Compare commits
36 commits
support/v0
...
master
Author | SHA1 | Date | |
---|---|---|---|
e02ee50d7b | |||
93ec4c444d | |||
6be8d47d92 | |||
ed983f8ad0 | |||
5f01abf300 | |||
38aa6db041 | |||
5a98df9d2d | |||
361acacf07 | |||
6909ef5382 | |||
148b1aa7f5 | |||
7df26d9181 | |||
913644d64a | |||
4c30ff6638 | |||
72734ab486 | |||
6abd500b11 | |||
67c5818fc1 | |||
de309e3264 | |||
31d396a125 | |||
a014fb96fc | |||
2d9eee81c2 | |||
f88fe1092d | |||
|
f4fbd936bc | ||
278376643a | |||
8f1d84ba8d | |||
f3d58e4ef0 | |||
|
7b1410968e | ||
|
408d914347 | ||
|
a6ec194c2a | ||
|
4a0188b8f9 | ||
|
ef0c17372f | ||
|
d2ced3ccbb | ||
|
9fda0397e4 | ||
|
be47263c42 | ||
|
9dad47502e | ||
|
b2db6300c4 | ||
131f2dbcfc |
56 changed files with 1648 additions and 850 deletions
2
.github/CODEOWNERS
vendored
2
.github/CODEOWNERS
vendored
|
@ -1 +1 @@
|
|||
* @alexvanin @masterSplinter01 @KirillovDenis
|
||||
* @alexvanin @KirillovDenis
|
||||
|
|
197
.github/logo.svg
vendored
197
.github/logo.svg
vendored
|
@ -1,129 +1,70 @@
|
|||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||
<svg
|
||||
xmlns:dc="http://purl.org/dc/elements/1.1/"
|
||||
xmlns:cc="http://creativecommons.org/ns#"
|
||||
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
|
||||
xmlns:svg="http://www.w3.org/2000/svg"
|
||||
xmlns="http://www.w3.org/2000/svg"
|
||||
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
|
||||
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
|
||||
sodipodi:docname="logo_fs.svg"
|
||||
inkscape:version="1.0 (4035a4fb49, 2020-05-01)"
|
||||
id="svg57"
|
||||
version="1.1"
|
||||
viewBox="0 0 105 25"
|
||||
height="25mm"
|
||||
width="105mm">
|
||||
<defs
|
||||
id="defs51">
|
||||
<clipPath
|
||||
clipPathUnits="userSpaceOnUse"
|
||||
id="clipPath434">
|
||||
<path
|
||||
d="M 0,0 H 1366 V 768 H 0 Z"
|
||||
id="path432" />
|
||||
</clipPath>
|
||||
</defs>
|
||||
<sodipodi:namedview
|
||||
inkscape:window-maximized="0"
|
||||
inkscape:window-y="0"
|
||||
inkscape:window-x="130"
|
||||
inkscape:window-height="1040"
|
||||
inkscape:window-width="1274"
|
||||
height="50mm"
|
||||
units="mm"
|
||||
showgrid="false"
|
||||
inkscape:document-rotation="0"
|
||||
inkscape:current-layer="layer1"
|
||||
inkscape:document-units="mm"
|
||||
inkscape:cy="344.49897"
|
||||
inkscape:cx="468.64708"
|
||||
inkscape:zoom="0.7"
|
||||
inkscape:pageshadow="2"
|
||||
inkscape:pageopacity="0.0"
|
||||
borderopacity="1.0"
|
||||
bordercolor="#666666"
|
||||
pagecolor="#ffffff"
|
||||
id="base" />
|
||||
<metadata
|
||||
id="metadata54">
|
||||
<rdf:RDF>
|
||||
<cc:Work
|
||||
rdf:about="">
|
||||
<dc:format>image/svg+xml</dc:format>
|
||||
<dc:type
|
||||
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
|
||||
<dc:title></dc:title>
|
||||
</cc:Work>
|
||||
</rdf:RDF>
|
||||
</metadata>
|
||||
<g
|
||||
id="layer1"
|
||||
inkscape:groupmode="layer"
|
||||
inkscape:label="Layer 1">
|
||||
<g
|
||||
id="g424"
|
||||
transform="matrix(0.35277777,0,0,-0.35277777,63.946468,10.194047)">
|
||||
<path
|
||||
d="m 0,0 v -8.093 h 12.287 v -3.94 H 0 V -24.067 H -4.534 V 3.898 H 15.677 V 0 Z"
|
||||
style="fill:#00e396;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
id="path426" />
|
||||
</g>
|
||||
<g
|
||||
transform="matrix(0.35277777,0,0,-0.35277777,-315.43002,107.34005)"
|
||||
id="g428">
|
||||
<g
|
||||
id="g430"
|
||||
clip-path="url(#clipPath434)">
|
||||
<g
|
||||
id="g436"
|
||||
transform="translate(1112.874,278.2981)">
|
||||
<path
|
||||
d="M 0,0 C 1.822,-0.932 3.354,-2.359 4.597,-4.28 L 1.165,-7.373 c -0.791,1.695 -1.779,2.924 -2.966,3.686 -1.186,0.763 -2.768,1.145 -4.745,1.145 -1.949,0 -3.461,-0.389 -4.534,-1.166 -1.074,-0.777 -1.61,-1.772 -1.61,-2.987 0,-1.13 0.523,-2.027 1.568,-2.69 1.045,-0.664 2.909,-1.236 5.593,-1.716 2.514,-0.452 4.512,-1.024 5.995,-1.716 1.483,-0.693 2.564,-1.554 3.242,-2.585 0.677,-1.031 1.016,-2.309 1.016,-3.834 0,-1.639 -0.466,-3.079 -1.398,-4.322 -0.932,-1.243 -2.239,-2.197 -3.919,-2.86 -1.681,-0.664 -3.623,-0.996 -5.826,-0.996 -5.678,0 -9.689,1.892 -12.033,5.678 l 3.178,3.178 c 0.903,-1.695 2.068,-2.939 3.495,-3.729 1.426,-0.791 3.199,-1.186 5.318,-1.186 2.005,0 3.58,0.345 4.724,1.038 1.144,0.692 1.716,1.674 1.716,2.945 0,1.017 -0.516,1.835 -1.547,2.457 -1.031,0.621 -2.832,1.172 -5.402,1.653 -2.571,0.479 -4.618,1.073 -6.143,1.779 -1.526,0.706 -2.635,1.582 -3.326,2.627 -0.693,1.045 -1.039,2.316 -1.039,3.813 0,1.582 0.438,3.023 1.314,4.322 0.875,1.299 2.14,2.33 3.792,3.093 1.653,0.763 3.58,1.144 5.783,1.144 C -4.018,1.398 -1.822,0.932 0,0"
|
||||
style="fill:#00e396;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
id="path438" />
|
||||
</g>
|
||||
<g
|
||||
id="g440"
|
||||
transform="translate(993.0239,277.5454)">
|
||||
<path
|
||||
d="m 0,0 c 2.054,-1.831 3.083,-4.465 3.083,-7.902 v -17.935 h -4.484 v 16.366 c 0,2.914 -0.626,5.024 -1.877,6.332 -1.253,1.308 -2.924,1.962 -5.016,1.962 -1.495,0 -2.896,-0.327 -4.204,-0.981 -1.308,-0.654 -2.381,-1.719 -3.222,-3.194 -0.841,-1.477 -1.261,-3.335 -1.261,-5.576 v -14.909 h -4.484 V 1.328 l 4.086,-1.674 0.118,-1.84 c 0.933,1.681 2.222,2.923 3.867,3.727 1.643,0.803 3.493,1.205 5.548,1.205 C -4.671,2.746 -2.055,1.83 0,0"
|
||||
style="fill:#000033;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
id="path442" />
|
||||
</g>
|
||||
<g
|
||||
id="g444"
|
||||
transform="translate(1027.9968,264.0386)">
|
||||
<path
|
||||
d="m 0,0 h -21.128 c 0.261,-2.84 1.205,-5.044 2.83,-6.613 1.625,-1.57 3.727,-2.355 6.305,-2.355 2.054,0 3.763,0.356 5.128,1.065 1.363,0.71 2.288,1.738 2.774,3.083 l 3.755,-1.961 c -1.121,-1.981 -2.616,-3.495 -4.484,-4.54 -1.868,-1.046 -4.259,-1.569 -7.173,-1.569 -4.223,0 -7.538,1.289 -9.948,3.867 -2.41,2.578 -3.615,6.146 -3.615,10.704 0,4.558 1.149,8.127 3.447,10.705 2.298,2.578 5.557,3.867 9.779,3.867 2.615,0 4.876,-0.58 6.782,-1.738 1.905,-1.158 3.343,-2.728 4.315,-4.707 C -0.262,7.827 0.224,5.605 0.224,3.139 0.224,2.092 0.149,1.046 0,0 m -18.298,10.144 c -1.513,-1.457 -2.438,-3.512 -2.775,-6.165 h 16.982 c -0.3,2.615 -1.159,4.661 -2.578,6.137 -1.42,1.476 -3.307,2.214 -5.661,2.214 -2.466,0 -4.455,-0.728 -5.968,-2.186"
|
||||
style="fill:#000033;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
id="path446" />
|
||||
</g>
|
||||
<g
|
||||
id="g448"
|
||||
transform="translate(1057.8818,276.4246)">
|
||||
<path
|
||||
d="m 0,0 c 2.41,-2.578 3.615,-6.147 3.615,-10.705 0,-4.558 -1.205,-8.126 -3.615,-10.704 -2.41,-2.578 -5.726,-3.867 -9.948,-3.867 -4.222,0 -7.537,1.289 -9.947,3.867 -2.41,2.578 -3.615,6.146 -3.615,10.704 0,4.558 1.205,8.127 3.615,10.705 2.41,2.578 5.725,3.867 9.947,3.867 C -5.726,3.867 -2.41,2.578 0,0 m -16.617,-2.858 c -1.607,-1.906 -2.41,-4.522 -2.41,-7.847 0,-3.326 0.803,-5.94 2.41,-7.846 1.607,-1.905 3.83,-2.858 6.669,-2.858 2.839,0 5.063,0.953 6.67,2.858 1.606,1.906 2.41,4.52 2.41,7.846 0,3.325 -0.804,5.941 -2.41,7.847 C -4.885,-0.953 -7.109,0 -9.948,0 c -2.839,0 -5.062,-0.953 -6.669,-2.858"
|
||||
style="fill:#000033;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
id="path450" />
|
||||
</g>
|
||||
</g>
|
||||
</g>
|
||||
<g
|
||||
id="g452"
|
||||
transform="matrix(0.35277777,0,0,-0.35277777,5.8329581,6.5590171)">
|
||||
<path
|
||||
d="m 0,0 0.001,-38.946 25.286,-9.076 V -8.753 L 52.626,1.321 27.815,10.207 Z"
|
||||
style="fill:#00e599;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
id="path454" />
|
||||
</g>
|
||||
<g
|
||||
id="g456"
|
||||
transform="matrix(0.35277777,0,0,-0.35277777,15.479008,10.041927)">
|
||||
<path
|
||||
d="M 0,0 V -21.306 L 25.293,-30.364 25.282,9.347 Z"
|
||||
style="fill:#00b091;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
id="path458" />
|
||||
</g>
|
||||
</g>
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!-- Generator: Adobe Illustrator 25.0.1, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
|
||||
<svg version="1.1" id="Слой_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
|
||||
viewBox="0 0 184.2 51.8" style="enable-background:new 0 0 184.2 51.8;" xml:space="preserve">
|
||||
<style type="text/css">
|
||||
.st0{display:none;}
|
||||
.st1{display:inline;}
|
||||
.st2{fill:#01E397;}
|
||||
.st3{display:inline;fill:#010032;}
|
||||
.st4{display:inline;fill:#00E599;}
|
||||
.st5{display:inline;fill:#00AF92;}
|
||||
.st6{fill:#00C3E5;}
|
||||
</style>
|
||||
<g id="Layer_2">
|
||||
<g id="Layer_1-2" class="st0">
|
||||
<g class="st1">
|
||||
<path class="st2" d="M146.6,18.3v7.2h10.9V29h-10.9v10.7h-4V14.8h18v3.5H146.6z"/>
|
||||
<path class="st2" d="M180,15.7c1.7,0.9,3,2.2,4,3.8l-3,2.7c-0.6-1.3-1.5-2.4-2.6-3.3c-1.3-0.7-2.8-1-4.3-1
|
||||
c-1.4-0.1-2.8,0.3-4,1.1c-0.9,0.5-1.5,1.5-1.4,2.6c0,1,0.5,1.9,1.4,2.4c1.5,0.8,3.2,1.3,4.9,1.5c1.9,0.3,3.7,0.8,5.4,1.6
|
||||
c1.2,0.5,2.2,1.3,2.9,2.3c0.6,1,1,2.2,0.9,3.4c0,1.4-0.5,2.7-1.3,3.8c-0.9,1.2-2.1,2.1-3.5,2.6c-1.7,0.6-3.4,0.9-5.2,0.8
|
||||
c-5,0-8.6-1.6-10.7-5l2.9-2.8c0.7,1.4,1.8,2.5,3.1,3.3c1.5,0.7,3.1,1.1,4.7,1c1.5,0.1,2.9-0.2,4.2-0.9c0.9-0.5,1.5-1.5,1.5-2.6
|
||||
c0-0.9-0.5-1.8-1.3-2.2c-1.5-0.7-3.1-1.2-4.8-1.5c-1.9-0.3-3.7-0.8-5.5-1.5c-1.2-0.5-2.2-1.4-3-2.4c-0.6-1-1-2.2-0.9-3.4
|
||||
c0-1.4,0.4-2.7,1.2-3.8c0.8-1.2,2-2.2,3.3-2.8c1.6-0.7,3.4-1.1,5.2-1C176.1,14.3,178.2,14.8,180,15.7z"/>
|
||||
</g>
|
||||
<path class="st3" d="M73.3,16.3c1.9,1.9,2.9,4.5,2.7,7.1v15.9h-4V24.8c0-2.6-0.5-4.5-1.6-5.7c-1.2-1.2-2.8-1.8-4.5-1.7
|
||||
c-1.3,0-2.5,0.3-3.7,0.8c-1.2,0.7-2.2,1.7-2.9,2.9c-0.8,1.5-1.1,3.2-1.1,4.9v13.3h-4V15.1l3.6,1.5v1.7c0.8-1.5,2.1-2.6,3.6-3.3
|
||||
c1.5-0.8,3.2-1.2,4.9-1.1C68.9,13.8,71.3,14.7,73.3,16.3z"/>
|
||||
<path class="st3" d="M104.4,28.3H85.6c0.1,2.2,1,4.3,2.5,5.9c1.5,1.4,3.5,2.2,5.6,2.1c1.6,0.1,3.2-0.2,4.6-0.9
|
||||
c1.1-0.6,2-1.6,2.5-2.8l3.3,1.8c-0.9,1.7-2.3,3.1-4,4c-2,1-4.2,1.5-6.4,1.4c-3.7,0-6.7-1.1-8.8-3.4s-3.2-5.5-3.2-9.6s1-7.2,3-9.5
|
||||
s5-3.4,8.7-3.4c2.1-0.1,4.2,0.5,6.1,1.5c1.6,1,3,2.5,3.8,4.2c0.9,1.8,1.3,3.9,1.3,5.9C104.6,26.4,104.6,27.4,104.4,28.3z
|
||||
M88.1,19.3c-1.4,1.5-2.2,3.4-2.4,5.5h15.1c-0.2-2-1-3.9-2.3-5.5c-1.4-1.3-3.2-2-5.1-1.9C91.5,17.3,89.6,18,88.1,19.3z"/>
|
||||
<path class="st3" d="M131,17.3c2.2,2.3,3.2,5.5,3.2,9.5s-1,7.3-3.2,9.6s-5.1,3.4-8.8,3.4s-6.7-1.1-8.9-3.4s-3.2-5.5-3.2-9.6
|
||||
s1.1-7.2,3.2-9.5s5.1-3.4,8.9-3.4S128.9,15,131,17.3z M116.2,19.9c-1.5,2-2.2,4.4-2.1,6.9c-0.2,2.5,0.6,5,2.1,7
|
||||
c1.5,1.7,3.7,2.7,6,2.6c2.3,0.1,4.4-0.9,5.9-2.6c1.5-2,2.3-4.5,2.1-7c0.1-2.5-0.6-4.9-2.1-6.9c-1.5-1.7-3.6-2.7-5.9-2.6
|
||||
C119.9,17.2,117.7,18.2,116.2,19.9z"/>
|
||||
<polygon class="st4" points="0,9.1 0,43.7 22.5,51.8 22.5,16.9 46.8,7.9 24.8,0 "/>
|
||||
<polygon class="st5" points="24.3,17.9 24.3,36.8 46.8,44.9 46.8,9.6 "/>
|
||||
</g>
|
||||
<g>
|
||||
<g>
|
||||
<path class="st6" d="M41.6,17.5H28.2v6.9h10.4v3.3H28.2v10.2h-3.9V14.2h17.2V17.5z"/>
|
||||
<path class="st6" d="M45.8,37.9v-18h3.3l0.4,3.2c0.5-1.2,1.2-2.1,2.1-2.7c0.9-0.6,2.1-0.9,3.5-0.9c0.4,0,0.7,0,1.1,0.1
|
||||
c0.4,0.1,0.7,0.2,0.9,0.3l-0.5,3.4c-0.3-0.1-0.6-0.2-0.9-0.2C55.4,23,54.9,23,54.4,23c-0.7,0-1.5,0.2-2.2,0.6
|
||||
c-0.7,0.4-1.3,1-1.8,1.8s-0.7,1.8-0.7,3v9.5H45.8z"/>
|
||||
<path class="st6" d="M68.6,19.6c1.8,0,3.3,0.4,4.6,1.1c1.3,0.7,2.4,1.8,3.1,3.2s1.1,3.1,1.1,5c0,1.9-0.4,3.6-1.1,5
|
||||
c-0.8,1.4-1.8,2.5-3.1,3.2c-1.3,0.7-2.9,1.1-4.6,1.1s-3.3-0.4-4.6-1.1c-1.3-0.7-2.4-1.8-3.2-3.2c-0.8-1.4-1.2-3.1-1.2-5
|
||||
c0-1.9,0.4-3.6,1.2-5s1.8-2.5,3.2-3.2C65.3,19.9,66.8,19.6,68.6,19.6z M68.6,22.6c-1.1,0-2,0.2-2.8,0.7c-0.8,0.5-1.3,1.2-1.7,2.1
|
||||
s-0.6,2.1-0.6,3.5c0,1.3,0.2,2.5,0.6,3.4s1,1.7,1.7,2.2s1.7,0.7,2.8,0.7c1.1,0,2-0.2,2.7-0.7c0.7-0.5,1.3-1.2,1.7-2.2
|
||||
s0.6-2.1,0.6-3.4c0-1.4-0.2-2.5-0.6-3.5s-1-1.6-1.7-2.1C70.6,22.8,69.6,22.6,68.6,22.6z"/>
|
||||
<path class="st6" d="M89.2,38.3c-1.8,0-3.4-0.3-4.9-1c-1.5-0.7-2.7-1.7-3.5-3l2.7-2.3c0.5,1,1.3,1.8,2.3,2.4
|
||||
c1,0.6,2.2,0.9,3.6,0.9c1.1,0,2-0.2,2.6-0.6c0.6-0.4,1-0.9,1-1.6c0-0.5-0.2-0.9-0.5-1.2s-0.9-0.6-1.7-0.8l-3.8-0.8
|
||||
