f86b82351a
[ #398 ] Fix parameter parsing in bucket retryer
...
/ Builds (1.20) (pull_request) Successful in 2m7s
/ Builds (1.21) (pull_request) Successful in 1m38s
/ DCO (pull_request) Successful in 2m3s
/ Vulncheck (pull_request) Failing after 2m23s
/ Lint (pull_request) Successful in 4m21s
/ Tests (1.20) (pull_request) Successful in 2m46s
/ Tests (1.21) (pull_request) Successful in 2m42s
RetryStrategyExponential should use jitter backoff
instead of constant delay function
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2024-07-03 13:42:24 +03:00
465eaa816a
[ #372 ] Drop [e]ACL related code
...
/ DCO (pull_request) Successful in 2m15s
/ Vulncheck (pull_request) Successful in 2m55s
/ Builds (1.20) (pull_request) Successful in 3m46s
/ Builds (1.21) (pull_request) Successful in 3m48s
/ Lint (pull_request) Successful in 5m26s
/ Tests (1.20) (pull_request) Successful in 3m34s
/ Tests (1.21) (pull_request) Successful in 3m18s
Always consider buckets as APE compatible
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-07-01 16:58:44 +03:00
9241954496
[ #372 ] authmate: Don't create creds with eacl table
...
Allow only impersonate flag.
Don't allow SetEACL container session token.
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-07-01 16:26:21 +03:00
77f8bdac58
[ #372 ] Drop kludge.acl_enabled flag
...
Now only APE container can be created using s3-gw
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-07-01 16:26:19 +03:00
91541a432d
[ #411 ] Check uniqueness in DeleteMultipleObjects
...
/ Builds (1.20) (pull_request) Successful in 4m57s
/ Builds (1.21) (pull_request) Successful in 4m42s
/ DCO (pull_request) Successful in 4m52s
/ Vulncheck (pull_request) Successful in 4m38s
/ Lint (pull_request) Successful in 6m46s
/ Tests (1.20) (pull_request) Successful in 4m28s
/ Tests (1.21) (pull_request) Successful in 4m7s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-06-26 16:39:06 +03:00
943b30d9f4
[ #411 ] Don't check object tags on deletion
...
By specification https://docs.aws.amazon.com/AmazonS3/latest/userguide/tagging-and-policies.html
we shouldn't check object tags on PUT and DELETE
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-06-26 16:38:56 +03:00
414f3943e2
[ #410 ] Drop layer.Client interface
...
/ DCO (pull_request) Successful in 2m1s
/ Vulncheck (pull_request) Successful in 2m31s
/ Builds (1.20) (pull_request) Successful in 2m39s
/ Builds (1.21) (pull_request) Successful in 2m31s
/ Lint (pull_request) Successful in 3m14s
/ Tests (1.20) (pull_request) Successful in 2m34s
/ Tests (1.21) (pull_request) Successful in 2m10s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-06-25 15:57:55 +03:00
9432782ce6
[ #401 ] Drop notifications
...
/ DCO (pull_request) Successful in 2m5s
/ Builds (1.20) (pull_request) Successful in 2m40s
/ Builds (1.21) (pull_request) Successful in 2m33s
/ Vulncheck (pull_request) Successful in 2m22s
/ Lint (pull_request) Successful in 4m24s
/ Tests (1.20) (pull_request) Successful in 2m48s
/ Tests (1.21) (pull_request) Successful in 2m45s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-06-25 15:49:37 +03:00
2b04fcb5ec
[ #406 ] Remove control api
...
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-06-21 06:36:56 +00:00
280d11c794
[ #407 ] Don't set full_control for bucket owner
...
/ DCO (pull_request) Successful in 1m29s
/ Builds (1.20) (pull_request) Successful in 2m14s
/ Builds (1.21) (pull_request) Successful in 1m47s
/ Vulncheck (pull_request) Successful in 1m57s
/ Lint (pull_request) Successful in 4m16s
/ Tests (1.20) (pull_request) Successful in 2m46s
/ Tests (1.21) (pull_request) Successful in 2m29s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-06-19 10:55:24 +03:00
ed34b2cae4
[ #402 ] auth: Extend test coverage
...
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
2024-06-14 10:06:00 +00:00
76f553d292
[ #403 ] Set resource tags into resource properties
...
