TrueCloudLab
/
frostfs-s3-gw
15
2
Fork 15
Code Issues 20 Pull Requests 7 Actions Packages Projects Releases 7 Activity
1,349 Commits
6 Branches
26 Tags
18 MiB
Commit Graph

725 Commits (bb81afc14a1a18bbb8a0121225c8c53f44b65593)

Author SHA1 Message Date
Denis Kirillov bb81afc14a [#398] Support retryer 
Add two strategy for PutBucketSettings request retryer:
* exponential backoff (increasing up to `max_backoff` delays with jitter)
* constant backoff (always the same `max_backoff` delay between requests)

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-06-06 13:02:17 +00:00
Marina Biryukova e25dc90c20 [#399] Add OPTIONS method for object operations 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-06-04 12:59:45 +00:00
Pavel Pogodaev b5fae316cf [#396] Add user to response 
Signed-off-by: Pavel Pogodaev <p.pogodaev@yadro.com>
 2024-06-04 09:37:55 +00:00
Roman Loginov 9152b084ec [#387] Fix typo 
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
 2024-05-22 15:06:02 +00:00
Roman Loginov 21dbe3ea8e [#387] api: Add tests for middleware 
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
 2024-05-22 15:06:02 +00:00
Roman Loginov f4d174e740 [#387] middleware: Extend test coverage 
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
 2024-05-22 15:06:02 +00:00
Roman Loginov 8a758293b9 [#387] middleware: Delete unused code 
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
 2024-05-22 15:06:02 +00:00
Denis Kirillov fb521c7ac6 [#367] policy: Set IAM-MFA property to false by default
/ DCO (pull_request) Successful in 2m34s Details
/ Vulncheck (pull_request) Successful in 2m41s Details
/ Builds (1.20) (pull_request) Successful in 4m26s Details
/ Builds (1.21) (pull_request) Successful in 4m19s Details
/ Lint (pull_request) Successful in 5m48s Details
/ Tests (1.20) (pull_request) Successful in 3m55s Details
/ Tests (1.21) (pull_request) Successful in 3m53s Details 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-05-22 12:05:42 +03:00
Alexey Vanin 87b9e97a80 [#354] Do not proceed on bucket remove error
/ DCO (pull_request) Successful in 2m22s Details
/ Vulncheck (pull_request) Successful in 2m37s Details
/ Builds (1.20) (pull_request) Successful in 3m42s Details
/ Builds (1.21) (pull_request) Successful in 3m12s Details
/ Lint (pull_request) Successful in 4m51s Details
/ Tests (1.20) (pull_request) Successful in 3m13s Details
/ Tests (1.21) (pull_request) Successful in 3m6s Details 
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
 2024-05-17 20:38:39 +03:00
Artem Tataurov d62d8f3874 [#385] Support the renaming of ObjectRequest and ObjectContainer
/ DCO (pull_request) Successful in 1m33s Details
/ Builds (1.20) (pull_request) Successful in 2m7s Details
/ Builds (1.21) (pull_request) Successful in 1m24s Details
/ Vulncheck (pull_request) Successful in 1m58s Details
/ Lint (pull_request) Successful in 4m26s Details
/ Tests (1.20) (pull_request) Successful in 2m35s Details
/ Tests (1.21) (pull_request) Successful in 2m42s Details 
Signed-off-by: Artem Tataurov <a.tataurov@yadro.com>
 2024-05-14 16:51:36 +03:00
Alexey Vanin 6bf6a3b1a3 [#362] Check user and groups during policy check
/ DCO (pull_request) Successful in 4m8s Details
/ Vulncheck (pull_request) Successful in 4m10s Details
/ Builds (1.20) (pull_request) Successful in 5m33s Details
/ Builds (1.21) (pull_request) Successful in 5m24s Details
/ Lint (pull_request) Successful in 8m32s Details
/ Tests (1.20) (pull_request) Successful in 5m9s Details
/ Tests (1.21) (pull_request) Successful in 4m52s Details 
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
 2024-05-08 15:25:14 +03:00
Marina Biryukova c43ef040dc [#382] Fix request type determination
/ DCO (pull_request) Successful in 1m36s Details
/ Builds (1.20) (pull_request) Successful in 2m15s Details
/ Builds (1.21) (pull_request) Successful in 2m9s Details
/ Lint (pull_request) Successful in 3m22s Details
