test: add folder quota integration test and bootstrap config

  Stage 7 rounds out the folder quota feature with declarative bootstrap
  and an end-to-end smoke test that drives a real kernel NFS client.

  QuotaConfig gains a [quota.bootstrap] TOML block mapping first-level
  directory names to size strings. QuotaManager::apply_bootstrap
  installs each entry only when the target directory has no existing
  quota record, so the block is idempotent across restarts — editing it
  does not clobber tracked usage. The main binary applies the bootstrap
  after opening the FSAL and before accepting traffic; the operation is
  exposed through the Filesystem trait with a default no-op so
  non-quota backends are unaffected.

  tests/test_nfs_quota.sh mounts the NFS export and exercises the four
  quota scenarios end-to-end: under-limit write, over-limit write that
  must return EDQUOT, remove-then-write, and truncate-then-write. It
  also checks that `df` reports the quota limit as total bytes.

  The nfstest-factory CI workflow now patches the deployment ConfigMap
  to enable quota and bootstrap a 1MB limit on pvc-quota-test before
  running the smoke test, then runs nfstest_posix against the same
  mount — POSIX tests touch root-level paths only, so the two suites
  do not interfere.

  arcticwolf.example.toml documents the new [quota] section and the
  optional bootstrap block for operators.

Signed-off-by: Vicente Cheng <vicente.cheng@suse.com>

Author: Vicente-Cheng

.github/workflows/nfstest-factory.yml

@@ -45,6 +45,27 @@ jobs:
           sed -i '/imagePullPolicy/d' deploy/k8s/deployment.yaml
           # Add imagePullPolicy: Never for local image
           sed -i 's|image: arcticwolf:test|image: arcticwolf:test\n          imagePullPolicy: Never|g' deploy/k8s/deployment.yaml
+          # Enable folder quota with a bootstrap entry so the quota smoke
+          # test below has something to enforce against. The entry matches
+          # tests/test_nfs_quota.sh defaults (PVC_NAME=pvc-quota-test,
+          # QUOTA_BYTES=1048576).
+          python3 - <<'PY'
+          from pathlib import Path
+          p = Path("deploy/k8s/deployment.yaml")
+          text = p.read_text()
+          marker = '    [logging]\n    level = "debug"'
+          addition = (
+              '\n'
+              '    [quota]\n'
+              '    enabled = true\n'
+              '    db_path = "/tmp/.arcticwolf-quota.db"\n'
+              '\n'
+              '    [quota.bootstrap]\n'
+              '    "pvc-quota-test" = "1MB"\n'
+          )
+          assert marker in text, "deployment.yaml logging block not found"
+          p.write_text(text.replace(marker, marker + addition))
+          PY
           kubectl apply -f deploy/k8s/deployment.yaml
           kubectl wait --for=condition=Ready pod -l app=arcticwolf --timeout=120s
 
@@ -68,6 +89,18 @@ jobs:
           echo "NFS mounted successfully"
           ls -la /mnt/nfs/
 
+      # Exercise folder quota against the live mount before running the
+      # broader POSIX suite. The quota directory (pvc-quota-test) is
+      # isolated from the paths nfstest_posix touches, so the two suites
+      # do not interfere.
+      - name: Run folder quota smoke test
+        run: |
+          sudo env \
+            MOUNT_POINT=/mnt/nfs \
+            PVC_NAME=pvc-quota-test \
+            QUOTA_BYTES=1048576 \
+            bash tests/test_nfs_quota.sh
+
       # skip test open until we start to review the failures
       # read/write tests are mandatory and must pass
       - name: Run NFS POSIX tests