c-1.9-0.4-3.3-1-4.1-1.9c-0.8-0.9-1.2-1.9-1.2-3.3c0-1,0.3-1.9,0.9-2.7c0.6-0.8,1.4-1.5,2.5-2s2.5-0.8,4-0.8c1.8,0,3.3,0.3,4.6,1
|
||||
c1.3,0.6,2.2,1.5,2.9,2.7l-2.7,2.2c-0.5-1-1.1-1.7-2-2.1c-0.9-0.5-1.8-0.7-2.8-0.7c-0.8,0-1.4,0.1-2,0.3c-0.6,0.2-1,0.5-1.3,0.8
|
||||
c-0.3,0.3-0.4,0.7-0.4,1.2c0,0.5,0.2,0.9,0.5,1.3s1,0.6,1.9,0.8l4.1,0.9c1.7,0.3,2.9,0.9,3.7,1.7c0.7,0.8,1.1,1.8,1.1,2.9
|
||||
c0,1.2-0.3,2.2-0.9,3c-0.6,0.9-1.5,1.6-2.6,2C92.1,38.1,90.7,38.3,89.2,38.3z"/>
|
||||
<path class="st6" d="M112.8,19.9v3H99.3v-3H112.8z M106.6,14.6v17.9c0,0.9,0.2,1.5,0.7,1.9c0.5,0.4,1.1,0.6,1.9,0.6
|
||||
c0.6,0,1.2-0.1,1.7-0.3c0.5-0.2,0.9-0.5,1.3-0.8l0.9,2.8c-0.6,0.5-1.2,0.9-2,1.1c-0.8,0.3-1.7,0.4-2.7,0.4c-1,0-2-0.2-2.8-0.5
|
||||
s-1.5-0.9-2-1.6c-0.5-0.8-0.7-1.7-0.8-3V15.7L106.6,14.6z"/>
|
||||
<path d="M137.9,17.5h-13.3v6.9h10.4v3.3h-10.4v10.2h-3.9V14.2h17.2V17.5z"/>
|
||||
<path d="M150.9,13.8c2.1,0,4,0.4,5.5,1.2c1.6,0.8,2.9,2,4,3.5l-2.6,2.5c-0.9-1.4-1.9-2.4-3.1-3c-1.1-0.6-2.5-0.9-4-0.9
|
||||
c-1.2,0-2.1,0.2-2.8,0.5c-0.7,0.3-1.3,0.7-1.6,1.2c-0.3,0.5-0.5,1.1-0.5,1.7c0,0.7,0.3,1.4,0.8,1.9c0.5,0.6,1.5,1,2.9,1.3
|
||||
l4.8,1.1c2.3,0.5,3.9,1.3,4.9,2.3c1,1,1.4,2.3,1.4,3.9c0,1.5-0.4,2.7-1.2,3.8c-0.8,1.1-1.9,1.9-3.3,2.5s-3.1,0.9-5,0.9
|
||||
c-1.7,0-3.2-0.2-4.5-0.6c-1.3-0.4-2.5-1-3.5-1.8c-1-0.7-1.8-1.6-2.5-2.6l2.7-2.7c0.5,0.8,1.1,1.6,1.9,2.2
|
||||
c0.8,0.7,1.7,1.2,2.7,1.5c1,0.4,2.2,0.5,3.4,0.5c1.1,0,2.1-0.1,2.9-0.4c0.8-0.3,1.4-0.7,1.8-1.2c0.4-0.5,0.6-1.1,0.6-1.9
|
||||
c0-0.7-0.2-1.3-0.7-1.8c-0.5-0.5-1.3-0.9-2.6-1.2l-5.2-1.2c-1.4-0.3-2.6-0.8-3.6-1.3c-0.9-0.6-1.6-1.3-2.1-2.1s-0.7-1.8-0.7-2.8
|
||||
c0-1.3,0.4-2.6,1.1-3.7c0.7-1.1,1.8-2,3.2-2.6C147.3,14.1,148.9,13.8,150.9,13.8z"/>
|
||||
</g>
|
||||
</g>
|
||||
</g>
|
||||
</svg>
|
||||
|
|
Before Width: | Height: | Size: 6.5 KiB After Width: | Height: | Size: 5.5 KiB |
1
.github/workflows/builds.yml
vendored
1
.github/workflows/builds.yml
vendored
|
@ -4,6 +4,7 @@ on:
|
|||
pull_request:
|
||||
branches:
|
||||
- master
|
||||
- 'support/*'
|
||||
types: [opened, synchronize]
|
||||
paths-ignore:
|
||||
- '**/*.md'
|
||||
|
|
4
.github/workflows/codeql-analysis.yml
vendored
4
.github/workflows/codeql-analysis.yml
vendored
|
@ -13,10 +13,10 @@ name: "CodeQL"
|
|||
|
||||
on:
|
||||
push:
|
||||
branches: [ master ]
|
||||
branches: [ master, 'support/*' ]
|
||||
pull_request:
|
||||
# The branches below must be a subset of the branches above
|
||||
branches: [ master ]
|
||||
branches: [ master, 'support/*' ]
|
||||
schedule:
|
||||
- cron: '35 8 * * 1'
|
||||
|
||||
|
|
1
.github/workflows/dco.yml
vendored
1
.github/workflows/dco.yml
vendored
|
@ -4,6 +4,7 @@ on:
|
|||
pull_request:
|
||||
branches:
|
||||
- master
|
||||
- 'support/*'
|
||||
|
||||
jobs:
|
||||
commits_check_job:
|
||||
|
|
3
.github/workflows/tests.yml
vendored
3
.github/workflows/tests.yml
vendored
|
@ -4,6 +4,7 @@ on:
|
|||
pull_request:
|
||||
branches:
|
||||
- master
|
||||
- 'support/*'
|
||||
types: [opened, synchronize]
|
||||
paths-ignore:
|
||||
- '**/*.md'
|
||||
|
@ -60,7 +61,7 @@ jobs:
|
|||
runs-on: ubuntu-20.04
|
||||
strategy:
|
||||
matrix:
|
||||
go_versions: [ '1.17', '1.18', '1.19' ]
|
||||
go_versions: [ '1.18', '1.19' ]
|
||||
fail-fast: false
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
|
|
5
.gitignore
vendored
5
.gitignore
vendored
|
@ -10,9 +10,12 @@ temp
|
|||
test.sh
|
||||
testfile
|
||||
.blast.yml
|
||||
.neofs-cli.yml
|
||||
.frostfs-cli.yml
|
||||
|
||||
.cache
|
||||
|
||||
coverage.txt
|
||||
coverage.html
|
||||
|
||||
# debhelpers
|
||||
**/.debhelper
|
||||
|
|
|
@ -32,15 +32,12 @@ linters:
|
|||
- revive
|
||||
|
||||
# some default golangci-lint linters
|
||||
- deadcode
|
||||
- errcheck
|
||||
- gosimple
|
||||
- ineffassign
|
||||
- staticcheck
|
||||
- structcheck
|
||||
- typecheck
|
||||
- unused
|
||||
- varcheck
|
||||
|
||||
# extra linters
|
||||
- exhaustive
|
||||
|
|
50
CHANGELOG.md
50
CHANGELOG.md
|
@ -4,6 +4,52 @@ This document outlines major changes between releases.
|
|||
|
||||
## [Unreleased]
|
||||
|
||||
### Added
|
||||
- Multiple configs support (TrueCloudLab#12)
|
||||
|
||||
### Changed
|
||||
- Update go version to 1.18 (TrueCloudLab#9)
|
||||
- Update neo-go to v0.101.0 (#8)
|
||||
- Update viper to v1.15.0 (#8)
|
||||
|
||||
## [0.26.0] - 2022-12-28
|
||||
|
||||
### Fixed
|
||||
- ENV config example (#236)
|
||||
|
||||
### Added
|
||||
- Support the `Date` header on upload (#214)
|
||||
- Available routes specification (#216)
|
||||
- Mention caching strategy in docs (#215)
|
||||
- Add error response on attribute duplicates (#221)
|
||||
- Multiple server listeners (#228)
|
||||
|
||||
### Removed
|
||||
- Deprecated linters (#239)
|
||||
|
||||
### Updating from v0.25.1
|
||||
Make sure your configuration is valid:
|
||||
|
||||
If you configure application using environment variables change:
|
||||
* `HTTP_GW_LISTEN_ADDRESS` -> `HTTP_GW_SERVER_0_ADDRESS`
|
||||
* `HTTP_GW_TLS_CERT_FILE` -> `HTTP_GW_SERVER_0_TLS_CERT_FILE` (and set `HTTP_GW_SERVER_0_TLS_ENABLED=true`)
|
||||
* `HTTP_GW_TLS_KEY_FILE` -> `HTTP_GW_SERVER_0_TLS_KEY_FILE` (and set `HTTP_GW_SERVER_0_TLS_ENABLED=true`)
|
||||
|
||||
If you configure application using `.yaml` file change:
|
||||
* `listen_address` -> `server.0.address`
|
||||
* `tls.cert_file` -> `server.0.tls.cert_file` (and set `server.0.tls.enabled: true`)
|
||||
* `tls.key_file` -> `server.0.tls.key_file` (and set `server.0.tls.enabled: true`)
|
||||
|
||||
## [0.25.1] - 2022-11-30
|
||||
|
||||
### Fixed
|
||||
- Download zip archive when `FilePath` is invalid (#222)
|
||||
- Only one peer must be healthy to init pool (#233)
|
||||
|
||||
### Added
|
||||
- Debian packaging (#223)
|
||||
- Timeout for individual operations in streaming RPC (#234)
|
||||
|
||||
## [0.25.0] - 2022-10-31
|
||||
|
||||
### Added
|
||||
|
@ -236,4 +282,6 @@ releases.
|
|||
[0.23.0]: https://github.com/nspcc-dev/neofs-http-gw/compare/v0.22.0...v0.23.0
|
||||
[0.24.0]: https://github.com/nspcc-dev/neofs-http-gw/compare/v0.23.0...v0.24.0
|
||||
[0.25.0]: https://github.com/nspcc-dev/neofs-http-gw/compare/v0.24.0...v0.25.0
|
||||
[Unreleased]: https://github.com/nspcc-dev/neofs-http-gw/compare/v0.25.0...master
|
||||
[0.25.1]: https://github.com/nspcc-dev/neofs-http-gw/compare/v0.25.0...v0.25.1
|
||||
[0.26.0]: https://github.com/nspcc-dev/neofs-http-gw/compare/v0.25.1...v0.26.0
|
||||
[Unreleased]: https://github.com/nspcc-dev/neofs-http-gw/compare/v0.26.0...master
|
||||
|
|
|
@ -3,8 +3,8 @@
|
|||
First, thank you for contributing! We love and encourage pull requests from
|
||||
everyone. Please follow the guidelines:
|
||||
|
||||
- Check the open [issues](https://github.com/nspcc-dev/neofs-http-gw/issues) and
|
||||
[pull requests](https://github.com/nspcc-dev/neofs-http-gw/pulls) for existing
|
||||
- Check the open [issues](https://github.com/TrueCloudLab/frostfs-http-gw/issues) and
|
||||
[pull requests](https://github.com/TrueCloudLab/frostfs-http-gw/pulls) for existing
|
||||
discussions.
|
||||
|
||||
- Open an issue first, to discuss a new feature or enhancement.
|
||||
|
@ -23,24 +23,24 @@ everyone. Please follow the guidelines:
|
|||
|
||||
## Development Workflow
|
||||
|
||||
Start by forking the `neofs-http-gw` repository, make changes in a branch and then
|
||||
Start by forking the `frostfs-http-gw` repository, make changes in a branch and then
|
||||
send a pull request. We encourage pull requests to discuss code changes. Here
|
||||
are the steps in details:
|
||||
|
||||
### Set up your GitHub Repository
|
||||
Fork [NeoFS HTTP Gateway
|
||||
upstream](https://github.com/nspcc-dev/neofs-http-gw/fork) source repository
|
||||
Fork [FrostFS HTTP Gateway
|
||||
upstream](https://github.com/TrueCloudLab/frostfs-http-gw/fork) source repository
|
||||
to your own personal repository. Copy the URL of your fork (you will need it for
|
||||
the `git clone` command below).
|
||||
|
||||
```sh
|
||||
$ git clone https://github.com/nspcc-dev/neofs-http-gw
|
||||
$ git clone https://github.com/TrueCloudLab/frostfs-http-gw
|
||||
```
|
||||
|
||||
### Set up git remote as ``upstream``
|
||||
```sh
|
||||
$ cd neofs-http-gw
|
||||
$ git remote add upstream https://github.com/nspcc-dev/neofs-http-gw
|
||||
$ cd frostfs-http-gw
|
||||
$ git remote add upstream https://github.com/TrueCloudLab/frostfs-http-gw
|
||||
$ git fetch upstream
|
||||
$ git merge upstream/master
|
||||
...
|
||||
|
@ -107,7 +107,7 @@ contributors".
|
|||
To sign your work, just add a line like this at the end of your commit message:
|
||||
|
||||
```
|
||||
Signed-off-by: Samii Sakisaka <samii@nspcc.ru>
|
||||
Signed-off-by: Samii Sakisaka <samii@frostfs.info>
|
||||
```
|
||||
|
||||
This can be easily done with the `--signoff` option to `git commit`.
|
||||
|
|
|
@ -18,6 +18,6 @@ FROM scratch
|
|||
WORKDIR /
|
||||
|
||||
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
|
||||
COPY --from=builder /src/bin/neofs-http-gw /bin/neofs-http-gw
|
||||
COPY --from=builder /src/bin/frostfs-http-gw /bin/frostfs-http-gw
|
||||
|
||||
ENTRYPOINT ["/bin/neofs-http-gw"]
|
||||
ENTRYPOINT ["/bin/frostfs-http-gw"]
|
||||
|
|
|
@ -3,6 +3,6 @@ RUN apk add --update --no-cache bash ca-certificates
|
|||
|
||||
WORKDIR /
|
||||
|
||||
COPY bin/neofs-http-gw /bin/neofs-http-gw
|
||||
COPY bin/frostfs-http-gw /bin/frostfs-http-gw
|
||||
|
||||
CMD ["neofs-http-gw"]
|
||||
CMD ["frostfs-http-gw"]
|
||||
|
|
27
Makefile
27
Makefile
|
@ -6,16 +6,23 @@ GO_VERSION ?= 1.19
|
|||
LINT_VERSION ?= 1.49.0
|
||||
BUILD ?= $(shell date -u --iso=seconds)
|
||||
|
||||
HUB_IMAGE ?= nspccdev/neofs-http-gw
|
||||
HUB_IMAGE ?= truecloudlab/frostfs-http-gw
|
||||
HUB_TAG ?= "$(shell echo ${VERSION} | sed 's/^v//')"
|
||||
|
||||
# List of binaries to build. For now just one.
|
||||
BINDIR = bin
|
||||
DIRS = $(BINDIR)
|
||||
BINS = $(BINDIR)/neofs-http-gw
|
||||
BINS = $(BINDIR)/frostfs-http-gw
|
||||
|
||||
.PHONY: all $(BINS) $(DIRS) dep docker/ test cover fmt image image-push dirty-image lint docker/lint version clean
|
||||
|
||||
# .deb package versioning
|
||||
OS_RELEASE = $(shell lsb_release -cs)
|
||||
PKG_VERSION ?= $(shell echo $(VERSION) | sed "s/^v//" | \
|
||||
sed -E "s/(.*)-(g[a-fA-F0-9]{6,8})(.*)/\1\3~\2/" | \
|
||||
sed "s/-/~/")-${OS_RELEASE}
|
||||
.PHONY: debpackage debclean
|
||||
|
||||
# Make all binaries
|
||||
all: $(BINS)
|
||||
|
||||
|
@ -67,7 +74,7 @@ fmt:
|
|||
|
||||
# Build clean Docker image
|
||||
image:
|
||||
@echo "⇒ Build NeoFS HTTP Gateway docker image "
|
||||
@echo "⇒ Build FrostFS HTTP Gateway docker image "
|
||||
@docker build \
|
||||
--build-arg REPO=$(REPO) \
|
||||
--build-arg VERSION=$(VERSION) \
|
||||
|
@ -82,7 +89,7 @@ image-push:
|
|||
|
||||
# Build dirty Docker image
|
||||
dirty-image:
|
||||
@echo "⇒ Build NeoFS HTTP Gateway dirty docker image "
|
||||
@echo "⇒ Build FrostFS HTTP Gateway dirty docker image "
|
||||
@docker build \
|
||||
--build-arg REPO=$(REPO) \
|
||||
--build-arg VERSION=$(VERSION) \
|
||||
|
@ -111,4 +118,16 @@ clean:
|
|||
rm -rf vendor
|
||||
rm -rf $(BINDIR)
|
||||
|
||||
# Package for Debian
|
||||
debpackage:
|
||||
dch --package frostfs-http-gw \
|
||||
--controlmaint \
|
||||
--newversion $(PKG_VERSION) \
|
||||
--distribution $(OS_RELEASE) \
|
||||
"Please see CHANGELOG.md for code changes for $(VERSION)"
|
||||
dpkg-buildpackage --no-sign -b
|
||||
|
||||
debclean:
|
||||
dh clean
|
||||
|
||||
include help.mk
|
||||
|
|
135
README.md
135
README.md
|
@ -1,28 +1,28 @@
|
|||
<p align="center">
|
||||
<img src="./.github/logo.svg" width="500px" alt="NeoFS">
|
||||
<img src="./.github/logo.svg" width="500px" alt="FrostFS logo">
|
||||
</p>
|
||||
<p align="center">
|
||||
<a href="https://fs.neo.org">NeoFS</a> is a decentralized distributed object storage integrated with the <a href="https://neo.org">NEO Blockchain</a>.
