KurlesHS/frostfs-s3-gw
1
0
Fork 0
forked from TrueCloudLab/frostfs-s3-gw
Code Pull requests Activity
1491 commits 6 branches 44 tags 23 MiB
Commit graph

174 commits

Author SHA1 Message Date
Roman Loginov
04b8fc2b5f [#562] Empty default value for TLS termination header param 
If the service is accessed not through a proxy and the
default value of the parameter with the header key is
not empty, then the system administrator does not
control disabling TLS verification in any way, because
the client can simply add a known header, thereby
skipping the verification. Therefore, the default value
of the header parameter is made empty. If it is empty,
then TLS verification cannot be disabled in any way.
Thus, the system administrator will be able to control
the enabling/disabling of TLS.

Signed-off-by: Roman Loginov <r.loginov@yadro.com>
 2024-12-13 11:12:58 +00:00
Roman Loginov
128939c01e [#562] Add tests for form encryption params 
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
 2024-12-11 16:09:43 +03:00
Roman Loginov
4a4ce00994 [#562] Support TLS termination header for SSE-C 
The TLS termination header added for determining
whether TLS needs to be checked. If the system
requests come through a proxy server and TLS can
terminate at the proxy level, you should use this
header to disable TLS verification at SSE-C.

Signed-off-by: Roman Loginov <r.loginov@yadro.com>
 2024-12-11 16:09:43 +03:00
Marina Biryukova
f215d200e8 [#559] Remove multipart objects using tombstones 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-12-04 11:03:01 +03:00
Roman Loginov
368c7d2acd [#549] Add tracing attributes 
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
 2024-11-18 11:55:31 +00:00
Marina Biryukova
17d40245de [#505] docs: Add example of uploading file using presigned URL 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-11-02 08:53:54 +00:00
Alex Vanin
8bc19725ba [#521] Add documentation for multinet settings 
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
 2024-10-29 15:55:27 +03:00
Denis Kirillov
57b7e83380 [#509] Save isCustom flag into accessbox 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-10-23 15:01:31 +03:00
Denis Kirillov
6a90f4e624 [#509] Update docs 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-10-23 15:01:31 +03:00
Denis Kirillov
b78e55e101 [#509] Support custom AWS credentials 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-10-23 15:01:31 +03:00
Roman Loginov
aaed083d82 [#520] Support the continuous use of interceptors 
We can always add interceptors to the grpc
connection to the storage, since the actual
use will be controlled by the configuration
from the frostfs-observability library.

Signed-off-by: Roman Loginov <r.loginov@yadro.com>
 2024-10-21 11:49:22 +03:00
Pavel Pogodaev
99f273f9af [#461] Configure logger sampling policy 
Signed-off-by: Pavel Pogodaev <p.pogodaev@yadro.com>
 2024-09-26 10:34:44 +03:00
Roman Loginov
cd96adef36 [#499] Fix of sighup traicing docs 
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
 2024-09-25 14:34:18 +03:00
Aleksey Savaitan
34c1426b9f [#484] Add root ca cert for telemetry configuration 
Signed-off-by: Aleksey Savaitan <a.savaitan@yadro.com>
 2024-09-19 11:07:13 +00:00
Marina Biryukova
d0e4d55772 [#460] Add network info cache 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-09-13 09:56:24 +00:00
Nikita Zinkevich
62615d7ab7 [#369] Request reproducer 
Signed-off-by: Nikita Zinkevich <n.zinkevich@yadro.com>
 2024-09-11 15:25:09 +03:00
Nikita Zinkevich
575ab4d294 [#369] Enhanced http requests logging 
Signed-off-by: Nikita Zinkevich <n.zinkevich@yadro.com>
 2024-09-11 15:25:09 +03:00
Marina Biryukova
d6b506f6d9 [#466] Implement PATCH for multipart objects 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-09-03 11:57:59 +00:00
Marina Biryukova
a2e0b92575 [#473] Add PATCH to extensions doc 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-09-03 11:57:59 +00:00
Denis Kirillov
136b5521fe [#475] Support graceful_close_on_switch_timeout param 
This allows in-flight requests finish during rebalance