/ DCO (pull_request) Successful in 6m17s
/ Vulncheck (pull_request) Successful in 8m13s
/ Builds (1.20) (pull_request) Successful in 9m45s
/ Builds (1.21) (pull_request) Successful in 9m8s
/ Lint (pull_request) Successful in 18m4s
/ Tests (1.20) (pull_request) Successful in 9m52s
/ Tests (1.21) (pull_request) Successful in 9m5s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-06-13 11:12:40 +03:00
1513a9252b
[ #403 ] go.mod: Update APE
...
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-06-13 11:12:35 +03:00
bb81afc14a
[ #398 ] Support retryer
...
Add two strategy for PutBucketSettings request retryer:
* exponential backoff (increasing up to `max_backoff` delays with jitter)
* constant backoff (always the same `max_backoff` delay between requests)
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-06-06 13:02:17 +00:00
58850f590e
[ #335 ] Improve determining AccessBox latest version
...
Signed-off-by: Anoke <rustamgta1011@gmail.com>
2024-06-06 12:35:48 +00:00
e25dc90c20
[ #399 ] Add OPTIONS method for object operations
...
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2024-06-04 12:59:45 +00:00
71bae5cd9a
[ #400 ] Update frostfs-sdk-go version with support EC
...
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
2024-06-04 12:22:06 +00:00
b5fae316cf
[ #396 ] Add user to response
...
Signed-off-by: Pavel Pogodaev <p.pogodaev@yadro.com>
2024-06-04 09:37:55 +00:00
9f3ea470e6
[ #395 ] Port changelog and prepare it for next release
...
/ Vulncheck (pull_request) Successful in 2m35s
/ Builds (1.20) (pull_request) Successful in 2m30s
/ Builds (1.21) (pull_request) Successful in 2m8s
/ DCO (pull_request) Successful in 2m26s
/ Lint (pull_request) Successful in 3m42s
/ Tests (1.20) (pull_request) Successful in 2m51s
/ Tests (1.21) (pull_request) Successful in 2m40s
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2024-05-27 14:27:11 +03:00
9787b29542
[ #392 ] go.mod: Update APE to drop private IPs checking
...
/ Vulncheck (pull_request) Successful in 2m8s
/ DCO (pull_request) Successful in 2m38s
/ Builds (1.20) (pull_request) Successful in 2m48s
/ Builds (1.21) (pull_request) Successful in 3m22s
/ Lint (pull_request) Successful in 5m17s
/ Tests (1.20) (pull_request) Successful in 3m37s
/ Tests (1.21) (pull_request) Successful in 2m59s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-05-27 11:26:15 +03:00
9152b084ec
[ #387 ] Fix typo
...
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
2024-05-22 15:06:02 +00:00
21dbe3ea8e
[ #387 ] api: Add tests for middleware
...
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
2024-05-22 15:06:02 +00:00
f4d174e740
[ #387 ] middleware: Extend test coverage
...
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
2024-05-22 15:06:02 +00:00
8a758293b9
[ #387 ] middleware: Delete unused code
...
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
2024-05-22 15:06:02 +00:00
fb521c7ac6
[ #367 ] policy: Set IAM-MFA property to false by default
...
/ DCO (pull_request) Successful in 2m34s
/ Vulncheck (pull_request) Successful in 2m41s
/ Builds (1.20) (pull_request) Successful in 4m26s
/ Builds (1.21) (pull_request) Successful in 4m19s
/ Lint (pull_request) Successful in 5m48s
/ Tests (1.20) (pull_request) Successful in 3m55s
/ Tests (1.21) (pull_request) Successful in 3m53s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-05-22 12:05:42 +03:00
87b9e97a80
[ #354 ] Do not proceed on bucket remove error
...
/ DCO (pull_request) Successful in 2m22s
/ Vulncheck (pull_request) Successful in 2m37s
/ Builds (1.20) (pull_request) Successful in 3m42s
/ Builds (1.21) (pull_request) Successful in 3m12s
/ Lint (pull_request) Successful in 4m51s
/ Tests (1.20) (pull_request) Successful in 3m13s
/ Tests (1.21) (pull_request) Successful in 3m6s
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2024-05-17 20:38:39 +03:00
d62d8f3874
[ #385 ] Support the renaming of ObjectRequest and ObjectContainer
...