arcticwolf.example.toml

@@ -19,3 +19,21 @@ export_path = "/tmp/nfs_exports"
 [logging]
 # Log level: "error", "warn", "info", "debug", "trace" (default: "info")
 level = "info"
+
+[quota]
+# Enable folder quota enforcement (default: false)
+# When enabled, first-level subdirectories under export_path may be
+# assigned a byte limit; writes past the limit return NFS3ERR_DQUOT.
+enabled = false
+# redb database storing quota limits and tracked usage.
+# The parent directory is created at startup if missing.
+db_path = "/var/lib/arcticwolf/quota.db"
+
+# Optional declarative bootstrap. Each entry sets a quota on the first-
+# level subdirectory at startup, but only if the directory has no quota
+# entry yet. This keeps the bootstrap idempotent: editing it after initial
+# rollout will not clobber the tracked usage.
+#
+# Sizes support suffixes B, KB, MB, GB, TB (1024-based).
+# [quota.bootstrap]
+# "pvc-example" = "10GB"

src/config.rs

@@ -6,6 +6,7 @@
 
 use clap::Parser;
 use serde::Deserialize;
+use std::collections::HashMap;
 use std::path::PathBuf;
 
 const DEFAULT_CONFIG_PATH: &str = "/etc/arcticwolf/config.toml";
@@ -57,13 +58,19 @@ pub struct QuotaConfig {
     pub enabled: bool,
     /// Path to the redb database file storing quota limits and usage
     pub db_path: PathBuf,
+    /// Declarative quota bootstrap: map of first-level subdirectory name
+    /// to a size string (e.g. "10GB"). Each entry is applied at startup
+    /// only when the directory has no existing quota entry, so the
+    /// bootstrap is idempotent and safe across restarts.
+    pub bootstrap: HashMap<String, String>,
 }
 
 impl Default for QuotaConfig {
     fn default() -> Self {
         Self {
             enabled: false,
             db_path: PathBuf::from(DEFAULT_QUOTA_DB_PATH),
+            bootstrap: HashMap::new(),
         }
     }
 }
@@ -313,6 +320,31 @@ mod tests {
         let config: Config = toml::from_str(toml).expect("Failed to parse TOML");
         assert!(config.quota.enabled);
         assert_eq!(config.quota.db_path, PathBuf::from("/tmp/quota.db"));
+        assert!(config.quota.bootstrap.is_empty());
+    }
+
+    #[test]
+    fn test_parse_quota_bootstrap_toml() {
+        let toml = r#"
+            [quota]
+            enabled = true
+            db_path = "/tmp/quota.db"
+
+            [quota.bootstrap]
+            "pvc-a" = "10GB"
+            "pvc-b" = "1MB"
+        "#;
+
+        let config: Config = toml::from_str(toml).expect("Failed to parse TOML");
+        assert_eq!(config.quota.bootstrap.len(), 2);
+        assert_eq!(
+            config.quota.bootstrap.get("pvc-a"),
+            Some(&"10GB".to_string())
+        );
+        assert_eq!(
+            config.quota.bootstrap.get("pvc-b"),
+            Some(&"1MB".to_string())
+        );
     }
 
     #[test]

src/fsal/local/mod.rs

@@ -1118,6 +1118,22 @@ impl Filesystem for LocalFilesystem {
             tracing::info!("Quota reconciliation task finished");
         });
     }
+
+    async fn apply_quota_bootstrap(
+        &self,
+        bootstrap: &std::collections::HashMap<String, String>,
+    ) -> Result<()> {
+        let Some(ref qm) = self.quota_manager else {
+            if !bootstrap.is_empty() {
+                tracing::warn!(
+                    "Quota bootstrap requested but quota is disabled; ignoring {} entries",
+                    bootstrap.len()
+                );
+            }
+            return Ok(());
+        };
+        qm.apply_bootstrap(bootstrap).await
+    }
 }
 
