dkirillov/distribution
1
0
Fork 0
forked from TrueCloudLab/distribution
Code Pull requests Activity

Add forcepathstyle parameter for s3

Browse source 
Signed-off-by: duanhongyi <duanhongyi@doopai.com>
This commit is contained in:
duanhongyi 2022-04-19 22:49:19 +08:00
parent cd51f38d53
commit 15de9e21ba
4 changed files with 35 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/configuration.md
View file

@ -118,6 +118,7 @@ storage:
secretkey: awssecretkey secretkey: awssecretkey
region: us-west-1 region: us-west-1
regionendpoint: http://myobjects.local regionendpoint: http://myobjects.local
forcepathstyle: true
accelerate: false accelerate: false
bucket: bucketname bucket: bucketname
encrypt: true encrypt: true
@ -423,6 +424,7 @@ storage:
secretkey: awssecretkey secretkey: awssecretkey
region: us-west-1 region: us-west-1
regionendpoint: http://myobjects.local regionendpoint: http://myobjects.local
forcepathstyle: true
accelerate: false accelerate: false
bucket: bucketname bucket: bucketname
encrypt: true encrypt: true

5
docs/storage-drivers/s3.md
View file

@ -13,8 +13,9 @@ Amazon S3 or S3 compatible services for object storage.
|:--------------|:---------|:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |:--------------|:---------|:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `accesskey` | no | Your AWS Access Key. If you use [IAM roles](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html), omit to fetch temporary credentials from IAM. | | `accesskey` | no | Your AWS Access Key. If you use [IAM roles](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html), omit to fetch temporary credentials from IAM. |
| `secretkey` | no | Your AWS Secret Key. If you use [IAM roles](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html), omit to fetch temporary credentials from IAM. | | `secretkey` | no | Your AWS Secret Key. If you use [IAM roles](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html), omit to fetch temporary credentials from IAM. |
| `region` | yes | The AWS region in which your bucket exists. For the moment, the Go AWS library in use does not use the newer DNS based bucket routing. | | `region` | yes | The AWS region in which your bucket exists. |
| `regionendpoint` | no | Endpoint for S3 compatible storage services (Minio, etc). | | `regionendpoint` | no | Endpoint for S3 compatible storage services (Minio, etc). |
| `forcepathstyle` | no | To enable path-style addressing when the value is set to `true`. The default is `true`. |
| `bucket` | yes | The bucket name in which you want to store the registry's data. | | `bucket` | yes | The bucket name in which you want to store the registry's data. |
| `encrypt` | no | Specifies whether the registry stores the image in encrypted format or not. A boolean value. The default is `false`. | | `encrypt` | no | Specifies whether the registry stores the image in encrypted format or not. A boolean value. The default is `false`. |
| `keyid` | no | Optional KMS key ID to use for encryption (encrypt must be true, or this parameter is ignored). The default is `none`. | | `keyid` | no | Optional KMS key ID to use for encryption (encrypt must be true, or this parameter is ignored). The default is `none`. |
@ -35,6 +36,8 @@ Amazon S3 or S3 compatible services for object storage.
`regionendpoint`: (optional) Endpoint URL for S3 compatible APIs. This should not be provided when using Amazon S3. `regionendpoint`: (optional) Endpoint URL for S3 compatible APIs. This should not be provided when using Amazon S3.
`forcepathstyle`: (optional) The force path style for S3 compatible APIs. Some manufacturers only support force path style, while others only support DNS based bucket routing. Amazon S3 supports both.
`bucket`: The name of your S3 bucket where you wish to store objects. The bucket must exist prior to the driver initialization. `bucket`: The name of your S3 bucket where you wish to store objects. The bucket must exist prior to the driver initialization.
`encrypt`: (optional) Whether you would like your data encrypted on the server side (defaults to false if not specified). `encrypt`: (optional) Whether you would like your data encrypted on the server side (defaults to false if not specified).