|
||||
<a href="https://frostfs.info">FrostFS</a> is a decentralized distributed object storage integrated with the <a href="https://neo.org">NEO Blockchain</a>.
|
||||
</p>
|
||||
|
||||
---
|
||||
[![Report](https://goreportcard.com/badge/github.com/nspcc-dev/neofs-http-gw)](https://goreportcard.com/report/github.com/nspcc-dev/neofs-http-gw)
|
||||
![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/nspcc-dev/neofs-http-gw?sort=semver)
|
||||
![License](https://img.shields.io/github/license/nspcc-dev/neofs-http-gw.svg?style=popout)
|
||||
[![Report](https://goreportcard.com/badge/git.frostfs.info/TrueCloudLab/frostfs-http-gw)](https://goreportcard.com/report/git.frostfs.info/TrueCloudLab/frostfs-http-gw)
|
||||
|
||||
# NeoFS HTTP Gateway
|
||||
# FrostFS HTTP Gateway
|
||||
|
||||
NeoFS HTTP Gateway bridges NeoFS internal protocol and HTTP standard.
|
||||
- you can download one file per request from the NeoFS Network
|
||||
- you can upload one file per request into the NeoFS Network
|
||||
FrostFS HTTP Gateway bridges FrostFS internal protocol and HTTP standard.
|
||||
- you can download one file per request from the FrostFS Network
|
||||
- you can upload one file per request into the FrostFS Network
|
||||
|
||||
See available routes in [specification](./docs/api.md).
|
||||
|
||||
## Installation
|
||||
|
||||
```go install github.com/nspcc-dev/neofs-http-gw```
|
||||
```go install git.frostfs.info/TrueCloudLab/frostfs-http-gw```
|
||||
|
||||
Or you can call `make` to build it from the cloned repository (the binary will
|
||||
end up in `bin/neofs-http-gw`). To build neofs-http-gw binary in clean docker
|
||||
environment, call `make docker/bin/neofs-http-gw`.
|
||||
end up in `bin/frostfs-http-gw`). To build frostfs-http-gw binary in clean docker
|
||||
environment, call `make docker/bin/frostfs-http-gw`.
|
||||
|
||||
Other notable make targets:
|
||||
|
||||
|
@ -36,32 +36,32 @@ version Show current version
|
|||
```
|
||||
|
||||
Or you can also use a [Docker
|
||||
image](https://hub.docker.com/r/nspccdev/neofs-http-gw) provided for the released
|
||||
image](https://hub.docker.com/r/truecloudlab/frostfs-http-gw) provided for the released
|
||||
(and occasionally unreleased) versions of the gateway (`:latest` points to the
|
||||
latest stable release).
|
||||
|
||||
## Execution
|
||||
|
||||
HTTP gateway itself is not a NeoFS node, so to access NeoFS it uses node's
|
||||
HTTP gateway itself is not a FrostFS node, so to access FrostFS it uses node's
|
||||
gRPC interface and you need to provide some node that it will connect to. This
|
||||
can be done either via `-p` parameter or via `HTTP_GW_PEERS_<N>_ADDRESS` and
|
||||
`HTTP_GW_PEERS_<N>_WEIGHT` environment variables (the gate supports multiple
|
||||
NeoFS nodes with weighted load balancing).
|
||||
FrostFS nodes with weighted load balancing).
|
||||
|
||||
If you launch HTTP gateway in bundle with [neofs-dev-env](https://github.com/nspcc-dev/neofs-dev-env),
|
||||
If you launch HTTP gateway in bundle with [frostfs-dev-env](https://git.frostfs.info/TrueCloudLab/frostfs-dev-env),
|
||||
you can get the IP address of the node in the output of `make hosts` command
|
||||
(with s0*.neofs.devenv name).
|
||||
(with s0*.frostfs.devenv name).
|
||||
|
||||
These two commands are functionally equivalent, they run the gate with one
|
||||
backend node (and otherwise default settings):
|
||||
```
|
||||
$ neofs-http-gw -p 192.168.130.72:8080
|
||||
$ HTTP_GW_PEERS_0_ADDRESS=192.168.130.72:8080 neofs-http-gw
|
||||
$ frostfs-http-gw -p 192.168.130.72:8080
|
||||
$ HTTP_GW_PEERS_0_ADDRESS=192.168.130.72:8080 frostfs-http-gw
|
||||
```
|
||||
It's also possible to specify uri scheme (grpc or grpcs) when using `-p`:
|
||||
```
|
||||
$ neofs-http-gw -p grpc://192.168.130.72:8080
|
||||
$ HTTP_GW_PEERS_0_ADDRESS=grpcs://192.168.130.72:8080 neofs-http-gw
|
||||
$ frostfs-http-gw -p grpc://192.168.130.72:8080
|
||||
$ HTTP_GW_PEERS_0_ADDRESS=grpcs://192.168.130.72:8080 frostfs-http-gw
|
||||
```
|
||||
|
||||
## Configuration
|
||||
|
@ -72,11 +72,11 @@ environment variables (see [example](./config/config.env)), so they're not speci
|
|||
|
||||
### Nodes: weights and priorities
|
||||
|
||||
You can specify multiple `-p` options to add more NeoFS nodes, this will make
|
||||
You can specify multiple `-p` options to add more FrostFS nodes, this will make
|
||||
gateway spread requests equally among them (using weight 1 and priority 1 for every node):
|
||||
|
||||
```
|
||||
$ neofs-http-gw -p 192.168.130.72:8080 -p 192.168.130.71:8080
|
||||
$ frostfs-http-gw -p 192.168.130.72:8080 -p 192.168.130.71:8080
|
||||
```
|
||||
If you want some specific load distribution proportions, use weights and priorities:
|
||||
|
||||
|
@ -84,7 +84,7 @@ If you want some specific load distribution proportions, use weights and priorit
|
|||
$ HTTP_GW_PEERS_0_ADDRESS=192.168.130.71:8080 HTTP_GW_PEERS_0_WEIGHT=1 HTTP_GW_PEERS_0_PRIORITY=1 \
|
||||
HTTP_GW_PEERS_1_ADDRESS=192.168.130.72:8080 HTTP_GW_PEERS_1_WEIGHT=9 HTTP_GW_PEERS_1_PRIORITY=2 \
|
||||
HTTP_GW_PEERS_2_ADDRESS=192.168.130.73:8080 HTTP_GW_PEERS_2_WEIGHT=1 HTTP_GW_PEERS_2_PRIORITY=2 \
|
||||
neofs-http-gw
|
||||
frostfs-http-gw
|
||||
```
|
||||
This command will make gateway use 192.168.130.71 while it is healthy. Otherwise, it will make the gateway use
|
||||
192.168.130.72 for 90% of requests and 192.168.130.73 for remaining 10%.
|
||||
|
@ -92,13 +92,13 @@ This command will make gateway use 192.168.130.71 while it is healthy. Otherwise
|
|||
### Keys
|
||||
You can provide a wallet via `--wallet` or `-w` flag. You can also specify the account address using `--address`
|
||||
(if no address provided default one will be used). If wallet is used, you need to set `HTTP_GW_WALLET_PASSPHRASE` variable to decrypt the wallet.
|
||||
If no wallet provided, the gateway autogenerates a key pair it will use for NeoFS requests.
|
||||
If no wallet provided, the gateway autogenerates a key pair it will use for FrostFS requests.
|
||||
```
|
||||
$ neofs-http-gw -p $NEOFS_NODE -w $WALLET_PATH --address $ACCOUNT_ADDRESS
|
||||
$ frostfs-http-gw -p $FROSTFS_NODE -w $WALLET_PATH --address $ACCOUNT_ADDRESS
|
||||
```
|
||||
Example:
|
||||
```
|
||||
$ neofs-http-gw -p 192.168.130.72:8080 -w wallet.json --address NfgHwwTi3wHAS8aFAN243C5vGbkYDpqLHP
|
||||
$ frostfs-http-gw -p 192.168.130.72:8080 -w wallet.json --address NfgHwwTi3wHAS8aFAN243C5vGbkYDpqLHP
|
||||
```
|
||||
|
||||
### Binding and TLS
|
||||
|
@ -114,7 +114,7 @@ external redirecting solution.
|
|||
Example to bind to `192.168.130.130:443` and serve TLS there:
|
||||
|
||||
```
|
||||
$ neofs-http-gw -p 192.168.130.72:8080 --listen_address 192.168.130.130:443 \
|
||||
$ frostfs-http-gw -p 192.168.130.72:8080 --listen_address 192.168.130.130:443 \
|
||||
--tls_key=key.pem --tls_certificate=cert.pem
|
||||
```
|
||||
|
||||
|
@ -132,12 +132,12 @@ request with data stream after timeout.
|
|||
|
||||
`HTTP_GW_WEB_STREAM_REQUEST_BODY` environment variable can be used to disable
|
||||
request body streaming (effectively it'll make the gateway accept the file completely
|
||||
first and only then try sending it to NeoFS).
|
||||
first and only then try sending it to FrostFS).
|
||||
|
||||
`HTTP_GW_WEB_MAX_REQUEST_BODY_SIZE` controls maximum request body size
|
||||
limiting uploads to files slightly lower than this limit.
|
||||
|
||||
### NeoFS parameters
|
||||
### FrostFS parameters
|
||||
|
||||
Gateway can automatically set timestamps for uploaded files based on local
|
||||
time source, use `HTTP_GW_UPLOAD_HEADER_USE_DEFAULT_TIMESTAMP` environment
|
||||
|
@ -175,15 +175,32 @@ HTTP_GW_LOGGER_LEVEL=debug
|
|||
Configuration file is optional and can be used instead of environment variables/other parameters.
|
||||
It can be specified with `--config` parameter:
|
||||
```
|
||||
$ neofs-http-gw --config your-config.yaml
|
||||
$ frostfs-http-gw --config your-config.yaml
|
||||
```
|
||||
|
||||
See [config](./config/config.yaml) and [defaults](./docs/gate-configuration.md) for example.
|
||||
|
||||
#### Multiple configs
|
||||
|
||||
You can use several config files when running application. It allows you to split configuration into parts.
|
||||
For example, you can use separate yaml file for pprof and prometheus section in config (see [config examples](./config)).
|
||||
You can either provide several files with repeating `--config` flag or provide path to the dir that contains all configs using `--config-dir` flag.
|
||||
Also, you can combine these flags:
|
||||
|
||||
```shell
|
||||
$ frostfs-http-gw --config ./config/config.yaml --config /your/partial/config.yaml --config-dir ./config/dir
|
||||
```
|
||||
|
||||
**Note:** next file in `--config` flag overwrites values from the previous one.
|
||||
Files from `--config-dir` directory overwrite values from `--config` files.
|
||||
So the command above run `frostfs-http-gw` to listen on `0.0.0.0:8080` address (value from `./config/config.yaml`),
|
||||
applies parameters from `/your/partial/config.yaml`,
|
||||
enable pprof (value from `./config/dir/pprof.yaml`) and prometheus (value from `./config/dir/prometheus.yaml`).
|
||||
|
||||
## HTTP API provided
|
||||
|
||||
This gateway intentionally provides limited feature set and doesn't try to
|
||||
substitute (or completely wrap) regular gRPC NeoFS interface. You can download
|
||||
substitute (or completely wrap) regular gRPC FrostFS interface. You can download
|
||||
and upload objects with it, but deleting, searching, managing ACLs, creating
|
||||
containers and other activities are not supported and not planned to be
|
||||
supported.
|
||||
|
@ -204,23 +221,23 @@ Steps to start using name resolving:
|
|||
1. Enable NNS resolving in config (`rpc_endpoint` must be a valid neo rpc node, see [configs](./config) for other examples):
|
||||
|
||||
```yaml
|
||||
rpc_endpoint: http://morph-chain.neofs.devenv:30333
|
||||
rpc_endpoint: http://morph-chain.frostfs.devenv:30333
|
||||
resolve_order:
|
||||
- nns
|
||||
```
|
||||
|
||||
2. Make sure your container is registered in NNS contract. If you use [neofs-dev-env](https://github.com/nspcc-dev/neofs-dev-env)
|
||||
2. Make sure your container is registered in NNS contract. If you use [frostfs-dev-env](https://git.frostfs.info/TrueCloudLab/frostfs-dev-env)
|
||||
you can check if your container (e.g. with `container-name` name) is registered in NNS:
|
||||
|
||||
```shell
|
||||
$ curl -s --data '{"id":1,"jsonrpc":"2.0","method":"getcontractstate","params":[1]}' \
|
||||
http://morph-chain.neofs.devenv:30333 | jq -r '.result.hash'
|
||||
http://morph-chain.frostfs.devenv:30333 | jq -r '.result.hash'
|
||||
|
||||
0x8e6c3cd4b976b28e84a3788f6ea9e2676c15d667
|
||||
|
||||
$ docker exec -it morph_chain neo-go \
|
||||
contract testinvokefunction \
|
||||
-r http://morph-chain.neofs.devenv:30333 0x8e6c3cd4b976b28e84a3788f6ea9e2676c15d667 \
|
||||
-r http://morph-chain.frostfs.devenv:30333 0x8e6c3cd4b976b28e84a3788f6ea9e2676c15d667 \
|
||||
resolve string:container-name.container int:16 \
|
||||
| jq -r '.stack[0].value | if type=="array" then .[0].value else . end' \
|
||||
| base64 -d && echo
|
||||
|
@ -236,9 +253,9 @@ $ curl http://localhost:8082/get_by_attribute/container-name/FileName/object-nam
|
|||
|
||||
#### Create a container
|
||||
|
||||
You can create a container via [neofs-cli](https://github.com/nspcc-dev/neofs-node/releases):
|
||||
You can create a container via [frostfs-cli](https://git.frostfs.info/TrueCloudLab/frostfs-node/releases):
|
||||
```
|
||||
$ neofs-cli -r $NEOFS_NODE -w $WALLET container create --policy $POLICY --basic-acl $ACL
|
||||
$ frostfs-cli -r $FROSTFS_NODE -w $WALLET container create --policy $POLICY --basic-acl $ACL
|
||||
```
|
||||
where `$WALLET` is a path to user wallet,
|
||||
`$ACL` -- hex encoded basic ACL value or keywords 'private, 'public-read', 'public-read-write' and
|
||||
|
@ -246,18 +263,18 @@ where `$WALLET` is a path to user wallet,
|
|||
|
||||
For example:
|
||||
```
|
||||
$ neofs-cli -r 192.168.130.72:8080 -w ./wallet.json container create --policy "REP 3" --basic-acl public --await
|
||||
$ frostfs-cli -r 192.168.130.72:8080 -w ./wallet.json container create --policy "REP 3" --basic-acl public --await
|
||||
```
|
||||
|
||||
If you have launched nodes via [neofs-dev-env](https://github.com/nspcc-dev/neofs-dev-env),
|
||||
If you have launched nodes via [frostfs-dev-env](https://git.frostfs.info/TrueCloudLab/frostfs-dev-env),
|
||||
you can get the key value from `wallets/wallet.json` or write the path to
|
||||
the file `wallets/wallet.key`.
|
||||
|
||||
#### Prepare a file in a container
|
||||
|
||||
To create a file via [neofs-cli](https://github.com/nspcc-dev/neofs-node/releases), run a command below:
|
||||
To create a file via [frostfs-cli](https://git.frostfs.info/TrueCloudLab/frostfs-node/releases), run a command below:
|
||||
```
|
||||
$ neofs-cli -r $NEOFS_NODE -k $KEY object put --file $FILENAME --cid $CID
|
||||
$ frostfs-cli -r $FROSTFS_NODE -k $KEY object put --file $FILENAME --cid $CID
|
||||
```
|
||||
where
|
||||
`$KEY` -- the key, please read the information [above](#create-a-container),
|
||||
|
@ -265,7 +282,7 @@ where
|
|||
|
||||
For example:
|
||||
```
|
||||
$ neofs-cli -r 192.168.130.72:8080 -w ./wallet.json object put --file cat.png --cid Dxhf4PNprrJHWWTG5RGLdfLkJiSQ3AQqit1MSnEPRkDZ --attributes img_type=cat,my_attr=cute
|
||||
$ frostfs-cli -r 192.168.130.72:8080 -w ./wallet.json object put --file cat.png --cid Dxhf4PNprrJHWWTG5RGLdfLkJiSQ3AQqit1MSnEPRkDZ --attributes img_type=cat,my_attr=cute
|
||||
```
|
||||
|
||||
|
||||
|
@ -305,8 +322,9 @@ where
|
|||
`$ATTRIBUTE_NAME` is the name of the attribute we want to use,
|
||||
`$ATTRIBUTE_VALUE` is the value of this attribute that the target object should have.