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-08-29 13:22:08 +00:00
Roman Loginov
bf00fa6aa9 [#449] Add support headers for vhs and servername 
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
 2024-08-23 08:35:05 +00:00
Roman Loginov
534ae7f0f1 [#446] Add support virtual-hosted-style 
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
 2024-08-23 08:35:05 +00:00
Marina Biryukova
481520705a [#42] Support expiration lifecycle 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-08-21 10:38:35 +03:00
Pavel Pogodaev
51c5c227c2 [#31] Add force bucket delete flag 
Signed-off-by: Pavel Pogodaev <p.pogodaev@yadro.com>
 2024-07-25 14:04:54 +03:00
Marina Biryukova
971006a28c [#422] Support separate container for CORS 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-07-23 12:33:29 +00:00
Ekaterina Lebedeva
1d965b23ab [#432] doc: Fix grammar mistakes in authentication 
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
 2024-07-17 17:08:48 +03:00
Denis Kirillov
70eedfc077 [#414] authmate: Add register-user command 
New command allows register user in frostfsid and
set allowed rules in policy contract

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-07-08 14:13:00 +03:00
Denis Kirillov
9241954496 [#372] authmate: Don't create creds with eacl table 
Allow only impersonate flag.
Don't allow SetEACL container session token.

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-07-01 16:26:21 +03:00
Denis Kirillov
77f8bdac58 [#372] Drop kludge.acl_enabled flag 
Now only APE container can be created using s3-gw

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-07-01 16:26:19 +03:00
Denis Kirillov
9432782ce6 [#401] Drop notifications 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-06-25 15:49:37 +03:00
Denis Kirillov
2b04fcb5ec [#406] Remove control api 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-06-21 06:36:56 +00:00
Denis Kirillov
bb81afc14a [#398] Support retryer 
Add two strategy for PutBucketSettings request retryer:
* exponential backoff (increasing up to `max_backoff` delays with jitter)
* constant backoff (always the same `max_backoff` delay between requests)

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-06-06 13:02:17 +00:00
Marina Biryukova
45f77de8c8 [#371] Add custom Source IP header configuration 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-04-22 07:42:45 +00:00
Denis Kirillov
fec3b3f31e [#269] Add frostfsid cache configuration 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-04-17 12:11:23 +03:00
Denis Kirillov
9f29fcbd52 [#353] docs: Add bucket policy docs 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-04-15 11:41:19 +03:00
Denis Kirillov
6b8095182e [#343] docs: Actualize s3 compatibility table 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-04-02 15:02:51 +03:00
Denis Kirillov
fbe7a784e8 [#301] Support GetBucketPolicyStatus 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-03-28 09:13:25 +03:00
Pavel Pogodaev
bfcde09f07 [#291] server auto re-binding 
Signed-off-by: Pavel Pogodaev <p.pogodaev@yadro.com>
 2024-03-27 14:28:50 +03:00
Denis Kirillov
94bd1dfe28 [#334] Add auth doc 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-03-21 12:12:29 +03:00
Denis Kirillov
56b50f2075 [#306] Remove flag to disable policy contract 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-02-28 17:50:08 +03:00
Denis Kirillov
c868af8a62 [#306] Add flag to enable old ACL bucket creation 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-02-28 17:50:08 +03:00
Denis Kirillov
924e87face [#305] Support checking if accessbox was removed 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-02-09 09:41:48 +03:00
Denis Kirillov
71d82d1cc8 [#165] Fix lint issues 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-02-02 16:15:08 +03:00
Denis Kirillov
6e8960b2ab [#165] Add list session cache 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-02-02 16:09:48 +03:00
Denis Kirillov
899213b3f3 [#287] Support proxy for frostfsid and policy contracts 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2023-12-22 15:45:10 +03:00
Denis Kirillov
5698d5844e [#283] Support frostfsid groups in policy request checking 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2023-12-21 14:21:36 +03:00
Denis Kirillov
9272f4e108 [#259] Support contract based policies 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2023-12-11 10:01:46 +03:00
Denis Kirillov
be6a37ada5 [#262] Support configuring max tree request attempts 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
 2023-12-07 16:41:21 +03:00
Denis Kirillov
43abf58068 [#257] Support flag to deny access if policy rules not found 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2023-12-06 17:47:58 +03:00
Denis Kirillov
c7a65bd075 [#258] Add control service 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2023-12-01 14:17:06 +03:00