Merge pull request #3841 from kirat-singh/feature/aws-ca-bundle

Support AWS_CA_BUNDLE when talking to the S3 API
This commit is contained in:
Milos Gajdos 2023-02-17 09:36:20 +00:00 committed by GitHub
commit e64b08ada6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -36,7 +36,6 @@ import (
"github.com/aws/aws-sdk-go/service/s3" "github.com/aws/aws-sdk-go/service/s3"
dcontext "github.com/distribution/distribution/v3/context" dcontext "github.com/distribution/distribution/v3/context"
"github.com/distribution/distribution/v3/registry/client/transport"
storagedriver "github.com/distribution/distribution/v3/registry/storage/driver" storagedriver "github.com/distribution/distribution/v3/registry/storage/driver"
"github.com/distribution/distribution/v3/registry/storage/driver/base" "github.com/distribution/distribution/v3/registry/storage/driver/base"
"github.com/distribution/distribution/v3/registry/storage/driver/factory" "github.com/distribution/distribution/v3/registry/storage/driver/factory"
@ -526,28 +525,24 @@ func New(params DriverParameters) (*Driver, error) {
awsConfig.UseDualStackEndpoint = endpoints.DualStackEndpointStateEnabled awsConfig.UseDualStackEndpoint = endpoints.DualStackEndpointStateEnabled
} }
if params.UserAgent != "" || params.SkipVerify {
httpTransport := http.DefaultTransport
if params.SkipVerify { if params.SkipVerify {
httpTransport = &http.Transport{ httpTransport := &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
} }
}
if params.UserAgent != "" {
awsConfig.WithHTTPClient(&http.Client{ awsConfig.WithHTTPClient(&http.Client{
Transport: transport.NewTransport(httpTransport, transport.NewHeaderRequestModifier(http.Header{http.CanonicalHeaderKey("User-Agent"): []string{params.UserAgent}})), Transport: httpTransport,
}) })
} else {
awsConfig.WithHTTPClient(&http.Client{
Transport: transport.NewTransport(httpTransport),
})
}
} }
sess, err := session.NewSession(awsConfig) sess, err := session.NewSession(awsConfig)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to create new session with aws config: %v", err) return nil, fmt.Errorf("failed to create new session with aws config: %v", err)
} }
if params.UserAgent != "" {
sess.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler(params.UserAgent))
}
s3obj := s3.New(sess) s3obj := s3.New(sess)
// enable S3 compatible signature v2 signing instead // enable S3 compatible signature v2 signing instead