21
registry/storage/driver/s3-aws/s3.go
View file

@ -88,6 +88,7 @@ type DriverParameters struct {
Bucket string Bucket string
Region string Region string
RegionEndpoint string RegionEndpoint string
ForcePathStyle bool
Encrypt bool Encrypt bool
KeyID string KeyID string
Secure bool Secure bool
@ -189,6 +190,23 @@ func FromParameters(parameters map[string]interface{}) (*Driver, error) {
regionEndpoint = "" regionEndpoint = ""
} }
forcePathStyleBool := true
forcePathStyle := parameters["forcepathstyle"]
switch forcePathStyle := forcePathStyle.(type) {
case string:
b, err := strconv.ParseBool(forcePathStyle)
if err != nil {
return nil, fmt.Errorf("the forcePathStyle parameter should be a boolean")
}
forcePathStyleBool = b
case bool:
forcePathStyleBool = forcePathStyle
case nil:
// do nothing
default:
return nil, fmt.Errorf("the forcePathStyle parameter should be a boolean")
}
regionName := parameters["region"] regionName := parameters["region"]
if regionName == nil || fmt.Sprint(regionName) == "" { if regionName == nil || fmt.Sprint(regionName) == "" {
return nil, fmt.Errorf("no region parameter provided") return nil, fmt.Errorf("no region parameter provided")
@ -401,6 +419,7 @@ func FromParameters(parameters map[string]interface{}) (*Driver, error) {
fmt.Sprint(bucket), fmt.Sprint(bucket),
region, region,
fmt.Sprint(regionEndpoint), fmt.Sprint(regionEndpoint),
forcePathStyleBool,
encryptBool, encryptBool,
fmt.Sprint(keyID), fmt.Sprint(keyID),
secureBool, secureBool,
@ -473,8 +492,8 @@ func New(params DriverParameters) (*Driver, error) {
} }
if params.RegionEndpoint != "" { if params.RegionEndpoint != "" {
awsConfig.WithS3ForcePathStyle(true)
awsConfig.WithEndpoint(params.RegionEndpoint) awsConfig.WithEndpoint(params.RegionEndpoint)
awsConfig.WithS3ForcePathStyle(params.ForcePathStyle)
} }
awsConfig.WithS3UseAccelerate(params.Accelerate) awsConfig.WithS3UseAccelerate(params.Accelerate)

9
registry/storage/driver/s3-aws/s3_test.go
View file

@ -41,6 +41,7 @@ func init() {
objectACL := os.Getenv("S3_OBJECT_ACL") objectACL := os.Getenv("S3_OBJECT_ACL")
root, err := ioutil.TempDir("", "driver-") root, err := ioutil.TempDir("", "driver-")
regionEndpoint := os.Getenv("REGION_ENDPOINT") regionEndpoint := os.Getenv("REGION_ENDPOINT")
forcePathStyle := os.Getenv("AWS_S3_FORCE_PATH_STYLE")
sessionToken := os.Getenv("AWS_SESSION_TOKEN") sessionToken := os.Getenv("AWS_SESSION_TOKEN")
useDualStack := os.Getenv("S3_USE_DUALSTACK") useDualStack := os.Getenv("S3_USE_DUALSTACK")
combineSmallPart := os.Getenv("MULTIPART_COMBINE_SMALL_PART") combineSmallPart := os.Getenv("MULTIPART_COMBINE_SMALL_PART")
@ -82,6 +83,13 @@ func init() {
return nil, err return nil, err
} }
} }
forcePathStyleBool := true
if forcePathStyle != "" {
forcePathStyleBool, err = strconv.ParseBool(forcePathStyle)
if err != nil {
return nil, err
}
}
useDualStackBool := false useDualStackBool := false
if useDualStack != "" { if useDualStack != "" {
@ -110,6 +118,7 @@ func init() {
bucket, bucket,
region, region,
regionEndpoint, regionEndpoint,
forcePathStyleBool,
encryptBool, encryptBool,
keyID, keyID,
secureBool, secureBool,