|
||||
|
||||
**NB!** The attribute key and value must be url encoded, i.e., if you want to download an object with the attribute value
|
||||
`a cat`, the value in the request must be `a+cat`. In the same way with the attribute key.
|
||||
**NB!** The attribute key and value should be url encoded, i.e., if you want to download an object with the attribute value
|
||||
`a cat`, the value in the request must be `a+cat`. In the same way with the attribute key. If you don't escape such values
|
||||
everything can still work (for example you can use `d@ta` without encoding) but it's HIGHLY RECOMMENDED to encode all your attributes.
|
||||
|
||||
If multiple objects have specified attribute with specified value, then the
|
||||
first one of them is returned (and you can't get others via this interface).
|
||||
|
@ -347,8 +365,8 @@ You can download some dir (files with the same prefix) in zip (it will be compre
|
|||
$ wget http://localhost:8082/zip/Dxhf4PNprrJHWWTG5RGLdfLkJiSQ3AQqit1MSnEPRkDZ/common/prefix
|
||||
```
|
||||
|
||||
**Note:** the objects must have a `FilePath` attribute, otherwise they will not be in the zip archive.
|
||||
You can upload file with this attribute using `curl`:
|
||||
**Note:** the objects must have a valid `FilePath` attribute (it should not contain trailing `/`),
|
||||
otherwise they will not be in the zip archive. You can upload file with this attribute using `curl`:
|
||||
|
||||
```
|
||||
$ curl -F 'file=@cat.jpeg;filename=cat.jpeg' -H 'X-Attribute-FilePath: common/prefix/cat.jpeg' http://localhost:8082/upload/Dxhf4PNprrJHWWTG5RGLdfLkJiSQ3AQqit1MSnEPRkDZ
|
||||
|
@ -369,10 +387,15 @@ set of reply headers generated using the following rules:
|
|||
* `x-container-id` contains container ID
|
||||
* `x-object-id` contains object ID
|
||||
* `x-owner-id` contains owner address
|
||||
* all the other NeoFS attributes are converted to `X-Attribute-*` headers (but only
|
||||
* all the other FrostFS attributes are converted to `X-Attribute-*` headers (but only
|
||||
if they can be safely represented in HTTP header), for example `FileName`
|
||||
attribute becomes `X-Attribute-FileName` header
|
||||
|
||||
##### Caching strategy
|
||||
|
||||
HTTP Gateway doesn't control caching (doesn't anything with the `Cache-Control` header). Caching strategy strictly
|
||||
depends on application use case. So it should be carefully done by proxy server.
|
||||
|
||||
### Uploading
|
||||
|
||||
You can POST files to `/upload/$CID` path where `$CID` is a container ID or its name if NNS is enabled. The
|
||||
|
@ -444,25 +467,25 @@ operations for a request signed with your HTTP Gateway keys.
|
|||
If your don't want to manage gateway's secret keys and adjust eACL rules when
|
||||
gateway configuration changes (new gate, key rotation, etc) or you plan to use
|
||||
public services, there is an option to let your application backend (or you) to
|
||||
issue Bearer Tokens ans pass them from the client via gate down to NeoFS level
|
||||
issue Bearer Tokens ans pass them from the client via gate down to FrostFS level
|
||||
to grant access.
|
||||
|
||||
NeoFS Bearer Token basically is a container owner-signed ACL data (refer to NeoFS
|
||||
FrostFS Bearer Token basically is a container owner-signed ACL data (refer to FrostFS
|
||||
documentation for more details). There are two options to pass them to gateway:
|
||||
* "Authorization" header with "Bearer" type and base64-encoded token in
|
||||
credentials field
|
||||
* "Bearer" cookie with base64-encoded token contents
|
||||
|
||||
For example, you have a mobile application frontend with a backend part storing
|
||||
data in NeoFS. When a user authorizes in the mobile app, the backend issues a NeoFS
|
||||
data in FrostFS. When a user authorizes in the mobile app, the backend issues a FrostFS
|
||||
Bearer token and provides it to the frontend. Then, the mobile app may generate
|
||||
some data and upload it via any available NeoFS HTTP Gateway by adding
|
||||
some data and upload it via any available FrostFS HTTP Gateway by adding
|
||||
the corresponding header to the upload request. Accessing the ACL protected data
|
||||
works the same way.
|
||||
|
||||
##### Example
|
||||
In order to generate a bearer token, you need to know the container owner key and
|
||||
the address of the sender who will do the request to NeoFS (in our case, it's a gateway wallet address).
|
||||
the address of the sender who will do the request to FrostFS (in our case, it's a gateway wallet address).
|
||||
|
||||
Suppose we have:
|
||||
* **KxDgvEKzgSBPPfuVfw67oPQBSjidEiqTHURKSDL1R7yGaGYAeYnr** (container owner key)
|
||||
|
@ -513,7 +536,7 @@ Now, we can form a Bearer token (10000 is liftetime expiration in epoch) and sav
|
|||
|
||||
Next, sign it with the container owner key:
|
||||
```
|
||||
$ neofs-cli util sign bearer-token --from bearer.json --to signed.json -w ./wallet.json
|
||||
$ frostfs-cli util sign bearer-token --from bearer.json --to signed.json -w ./wallet.json
|
||||
```
|
||||
Encoding to base64 to use via the header:
|
||||
```
|
||||
|
@ -540,12 +563,12 @@ For the token to work correctly, you need to create a container with a basic ACL
|
|||
|
||||
For example:
|
||||
```
|
||||
$ neofs-cli -w ./wallet.json --basic-acl 0x0FFFCFFF -r 192.168.130.72:8080 container create --policy "REP 3" --await
|
||||
$ frostfs-cli -w ./wallet.json --basic-acl 0x0FFFCFFF -r 192.168.130.72:8080 container create --policy "REP 3" --await
|
||||
```
|
||||
|
||||
To deny access to a container without a token, set the eACL rules:
|
||||
```
|
||||
$ neofs-cli -w ./wallet.json -r 192.168.130.72:8080 container set-eacl --table eacl.json --await --cid BJeErH9MWmf52VsR1mLWKkgF3pRm3FkubYxM7TZkBP4K
|
||||
$ frostfs-cli -w ./wallet.json -r 192.168.130.72:8080 container set-eacl --table eacl.json --await --cid BJeErH9MWmf52VsR1mLWKkgF3pRm3FkubYxM7TZkBP4K
|
||||
```
|
||||
|
||||
File **eacl.json**:
|
||||
|
|
2
VERSION
2
VERSION
|
@ -1 +1 @@
|
|||
v0.25.0
|
||||
v0.26.0
|
||||
|
|
190
app.go
190
app.go
|
@ -3,30 +3,28 @@ package main
|
|||
import (
|
||||
"context"
|
||||
"crypto/ecdsa"
|
||||
"crypto/tls"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"net/http"
|
||||
"os"
|
||||
"os/signal"
|
||||
"strconv"
|
||||
"sync"
|
||||
"syscall"
|
||||
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/downloader"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/metrics"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/resolver"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/response"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/uploader"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/utils"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
|
||||
"github.com/fasthttp/router"
|
||||
"github.com/nspcc-dev/neo-go/cli/flags"
|
||||
"github.com/nspcc-dev/neo-go/cli/input"
|
||||
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||
"github.com/nspcc-dev/neo-go/pkg/util"
|
||||
"github.com/nspcc-dev/neo-go/pkg/wallet"
|
||||
"github.com/nspcc-dev/neofs-http-gw/downloader"
|
||||
"github.com/nspcc-dev/neofs-http-gw/metrics"
|
||||
"github.com/nspcc-dev/neofs-http-gw/resolver"
|
||||
"github.com/nspcc-dev/neofs-http-gw/response"
|
||||
"github.com/nspcc-dev/neofs-http-gw/uploader"
|
||||
"github.com/nspcc-dev/neofs-http-gw/utils"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/pool"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/user"
|
||||
"github.com/spf13/viper"
|
||||
"github.com/valyala/fasthttp"
|
||||
"go.uber.org/zap"
|
||||
|
@ -45,12 +43,12 @@ type (
|
|||
metrics *gateMetrics
|
||||
services []*metrics.Service
|
||||
settings *appSettings
|
||||
servers []Server
|
||||
}
|
||||
|
||||
appSettings struct {
|
||||
Uploader *uploader.Settings
|
||||
Downloader *downloader.Settings
|
||||
TLSProvider *certProvider
|
||||
Uploader *uploader.Settings
|
||||
Downloader *downloader.Settings
|
||||
}
|
||||
|
||||
// App is an interface for the main gateway function.
|
||||
|
@ -113,7 +111,7 @@ func newApp(ctx context.Context, opt ...Option) App {
|
|||
}
|
||||
|
||||
// -- setup FastHTTP server --
|
||||
a.webServer.Name = "neofs-http-gw"
|
||||
a.webServer.Name = "frost-http-gw"
|
||||
a.webServer.ReadBufferSize = a.cfg.GetInt(cfgWebReadBufferSize)
|
||||
a.webServer.WriteBufferSize = a.cfg.GetInt(cfgWebWriteBufferSize)
|
||||
a.webServer.ReadTimeout = a.cfg.GetDuration(cfgWebReadTimeout)
|
||||
|
@ -125,9 +123,9 @@ func newApp(ctx context.Context, opt ...Option) App {
|
|||
a.webServer.DisablePreParseMultipartForm = true
|
||||
a.webServer.StreamRequestBody = a.cfg.GetBool(cfgWebStreamRequestBody)
|
||||
// -- -- -- -- -- -- -- -- -- -- -- -- -- --
|
||||
key, err = getNeoFSKey(a)
|
||||
key, err = getFrostFSKey(a)
|
||||
if err != nil {
|
||||
a.log.Fatal("failed to get neofs credentials", zap.Error(err))
|
||||
a.log.Fatal("failed to get frostfs credentials", zap.Error(err))
|
||||
}
|
||||
|
||||
var owner user.ID
|
||||
|
@ -137,6 +135,7 @@ func newApp(ctx context.Context, opt ...Option) App {
|
|||
var prm pool.InitParameters
|
||||
prm.SetKey(key)
|
||||
prm.SetNodeDialTimeout(a.cfg.GetDuration(cfgConTimeout))
|
||||
prm.SetNodeStreamTimeout(a.cfg.GetDuration(cfgStreamTimeout))
|
||||
prm.SetHealthcheckTimeout(a.cfg.GetDuration(cfgReqTimeout))
|
||||
prm.SetClientRebalanceInterval(a.cfg.GetDuration(cfgRebalance))
|
||||
prm.SetErrorThreshold(a.cfg.GetUint32(cfgPoolErrorThreshold))
|
||||
|
@ -178,9 +177,8 @@ func newApp(ctx context.Context, opt ...Option) App {
|
|||
|
||||
func (a *app) initAppSettings() {
|
||||
a.settings = &appSettings{
|
||||
Uploader: &uploader.Settings{},
|
||||
Downloader: &downloader.Settings{},
|
||||
TLSProvider: &certProvider{Enabled: a.cfg.IsSet(cfgTLSCertificate) || a.cfg.IsSet(cfgTLSKey)},
|
||||
Uploader: &uploader.Settings{},
|
||||
Downloader: &downloader.Settings{},
|
||||
}
|
||||
|
||||
a.updateSettings()
|
||||
|
@ -196,7 +194,7 @@ func (a *app) initResolver() {
|
|||
|
||||
func (a *app) getResolverConfig() ([]string, *resolver.Config) {
|
||||
resolveCfg := &resolver.Config{
|
||||
NeoFS: resolver.NewNeoFSResolver(a.pool),
|
||||
FrostFS: resolver.NewFrostFSResolver(a.pool),
|
||||
RPCAddress: a.cfg.GetString(cfgRPCEndpoint),
|
||||
}
|
||||
|
||||
|
@ -268,7 +266,7 @@ func remove(list []string, element string) []string {
|
|||
return list
|
||||
}
|
||||
|
||||
func getNeoFSKey(a *app) (*ecdsa.PrivateKey, error) {
|
||||
func getFrostFSKey(a *app) (*ecdsa.PrivateKey, error) {
|
||||
walletPath := a.cfg.GetString(cfgWalletPath)
|
||||
|
||||
if len(walletPath) == 0 {
|
||||
|
@ -329,7 +327,7 @@ func getKeyFromWallet(w *wallet.Wallet, addrStr string, password *string) (*ecds
|
|||
}
|
||||
|
||||
func (a *app) Wait() {
|
||||
a.log.Info("starting application", zap.String("app_name", "neofs-http-gw"), zap.String("version", Version))
|
||||
a.log.Info("starting application", zap.String("app_name", "frostfs-http-gw"), zap.String("version", Version))
|
||||
|
||||
a.setHealthStatus()
|
||||
|
||||
|
@ -340,43 +338,6 @@ func (a *app) setHealthStatus() {
|
|||
a.metrics.SetHealth(1)
|
||||
}
|
||||
|
||||
type certProvider struct {
|
||||
Enabled bool
|
||||
|
||||
mu sync.RWMutex
|
||||
certPath string
|
||||
keyPath string
|
||||
cert *tls.Certificate
|
||||
}
|
||||
|
||||
func (p *certProvider) GetCertificate(*tls.ClientHelloInfo) (*tls.Certificate, error) {
|
||||
if !p.Enabled {
|
||||
return nil, errors.New("cert provider: disabled")
|
||||
}
|
||||
|
||||
p.mu.RLock()
|
||||
defer p.mu.RUnlock()
|
||||
return p.cert, nil
|
||||
}
|
||||
|
||||
func (p *certProvider) UpdateCert(certPath, keyPath string) error {
|
||||
if !p.Enabled {
|
||||
return fmt.Errorf("tls disabled")
|
||||
}
|
||||
|
||||
cert, err := tls.LoadX509KeyPair(certPath, keyPath)
|
||||
if err != nil {
|
||||
return fmt.Errorf("cannot load TLS key pair from certFile '%s' and keyFile '%s': %w", certPath, keyPath, err)
|
||||
}
|
||||
|
||||
p.mu.Lock()
|
||||
p.certPath = certPath
|
||||
p.keyPath = keyPath
|
||||
p.cert = &cert
|
||||
p.mu.Unlock()
|
||||
return nil
|
||||
}
|
||||
|
||||
func (a *app) Serve(ctx context.Context) {
|
||||
uploadRoutes := uploader.New(ctx, a.AppParams(), a.settings.Uploader)
|
||||
downloadRoutes := downloader.New(ctx, a.AppParams(), a.settings.Downloader)
|
||||
|
@ -385,38 +346,16 @@ func (a *app) Serve(ctx context.Context) {
|
|||
a.configureRouter(uploadRoutes, downloadRoutes)
|
||||
|
||||
a.startServices()
|
||||
a.initServers(ctx)
|
||||
|
||||
go func() {
|
||||
var err error
|
||||
defer func() {
|
||||
if err != nil {
|
||||
a.log.Fatal("could not start server", zap.Error(err))
|
||||
for i := range a.servers {
|
||||
go func(i int) {
|
||||
a.log.Info("starting server", zap.String("address", a.servers[i].Address()))
|
||||
if err := a.webServer.Serve(a.servers[i].Listener()); err != nil && err != http.ErrServerClosed {
|
||||
a.log.Fatal("listen and serve", zap.Error(err))
|
||||
}
|
||||
}()
|
||||
|
||||
bind := a.cfg.GetString(cfgListenAddress)
|
||||
|
||||
if a.settings.TLSProvider.Enabled {
|
||||
if err = a.settings.TLSProvider.UpdateCert(a.cfg.GetString(cfgTLSCertificate), a.cfg.GetString(cfgTLSKey)); err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
var lnConf net.ListenConfig
|
||||
var ln net.Listener
|
||||
if ln, err = lnConf.Listen(ctx, "tcp4", bind); err != nil {
|
||||
return
|
||||
}
|
||||
lnTLS := tls.NewListener(ln, &tls.Config{
|
||||
GetCertificate: a.settings.TLSProvider.GetCertificate,
|
||||
})
|
||||
|
||||
a.log.Info("running web server (TLS-enabled)", zap.String("address", bind))
|
||||
err = a.webServer.Serve(lnTLS)
|
||||
} else {
|
||||
a.log.Info("running web server", zap.String("address", bind))
|
||||
err = a.webServer.ListenAndServe(bind)
|
||||
}
|
||||
}()
|
||||
}(i)
|
||||
}
|
||||
|
||||
sigs := make(chan os.Signal, 1)
|
||||
signal.Notify(sigs, syscall.SIGHUP)
|
||||
|
@ -441,14 +380,15 @@ LOOP:
|
|||
|
||||
func (a *app) configReload() {
|
||||
a.log.Info("SIGHUP config reload started")
|
||||
if !a.cfg.IsSet(cmdConfig) {
|
||||
if !a.cfg.IsSet(cmdConfig) && !a.cfg.IsSet(cmdConfigDir) {
|
||||
a.log.Warn("failed to reload config because it's missed")
|
||||
return
|
||||
}
|
||||
if err := readConfig(a.cfg); err != nil {
|
||||
if err := readInConfig(a.cfg); err != nil {
|
||||
a.log.Warn("failed to reload config", zap.Error(err))
|
||||
return
|
||||
}
|
||||
|
||||
if lvl, err := getLogLevel(a.cfg); err != nil {
|
||||
a.log.Warn("log level won't be updated", zap.Error(err))
|
||||
} else {
|
||||
|
@ -459,6 +399,10 @@ func (a *app) configReload() {
|
|||
a.log.Warn("failed to update resolvers", zap.Error(err))
|
||||
}
|
||||
|
||||
if err := a.updateServers(); err != nil {
|
||||
a.log.Warn("failed to reload server parameters", zap.Error(err))
|
||||
}
|
||||
|
||||
a.stopServices()
|
||||
a.startServices()
|
||||
|
||||
|
@ -473,10 +417,6 @@ func (a *app) configReload() {
|
|||
func (a *app) updateSettings() {
|
||||
a.settings.Uploader.SetDefaultTimestamp(a.cfg.GetBool(cfgUploaderHeaderEnableDefaultTimestamp))
|
||||
a.settings.Downloader.SetZipCompression(a.cfg.GetBool(cfgZipCompression))
|
||||
|
||||
if err := a.settings.TLSProvider.UpdateCert(a.cfg.GetString(cfgTLSCertificate), a.cfg.GetString(cfgTLSKey)); err != nil {
|
||||
a.log.Warn("failed to reload TLS certs", zap.Error(err))
|
||||
}
|
||||
}
|
||||
|
||||
func (a *app) startServices() {
|
||||
|
@ -542,3 +482,61 @@ func (a *app) AppParams() *utils.AppParams {
|
|||
Resolver: a.resolver,
|
||||
}
|
||||
}
|
||||
|
||||
func (a *app) initServers(ctx context.Context) {
|
||||
serversInfo := fetchServers(a.cfg)
|
||||
|
||||
a.servers = make([]Server, 0, len(serversInfo))
|
||||
for _, serverInfo := range serversInfo {
|
||||
fields := []zap.Field{
|
||||
zap.String("address", serverInfo.Address), zap.Bool("tls enabled", serverInfo.TLS.Enabled),
|
||||
zap.String("tls cert", serverInfo.TLS.CertFile), zap.String("tls key", serverInfo.TLS.KeyFile),
|
||||
}
|
||||
srv, err := newServer(ctx, serverInfo)
|
||||
if err != nil {
|
||||
a.log.Warn("failed to add server", append(fields, zap.Error(err))...)