/ Tests (1.20) (pull_request) Successful in 2m18s Details
/ Tests (1.21) (pull_request) Successful in 2m6s Details
/ Vulncheck (pull_request) Successful in 57s Details 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-05-07 15:17:22 +03:00
Marina Biryukova 2ab655b909 [#380] Add test for credentials versioning 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-05-03 07:24:13 +00:00
Pavel Pogodaev db05021786 [#379] Add Iana CharsetReader for Oracle integration
/ DCO (pull_request) Successful in 1m54s Details
/ Builds (1.20) (pull_request) Successful in 2m23s Details
/ Builds (1.21) (pull_request) Successful in 2m0s Details
/ Vulncheck (pull_request) Successful in 2m7s Details
/ Lint (pull_request) Successful in 4m16s Details
/ Tests (1.20) (pull_request) Successful in 2m38s Details
/ Tests (1.21) (pull_request) Successful in 2m29s Details 
Signed-off-by: Pavel Pogodaev <p.pogodaev@yadro.com>
 2024-04-25 17:44:38 +03:00
Marina Biryukova 034396d554 [#377] Add check of Source IP
/ DCO (pull_request) Successful in 1m55s Details
/ Builds (1.20) (pull_request) Successful in 2m16s Details
/ Builds (1.21) (pull_request) Successful in 2m26s Details
/ Vulncheck (pull_request) Successful in 2m24s Details
/ Lint (pull_request) Successful in 4m17s Details
/ Tests (1.20) (pull_request) Successful in 2m42s Details
/ Tests (1.21) (pull_request) Successful in 2m32s Details 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-04-22 15:29:18 +03:00
Pavel Pogodaev 3c436d8de9 [#365] Include iam user tags in query
/ Vulncheck (pull_request) Successful in 1m48s Details
/ Builds (1.20) (pull_request) Successful in 2m30s Details
/ Builds (1.21) (pull_request) Successful in 1m25s Details
/ Lint (pull_request) Successful in 3m52s Details
/ Tests (1.20) (pull_request) Successful in 2m24s Details
/ Tests (1.21) (pull_request) Successful in 2m22s Details
/ DCO (pull_request) Successful in 45s Details 
Signed-off-by: Pavel Pogodaev <p.pogodaev@yadro.com>
 2024-04-22 10:47:43 +03:00
Marina Biryukova 45f77de8c8 [#371] Add custom Source IP header configuration 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-04-22 07:42:45 +00:00
Marina Biryukova e22ff52165 [#367] Add check of AccessBox attributes 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-04-19 06:25:26 +00:00
Denis Kirillov 5315f7b733 [#269] Create frostfsid wrapper with cache
/ DCO (pull_request) Successful in 2m10s Details
/ Vulncheck (pull_request) Successful in 2m0s Details
/ Builds (1.20) (pull_request) Successful in 2m31s Details
/ Builds (1.21) (pull_request) Successful in 1m31s Details
/ Lint (pull_request) Successful in 3m34s Details
/ Tests (1.20) (pull_request) Successful in 2m26s Details
/ Tests (1.21) (pull_request) Successful in 2m21s Details 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-04-18 09:32:30 +03:00
Denis Kirillov fec3b3f31e [#269] Add frostfsid cache configuration 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-04-17 12:11:23 +03:00
Marina Biryukova 3ff027587c [#357] Add check of request and resource tags 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-04-17 07:06:58 +00:00
Denis Kirillov 8307c73fef [#364] Fix removing combined object
/ Vulncheck (pull_request) Failing after 3m8s Details
/ DCO (pull_request) Successful in 3m49s Details
/ Builds (1.20) (pull_request) Successful in 5m35s Details
/ Builds (1.21) (pull_request) Successful in 4m16s Details
/ Lint (pull_request) Successful in 6m55s Details
/ Tests (1.20) (pull_request) Successful in 5m14s Details
/ Tests (1.21) (pull_request) Successful in 4m29s Details 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-04-12 14:56:38 +03:00
Roman Loginov d8889fca56 [#340] Fix encode object acl 
In the process of encode the acl of an object,
we use a map. As a result, when traversing the
map, we can get a different sequence of permissions
each time. Therefore, a list is used instead of a map.

