From 8fd18cc0c16766701666f2aa6330f71c81a46147 Mon Sep 17 00:00:00 2001 From: Vadim Voitenko Date: Wed, 27 Mar 2024 18:38:03 +0200 Subject: [PATCH 1/5] Fixed s3 region env variable providing Fixed region value provided via environment variable `AWS_REGION` for s3 storage Found when investigated #36 --- internal/storages/s3/s3.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/internal/storages/s3/s3.go b/internal/storages/s3/s3.go index 091eb9fd..3a19cfa0 100644 --- a/internal/storages/s3/s3.go +++ b/internal/storages/s3/s3.go @@ -125,7 +125,10 @@ func NewStorage(ctx context.Context, cfg *Config, logLevel string) (*Storage, er if cfg.Endpoint != "" { awsCfg.WithEndpoint(cfg.Endpoint) } - awsCfg.WithRegion(cfg.Region) + + if cfg.Region != "" { + awsCfg.WithRegion(cfg.Region) + } if cfg.CertFile != "" { file, err := os.Open(cfg.CertFile) From 5b0025624fdede4b402c6f9f913d828f02a124ad Mon Sep 17 00:00:00 2001 From: Vadim Voitenko Date: Wed, 27 Mar 2024 18:55:58 +0200 Subject: [PATCH 2/5] Added region and bucket into debug info --- internal/storages/s3/s3.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/internal/storages/s3/s3.go b/internal/storages/s3/s3.go index 3a19cfa0..8ea501bb 100644 --- a/internal/storages/s3/s3.go +++ b/internal/storages/s3/s3.go @@ -150,6 +150,11 @@ func NewStorage(ctx context.Context, cfg *Config, logLevel string) (*Storage, er }, ) + log.Debug(). + Str("region", *service.Config.Region). + Str("bucket", cfg.Bucket). + Msg("s3 storage bucket") + return &Storage{ prefix: fixPrefix(path.Join(cfg.Bucket, cfg.Prefix)), session: ses, From ee3a1e32335d9b825efd46871c022c99fe153fef Mon Sep 17 00:00:00 2001 From: Vadim Voitenko Date: Wed, 27 Mar 2024 22:02:04 +0200 Subject: [PATCH 3/5] Added no_verify_ssl option --- internal/storages/s3/config.go | 1 + internal/storages/s3/s3.go | 9 +++++++++ 2 files changed, 10 insertions(+) diff --git a/internal/storages/s3/config.go b/internal/storages/s3/config.go index 5eaf3924..84fa1be8 100644 --- a/internal/storages/s3/config.go +++ b/internal/storages/s3/config.go @@ -42,6 +42,7 @@ type Config struct { UseListObjectsV1 bool `mapstructure:"use_list_objects_v1,omitempty"` ForcePathStyle bool `mapstructure:"force_path_style,omitempty"` UseAccelerate bool `mapstructure:"use_accelerate,omitempty"` + NoVerifySsl bool `mapstructure:"no_verify_ssl,omitempty"` } func NewConfig() *Config { diff --git a/internal/storages/s3/s3.go b/internal/storages/s3/s3.go index 8ea501bb..350f5a8e 100644 --- a/internal/storages/s3/s3.go +++ b/internal/storages/s3/s3.go @@ -16,9 +16,11 @@ package s3 import ( "context" + "crypto/tls" "errors" "fmt" "io" + "net/http" "os" "path" "path/filepath" @@ -122,6 +124,13 @@ func NewStorage(ctx context.Context, cfg *Config, logLevel string) (*Storage, er awsCfg.WithLogger(LogWrapper{logger: &log.Logger}) awsCfg.WithLogLevel(lv) + if cfg.NoVerifySsl { + tr := &http.Transport{ + TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, + } + awsCfg.WithHTTPClient(&http.Client{Transport: tr}) + } + if cfg.Endpoint != "" { awsCfg.WithEndpoint(cfg.Endpoint) } From c7856e4e0918e9520266d92e098ff27df1941a2a Mon Sep 17 00:00:00 2001 From: Joao Zanutto Date: Wed, 27 Mar 2024 19:45:56 -0700 Subject: [PATCH 4/5] change DisableSSL to NoVerifySSL in docs --- docs/configuration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuration.md b/docs/configuration.md index bbbe8a41..01d8d2ee 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -54,7 +54,7 @@ two storage options are supported: `directory` and `s3`. * `prefix` — a prefix for objects in the bucket, specified in path format * `region` — the S3 service region * `storage_class` — the storage class for performing object requests - * `disable_ssl` — disable SSL for interactions (default is `false`) + * `no_verify_ssl` — disable SSL for interactions (default is `false`) * `access_key_id` — access key for authentication * `secret_access_key` — secret access key for authentication * `session_token` — session token for authentication From 51b47e514528415ccbe7c09c70062fbf22c2131b Mon Sep 17 00:00:00 2001 From: Vadim Voitenko Date: Thu, 28 Mar 2024 09:46:44 +0200 Subject: [PATCH 5/5] Updated no_verify_ssl description --- docs/configuration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuration.md b/docs/configuration.md index a0c2942d..1e636b52 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -55,7 +55,7 @@ two storage options are supported: `directory` and `s3`. * `prefix` — a prefix for objects in the bucket, specified in path format * `region` — the S3 service region * `storage_class` — the storage class for performing object requests - * `no_verify_ssl` — disable SSL for interactions (default is `false`) + * `no_verify_ssl` — disable SSL certificate verification * `access_key_id` — access key for authentication * `secret_access_key` — secret access key for authentication * `session_token` — session token for authentication