|
||||
continue
|
||||
}
|
||||
|
||||
a.servers = append(a.servers, srv)
|
||||
a.log.Info("add server", fields...)
|
||||
}
|
||||
|
||||
if len(a.servers) == 0 {
|
||||
a.log.Fatal("no healthy servers")
|
||||
}
|
||||
}
|
||||
|
||||
func (a *app) updateServers() error {
|
||||
serversInfo := fetchServers(a.cfg)
|
||||
|
||||
var found bool
|
||||
for _, serverInfo := range serversInfo {
|
||||
index := a.serverIndex(serverInfo.Address)
|
||||
if index == -1 {
|
||||
continue
|
||||
}
|
||||
|
||||
if serverInfo.TLS.Enabled {
|
||||
if err := a.servers[index].UpdateCert(serverInfo.TLS.CertFile, serverInfo.TLS.KeyFile); err != nil {
|
||||
return fmt.Errorf("failed to update tls certs: %w", err)
|
||||
}
|
||||
}
|
||||
found = true
|
||||
}
|
||||
|
||||
if !found {
|
||||
return fmt.Errorf("invalid servers configuration: no known server found")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (a *app) serverIndex(address string) int {
|
||||
for i := range a.servers {
|
||||
if a.servers[i].Address() == address {
|
||||
return i
|
||||
}
|
||||
}
|
||||
return -1
|
||||
}
|
||||
|
|
|
@ -17,21 +17,23 @@ HTTP_GW_PROMETHEUS_ADDRESS=localhost:8084
|
|||
# Log level.
|
||||
HTTP_GW_LOGGER_LEVEL=debug
|
||||
|
||||
# Address to bind.
|
||||
HTTP_GW_LISTEN_ADDRESS=0.0.0.0:443
|
||||
# Provide cert to enable TLS.
|
||||
HTTP_GW_TLS_CERTIFICATE=/path/to/tls/cert
|
||||
# Provide key to enable TLS.
|
||||
HTTP_GW_TLS_KEY=/path/to/tls/key
|
||||
HTTP_GW_SERVER_0_ADDRESS=0.0.0.0:443
|
||||
HTTP_GW_SERVER_0_TLS_ENABLED=false
|
||||
HTTP_GW_SERVER_0_TLS_CERT_FILE=/path/to/tls/cert
|
||||
HTTP_GW_SERVER_0_TLS_KEY_FILE=/path/to/tls/key
|
||||
HTTP_GW_SERVER_1_ADDRESS=0.0.0.0:444
|
||||
HTTP_GW_SERVER_1_TLS_ENABLED=true
|
||||
HTTP_GW_SERVER_1_TLS_CERT_FILE=/path/to/tls/cert
|
||||
HTTP_GW_SERVER_1_TLS_KEY_FILE=/path/to/tls/key
|
||||
|
||||
# Nodes configuration.
|
||||
# This configuration make the gateway use the first node (grpc://s01.neofs.devenv:8080)
|
||||
# while it's healthy. Otherwise, the gateway use the second node (grpc://s01.neofs.devenv:8080)
|
||||
# This configuration make the gateway use the first node (grpc://s01.frostfs.devenv:8080)
|
||||
# while it's healthy. Otherwise, the gateway use the second node (grpc://s01.frostfs.devenv:8080)
|
||||
# for 10% of requests and the third node for 90% of requests.
|
||||
|
||||
# Peer 1.
|
||||
# Endpoint.
|
||||
HTTP_GW_PEERS_0_ADDRESS=grpc://s01.neofs.devenv:8080
|
||||
HTTP_GW_PEERS_0_ADDRESS=grpc://s01.frostfs.devenv:8080
|
||||
# Until nodes with the same priority level are healthy
|
||||
# nodes with other priority are not used.
|
||||
# The lower the value, the higher the priority.
|
||||
|
@ -39,11 +41,11 @@ HTTP_GW_PEERS_0_PRIORITY=1
|
|||
# Load distribution proportion for nodes with the same priority.
|
||||
HTTP_GW_PEERS_0_WEIGHT=1
|
||||
# Peer 2.
|
||||
HTTP_GW_PEERS_1_ADDRESS=grpc://s02.neofs.devenv:8080
|
||||
HTTP_GW_PEERS_1_ADDRESS=grpc://s02.frostfs.devenv:8080
|
||||
HTTP_GW_PEERS_1_PRIORITY=2
|
||||
HTTP_GW_PEERS_1_WEIGHT=1
|
||||
# Peer 3.
|
||||
HTTP_GW_PEERS_2_ADDRESS=grpc://s03.neofs.devenv:8080
|
||||
HTTP_GW_PEERS_2_ADDRESS=grpc://s03.frostfs.devenv:8080
|
||||
HTTP_GW_PEERS_2_PRIORITY=2
|
||||
HTTP_GW_PEERS_2_WEIGHT=9
|
||||
|
||||
|
@ -70,7 +72,7 @@ HTTP_GW_STREAM_REQUEST_BODY=true
|
|||
HTTP_GW_MAX_REQUEST_BODY_SIZE=4194304
|
||||
|
||||
# RPC endpoint to be able to use nns container resolving.
|
||||
HTTP_GW_RPC_ENDPOINT=http://morph-chain.neofs.devenv:30333
|
||||
HTTP_GW_RPC_ENDPOINT=http://morph-chain.frostfs.devenv:30333
|
||||
# The order in which resolvers are used to find an container id by name.
|
||||
HTTP_GW_RESOLVE_ORDER="nns dns"
|
||||
|
||||
|
@ -79,12 +81,14 @@ HTTP_GW_UPLOAD_HEADER_USE_DEFAULT_TIMESTAMP=false
|
|||
|
||||
# Timeout to dial node.
|
||||
HTTP_GW_CONNECT_TIMEOUT=5s
|
||||
# Timeout for individual operations in streaming RPC.
|
||||
HTTP_GW_STREAM_TIMEOUT=10s
|
||||
# Timeout to check node health during rebalance.
|
||||
HTTP_GW_REQUEST_TIMEOUT=5s
|
||||
# Interval to check nodes health.
|
||||
HTTP_GW_REBALANCE_TIMER=30s
|
||||
# The number of errors on connection after which node is considered as unhealthy
|
||||
S3_GW_POOL_ERROR_THRESHOLD=100
|
||||
HTTP_GW_POOL_ERROR_THRESHOLD=100
|
||||
|
||||
# Enable zip compression to download files by common prefix.
|
||||
HTTP_GW_ZIP_COMPRESSION=false
|
||||
|
|
|
@ -4,27 +4,35 @@ wallet:
|
|||
passphrase: pwd # Passphrase to decrypt wallet. If you're using a wallet without a password, place '' here.
|
||||
|
||||
pprof:
|
||||
enabled: true # Enable pprof.
|
||||
enabled: false # Enable pprof.
|
||||
address: localhost:8083
|
||||
prometheus:
|
||||
enabled: true # Enable metrics.
|
||||
enabled: false # Enable metrics.
|
||||
address: localhost:8084
|
||||
|
||||
logger:
|
||||
level: debug # Log level.
|
||||
|
||||
listen_address: 0.0.0.0:443 # Address to bind.
|
||||
tls_certificate: /path/to/tls/cert # Provide cert to enable TLS.
|
||||
tls_key: /path/to/tls/key # Provide key to enable TLS.
|
||||
server:
|
||||
- address: 0.0.0.0:8080
|
||||
tls:
|
||||
enabled: false
|
||||
cert_file: /path/to/cert
|
||||
key_file: /path/to/key
|
||||
- address: 0.0.0.0:8081
|
||||
tls:
|
||||
enabled: false
|
||||
cert_file: /path/to/cert
|
||||
key_file: /path/to/key
|
||||
|
||||
# Nodes configuration.
|
||||
# This configuration make the gateway use the first node (grpc://s01.neofs.devenv:8080)
|
||||
# while it's healthy. Otherwise, the gateway use the second node (grpc://s01.neofs.devenv:8080)
|
||||
# This configuration make the gateway use the first node (grpc://s01.frostfs.devenv:8080)
|
||||
# while it's healthy. Otherwise, the gateway use the second node (grpc://s01.frostfs.devenv:8080)
|
||||
# for 10% of requests and the third node for 90% of requests.
|
||||
peers:
|
||||
0:
|
||||
# Endpoint.
|
||||
address: grpc://s01.neofs.devenv:8080
|
||||
address: grpc://s01.frostfs.devenv:8080
|
||||
|
||||
# Until nodes with the same priority level are healthy
|
||||
# nodes with other priority are not used.
|
||||
|
@ -34,11 +42,11 @@ peers:
|
|||
# Load distribution proportion for nodes with the same priority.
|
||||
weight: 1
|
||||
1:
|
||||
address: grpc://s02.neofs.devenv:8080
|
||||
address: grpc://s02.frostfs.devenv:8080
|
||||
priority: 2
|
||||
weight: 1
|
||||
2:
|
||||
address: grpc://s03.neofs.devenv:8080
|
||||
address: grpc://s03.frostfs.devenv:8080
|
||||
priority: 2
|
||||
weight: 9
|
||||
|
||||
|
@ -72,7 +80,7 @@ web:
|
|||
max_request_body_size: 4194304
|
||||
|
||||
# RPC endpoint to be able to use nns container resolving.
|
||||
rpc_endpoint: http://morph-chain.neofs.devenv:30333
|
||||
rpc_endpoint: http://morph-chain.frostfs.devenv:30333
|
||||
# The order in which resolvers are used to find an container id by name.
|
||||
resolve_order:
|
||||
- nns
|
||||
|
@ -82,6 +90,7 @@ upload_header:
|
|||
use_default_timestamp: false # Create timestamp for object if it isn't provided by header.
|
||||
|
||||
connect_timeout: 5s # Timeout to dial node.
|
||||
stream_timeout: 10s # Timeout for individual operations in streaming RPC.
|
||||
request_timeout: 5s # Timeout to check node health during rebalance.
|
||||
rebalance_timer: 30s # Interval to check nodes health.
|
||||
pool_error_threshold: 100 # The number of errors on connection after which node is considered as unhealthy.
|
||||
|
|
3
config/dir/pprof.yaml
Normal file
3
config/dir/pprof.yaml
Normal file
|
@ -0,0 +1,3 @@
|
|||
pprof:
|
||||
enabled: true
|
||||
address: localhost:8083
|
3
config/dir/prometheus.yaml
Normal file
3
config/dir/prometheus.yaml
Normal file
|
@ -0,0 +1,3 @@
|
|||
prometheus:
|
||||
enabled: true
|
||||
address: localhost:8084
|
5
debian/changelog
vendored
Normal file
5
debian/changelog
vendored
Normal file
|
@ -0,0 +1,5 @@
|
|||
frostfs-http-gw (0.0.0) stable; urgency=medium
|
||||
|
||||
* Please see CHANGELOG.md
|
||||
|
||||
-- TrueCloudLab <tech@frostfs.info> Wed, 24 Aug 2022 18:29:49 +0300
|
15
debian/control
vendored
Normal file
15
debian/control
vendored
Normal file
|
@ -0,0 +1,15 @@
|
|||
Source: frostfs-http-gw
|
||||
Section: frostfs
|
||||
Priority: optional
|
||||
Maintainer: TrueCloudLab <tech@frostfs.info>
|
||||
Build-Depends: debhelper-compat (= 13), dh-sysuser, git, devscripts
|
||||
Standards-Version: 4.5.1
|
||||
Homepage: https://frostfs.info/
|
||||
Vcs-Git: https://git.frostfs.info/TrueCloudLab/frostfs-http-gw.git
|
||||
Vcs-Browser: https://git.frostfs.info/TrueCloudLab/frostfs-http-gw
|
||||
|
||||
Package: frostfs-http-gw
|
||||
Architecture: any
|
||||
Depends: ${misc:Depends}
|
||||
Description: FrostFS HTTP Gateway bridges FrostFS internal protocol and HTTP standard.
|
||||
|
25
debian/copyright
vendored
Normal file
25
debian/copyright
vendored
Normal file
|
@ -0,0 +1,25 @@
|
|||
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
||||
Upstream-Name: frostfs-http-gw
|
||||
Upstream-Contact: tech@frostfs.info
|
||||
Source: https://git.frostfs.info/TrueCloudLab/frostfs-http-gw
|
||||
|
||||
Files: *
|
||||
Copyright: 2018-2022 NeoSPCC (@nspcc-dev), contributors of neofs-http-gw project
|
||||
(https://github.com/nspcc-dev/neofs-http-gw/blob/master/CREDITS.md)
|
||||
2022 True Cloud Lab (@TrueCloudLab), contributors of frostfs-http-gw project
|
||||
(https://git.frostfs.info/TrueCloudLab/frostfs-http-gw/src/branch/master/CREDITS.md)
|
||||
|
||||
|
||||
License: GPL-3
|
||||
This program is free software: you can redistribute it and/or modify it
|
||||
under the terms of the GNU General Public License as published
|
||||
by the Free Software Foundation; version 3.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program or at /usr/share/common-licenses/GPL-3.
|
||||
If not, see <http://www.gnu.org/licenses/>.
|
2
debian/frostfs-http-gw.dirs
vendored
Normal file
2
debian/frostfs-http-gw.dirs
vendored
Normal file
|
@ -0,0 +1,2 @@
|
|||
etc/frostfs
|
||||
srv/frostfs_cache
|
4
debian/frostfs-http-gw.docs
vendored
Normal file
4
debian/frostfs-http-gw.docs
vendored
Normal file
|
@ -0,0 +1,4 @@
|
|||
docs/gate-configuration.md
|
||||
README.md
|
||||
CREDITS.md
|
||||
CONTRIBUTING.md
|
1
debian/frostfs-http-gw.examples
vendored
Normal file
1
debian/frostfs-http-gw.examples
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
config/*
|
2
debian/frostfs-http-gw.install
vendored
Normal file
2
debian/frostfs-http-gw.install
vendored
Normal file
|
@ -0,0 +1,2 @@
|
|||
bin/frostfs-http-gw usr/bin
|
||||
config/config.yaml etc/frostfs/http
|
51
debian/frostfs-http-gw.postinst
vendored
Normal file
51
debian/frostfs-http-gw.postinst
vendored
Normal file
|
@ -0,0 +1,51 @@
|
|||
#!/bin/sh
|
||||
# postinst script for frostfs-http-gw
|
||||
#
|
||||
# see: dh_installdeb(1)
|
||||
|
||||
set -e
|
||||
|
||||
# summary of how this script can be called:
|
||||
# * <postinst> `configure' <most-recently-configured-version>
|
||||
# * <old-postinst> `abort-upgrade' <new version>
|
||||
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
|
||||
# <new-version>
|
||||
# * <postinst> `abort-remove'
|
||||
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
|
||||
# <failed-install-package> <version> `removing'
|
||||
# <conflicting-package> <version>
|
||||
# for details, see https://www.debian.org/doc/debian-policy/ or
|
||||
# the debian-policy package
|
||||
|
||||
|
||||
case "$1" in
|
||||
configure)
|
||||
USERNAME=http
|
||||
id -u frostfs-$USERNAME >/dev/null 2>&1 || useradd -s /usr/sbin/nologin -d /srv/frostfs_cache --system -M -U -c "FrostFS HTTP gateway" frostfs-$USERNAME
|
||||
if ! dpkg-statoverride --list /etc/frostfs/$USERNAME >/dev/null; then
|
||||
chown -f root:frostfs-$USERNAME /etc/frostfs/$USERNAME
|
||||
chown -f root:frostfs-$USERNAME /etc/frostfs/$USERNAME/config.yaml || true
|
||||
chmod -f 0750 /etc/frostfs/$USERNAME
|
||||
chmod -f 0640 /etc/frostfs/$USERNAME/config.yaml || true
|
||||
fi
|
||||
USERDIR=$(getent passwd "frostfs-$USERNAME" | cut -d: -f6)
|
||||
if ! dpkg-statoverride --list frostfs-$USERDIR >/dev/null; then
|
||||
chown -f frostfs-$USERNAME: $USERDIR
|
||||
fi
|
||||
;;
|
||||
|
||||
abort-upgrade|abort-remove|abort-deconfigure)
|
||||
;;
|
||||
|
||||
*)
|
||||
echo "postinst called with unknown argument \`$1'" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