/ DCO (pull_request) Successful in 1m33s
/ Builds (1.20) (pull_request) Successful in 2m7s
/ Builds (1.21) (pull_request) Successful in 1m24s
/ Vulncheck (pull_request) Successful in 1m58s
/ Lint (pull_request) Successful in 4m26s
/ Tests (1.20) (pull_request) Successful in 2m35s
/ Tests (1.21) (pull_request) Successful in 2m42s
Signed-off-by: Artem Tataurov <a.tataurov@yadro.com>
2024-05-14 16:51:36 +03:00
6bf6a3b1a3
[ #362 ] Check user and groups during policy check
...
/ DCO (pull_request) Successful in 4m8s
/ Vulncheck (pull_request) Successful in 4m10s
/ Builds (1.20) (pull_request) Successful in 5m33s
/ Builds (1.21) (pull_request) Successful in 5m24s
/ Lint (pull_request) Successful in 8m32s
/ Tests (1.20) (pull_request) Successful in 5m9s
/ Tests (1.21) (pull_request) Successful in 4m52s
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2024-05-08 15:25:14 +03:00
2f108c9951
[ #362 ] Expand control service
...
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2024-05-08 15:15:49 +03:00
c43ef040dc
[ #382 ] Fix request type determination
...
/ DCO (pull_request) Successful in 1m36s
/ Builds (1.20) (pull_request) Successful in 2m15s
/ Builds (1.21) (pull_request) Successful in 2m9s
/ Lint (pull_request) Successful in 3m22s
/ Tests (1.20) (pull_request) Successful in 2m18s
/ Tests (1.21) (pull_request) Successful in 2m6s
/ Vulncheck (pull_request) Successful in 57s
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2024-05-07 15:17:22 +03:00
2ab655b909
[ #380 ] Add test for credentials versioning
...
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2024-05-03 07:24:13 +00:00
1c398551e5
[ #380 ] creds: Increase test coverage
...
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2024-05-03 07:24:13 +00:00
db05021786
[ #379 ] Add Iana CharsetReader for Oracle integration
...
/ DCO (pull_request) Successful in 1m54s
/ Builds (1.20) (pull_request) Successful in 2m23s
/ Builds (1.21) (pull_request) Successful in 2m0s
/ Vulncheck (pull_request) Successful in 2m7s
/ Lint (pull_request) Successful in 4m16s
/ Tests (1.20) (pull_request) Successful in 2m38s
/ Tests (1.21) (pull_request) Successful in 2m29s
Signed-off-by: Pavel Pogodaev <p.pogodaev@yadro.com>
2024-04-25 17:44:38 +03:00
034396d554
[ #377 ] Add check of Source IP
...
/ DCO (pull_request) Successful in 1m55s
/ Builds (1.20) (pull_request) Successful in 2m16s
/ Builds (1.21) (pull_request) Successful in 2m26s
/ Vulncheck (pull_request) Successful in 2m24s
/ Lint (pull_request) Successful in 4m17s
/ Tests (1.20) (pull_request) Successful in 2m42s
/ Tests (1.21) (pull_request) Successful in 2m32s
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2024-04-22 15:29:18 +03:00
3c436d8de9
[ #365 ] Include iam user tags in query
...
/ Vulncheck (pull_request) Successful in 1m48s
/ Builds (1.20) (pull_request) Successful in 2m30s
/ Builds (1.21) (pull_request) Successful in 1m25s
/ Lint (pull_request) Successful in 3m52s
/ Tests (1.20) (pull_request) Successful in 2m24s
/ Tests (1.21) (pull_request) Successful in 2m22s
/ DCO (pull_request) Successful in 45s
Signed-off-by: Pavel Pogodaev <p.pogodaev@yadro.com>
2024-04-22 10:47:43 +03:00
45f77de8c8
[ #371 ] Add custom Source IP header configuration
...
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2024-04-22 07:42:45 +00:00
d903de2457
[ #370 ] Fix fetching attributes from tree
...
/ DCO (pull_request) Successful in 2m6s
/ Vulncheck (pull_request) Successful in 2m48s
/ Builds (1.20) (pull_request) Successful in 3m19s
/ Builds (1.21) (pull_request) Successful in 3m15s
/ Lint (pull_request) Successful in 4m50s
/ Tests (1.20) (pull_request) Successful in 3m13s
/ Tests (1.21) (pull_request) Successful in 3m4s
Port #374
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-19 17:33:55 +03:00
e22ff52165
[ #367 ] Add check of AccessBox attributes
...
