TrueCloudLab/rclone
16
0
Fork 3
Code Issues 6 Pull requests 1 Projects Releases 1 Packages Wiki Activity Actions

s3: add --s3-sts-endpoint to specify STS endpoint

Browse source 
See: https://forum.rclone.org/t/s3-profile-failing-when-explicit-s3-endpoint-is-present/36063/
This commit is contained in:
Nick Craig-Wood 2023-03-02 09:56:09 +00:00
parent c6b0587dc0
commit 59e7982040
1 changed files with 27 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
backend/s3/s3.go
View file

@ -2266,6 +2266,11 @@ rclone's choice here.
Help: `Suppress setting and reading of system metadata`, Help: `Suppress setting and reading of system metadata`,
Advanced: true, Advanced: true,
Default: false, Default: false,
}, {
Name: "sts_endpoint",
Help: "Endpoint for STS.\n\nLeave blank if using AWS to use the default endpoint for the region.",
Provider: "AWS",
Advanced: true,
}, },
}}) }})
} }
@ -2352,6 +2357,7 @@ type Options struct {
SecretAccessKey string `config:"secret_access_key"` SecretAccessKey string `config:"secret_access_key"`
Region string `config:"region"` Region string `config:"region"`
Endpoint string `config:"endpoint"` Endpoint string `config:"endpoint"`
STSEndpoint string `config:"sts_endpoint"`
LocationConstraint string `config:"location_constraint"` LocationConstraint string `config:"location_constraint"`
ACL string `config:"acl"` ACL string `config:"acl"`
BucketACL string `config:"bucket_acl"` BucketACL string `config:"bucket_acl"`
@ -2566,16 +2572,24 @@ var defaultResolver = endpoints.DefaultResolver()
// resolve (service, region) to endpoint // resolve (service, region) to endpoint
// //
// Used to set endpoint for s3 services and not for other services // Used to set endpoint for s3 services and not for other services
type resolver string type resolver map[string]string
// Add a service to the resolver, ignoring empty urls
func (r resolver) addService(service, url string) {
if url == "" {
return
}
if !strings.HasPrefix(url, "http") {
url = "https://" + url
}
r[service] = url
}
// EndpointFor return the endpoint for s3 if set or the default if not // EndpointFor return the endpoint for s3 if set or the default if not
func (endpoint resolver) EndpointFor(service, region string, opts ...func(*endpoints.Options)) (endpoints.ResolvedEndpoint, error) { func (r resolver) EndpointFor(service, region string, opts ...func(*endpoints.Options)) (endpoints.ResolvedEndpoint, error) {
fs.Debugf(nil, "Resolving service %q region %q", service, region) fs.Debugf(nil, "Resolving service %q region %q", service, region)
if service == "s3" { url, ok := r[service]
url := string(endpoint) if ok {
if !strings.HasPrefix(url, "http") {
url = "https://" + url
}
return endpoints.ResolvedEndpoint{ return endpoints.ResolvedEndpoint{
URL: url, URL: url,
SigningRegion: region, SigningRegion: region,
@ -2662,9 +2676,12 @@ func s3Connection(ctx context.Context, opt *Options, client *http.Client) (*s3.S
if opt.Region != "" { if opt.Region != "" {
awsConfig.WithRegion(opt.Region) awsConfig.WithRegion(opt.Region)
} }
if opt.Endpoint != "" { if opt.Endpoint != "" || opt.STSEndpoint != "" {
// If endpoint is set, only override the s3 service so we don't break sts // If endpoints are set, override the relevant services only
awsConfig.WithEndpointResolver(resolver(opt.Endpoint)) r := make(resolver)
r.addService("s3", opt.Endpoint)
r.addService("sts", opt.STSEndpoint)
awsConfig.WithEndpointResolver(r)
} }
// awsConfig.WithLogLevel(aws.LogDebugWithSigning) // awsConfig.WithLogLevel(aws.LogDebugWithSigning)