# dh_installdeb will replace this with shell code automatically
|
||||
# generated by other debhelper scripts.
|
||||
|
||||
#DEBHELPER#
|
||||
|
||||
exit 0
|
41
debian/frostfs-http-gw.postrm
vendored
Normal file
41
debian/frostfs-http-gw.postrm
vendored
Normal file
|
@ -0,0 +1,41 @@
|
|||
#!/bin/sh
|
||||
# postrm script for frostfs-http-gw
|
||||
#
|
||||
# see: dh_installdeb(1)
|
||||
|
||||
set -e
|
||||
|
||||
# summary of how this script can be called:
|
||||
# * <postrm> `remove'
|
||||
# * <postrm> `purge'
|
||||
# * <old-postrm> `upgrade' <new-version>
|
||||
# * <new-postrm> `failed-upgrade' <old-version>
|
||||
# * <new-postrm> `abort-install'
|
||||
# * <new-postrm> `abort-install' <old-version>
|
||||
# * <new-postrm> `abort-upgrade' <old-version>
|
||||
# * <disappearer's-postrm> `disappear' <overwriter>
|
||||
# <overwriter-version>
|
||||
# for details, see https://www.debian.org/doc/debian-policy/ or
|
||||
# the debian-policy package
|
||||
|
||||
|
||||
case "$1" in
|
||||
purge)
|
||||
rm -rf /srv/frostfs_cache
|
||||
;;
|
||||
|
||||
remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
|
||||
;;
|
||||
|
||||
*)
|
||||
echo "postrm called with unknown argument \`$1'" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
# dh_installdeb will replace this with shell code automatically
|
||||
# generated by other debhelper scripts.
|
||||
|
||||
#DEBHELPER#
|
||||
|
||||
exit 0
|
35
debian/frostfs-http-gw.preinst
vendored
Normal file
35
debian/frostfs-http-gw.preinst
vendored
Normal file
|
@ -0,0 +1,35 @@
|
|||
#!/bin/sh
|
||||
# preinst script for frostfs-http-gw
|
||||
#
|
||||
# see: dh_installdeb(1)
|
||||
|
||||
set -e
|
||||
|
||||
# summary of how this script can be called:
|
||||
# * <new-preinst> `install'
|
||||
# * <new-preinst> `install' <old-version>
|
||||
# * <new-preinst> `upgrade' <old-version>
|
||||
# * <old-preinst> `abort-upgrade' <new-version>
|
||||
# for details, see https://www.debian.org/doc/debian-policy/ or
|
||||
# the debian-policy package
|
||||
|
||||
|
||||
case "$1" in
|
||||
install|upgrade)
|
||||
;;
|
||||
|
||||
abort-upgrade)
|
||||
;;
|
||||
|
||||
*)
|
||||
echo "preinst called with unknown argument \`$1'" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
# dh_installdeb will replace this with shell code automatically
|
||||
# generated by other debhelper scripts.
|
||||
|
||||
#DEBHELPER#
|
||||
|
||||
exit 0
|
38
debian/frostfs-http-gw.prerm
vendored
Normal file
38
debian/frostfs-http-gw.prerm
vendored
Normal file
|
@ -0,0 +1,38 @@
|
|||
#!/bin/sh
|
||||
# prerm script for frostfs-http-gw
|
||||
#
|
||||
# see: dh_installdeb(1)
|
||||
|
||||
set -e
|
||||
|
||||
# summary of how this script can be called:
|
||||
# * <prerm> `remove'
|
||||
# * <old-prerm> `upgrade' <new-version>
|
||||
# * <new-prerm> `failed-upgrade' <old-version>
|
||||
# * <conflictor's-prerm> `remove' `in-favour' <package> <new-version>
|
||||
# * <deconfigured's-prerm> `deconfigure' `in-favour'
|
||||
# <package-being-installed> <version> `removing'
|
||||
# <conflicting-package> <version>
|
||||
# for details, see https://www.debian.org/doc/debian-policy/ or
|
||||
# the debian-policy package
|
||||
|
||||
|
||||
case "$1" in
|
||||
remove|upgrade|deconfigure)
|
||||
;;
|
||||
|
||||
failed-upgrade)
|
||||
;;
|
||||
|
||||
*)
|
||||
echo "prerm called with unknown argument \`$1'" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
# dh_installdeb will replace this with shell code automatically
|
||||
# generated by other debhelper scripts.
|
||||
|
||||
#DEBHELPER#
|
||||
|
||||
exit 0
|
16
debian/frostfs-http-gw.service
vendored
Normal file
16
debian/frostfs-http-gw.service
vendored
Normal file
|
@ -0,0 +1,16 @@
|
|||
[Unit]
|
||||
Description=FrostFS HTTP Gateway
|
||||
Requires=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStart=/usr/bin/frostfs-http-gw --config /etc/frostfs/http/config.yaml
|
||||
User=frostfs-http
|
||||
Group=frostfs-http
|
||||
WorkingDirectory=/srv/frostfs_cache
|
||||
Restart=always
|
||||
RestartSec=5
|
||||
PrivateTmp=true
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
16
debian/rules
vendored
Executable file
16
debian/rules
vendored
Executable file
|
@ -0,0 +1,16 @@
|
|||
#!/usr/bin/make -f
|
||||
|
||||
# Do not try to strip Go binaries and do not run test
|
||||
export DEB_BUILD_OPTIONS := nostrip nocheck
|
||||
SERVICE = frostfs-http-gw
|
||||
|
||||
%:
|
||||
dh $@
|
||||
|
||||
override_dh_installsystemd:
|
||||
dh_installsystemd --no-enable --no-start $(SERVICE).service
|
||||
|
||||
override_dh_installchangelogs:
|
||||
dh_installchangelogs -k CHANGELOG.md
|
||||
|
||||
|
1
debian/source/format
vendored
Normal file
1
debian/source/format
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
3.0 (quilt)
|
309
docs/api.md
Normal file
309
docs/api.md
Normal file
|
@ -0,0 +1,309 @@
|
|||
# HTTP Gateway Specification
|
||||
|
||||
| Route | Description |
|
||||
|-------------------------------------------------|----------------------------------------------|
|
||||
| `/upload/{cid}` | [Put object](#put-object) |
|
||||
| `/get/{cid}/{oid}` | [Get object](#get-object) |
|
||||
| `/get_by_attribute/{cid}/{attr_key}/{attr_val}` | [Search object](#search-object) |
|
||||
| `/zip/{cid}/{prefix}` | [Download objects in archive](#download-zip) |
|
||||
|
||||
**Note:** `cid` parameter can be base58 encoded container ID or container name
|
||||
(the name must be registered in NNS, see appropriate section in [README](../README.md#nns)).
|
||||
|
||||
Route parameters can be:
|
||||
|
||||
* `Single` - match a single path segment (cannot contain `/` and be empty)
|
||||
* `Catch-All` - match everything (such parameter usually the last one in routes)
|
||||
* `Query` - regular query parameter
|
||||
|
||||
### Bearer token
|
||||
|
||||
All routes can accept [bearer token](../README.md#authentication) from:
|
||||
|
||||
* `Authorization` header with `Bearer` type and base64-encoded token in
|
||||
credentials field
|
||||
* `Bearer` cookie with base64-encoded token contents
|
||||
|
||||
Example:
|
||||
|
||||
Header:
|
||||
|
||||
```
|
||||
Authorization: Bearer ChA5Gev0d8JI26tAtWyyQA3WEhsKGTVxfQ56a0uQeFmOO63mqykBS1HNpw1rxSgaBgiyEBjODyIhAyxcn89Bj5fwCfXlj5HjSYjonHSErZoXiSqeyh0ZQSb2MgQIARAB
|
||||
```
|
||||
|
||||
Cookie:
|
||||
|
||||
```
|
||||
cookie: Bearer=ChA5Gev0d8JI26tAtWyyQA3WEhsKGTVxfQ56a0uQeFmOO63mqykBS1HNpw1rxSgaBgiyEBjODyIhAyxcn89Bj5fwCfXlj5HjSYjonHSErZoXiSqeyh0ZQSb2MgQIARAB
|
||||
```
|
||||
|
||||
## Put object
|
||||
|
||||
Route: `/upload/{cid}`
|
||||
|
||||
| Route parameter | Type | Description |
|
||||
|-----------------|--------|---------------------------------------------------------|
|
||||
| `cid` | Single | Base58 encoded container ID or container name from NNS. |
|
||||
|
||||
### Methods
|
||||
|
||||
#### POST
|
||||
|
||||
Upload file as object with attributes to FrostFS.
|
||||
|
||||
##### Request
|
||||
|
||||
###### Headers
|
||||
|
||||
| Header | Description |
|
||||
|-----------------------|---------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| Common headers | See [bearer token](#bearer-token). |
|
||||
| `X-Attribute-Neofs-*` | Used to set system NeoFS object attributes <br/> (e.g. use "X-Attribute-Neofs-Expiration-Epoch" to set `__NEOFS__EXPIRATION_EPOCH` attribute). |
|
||||
| `X-Attribute-*` | Used to set regular object attributes <br/> (e.g. use "X-Attribute-My-Tag" to set `My-Tag` attribute). |
|
||||
| `Date` | This header is used to calculate the right `__NEOFS__EXPIRATION` attribute for object. If the header is missing, the current server time is used. |
|
||||
|
||||
There are some reserved headers type of `X-Attribute-NEOFS-*` (headers are arranged in descending order of priority):
|
||||
|
||||
1. `X-Attribute-Neofs-Expiration-Epoch: 100`
|
||||
2. `X-Attribute-Neofs-Expiration-Duration: 24h30m`
|
||||
3. `X-Attribute-Neofs-Expiration-Timestamp: 1637574797`
|
||||
4. `X-Attribute-Neofs-Expiration-RFC3339: 2021-11-22T09:55:49Z`
|
||||
|
||||
which transforms to `X-Attribute-Neofs-Expiration-Epoch`. So you can provide expiration any convenient way.
|
||||
|
||||
If you don't specify the `X-Attribute-Timestamp` header the `Timestamp` attribute can be set anyway
|
||||
(see http-gw [configuration](gate-configuration.md#upload-header-section)).
|
||||
|
||||
The `X-Attribute-*` headers must be unique. If you provide several the same headers only one will be used.
|
||||
Attribute key and value must be valid utf8 string. All attributes in sum must not be greater than 3mb.
|
||||
|
||||
###### Body
|
||||
|
||||
Body must contain multipart form with file.
|
||||
The `filename` field from the multipart form will be set as `FileName` attribute of object
|
||||
(can be overriden by `X-Attribute-FileName` header).
|
||||
|
||||
##### Response
|
||||
|
||||
###### Status codes
|
||||
|
||||
| Status | Description |
|
||||
|--------|----------------------------------------------|
|
||||
| 200 | Object created successfully. |
|
||||
| 400 | Some error occurred during object uploading. |
|
||||
|
||||
## Get object
|
||||
|
||||
Route: `/get/{cid}/{oid}?[download=true]`
|
||||
|
||||
| Route parameter | Type | Description |
|
||||
|-----------------|--------|------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| `cid` | Single | Base58 encoded container ID or container name from NNS. |
|
||||
| `oid` | Single | Base58 encoded object ID. |
|
||||
| `download` | Query | Set the `Content-Disposition` header as `attachment` in response.<br/> This make the browser to download object as file instead of showing it on the page. |
|
||||
|
||||
### Methods
|
||||
|
||||
#### GET
|
||||
|
||||
Get an object (payload and attributes) by an address.
|
||||
|
||||
##### Request
|
||||
|
||||
###### Headers
|
||||
|
||||
| Header | Description |
|
||||
|----------------|------------------------------------|
|
||||
| Common headers | See [bearer token](#bearer-token). |
|
||||
|
||||
##### Response
|
||||
|
||||
###### Headers
|
||||
|
||||
| Header | Description |
|
||||
|-----------------------|----------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| `X-Attribute-Neofs-*` | System NeoFS object attributes <br/> (e.g. `__NEOFS__EXPIRATION_EPOCH` set "X-Attribute-Neofs-Expiration-Epoch" header). |
|
||||
| `X-Attribute-*` | Regular object attributes <br/> (e.g. `My-Tag` set "X-Attribute-My-Tag" header). |
|
||||
| `Content-Disposition` | Indicate how to browsers should treat file. <br/> Set `filename` as base part of `FileName` object attribute (if it's set, empty otherwise). |
|
||||
| `Content-Type` | Indicate content type of object. Set from `Content-Type` attribute or detected using payload. |
|
||||
| `Content-Length` | Size of object payload. |
|
||||
| `Last-Modified` | Contains the `Timestamp` attribute (if exists) formatted as HTTP time (RFC7231,RFC1123). |
|
||||
| `X-Owner-Id` | Base58 encoded owner ID. |
|
||||
| `X-Container-Id` | Base58 encoded container ID. |
|
||||
| `X-Object-Id` | Base58 encoded object ID. |
|
||||
|
||||
###### Status codes
|
||||
|
||||
| Status | Description |
|
||||
|--------|------------------------------------------------|
|
||||
| 200 | Object got successfully. |
|
||||
| 400 | Some error occurred during object downloading. |
|
||||
| 404 | Container or object not found. |
|
||||
|
||||
#### HEAD
|
||||
|
||||
Get an object attributes by an address.
|
||||
|
||||
##### Request
|
||||
|
||||
###### Headers
|
||||
|
||||
| Header | Description |
|
||||
|----------------|------------------------------------|
|
||||
| Common headers | See [bearer token](#bearer-token). |
|
||||
|
||||
##### Response
|
||||
|
||||
###### Headers
|
||||
|
||||
| Header | Description |
|
||||
|-----------------------|--------------------------------------------------------------------------------------------------------------------------|
|
||||
| `X-Attribute-Neofs-*` | System NeoFS object attributes <br/> (e.g. `__NEOFS__EXPIRATION_EPOCH` set "X-Attribute-Neofs-Expiration-Epoch" header). |
|
||||
| `X-Attribute-*` | Regular object attributes <br/> (e.g. `My-Tag` set "X-Attribute-My-Tag" header). |
|
||||
| `Content-Type` | Indicate content type of object. Set from `Content-Type` attribute or detected using payload. |
|
||||
| `Content-Length` | Size of object payload. |
|
||||
| `Last-Modified` | Contains the `Timestamp` attribute (if exists) formatted as HTTP time (RFC7231,RFC1123). |
|
||||
| `X-Owner-Id` | Base58 encoded owner ID. |
|
||||
| `X-Container-Id` | Base58 encoded container ID. |
|
||||
| `X-Object-Id` | Base58 encoded object ID. |
|
||||
|
||||
###### Status codes
|
||||
|
||||
| Status | Description |
|
||||
|--------|---------------------------------------------------|
|
||||
| 200 | Object head successfully. |
|
||||
| 400 | Some error occurred during object HEAD operation. |
|
||||
| 404 | Container or object not found. |
|
||||
|
||||
## Search object
|
||||
|
||||
Route: `/get_by_attribute/{cid}/{attr_key}/{attr_val}?[download=true]`
|
||||
|
||||
| Route parameter | Type | Description |
|
||||
|-----------------|-----------|-------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| `cid` | Single | Base58 encoded container ID or container name from NNS. |
|
||||
| `attr_key` | Single | Object attribute key to search. |
|
||||
| `attr_val` | Catch-All | Object attribute value to match. |
|
||||
| `download` | Query | Set the `Content-Disposition` header as `attachment` in response. This make the browser to download object as file instead of showing it on the page. |
|
||||
|
||||
### Methods
|
||||
|
||||
#### GET
|
||||
|
||||
Find and get an object (payload and attributes) by a specific attribute.
|
||||
If more than one object is found, an arbitrary one will be returned.
|
||||
|
||||
##### Request
|
||||
|
||||
###### Headers
|
||||
|
||||
| Header | Description |
|
||||
|----------------|------------------------------------|
|
||||
| Common headers | See [bearer token](#bearer-token). |
|
||||
|
||||
##### Response
|
||||
|
||||
###### Headers
|
||||
|
||||
| Header | Description |
|
||||
|-----------------------|----------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| `X-Attribute-Neofs-*` | System NeoFS object attributes <br/> (e.g. `__NEOFS__EXPIRATION_EPOCH` set "X-Attribute-Neofs-Expiration-Epoch" header). |
|
||||
| `X-Attribute-*` | Regular object attributes <br/> (e.g. `My-Tag` set "X-Attribute-My-Tag" header). |
|
||||
| `Content-Disposition` | Indicate how to browsers should treat file. <br/> Set `filename` as base part of `FileName` object attribute (if it's set, empty otherwise). |
|
||||
| `Content-Type` | Indicate content type of object. Set from `Content-Type` attribute or detected using payload. |
|
||||
| `Content-Length` | Size of object payload. |
|
||||
| `Last-Modified` | Contains the `Timestamp` attribute (if exists) formatted as HTTP time (RFC7231,RFC1123). |
|
||||
| `X-Owner-Id` | Base58 encoded owner ID. |
|
||||
| `X-Container-Id` | Base58 encoded container ID. |
|
||||
| `X-Object-Id` | Base58 encoded object ID. |
|
||||
|
||||
###### Status codes
|
||||
|
||||
| Status | Description |
|
||||
|--------|------------------------------------------------|
|
||||
| 200 | Object got successfully. |
|
||||
| 400 | Some error occurred during object downloading. |
|
||||
| 404 | Container or object not found. |
|
||||
|
||||
#### HEAD
|
||||
|
||||
Get object attributes by a specific attribute.
|
||||
If more than one object is found, an arbitrary one will be used to get attributes.