Signed-off-by: Roman Loginov <r.loginov@yadro.com>
 2024-04-11 09:28:30 +00:00
Alexey Vanin 61ff4702a2 [#360] Reuse single target during policy check
/ DCO (pull_request) Successful in 1m38s Details
/ Vulncheck (pull_request) Failing after 2m4s Details
/ Builds (1.20) (pull_request) Successful in 2m33s Details
/ Builds (1.21) (pull_request) Successful in 2m12s Details
/ Lint (pull_request) Successful in 3m6s Details
/ Tests (1.20) (pull_request) Successful in 2m57s Details
/ Tests (1.21) (pull_request) Successful in 2m6s Details 
Policy engine library is able to manage multiple
targets and resolve different status results.

Signed-off-by: Alex Vanin <a.vanin@yadro.com>
 2024-04-10 17:56:47 +03:00
Alexey Vanin 6da1acc554 [#360] Use 'c' prefix for bucket policies instead of 'n' 
With 'c' prefix, acl chains become shorter, thus gateway
receives shorter results and avoids sessions to neo-go.

There is still issue with many IAM rules.

Signed-off-by: Alex Vanin <a.vanin@yadro.com>
 2024-04-10 17:56:47 +03:00
Denis Kirillov 9c012d0a66 [#355] Remove policies when delete bucket 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-04-09 15:49:46 +00:00
Marina Biryukova 37d05dcefd [#353] Add check of listing parameters and versionID
/ DCO (pull_request) Successful in 1m36s Details
/ Vulncheck (pull_request) Failing after 2m17s Details
/ Builds (1.20) (pull_request) Successful in 3m27s Details
/ Builds (1.21) (pull_request) Successful in 3m22s Details
/ Lint (pull_request) Successful in 5m4s Details
/ Tests (1.20) (pull_request) Successful in 2m53s Details
/ Tests (1.21) (pull_request) Successful in 2m47s Details 
Add properties in policy check:
* s3:delimiter
* s3:prefix
* s3:max-keys
* s3:VersionId

Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-04-08 17:57:55 +03:00
Denis Kirillov 8669bf6b50 [#346] acl: Update APE and fix using
/ DCO (pull_request) Successful in 2m57s Details
/ Vulncheck (pull_request) Successful in 3m33s Details
/ Lint (pull_request) Successful in 4m44s Details
/ Tests (1.20) (pull_request) Successful in 3m38s Details
/ Tests (1.21) (pull_request) Successful in 3m29s Details
/ Builds (1.20) (pull_request) Successful in 1m12s Details
/ Builds (1.21) (pull_request) Successful in 3m23s Details 
* Remove native policy when remove bucket policy
* Allow policies that contain only s3 compatible statements
(now deny rules cannot be converted to native rules)

