Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow S3 Storage Provider to support sts_endpoint #6990

Merged
merged 19 commits into from
Jan 9, 2024
Merged

Allow S3 Storage Provider to support sts_endpoint #6990

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
76d7d7f
Added Sts endpoint for s3 storage provider for s3 config
TimKotowski Dec 23, 2023
d2ae346
add Changelog for ticket
TimKotowski Dec 23, 2023
e484123
Merge branch 'main' into allow-sts-endpoint-s3-storage
TimKotowski Dec 23, 2023
1ae906f
add sts endpoint to client testing
TimKotowski Dec 23, 2023
d244f24
Update client_test.go indenting
TimKotowski Dec 23, 2023
42063f7
added test for config to allow validation for passing in an sts endpoint
TimKotowski Dec 23, 2023
56a1844
Merge branch 'allow-sts-endpoint-s3-storage' of https://github.com/Ti…
TimKotowski Dec 23, 2023
0599731
fixing naming of changelog for ticket
TimKotowski Dec 23, 2023
23494db
create better testing of minio sts endpoint rather than from an aws s…
TimKotowski Dec 23, 2023
20b4df2
Update pkg/storage/bucket/s3/config.go
dimitarvdimitrov Dec 26, 2023
009548b
Update docs and reference & help text
dimitarvdimitrov Dec 26, 2023
97911e4
CR fixes, remove mimir endpoint creation in favor for the correct sts…
TimKotowski Dec 26, 2023
07e04de
sts instead of s3 endpoint in config test
TimKotowski Dec 26, 2023
69ac575
added URL validation for sts-endpoint from cofig with testing
TimKotowski Dec 27, 2023
ad50560
work on fixing validation for sts endpoint for testing and logic
TimKotowski Dec 27, 2023
46a05d2
fix code format
TimKotowski Dec 27, 2023
3a2de02
CR fixes
TimKotowski Jan 5, 2024
0cfeed7
Merge branch 'main' into allow-sts-endpoint-s3-storage
TimKotowski Jan 5, 2024
ef17344
Fix linter errors
dimitarvdimitrov Jan 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions pkg/storage/bucket/s3/config.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@ var (
errUnsupportedStorageClass = fmt.Errorf("unsupported S3 storage class (supported values: %s)", strings.Join(supportedStorageClasses, ", "))
errInvalidSSEContext = errors.New("invalid S3 SSE encryption context")
errInvalidEndpointPrefix = errors.New("the endpoint must not prefixed with the bucket name")
errInvalidSTSPrefix = errors.New("sts-endpoint must be a valid url")
TimKotowski marked this conversation as resolved.
Show resolved Hide resolved
)

// HTTPConfig stores the http.Transport configuration for the s3 minio client.
Expand Down Expand Up @@ -128,6 +129,9 @@ func (cfg *Config) Validate() error {
return errInvalidEndpointPrefix
}
}
if cfg.STSEndpoint != "" && !util.IsValidURL(cfg.STSEndpoint) {
return errInvalidSTSPrefix
}
if !util.StringsContain(supportedStorageClasses, cfg.StorageClass) && cfg.StorageClass != "" {
return errUnsupportedStorageClass
}
Expand Down
15 changes: 15 additions & 0 deletions pkg/storage/bucket/s3/config_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,20 @@ func TestConfig_Validate(t *testing.T) {
},
},
"should pass with using sts endpoint": {
setup: func() *Config {
sseCfg := &SSEConfig{}
flagext.DefaultValues(sseCfg)
cfg := &Config{
BucketName: "mimir-block",
SSE: *sseCfg,
SignatureVersion: SignatureVersionV4,
StorageClass: s3_service.StorageClassStandard,
STSEndpoint: "https://sts.eu-central-1.amazonaws.com",
}
return cfg
},
},
"should not pass with using sts endpoint as its using an invalid url": {
setup: func() *Config {
sseCfg := &SSEConfig{}
flagext.DefaultValues(sseCfg)
Expand All @@ -130,6 +144,7 @@ func TestConfig_Validate(t *testing.T) {
}
return cfg
},
expected: errInvalidSTSPrefix,
},
}

Expand Down
16 changes: 16 additions & 0 deletions pkg/util/url.go
View file
Open in desktop
TimKotowski marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
// SPDX-License-Identifier: AGPL-3.0-only

package util

import (
"net/url"
)

func IsValidURL(endpoint string) bool {
u, err := url.Parse(endpoint)
if err != nil {
return false
}

return u.Scheme != "" && u.Host != ""
}
45 changes: 45 additions & 0 deletions pkg/util/url_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
// SPDX-License-Identifier: AGPL-3.0-only
package util

import (
"github.com/stretchr/testify/assert"
"testing"
)

func TestIsValidURL(t *testing.T) {
t.Parallel()

tests := []struct {
name string
endpoint string
}{
{
name: "valid url",
endpoint: "https://sts.eu-central-1.amazonaws.com",
},
{
name: "invalid url no scheme",
endpoint: "sts.eu-central-1.amazonaws.com",
},
{
name: "invalid url invalid scheme setup",
endpoint: "https:///sts.eu-central-1.amazonaws.com",
},
{
name: "invalid url no host",
endpoint: "https://",
},
}

for i, test := range tests {
t.Run(test.name, func(t *testing.T) {
valid := IsValidURL(test.endpoint)

if i == 0 {
TimKotowski marked this conversation as resolved.
Show resolved Hide resolved
assert.True(t, valid)
} else {
assert.False(t, valid)
}
})
}
}
Loading