|
||||
|
||||
##### Request
|
||||
|
||||
###### Headers
|
||||
|
||||
| Header | Description |
|
||||
|----------------|------------------------------------|
|
||||
| Common headers | See [bearer token](#bearer-token). |
|
||||
|
||||
##### Response
|
||||
|
||||
###### Headers
|
||||
|
||||
| Header | Description |
|
||||
|-----------------------|--------------------------------------------------------------------------------------------------------------------------|
|
||||
| `X-Attribute-Neofs-*` | System NeoFS object attributes <br/> (e.g. `__NEOFS__EXPIRATION_EPOCH` set "X-Attribute-Neofs-Expiration-Epoch" header). |
|
||||
| `X-Attribute-*` | Regular object attributes <br/> (e.g. `My-Tag` set "X-Attribute-My-Tag" header). |
|
||||
| `Content-Type` | Indicate content type of object. Set from `Content-Type` attribute or detected using payload. |
|
||||
| `Content-Length` | Size of object payload. |
|
||||
| `Last-Modified` | Contains the `Timestamp` attribute (if exists) formatted as HTTP time (RFC7231,RFC1123). |
|
||||
| `X-Owner-Id` | Base58 encoded owner ID. |
|
||||
| `X-Container-Id` | Base58 encoded container ID. |
|
||||
| `X-Object-Id` | Base58 encoded object ID. |
|
||||
|
||||
###### Status codes
|
||||
|
||||
| Status | Description |
|
||||
|--------|---------------------------------------|
|
||||
| 200 | Object head successfully. |
|
||||
| 400 | Some error occurred during operation. |
|
||||
| 404 | Container or object not found. |
|
||||
|
||||
## Download zip
|
||||
|
||||
Route: `/zip/{cid}/{prefix}`
|
||||
|
||||
| Route parameter | Type | Description |
|
||||
|-----------------|-----------|---------------------------------------------------------|
|
||||
| `cid` | Single | Base58 encoded container ID or container name from NNS. |
|
||||
| `prefix` | Catch-All | Prefix for object attribute `FilePath` to match. |
|
||||
|
||||
### Methods
|
||||
|
||||
#### GET
|
||||
|
||||
Find objects by prefix for `FilePath` attributes. Return found objects in zip archive.
|
||||
Name of files in archive sets to `FilePath` attribute of objects.
|
||||
Time of files sets to time when object has started downloading.
|
||||
You can download all files in container that have `FilePath` attribute by `/zip/{cid}/` route.
|
||||
|
||||
Archive can be compressed (see http-gw [configuration](gate-configuration.md#zip-section)).
|
||||
|
||||
##### Request
|
||||
|
||||
###### Headers
|
||||
|
||||
| Header | Description |
|
||||
|----------------|------------------------------------|
|
||||
| Common headers | See [bearer token](#bearer-token). |
|
||||
|
||||
##### Response
|
||||
|
||||
###### Headers
|
||||
|
||||
| Header | Description |
|
||||
|-----------------------|-------------------------------------------------------------------------------------------------------------------|
|
||||
| `Content-Disposition` | Indicate how to browsers should treat file (`attachment`). Set `filename` as `archive.zip`. |
|
||||
| `Content-Type` | Indicate content type of object. Set to `application/zip` |
|
||||
|
||||
###### Status codes
|
||||
|
||||
| Status | Description |
|
||||
|--------|-----------------------------------------------------|
|
||||
| 200 | Object got successfully. |
|
||||
| 400 | Some error occurred during object downloading. |
|
||||
| 404 | Container or objects not found. |
|
||||
| 500 | Some inner error (e.g. error on streaming objects). |
|
46
docs/building-deb-package.md
Normal file
46
docs/building-deb-package.md
Normal file
|
@ -0,0 +1,46 @@
|
|||
# Building Debian package on host
|
||||
|
||||
## Prerequisites
|
||||
|
||||
For now, we're assuming building for Debian 11 (stable) x86_64.
|
||||
|
||||
Go version 18.4 or later should already be installed, i.e. this runs
|
||||
successfully:
|
||||
|
||||
* `make all`
|
||||
|
||||
## Installing packaging dependencies
|
||||
|
||||
```shell
|
||||
$ sudo apt install debhelper-compat dh-sequence-bash-completion devscripts
|
||||
```
|
||||
|
||||
Warining: number of package installed is pretty large considering dependecies.
|
||||
|
||||
## Package building
|
||||
|
||||
```shell
|
||||
$ make debpackage
|
||||
```
|
||||
|
||||
## Leftovers cleaning
|
||||
|
||||
```shell
|
||||
$ make debclean
|
||||
```
|
||||
or
|
||||
```shell
|
||||
$ dh clean
|
||||
```
|
||||
|
||||
# Package versioning
|
||||
|
||||
By default, package version is based on product version and may also contain git
|
||||
tags and hashes.
|
||||
|
||||
Package version could be overwritten by setting `PKG_VERSION` variable before
|
||||
build, Debian package versioning rules should be respected.
|
||||
|
||||
```shell
|
||||
$ PKG_VERSION=0.32.0 make debpackge
|
||||
```
|
|
@ -1,6 +1,6 @@
|
|||
# NeoFS HTTP Gateway configuration file
|
||||
# FrostFS HTTP Gateway configuration file
|
||||
|
||||
This section contains detailed NeoFS HTTP Gateway configuration file description
|
||||
This section contains detailed FrostFS HTTP Gateway configuration file description
|
||||
including default config values and some tips to set up configurable values.
|
||||
|
||||
There are some custom types used for brevity:
|
||||
|
@ -23,19 +23,19 @@ $ kill -s SIGHUP <app_pid>
|
|||
Example:
|
||||
|
||||
```shell
|
||||
$ ./bin/neofs-http-gw --config config.yaml &> http.log &
|
||||
$ ./bin/frostfs-http-gw --config config.yaml &> http.log &
|
||||
[1] 998346
|
||||
|
||||
$ cat http.log
|
||||
# ...
|
||||
2022-10-03T09:37:25.826+0300 info neofs-http-gw/app.go:332 starting application {"app_name": "neofs-http-gw", "version": "v0.24.0"}
|
||||
2022-10-03T09:37:25.826+0300 info frostfs-http-gw/app.go:332 starting application {"app_name": "frostfs-http-gw", "version": "v0.24.0"}
|
||||
# ...
|
||||
|
||||
$ kill -s SIGHUP 998346
|
||||
|
||||
$ cat http.log
|
||||
# ...
|
||||
2022-10-03T09:38:16.205+0300 info neofs-http-gw/app.go:470 SIGHUP config reload completed
|
||||
2022-10-03T09:38:16.205+0300 info frostfs-http-gw/app.go:470 SIGHUP config reload completed
|
||||
```
|
||||
|
||||
# Structure
|
||||
|
@ -47,6 +47,7 @@ $ cat http.log
|
|||
| `peers` | [Nodes configuration](#peers-section) |
|
||||
| `logger` | [Logger configuration](#logger-section) |
|
||||
| `web` | [Web configuration](#web-section) |
|
||||
| `server` | [Server configuration](#server-section) |
|
||||
| `upload-header` | [Upload header configuration](#upload-header-section) |
|
||||
| `zip` | [ZIP configuration](#zip-section) |
|
||||
| `pprof` | [Pprof configuration](#pprof-section) |
|
||||
|
@ -56,16 +57,13 @@ $ cat http.log
|
|||
# General section
|
||||
|
||||
```yaml
|
||||
listen_address: 0.0.0.0:8082
|
||||
tls_certificate: /path/to/tls/cert
|
||||
tls_key: /path/to/tls/key
|
||||
|
||||
rpc_endpoint: http://morph-chain.neofs.devenv:30333
|
||||
rpc_endpoint: http://morph-chain.frostfs.devenv:30333
|
||||
resolve_order:
|
||||
- nns
|
||||
- dns
|
||||
|
||||
connect_timeout: 5s
|
||||
stream_timeout: 10s
|
||||
request_timeout: 5s
|
||||
rebalance_timer: 30s
|
||||
pool_error_threshold: 100
|
||||
|
@ -73,12 +71,10 @@ pool_error_threshold: 100
|
|||
|
||||
| Parameter | Type | SIGHUP reload | Default value | Description |
|
||||
|------------------------|------------|---------------|----------------|------------------------------------------------------------------------------------|
|
||||
| `listen_address` | `string` | | `0.0.0.0:8082` | The address that the gateway is listening on. |
|
||||
| `tls_certificate` | `string` | yes | | Path to the TLS certificate. |
|
||||
| `tls_key` | `string` | yes | | Path to the TLS key. |
|
||||
| `rpc_endpoint` | `string` | yes | | The address of the RPC host to which the gateway connects to resolve bucket names. |
|
||||
| `resolve_order` | `[]string` | yes | `[nns, dns]` | Order of bucket name resolvers to use. |
|
||||
| `connect_timeout` | `duration` | | `10s` | Timeout to connect to a node. |
|
||||
| `stream_timeout` | `duration` | | `10s` | Timeout for individual operations in streaming RPC. |
|
||||
| `request_timeout` | `duration` | | `15s` | Timeout to check node health during rebalance. |
|
||||
| `rebalance_timer` | `duration` | | `60s` | Interval to check node health. |
|
||||
| `pool_error_threshold` | `uint32` | | `100` | The number of errors on connection after which node is considered as unhealthy. |
|
||||
|
@ -102,23 +98,23 @@ wallet:
|
|||
|
||||
```yaml
|
||||
# Nodes configuration
|
||||
# This configuration makes the gateway use the first node (node1.neofs:8080)
|
||||
# while it's healthy. Otherwise, gateway uses the second node (node2.neofs:8080)
|
||||
# for 10% of requests and the third node (node3.neofs:8080) for 90% of requests.
|
||||
# This configuration makes the gateway use the first node (node1.frostfs:8080)
|
||||
# while it's healthy. Otherwise, gateway uses the second node (node2.frostfs:8080)
|
||||
# for 10% of requests and the third node (node3.frostfs:8080) for 90% of requests.
|
||||
# Until nodes with the same priority level are healthy
|
||||
# nodes with other priority are not used.
|
||||
# The lower the value, the higher the priority.
|
||||
peers:
|
||||
0:
|
||||
address: node1.neofs:8080
|
||||
address: node1.frostfs:8080
|
||||
priority: 1
|
||||
weight: 1
|
||||
1:
|
||||
address: node2.neofs:8080
|
||||
address: node2.frostfs:8080
|
||||
priority: 2
|
||||
weight: 0.1
|
||||
2:
|
||||
address: node3.neofs:8080
|
||||
address: node3.frostfs:8080
|
||||
priority: 2
|
||||
weight: 0.9
|
||||
```
|
||||
|
@ -129,6 +125,32 @@ peers:
|
|||
| `priority` | `int` | `1` | It allows to group nodes and don't switch group until all nodes with the same priority will be unhealthy. The lower the value, the higher the priority. |
|
||||
| `weight` | `float` | `1` | Weight of node in the group with the same priority. Distribute requests to nodes proportionally to these values. |
|
||||
|
||||
# `server` section
|
||||
|
||||
You can specify several listeners for server. For example, for `http` and `https`.
|
||||
|
||||
```yaml
|
||||
server:
|
||||
- address: 0.0.0.0:8080
|
||||
tls:
|
||||
enabled: false
|
||||
cert_file: /path/to/cert
|
||||
key_file: /path/to/key
|
||||
- address: 0.0.0.0:8081
|
||||
tls:
|
||||
enabled: true
|
||||
cert_file: /path/to/another/cert
|
||||
key_file: /path/to/another/key
|
||||
```
|
||||
|
||||
| Parameter | Type | SIGHUP reload | Default value | Description |
|
||||
|-----------------|----------|---------------|----------------|-----------------------------------------------|
|
||||
| `address` | `string` | | `0.0.0.0:8080` | The address that the gateway is listening on. |
|
||||
| `tls.enabled` | `bool` | | false | Enable TLS or not. |
|
||||
| `tls.cert_file` | `string` | yes | | Path to the TLS certificate. |
|
||||
| `tls.key_file` | `string` | yes | | Path to the key. |
|
||||
|
||||
|
||||
# `logger` section
|
||||
|
||||
```yaml
|
||||
|
|
|
@ -17,16 +17,17 @@ import (
|
|||
"unicode"
|
||||
"unicode/utf8"
|
||||
|
||||
"github.com/nspcc-dev/neofs-http-gw/resolver"
|
||||
"github.com/nspcc-dev/neofs-http-gw/response"
|
||||
"github.com/nspcc-dev/neofs-http-gw/tokens"
|
||||
"github.com/nspcc-dev/neofs-http-gw/utils"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/bearer"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/client"
|
||||
cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/object"
|
||||
oid "github.com/nspcc-dev/neofs-sdk-go/object/id"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/pool"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/resolver"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/response"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/tokens"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/utils"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
|
||||
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
|
||||
oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
|
||||
"github.com/valyala/fasthttp"
|
||||
"go.uber.org/atomic"
|
||||
"go.uber.org/zap"
|
||||
|
@ -38,8 +39,6 @@ type request struct {
|
|||
log *zap.Logger
|
||||
}
|
||||
|
||||
const attributeFilePath = "FilePath"
|
||||
|
||||
func isValidToken(s string) bool {
|
||||
for _, c := range s {
|
||||
if c <= ' ' || c > 127 {
|
||||
|
@ -112,7 +111,7 @@ func (r request) receiveFile(clnt *pool.Pool, objectAddress oid.Address) {
|
|||
|
||||
rObj, err := clnt.GetObject(r.appCtx, prm)
|
||||
if err != nil {
|
||||
r.handleNeoFSErr(err, start)
|
||||
r.handleFrostFSErr(err, start)
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -225,7 +224,7 @@ func bearerToken(ctx context.Context) *bearer.Token {
|
|||
return nil
|
||||
}
|
||||
|
||||
func (r *request) handleNeoFSErr(err error, start time.Time) {
|
||||
func (r *request) handleFrostFSErr(err error, start time.Time) {
|
||||
r.log.Error(
|
||||
"could not receive object",
|
||||
zap.Stringer("elapsed", time.Since(start)),
|
||||
|
@ -384,14 +383,26 @@ func (d *Downloader) search(c *fasthttp.RequestCtx, cid *cid.ID, key, val string
|
|||
return d.pool.SearchObjects(d.appCtx, prm)
|
||||
}
|
||||
|
||||
func (d *Downloader) getContainer(cnrID cid.ID) (container.Container, error) {
|
||||
var prm pool.PrmContainerGet
|
||||
prm.SetContainerID(cnrID)
|
||||
|
||||
return d.pool.GetContainer(d.appCtx, prm)
|
||||
}
|
||||
|
||||
func (d *Downloader) addObjectToZip(zw *zip.Writer, obj *object.Object) (io.Writer, error) {
|
||||
method := zip.Store
|
||||
if d.settings.ZipCompression() {
|
||||
method = zip.Deflate
|
||||
}
|
||||
|
||||
filePath := getZipFilePath(obj)
|
||||
if len(filePath) == 0 || filePath[len(filePath)-1] == '/' {
|
||||
return nil, fmt.Errorf("invalid filepath '%s'", filePath)
|
||||
}
|
||||
|
||||
return zw.CreateHeader(&zip.FileHeader{
|
||||
Name: getZipFilePath(obj),
|
||||
Name: filePath,
|
||||
Method: method,
|
||||
Modified: time.Now(),
|
||||
})
|
||||
|
@ -416,7 +427,20 @@ func (d *Downloader) DownloadZipped(c *fasthttp.RequestCtx) {
|
|||
return
|
||||
}
|
||||
|
||||
resSearch, err := d.search(c, containerID, attributeFilePath, prefix, object.MatchCommonPrefix)
|
||||
// check if container exists here to be able to return 404 error,
|
||||
// otherwise we get this error only in object iteration step
|
||||
// and client get 200 OK.