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2024-04-19 06:25:26 +00:00
5315f7b733
[ #269 ] Create frostfsid wrapper with cache
...
/ DCO (pull_request) Successful in 2m10s
/ Vulncheck (pull_request) Successful in 2m0s
/ Builds (1.20) (pull_request) Successful in 2m31s
/ Builds (1.21) (pull_request) Successful in 1m31s
/ Lint (pull_request) Successful in 3m34s
/ Tests (1.20) (pull_request) Successful in 2m26s
/ Tests (1.21) (pull_request) Successful in 2m21s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-18 09:32:30 +03:00
43a687b572
[ #269 ] authmate: Update frostfsid using
...
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-17 12:11:23 +03:00
29a2dae40c
[ #269 ] Move frostfsid client to separate package
...
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-17 12:11:23 +03:00
fec3b3f31e
[ #269 ] Add frostfsid cache configuration
...
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-17 12:11:23 +03:00
7db89c840b
[ #368 ] Update vulnerable dependencies
...
/ DCO (pull_request) Successful in 3m41s
/ Vulncheck (pull_request) Successful in 3m28s
/ Builds (1.20) (pull_request) Successful in 4m41s
/ Builds (1.21) (pull_request) Successful in 4m35s
/ Lint (pull_request) Successful in 5m57s
/ Tests (1.20) (pull_request) Successful in 4m8s
/ Tests (1.21) (pull_request) Successful in 3m58s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-17 11:29:09 +03:00
3ff027587c
[ #357 ] Add check of request and resource tags
...
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2024-04-17 07:06:58 +00:00
9f29fcbd52
[ #353 ] docs: Add bucket policy docs
...
/ DCO (pull_request) Successful in 1m35s
/ Builds (1.20) (pull_request) Successful in 2m12s
/ Builds (1.21) (pull_request) Successful in 1m51s
/ Vulncheck (pull_request) Failing after 2m8s
/ Lint (pull_request) Successful in 3m2s
/ Tests (1.20) (pull_request) Successful in 2m40s
/ Tests (1.21) (pull_request) Successful in 2m34s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-15 11:41:19 +03:00
8307c73fef
[ #364 ] Fix removing combined object
...
/ Vulncheck (pull_request) Failing after 3m8s
/ DCO (pull_request) Successful in 3m49s
/ Builds (1.20) (pull_request) Successful in 5m35s
/ Builds (1.21) (pull_request) Successful in 4m16s
/ Lint (pull_request) Successful in 6m55s
/ Tests (1.20) (pull_request) Successful in 5m14s
/ Tests (1.21) (pull_request) Successful in 4m29s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-12 14:56:38 +03:00
d8889fca56
[ #340 ] Fix encode object acl
...
In the process of encode the acl of an object,
we use a map. As a result, when traversing the
map, we can get a different sequence of permissions
each time. Therefore, a list is used instead of a map.
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
2024-04-11 09:28:30 +00:00
61ff4702a2
[ #360 ] Reuse single target during policy check
...
/ DCO (pull_request) Successful in 1m38s
/ Vulncheck (pull_request) Failing after 2m4s
/ Builds (1.20) (pull_request) Successful in 2m33s
/ Builds (1.21) (pull_request) Successful in 2m12s
/ Lint (pull_request) Successful in 3m6s
/ Tests (1.20) (pull_request) Successful in 2m57s
/ Tests (1.21) (pull_request) Successful in 2m6s
Policy engine library is able to manage multiple
targets and resolve different status results.
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2024-04-10 17:56:47 +03:00
6da1acc554
[ #360 ] Use 'c' prefix for bucket policies instead of 'n'
...
With 'c' prefix, acl chains become shorter, thus gateway
receives shorter results and avoids sessions to neo-go.
There is still issue with many IAM rules.
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2024-04-10 17:56:47 +03:00
3ea3f971e1
[ #359 ] Update APE to allow put tombstone on delete object
...
/ Vulncheck (pull_request) Failing after 4m0s
/ DCO (pull_request) Successful in 4m33s
/ Builds (1.20) (pull_request) Successful in 4m59s
/ Builds (1.21) (pull_request) Successful in 4m58s
/ Lint (pull_request) Successful in 6m17s
/ Tests (1.20) (pull_request) Successful in 4m57s
/ Tests (1.21) (pull_request) Successful in 4m7s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-10 15:12:30 +03:00