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-04-02 12:43:04 +00:00
Denis Kirillov fbe7a784e8 [#301] Support GetBucketPolicyStatus 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-03-28 09:13:25 +03:00
Denis Kirillov 80c7b73eb9 [#306] In APE buckets forbid canned acl except private
/ DCO (pull_request) Successful in 2m50s Details
/ Vulncheck (pull_request) Failing after 3m15s Details
/ Builds (1.20) (pull_request) Successful in 3m39s Details
/ Builds (1.21) (pull_request) Successful in 3m41s Details
/ Lint (pull_request) Successful in 5m48s Details
/ Tests (1.20) (pull_request) Successful in 4m0s Details
/ Tests (1.21) (pull_request) Successful in 3m53s Details 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-03-19 16:57:26 +03:00
Denis Kirillov 62cc5a04a7 [#328] Log error on failed response writing
/ DCO (pull_request) Successful in 3m34s Details
/ Vulncheck (pull_request) Failing after 4m18s Details
/ Builds (1.20) (pull_request) Successful in 4m58s Details
/ Builds (1.21) (pull_request) Successful in 4m24s Details
/ Lint (pull_request) Successful in 7m27s Details
/ Tests (1.20) (pull_request) Successful in 5m24s Details
/ Tests (1.21) (pull_request) Successful in 5m0s Details 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-03-15 11:02:26 +03:00
Denis Kirillov 4ee3648183 [#328] Log invalid lock enabled header 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-03-04 15:09:51 +03:00
Denis Kirillov ee48d1dc85 [#325] Log error on failed request id generation 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-03-04 09:49:41 +00:00
Denis Kirillov f958eef2b3 [#325] Use default empty data.LockInfo in get/head in case of error 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-03-04 09:49:41 +00:00
Denis Kirillov 81b44ab3d3 [#325] Fix mutex usage in controller 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-03-04 09:49:41 +00:00
Denis Kirillov 8050ca2d51 [#306] Use session token for container read operations
/ DCO (pull_request) Successful in 1m54s Details
/ Vulncheck (pull_request) Successful in 1m55s Details
/ Builds (1.20) (pull_request) Successful in 2m49s Details
/ Builds (1.21) (pull_request) Successful in 1m56s Details
/ Lint (pull_request) Successful in 3m59s Details
/ Tests (1.20) (pull_request) Successful in 2m30s Details
/ Tests (1.21) (pull_request) Successful in 2m19s Details 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-03-01 18:14:33 +03:00
Denis Kirillov c12e264697 [#306] Simplify cid resolver for metrics 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-03-01 17:46:16 +03:00
Denis Kirillov e9f38a49e4 [#306] Fix forming key for bucket cache 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-03-01 16:09:40 +03:00
Denis Kirillov fabb4134bc [#318] Use log msg from constants
/ DCO (pull_request) Successful in 1m44s Details
/ Builds (1.20) (pull_request) Successful in 2m24s Details
/ Builds (1.21) (pull_request) Successful in 2m18s Details
/ Vulncheck (pull_request) Successful in 2m17s Details
/ Lint (pull_request) Successful in 2m36s Details
/ Tests (1.20) (pull_request) Successful in 1m42s Details
/ Tests (1.21) (pull_request) Successful in 1m32s Details 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-02-29 17:30:28 +03:00
Denis Kirillov e1ee36b979 [#318] Fix tests 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-02-29 17:30:28 +03:00
Denis Kirillov 937367caaf [#318] Fix panic on invalid multipart form 
Previously, simple 'curl -X POST http://localhost:8084/test' leads to panic because of wrong handle matching

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-02-29 17:30:28 +03:00
Denis Kirillov 7b86bac6ee [#318] Log unmatched requests 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-02-29 17:30:28 +03:00
Denis Kirillov 529ec7e0b9 [#318] Don't log empty bucket/name 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-02-29 17:30:28 +03:00
Denis Kirillov 4741e74210 [#318] Log successfully authenticated accessKeyIDs 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-02-29 17:30:28 +03:00
Denis Kirillov f1470bab4a [#318] auth: Add context for logged errors 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-02-29 17:30:28 +03:00
Denis Kirillov 6e5bcaef97 [#318] Log policy request checking 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-02-29 17:30:28 +03:00
Denis Kirillov 1522db05c5 [#318] Log namespace for requests 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-02-29 17:30:28 +03:00
Marina Biryukova 31da31862a [#300] Update error logging in DeleteMultipleObjects 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
 2024-02-29 14:24:32 +00:00
Denis Kirillov 7de1ffdbe9 [#306] Fix billing tests
/ DCO (pull_request) Successful in 1m43s Details
/ Vulncheck (pull_request) Successful in 1m42s Details
/ Builds (1.20) (pull_request) Successful in 2m34s Details
/ Builds (1.21) (pull_request) Successful in 1m56s Details
/ Lint (pull_request) Successful in 3m50s Details
/ Tests (1.20) (pull_request) Successful in 2m20s Details
/ Tests (1.21) (pull_request) Successful in 2m9s Details 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-02-28 18:00:27 +03:00
Denis Kirillov 3285a2e105 [#306] policy: Change default access strategy 
Use access strategy based on bucket type and/or config flags.

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2024-02-28 17:53:13 +03:00