 /// Logically normalize a path: collapse `.` and `..` components and
@@ -1609,6 +1625,7 @@ mod tests {
         let quota_cfg = QuotaConfig {
             enabled: true,
             db_path: db_dir.path().join("quota.db"),
+            bootstrap: std::collections::HashMap::new(),
         };
         let fs = LocalFilesystem::new(export_dir.path(), Some(&quota_cfg))
             .expect("Failed to create filesystem with quota");
@@ -1631,6 +1648,7 @@ mod tests {
         let quota_cfg = QuotaConfig {
             enabled: false,
             db_path: db.path().join("quota.db"),
+            bootstrap: std::collections::HashMap::new(),
         };
         let fs = LocalFilesystem::new(export.path(), Some(&quota_cfg)).unwrap();
         assert!(
@@ -1654,6 +1672,7 @@ mod tests {
         let cfg = QuotaConfig {
             enabled: true,
             db_path: export.path().join("quota.db"),
+            bootstrap: std::collections::HashMap::new(),
         };
         match LocalFilesystem::new(export.path(), Some(&cfg)) {
             Ok(_) => panic!("LocalFilesystem::new should reject db inside export"),
@@ -1672,6 +1691,7 @@ mod tests {
         let cfg = QuotaConfig {
             enabled: true,
             db_path: nested.join("quota.db"),
+            bootstrap: std::collections::HashMap::new(),
         };
         match LocalFilesystem::new(export.path(), Some(&cfg)) {
             Ok(_) => panic!("nested-under-root db path should be rejected"),
@@ -1690,6 +1710,7 @@ mod tests {
         let cfg = QuotaConfig {
             enabled: true,
             db_path: db_dir.path().join("quota.db"),
+            bootstrap: std::collections::HashMap::new(),
         };
         let fs = LocalFilesystem::new(export.path(), Some(&cfg))
             .expect("db outside export should be accepted");
@@ -1707,6 +1728,7 @@ mod tests {
         let cfg = QuotaConfig {
             enabled: true,
             db_path: sneaky,
+            bootstrap: std::collections::HashMap::new(),
         };
         match LocalFilesystem::new(export.path(), Some(&cfg)) {
             Ok(_) => panic!("dotdot-relative db inside export should be rejected"),
@@ -2209,6 +2231,30 @@ mod tests {
         fs.start_quota_reconciliation();
     }
 
+    #[tokio::test]
+    async fn test_apply_quota_bootstrap_seeds_new_entries() {
+        let (fs, _export, _db) = create_test_fs_with_quota();
+        let mut bootstrap = std::collections::HashMap::new();
+        bootstrap.insert("pvc-a".to_string(), "1MB".to_string());
+
+        fs.apply_quota_bootstrap(&bootstrap).await.unwrap();
+        assert_eq!(
+            fs.quota_manager().unwrap().get_quota_info("pvc-a").await,
+            Some((1024 * 1024, 0))
+        );
+    }
+
+    #[tokio::test]
+    async fn test_apply_quota_bootstrap_noop_when_quota_disabled() {
+        let (fs, _export) = create_test_fs();
+        let mut bootstrap = std::collections::HashMap::new();
+        bootstrap.insert("pvc-a".to_string(), "1MB".to_string());
+
+        // Should not error even though no quota manager is configured;
+        // the entries are logged and discarded.
+        fs.apply_quota_bootstrap(&bootstrap).await.unwrap();
+    }
+
     #[tokio::test]
     async fn test_rename_across_quota_dirs_rejected_when_target_full() {
         let (fs, _export, _db) = create_test_fs_with_quota();

src/fsal/mod.rs

@@ -18,6 +18,7 @@ pub mod quota;
 use crate::config::QuotaConfig;
 use anyhow::Result;
 use async_trait::async_trait;
+use std::collections::HashMap;
 use std::path::PathBuf;
 
 #[allow(unused_imports)]
@@ -346,6 +347,17 @@ pub trait Filesystem: Send + Sync {
     /// The default implementation does nothing. Backends that support
     /// quotas override this to spawn their own task.
     fn start_quota_reconciliation(&self) {}
+
+    /// Apply a declarative quota bootstrap at startup. Entries install
+    /// a quota only when the target directory has none yet; already
+    /// tracked directories are left alone so the bootstrap is
+    /// idempotent across restarts.
+    ///
+    /// The default implementation does nothing. Backends that support
+    /// quotas override this.
+    async fn apply_quota_bootstrap(&self, _bootstrap: &HashMap<String, String>) -> Result<()> {
+        Ok(())
+    }
 }
 
 /// Filesystem backend types