github/distribution
1
0
Fork 0
mirror of https://github.com/distribution/distribution.git synced 2025-08-20 07:45:33 +00:00
Code Issues Projects Releases Wiki Activity

s3: accept S3 parameter

Browse Source
This commit is contained in:
Bouke van der Bijl 2019-09-02 12:31:30 +00:00 committed by Adam Wolfe Gordon
parent 03ff763453
commit aabf07ec65
2 changed files with 60 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
registry/storage/driver/s3-aws/s3.go
View File

@ -84,6 +84,10 @@ var validObjectACLs = map[string]struct{}{}
//DriverParameters A struct that encapsulates all of the driver parameters after all values have been set //DriverParameters A struct that encapsulates all of the driver parameters after all values have been set
type DriverParameters struct { type DriverParameters struct {
// S3 is an optional parameter. If specified, it will use the existing session
// to construct the Driver.
S3 *s3.S3
AccessKey string AccessKey string
SecretKey string SecretKey string
Bucket string Bucket string
@ -342,6 +346,7 @@ func FromParameters(parameters map[string]interface{}) (*Driver, error) {
sessionToken := "" sessionToken := ""
params := DriverParameters{ params := DriverParameters{
nil,
fmt.Sprint(accessKey), fmt.Sprint(accessKey),
fmt.Sprint(secretKey), fmt.Sprint(secretKey),
fmt.Sprint(bucket), fmt.Sprint(bucket),
@ -398,66 +403,69 @@ func getParameterAsInt64(parameters map[string]interface{}, name string, default
// New constructs a new Driver with the given AWS credentials, region, encryption flag, and // New constructs a new Driver with the given AWS credentials, region, encryption flag, and
// bucketName // bucketName
func New(params DriverParameters) (*Driver, error) { func New(params DriverParameters) (*Driver, error) {
if !params.V4Auth && s3obj := params.S3
(params.RegionEndpoint == "" || if s3obj == nil {
strings.Contains(params.RegionEndpoint, "s3.amazonaws.com")) { if !params.V4Auth &&
return nil, fmt.Errorf("on Amazon S3 this storage driver can only be used with v4 authentication") (params.RegionEndpoint == "" ||
} strings.Contains(params.RegionEndpoint, "s3.amazonaws.com")) {
return nil, fmt.Errorf("on Amazon S3 this storage driver can only be used with v4 authentication")
}
awsConfig := aws.NewConfig() awsConfig := aws.NewConfig()
sess, err := session.NewSession() sess, err := session.NewSession()
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to create new session: %v", err) return nil, fmt.Errorf("failed to create new session: %v", err)
} }
creds := credentials.NewChainCredentials([]credentials.Provider{ creds := credentials.NewChainCredentials([]credentials.Provider{
&credentials.StaticProvider{ &credentials.StaticProvider{
Value: credentials.Value{ Value: credentials.Value{
AccessKeyID: params.AccessKey, AccessKeyID: params.AccessKey,
SecretAccessKey: params.SecretKey, SecretAccessKey: params.SecretKey,
SessionToken: params.SessionToken, SessionToken: params.SessionToken,
},
}, },
}, &credentials.EnvProvider{},
&credentials.EnvProvider{}, &credentials.SharedCredentialsProvider{},
&credentials.SharedCredentialsProvider{}, &ec2rolecreds.EC2RoleProvider{Client: ec2metadata.New(sess)},
&ec2rolecreds.EC2RoleProvider{Client: ec2metadata.New(sess)}, })
})
if params.RegionEndpoint != "" { if params.RegionEndpoint != "" {
awsConfig.WithS3ForcePathStyle(true) awsConfig.WithS3ForcePathStyle(true)
awsConfig.WithEndpoint(params.RegionEndpoint) awsConfig.WithEndpoint(params.RegionEndpoint)
} }
awsConfig.WithCredentials(creds) awsConfig.WithCredentials(creds)
awsConfig.WithRegion(params.Region) awsConfig.WithRegion(params.Region)
awsConfig.WithDisableSSL(!params.Secure) awsConfig.WithDisableSSL(!params.Secure)
if params.UserAgent != "" || params.SkipVerify { if params.UserAgent != "" || params.SkipVerify {
httpTransport := http.DefaultTransport httpTransport := http.DefaultTransport
if params.SkipVerify { if params.SkipVerify {
httpTransport = &http.Transport{ httpTransport = &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
}
}
if params.UserAgent != "" {
awsConfig.WithHTTPClient(&http.Client{
Transport: transport.NewTransport(httpTransport, transport.NewHeaderRequestModifier(http.Header{http.CanonicalHeaderKey("User-Agent"): []string{params.UserAgent}})),
})
} else {
awsConfig.WithHTTPClient(&http.Client{
Transport: transport.NewTransport(httpTransport),
})
} }
} }
if params.UserAgent != "" {
awsConfig.WithHTTPClient(&http.Client{ sess, err = session.NewSession(awsConfig)
Transport: transport.NewTransport(httpTransport, transport.NewHeaderRequestModifier(http.Header{http.CanonicalHeaderKey("User-Agent"): []string{params.UserAgent}})), if err != nil {
}) return nil, fmt.Errorf("failed to create new session with aws config: %v", err)
} else {
awsConfig.WithHTTPClient(&http.Client{
Transport: transport.NewTransport(httpTransport),
})
} }
} s3obj = s3.New(sess)
sess, err = session.NewSession(awsConfig) // enable S3 compatible signature v2 signing instead
if err != nil { if !params.V4Auth {
return nil, fmt.Errorf("failed to create new session with aws config: %v", err) setv2Handlers(s3obj)
} }
s3obj := s3.New(sess)
// enable S3 compatible signature v2 signing instead
if !params.V4Auth {
setv2Handlers(s3obj)
} }
// TODO Currently multipart uploads have no timestamps, so this would be unwise // TODO Currently multipart uploads have no timestamps, so this would be unwise

1
registry/storage/driver/s3-aws/s3_test.go
View File

@ -77,6 +77,7 @@ func init() {
} }
parameters := DriverParameters{ parameters := DriverParameters{
nil,
accessKey, accessKey,
secretKey, secretKey,
bucket, bucket,