles]

Not clear to me why this file is necessary - we can just directly use the GoogleCloudStorage class and use settings (with their own options in options.py to allow them to be defined).

https://django-storages.readthedocs.io/en/latest/backends/gcloud.html#settings

[rtibbles]

Rather than subclassing GoogleCloudStorage, we should just set the additional settings here for it.

[rtibbles]

I don't see that this would affect anything to do with the cache.

[rtibbles]

Let's add addiitonal options here for the ACL, bucket name, etc - we don't need to expose all the settings that are available, but for anything we need set, we can include here.

[rtibbles]

@nucleogenesis and I had a quick sync up to see how to consolidate the file handling here - seems like there are some deficiencies in the Django Storage conformance to the Python file object spec https://forum.djangoproject.com/t/file-open-to-support-different-encodings/21491 - but an idea there to wrap the file object in a TextIOWrapper to ensure we generate with the correct encoding and newlines seems promising!

[pcenov]

Hi @nucleogenesis - on my end while regression testing the .csv generation I noticed that it's no longer possible to generate the same .csv file twice. For example if I go to Facility > Data and generate a sessions logs file for the current day, it gets generated correctly, but if I attempt to to the same thing 5 minutes later it still says "Generated 5 minutes ago."
The same is valid when generating a new user .csv file - the first time it works fine, but if I go ahead and add several new users, go back to Facility > Data and click again the "Generate new user CSV file" it will seem that it's generated correctly but when you open it you don't see the newly added users. There are no errors in the console.

Here are the logs from one of my devices though:
logs.zip

log.with.the.same.date.range.mp4

[rtibbles]

According to Sentry there's a path whereby this variable doesn't exist yet: https://learningequality.sentry.io/issues/6321649781/?alert_rule_id=14557147&alert_type=issue&notification_uuid=f911561f-142a-43f1-b240-99174fc0f77d&project=1378215&referrer=slack

[DXCanas]

Actually had a call with @nucleogenesis earlier about his access challenges; the django-storages library suggests using oath2 creds for use with creds when passing settings to the library like so:

from google.oauth2 import service_account

GS_CREDENTIALS = service_account.Credentials.from_service_account_file(
    "path/to/credentials.json"
)

But i'd like to try just using Application Default Credentials; I think that might work across local dev and cloud envs

import google.auth
credentials, project = google.auth.default()

[nucleogenesis]

@pcenov I've made some significant changes here and I've been able to test it locally in both the Google Cloud & the local context.

Can you go through the various CSV downloads in Kolibri again to confirm?

I will connect with you once it is testable in a cloud context if needed.

@rtibbles things are ready for re-review code-wise, I'll annotate a few areas w/ thoughts & questions as well

[nucleogenesis]

@DXCanas this is where I ended up putting the code we need to generate the credentials object. @rtibbles is there somewhere better to put this?

[rtibbles]

Could we initialize this during the options parsing as a second step in validation? That way we could fail much earlier if the credentials are incorrectly configured.

[rtibbles]

What's the extra environment variable here for? Can we not just gate this on the conf.OPTIONS?

[rtibbles]

So my thought was we could try to initialize the credentials here - presumably it throws a predictable error which we can catch and raise the validation error.

[nucleogenesis]

@rtibbles updating the google-storages module and removing the GS_CREDENTIALS handling altogether just worked locally <3

[pcenov]

Hi @nucleogenesis, I confirm that the generation of the session and summary logs is working correctly now however when I try to import a user CVS file I am repeatedly getting the following error even without having modified in any way the just exported csv file:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/kolibri/core/tasks/job.py", line 326, in execute
    result = func(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/kolibri/core/tasks/registry.py", line 237, in __call__
    return self.func(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/kolibri/core/auth/tasks.py", line 188, in importusersfromcsv
    delete=delete,
  File "/usr/lib/python3/dist-packages/kolibri/dist/django/core/management/__init__.py", line 181, in call_command
    return command.execute(*args, **defaults)
  File "/usr/lib/python3/dist-packages/kolibri/dist/django/core/management/base.py", line 398, in execute
    output = self.handle(*args, **options)
  File "/usr/lib/python3/dist-packages/kolibri/core/tasks/management/commands/base.py", line 28, in handle
    return self.handle_async(*args, **options)
  File "/usr/lib/python3/dist-packages/kolibri/core/auth/management/commands/bulkimportusers.py", line 873, in handle_async
    self.number_lines = self.get_number_lines(filepath)
  File "/usr/lib/python3/dist-packages/kolibri/core/auth/management/commands/bulkimportusers.py", line 717, in get_number_lines
    with open_csv_for_reading(filepath) as f:
  File "/usr/lib/python3.6/contextlib.py", line 81, in __enter__
    return next(self.gen)
  File "/usr/lib/python3/dist-packages/kolibri/core/utils/csv.py", line 50, in open_csv_for_reading
    with default_storage.open(filename, "rb") as f:
  File "/usr/lib/python3/dist-packages/kolibri/dist/django/core/files/storage.py", line 38, in open
    return self._open(name, mode)
  File "/usr/lib/python3/dist-packages/kolibri/dist/django/core/files/storage.py", line 243, in _open
    return File(open(self.path(name), mode))
  File "/usr/lib/python3/dist-packages/kolibri/dist/django/core/files/storage.py", line 338, in path
    return safe_join(self.location, name)
  File "/usr/lib/python3/dist-packages/kolibri/dist/django/utils/_os.py", line 31, in safe_join
    'component ({})'.format(final_path, base_path))
django.core.exceptions.SuspiciousFileOperation: The joined path (/home/osboxes/.kolibri/temp/tmpv3rj_54v.upload.csv) is located outside of the base path component (/home/osboxes/.kolibri/media)

Here's a video as well:

import.user.CSV.mp4

Logs: logs.zip