|
||||
if _, err = d.getContainer(*containerID); err != nil {
|
||||
log.Error("could not check container existence", zap.Error(err))
|
||||
if client.IsErrContainerNotFound(err) {
|
||||
response.Error(c, "Not Found", fasthttp.StatusNotFound)
|
||||
return
|
||||
}
|
||||
response.Error(c, "could not check container existence: "+err.Error(), fasthttp.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
resSearch, err := d.search(c, containerID, object.AttributeFilePath, prefix, object.MatchCommonPrefix)
|
||||
if err != nil {
|
||||
log.Error("could not search for objects", zap.Error(err))
|
||||
response.Error(c, "could not search for objects: "+err.Error(), fasthttp.StatusBadRequest)
|
||||
|
@ -450,29 +474,19 @@ func (d *Downloader) DownloadZipped(c *fasthttp.RequestCtx) {
|
|||
|
||||
addr.SetObject(id)
|
||||
if err = d.zipObject(zipWriter, addr, btoken, bufZip); err != nil {
|
||||
return true
|
||||
log.Error("failed to add object to archive", zap.String("oid", id.EncodeToString()), zap.Error(err))
|
||||
}
|
||||
|
||||
return false
|
||||
})
|
||||
if errIter != nil {
|
||||
log.Error("iterating over selected objects failed", zap.Error(errIter))
|
||||
response.Error(c, "iterating over selected objects: "+errIter.Error(), fasthttp.StatusBadRequest)
|
||||
return
|
||||
} else if !called {
|
||||
log.Error("objects not found")
|
||||
response.Error(c, "objects not found", fasthttp.StatusNotFound)
|
||||
return
|
||||
}
|
||||
|
||||
if err == nil {
|
||||
err = zipWriter.Close()
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
log.Error("file streaming failure", zap.Error(err))
|
||||
response.Error(c, "file streaming failure: "+err.Error(), fasthttp.StatusInternalServerError)
|
||||
return
|
||||
if err = zipWriter.Close(); err != nil {
|
||||
log.Error("close zip writer", zap.Error(err))
|
||||
}
|
||||
})
|
||||
}
|
||||
|
@ -486,7 +500,7 @@ func (d *Downloader) zipObject(zipWriter *zip.Writer, addr oid.Address, btoken *
|
|||
|
||||
resGet, err := d.pool.GetObject(d.appCtx, prm)
|
||||
if err != nil {
|
||||
return fmt.Errorf("get NeoFS object: %v", err)
|
||||
return fmt.Errorf("get FrostFS object: %v", err)
|
||||
}
|
||||
|
||||
objWriter, err := d.addObjectToZip(zipWriter, &resGet.Header)
|
||||
|
@ -511,7 +525,7 @@ func (d *Downloader) zipObject(zipWriter *zip.Writer, addr oid.Address, btoken *
|
|||
|
||||
func getZipFilePath(obj *object.Object) string {
|
||||
for _, attr := range obj.Attributes() {
|
||||
if attr.Key() == attributeFilePath {
|
||||
if attr.Key() == object.AttributeFilePath {
|
||||
return attr.Value()
|
||||
}
|
||||
}
|
||||
|
|
|
@ -7,12 +7,12 @@ import (
|
|||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/nspcc-dev/neofs-http-gw/response"
|
||||
"github.com/nspcc-dev/neofs-http-gw/tokens"
|
||||
"github.com/nspcc-dev/neofs-http-gw/utils"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/object"
|
||||
oid "github.com/nspcc-dev/neofs-sdk-go/object/id"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/pool"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/response"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/tokens"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/utils"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
|
||||
oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
|
||||
"github.com/valyala/fasthttp"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
@ -44,7 +44,7 @@ func (r request) headObject(clnt *pool.Pool, objectAddress oid.Address) {
|
|||
|
||||
obj, err := clnt.HeadObject(r.appCtx, prm)
|
||||
if err != nil {
|
||||
r.handleNeoFSErr(err, start)
|
||||
r.handleFrostFSErr(err, start)
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -94,7 +94,7 @@ func (r request) headObject(clnt *pool.Pool, objectAddress oid.Address) {
|
|||
return &resObj, nil
|
||||
})
|
||||
if err != nil && err != io.EOF {
|
||||
r.handleNeoFSErr(err, start)
|
||||
r.handleFrostFSErr(err, start)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
|
75
go.mod
75
go.mod
|
@ -1,70 +1,71 @@
|
|||
module github.com/nspcc-dev/neofs-http-gw
|
||||
module git.frostfs.info/TrueCloudLab/frostfs-http-gw
|
||||
|
||||
go 1.17
|
||||
go 1.18
|
||||
|
||||
require (
|
||||
git.frostfs.info/TrueCloudLab/frostfs-api-go/v2 v2.11.2-0.20230307104236-f69d2ad83c51
|
||||
git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20230307124721-94476f905599
|
||||
github.com/fasthttp/router v1.4.1
|
||||
github.com/nspcc-dev/neo-go v0.99.2
|
||||
github.com/nspcc-dev/neofs-api-go/v2 v2.13.2-0.20221005093543-3a91383f24a9
|
||||
github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.6.0.20221007102402-8c682641bfd2
|
||||
github.com/nspcc-dev/neo-go v0.101.0
|
||||
github.com/prometheus/client_golang v1.13.0
|
||||
github.com/spf13/pflag v1.0.5
|
||||
github.com/spf13/viper v1.8.1
|
||||
github.com/stretchr/testify v1.7.0
|
||||
github.com/spf13/viper v1.15.0
|
||||
github.com/stretchr/testify v1.8.1
|
||||
github.com/testcontainers/testcontainers-go v0.13.0
|
||||
github.com/valyala/fasthttp v1.34.0
|
||||
go.uber.org/atomic v1.9.0
|
||||
go.uber.org/zap v1.18.1
|
||||
go.uber.org/atomic v1.10.0
|
||||
go.uber.org/zap v1.24.0
|
||||
)
|
||||
|
||||
require (
|
||||
git.frostfs.info/TrueCloudLab/frostfs-contract v0.0.0-20230307110621-19a8ef2d02fb // indirect
|
||||
git.frostfs.info/TrueCloudLab/frostfs-crypto v0.6.0 // indirect
|
||||
git.frostfs.info/TrueCloudLab/hrw v1.2.0 // indirect
|
||||
git.frostfs.info/TrueCloudLab/rfc6979 v0.4.0 // indirect
|
||||
git.frostfs.info/TrueCloudLab/tzhash v1.8.0 // indirect
|
||||
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
|
||||
github.com/Microsoft/go-winio v0.5.2 // indirect
|
||||
github.com/Microsoft/hcsshim v0.9.2 // indirect
|
||||
github.com/andybalholm/brotli v1.0.4 // indirect
|
||||
github.com/antlr/antlr4/runtime/Go/antlr v1.4.10 // indirect
|
||||
github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20221202181307-76fa05c21b12 // indirect
|
||||
github.com/beorn7/perks v1.0.1 // indirect
|
||||
github.com/btcsuite/btcd v0.22.0-beta // indirect
|
||||
github.com/cenkalti/backoff/v4 v4.1.3 // indirect
|
||||
github.com/cespare/xxhash/v2 v2.1.2 // indirect
|
||||
github.com/containerd/cgroups v1.0.3 // indirect
|
||||
github.com/containerd/containerd v1.6.2 // indirect
|
||||
github.com/coreos/go-semver v0.3.0 // indirect
|
||||
github.com/cpuguy83/go-md2man/v2 v2.0.1 // indirect
|
||||
github.com/davecgh/go-spew v1.1.1 // indirect
|
||||
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 // indirect
|
||||
github.com/docker/distribution v2.8.1+incompatible // indirect
|
||||
github.com/docker/docker v20.10.14+incompatible // indirect
|
||||
github.com/docker/go-connections v0.4.0 // indirect
|
||||
github.com/docker/go-units v0.4.0 // indirect
|
||||
github.com/fsnotify/fsnotify v1.4.9 // indirect
|
||||
github.com/fsnotify/fsnotify v1.6.0 // indirect
|
||||
github.com/gogo/protobuf v1.3.2 // indirect
|
||||
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
|
||||
github.com/golang/protobuf v1.5.2 // indirect
|
||||
github.com/google/uuid v1.3.0 // indirect
|
||||
github.com/gorilla/mux v1.8.0 // indirect
|
||||
github.com/gorilla/websocket v1.4.2 // indirect
|
||||
github.com/hashicorp/golang-lru v0.5.5-0.20210104140557-80c98217689d // indirect
|
||||
github.com/hashicorp/golang-lru v0.6.0 // indirect
|
||||
github.com/hashicorp/golang-lru/v2 v2.0.1 // indirect
|
||||
github.com/hashicorp/hcl v1.0.0 // indirect
|
||||
github.com/klauspost/compress v1.15.0 // indirect
|
||||
github.com/magiconair/properties v1.8.6 // indirect
|
||||
github.com/magiconair/properties v1.8.7 // indirect
|
||||
github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
|
||||
github.com/mitchellh/mapstructure v1.4.1 // indirect
|
||||
github.com/mitchellh/mapstructure v1.5.0 // indirect
|
||||
github.com/moby/sys/mount v0.3.2 // indirect
|
||||
github.com/moby/sys/mountinfo v0.6.1 // indirect
|
||||
github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 // indirect
|
||||
github.com/morikuni/aec v1.0.0 // indirect
|
||||
github.com/mr-tron/base58 v1.2.0 // indirect
|
||||
github.com/nspcc-dev/go-ordered-json v0.0.0-20220111165707-25110be27d22 // indirect
|
||||
github.com/nspcc-dev/hrw v1.0.9 // indirect
|
||||
github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20220809123759-3094d3e0c14b // indirect
|
||||
github.com/nspcc-dev/neofs-contract v0.15.3 // indirect
|
||||
github.com/nspcc-dev/neofs-crypto v0.4.0 // indirect
|
||||
github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20221202075445-cb5c18dc73eb // indirect
|
||||
github.com/nspcc-dev/rfc6979 v0.2.0 // indirect
|
||||
github.com/nspcc-dev/tzhash v1.6.1 // indirect
|
||||
github.com/opencontainers/go-digest v1.0.0 // indirect
|
||||
github.com/opencontainers/image-spec v1.0.2 // indirect
|
||||
github.com/opencontainers/runc v1.1.1 // indirect
|
||||
github.com/pelletier/go-toml v1.9.3 // indirect
|
||||
github.com/pelletier/go-toml/v2 v2.0.6 // indirect
|
||||
github.com/pkg/errors v0.9.1 // indirect
|
||||
github.com/pmezard/go-difflib v1.0.0 // indirect
|
||||
github.com/prometheus/client_model v0.2.0 // indirect
|
||||
|
@ -74,26 +75,26 @@ require (
|
|||
github.com/savsgio/gotils v0.0.0-20210617111740-97865ed5a873 // indirect
|
||||
github.com/sirupsen/logrus v1.8.1 // indirect
|
||||
github.com/spaolacci/murmur3 v1.1.0 // indirect
|
||||
github.com/spf13/afero v1.6.0 // indirect
|
||||
github.com/spf13/cast v1.3.1 // indirect
|
||||
github.com/spf13/afero v1.9.3 // indirect
|
||||
github.com/spf13/cast v1.5.0 // indirect
|
||||
github.com/spf13/jwalterweatherman v1.1.0 // indirect
|
||||
github.com/subosito/gotenv v1.2.0 // indirect
|
||||
github.com/subosito/gotenv v1.4.2 // indirect
|
||||
github.com/syndtr/goleveldb v1.0.1-0.20210819022825-2ae1ddf74ef7 // indirect
|
||||
github.com/urfave/cli v1.22.5 // indirect
|
||||
github.com/valyala/bytebufferpool v1.0.0 // indirect
|
||||
go.opencensus.io v0.23.0 // indirect
|
||||
go.uber.org/multierr v1.7.0 // indirect
|
||||
golang.org/x/crypto v0.0.0-20220214200702-86341886e292 // indirect
|
||||
golang.org/x/net v0.0.0-20220412020605-290c469a71a5 // indirect
|
||||
golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f // indirect
|
||||
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a // indirect
|
||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
|
||||
golang.org/x/text v0.3.7 // indirect
|
||||
google.golang.org/genproto v0.0.0-20220414192740-2d67ff6cf2b4 // indirect
|
||||
google.golang.org/grpc v1.48.0 // indirect
|
||||
go.opencensus.io v0.24.0 // indirect
|
||||
go.uber.org/multierr v1.9.0 // indirect
|
||||
golang.org/x/crypto v0.4.0 // indirect
|
||||
golang.org/x/exp v0.0.0-20221227203929-1b447090c38c // indirect
|
||||
golang.org/x/net v0.4.0 // indirect
|
||||
golang.org/x/sync v0.1.0 // indirect
|
||||
golang.org/x/sys v0.3.0 // indirect
|
||||
golang.org/x/term v0.3.0 // indirect
|
||||
golang.org/x/text v0.5.0 // indirect
|
||||
google.golang.org/genproto v0.0.0-20221227171554-f9683d7f8bef // indirect
|
||||
google.golang.org/grpc v1.52.0 // indirect
|
||||
google.golang.org/protobuf v1.28.1 // indirect
|
||||
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
|
||||
gopkg.in/ini.v1 v1.62.0 // indirect
|
||||
gopkg.in/yaml.v2 v2.4.0 // indirect
|
||||
gopkg.in/ini.v1 v1.67.0 // indirect
|
||||
gopkg.in/yaml.v3 v3.0.1 // indirect
|
||||
)
|
||||
|
|
|
@ -13,23 +13,21 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/acl"
|
||||
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
|
||||
oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
|
||||
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/container"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/container/acl"
|
||||
cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/netmap"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/object"
|
||||
oid "github.com/nspcc-dev/neofs-sdk-go/object/id"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/pool"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/user"
|
||||
"github.com/spf13/viper"
|
||||
"github.com/stretchr/testify/require"
|
||||
"github.com/testcontainers/testcontainers-go"
|
||||
"github.com/testcontainers/testcontainers-go/wait"
|
||||
)
|
||||
|
||||
const attributeFilePath = "FilePath"
|
||||
|
||||
type putResponse struct {
|
||||
CID string `json:"container_id"`
|
||||
OID string `json:"object_id"`
|
||||
|
@ -46,11 +44,10 @@ func TestIntegration(t *testing.T) {
|
|||
rootCtx := context.Background()
|
||||
aioImage := "nspccdev/neofs-aio-testcontainer:"
|
||||
versions := []string{
|
||||
"0.27.5",
|
||||
"0.28.1",
|
||||
"0.29.0",
|
||||
"0.30.0",
|
||||
"0.32.0",
|
||||
"0.34.0",
|
||||
"latest",
|
||||
}
|
||||
key, err := keys.NewPrivateKeyFromHex("1dd37fba80fec4e6a6f13fd708d8dcb3b29def768017052f6c930fa1c5d90bbb")
|
||||
|
@ -69,6 +66,7 @@ func TestIntegration(t *testing.T) {
|
|||
require.NoError(t, err, version)
|
||||
|
||||
t.Run("simple put "+version, func(t *testing.T) { simplePut(ctx, t, clientPool, CID, version) })
|
||||
t.Run("put with duplicate keys "+version, func(t *testing.T) { putWithDuplicateKeys(t, CID) })
|
||||
t.Run("simple get "+version, func(t *testing.T) { simpleGet(ctx, t, clientPool, ownerID, CID, version) })
|
||||
t.Run("get by attribute "+version, func(t *testing.T) { getByAttr(ctx, t, clientPool, ownerID, CID, version) })
|
||||
t.Run("get zip "+version, func(t *testing.T) { getZip(ctx, t, clientPool, ownerID, CID, version) })
|
||||
|
@ -173,6 +171,43 @@ func makePutRequestAndCheck(ctx context.Context, t *testing.T, p *pool.Pool, cnr
|
|||
}
|
||||
}
|
||||
|
||||
func putWithDuplicateKeys(t *testing.T, CID cid.ID) {
|
||||
url := testHost + "/upload/" + CID.String()
|
||||
|
||||
attr := "X-Attribute-User-Attribute"
|
||||
content := "content of file"
|
||||
valOne, valTwo := "first_value", "second_value"
|
||||
fileName := "newFile.txt"
|
||||
|
||||
var buff bytes.Buffer
|
||||
w := multipart.NewWriter(&buff)
|
||||
fw, err := w.CreateFormFile("file", fileName)
|
||||
require.NoError(t, err)
|
||||
_, err = io.Copy(fw, bytes.NewBufferString(content))
|
||||
require.NoError(t, err)
|
||||
err = w.Close()
|
||||
require.NoError(t, err)
|
||||
|
||||
request, err := http.NewRequest(http.MethodPost, url, &buff)
|
||||
require.NoError(t, err)
|
||||
request.Header.Set("Content-Type", w.FormDataContentType())
|
||||
request.Header.Add(attr, valOne)
|
||||
request.Header.Add(attr, valTwo)
|
||||
|
||||
resp, err := http.DefaultClient.Do(request)
|
||||
require.NoError(t, err)
|
||||
|
||||
defer func() {
|
||||
err := resp.Body.Close()
|
||||
require.NoError(t, err)
|
||||
}()
|
||||
|
||||
body, err := io.ReadAll(resp.Body)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, "key duplication error: "+attr+"\n", string(body))
|
||||
require.Equal(t, http.StatusBadRequest, resp.StatusCode)
|
||||
}
|
||||
|
||||
func simpleGet(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID user.ID, CID cid.ID, version string) {
|
||||
content := "content of file"
|
||||
attributes := map[string]string{
|
||||
|
@ -249,8 +284,8 @@ func getByAttr(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID
|
|||
func getZip(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID user.ID, CID cid.ID, version string) {
|
||||
names := []string{"zipfolder/dir/name1.txt", "zipfolder/name2.txt"}
|
||||
contents := []string{"content of file1", "content of file2"}
|
||||
attributes1 := map[string]string{attributeFilePath: names[0]}
|
||||
attributes2 := map[string]string{attributeFilePath: names[1]}
|
||||
attributes1 := map[string]string{object.AttributeFilePath: names[0]}
|
||||
attributes2 := map[string]string{object.AttributeFilePath: names[1]}
|
||||
|
||||
putObject(ctx, t, clientPool, ownerID, CID, contents[0], attributes1)
|
||||
putObject(ctx, t, clientPool, ownerID, CID, contents[1], attributes2)
|
||||
|
@ -337,7 +372,7 @@ func getDefaultConfig() *viper.Viper {
|
|||
v.SetDefault(cfgPeers+".0.priority", 1)
|
||||
|
||||
v.SetDefault(cfgRPCEndpoint, "http://localhost:30333")
|
||||
v.SetDefault(cfgListenAddress, testListenAddress)
|
||||
v.SetDefault("server.0.address", testListenAddress)
|
||||
|
||||
return v
|
||||
}
|
||||
|
|
|
@ -3,14 +3,14 @@ package metrics
|
|||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/nspcc-dev/neofs-sdk-go/pool"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
|
||||
"github.com/prometheus/client_golang/prometheus"
|
||||
"github.com/prometheus/client_golang/prometheus/promhttp"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
const (
|
||||
namespace = "neofs_http_gw"
|
||||
namespace = "frostfs_http_gw"
|
||||
stateSubsystem = "state"
|
||||
poolSubsystem = "pool"
|
||||
|
||||
|
|
35
resolver/frostfs.go
Normal file
35
resolver/frostfs.go
Normal file
|
@ -0,0 +1,35 @@
|
|||
package resolver
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
|
||||
)
|
||||
|
||||
// FrostFSResolver represents virtual connection to the FrostFS network.
|
||||
// It implements resolver.FrostFS.
|
||||
type FrostFSResolver struct {
|
||||
pool *pool.Pool
|
||||
}
|
||||
|
||||
// NewFrostFSResolver creates new FrostFSResolver using provided pool.Pool.
|
||||
func NewFrostFSResolver(p *pool.Pool) *FrostFSResolver {
|
||||
return &FrostFSResolver{pool: p}
|
||||
}
|
||||
|
||||
// SystemDNS implements resolver.FrostFS interface method.
|
||||
func (x *FrostFSResolver) SystemDNS(ctx context.Context) (string, error) {
|
||||
networkInfo, err := x.pool.NetworkInfo(ctx)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("read network info via client: %w", err)
|
||||
}
|
||||
|
||||
domain := networkInfo.RawNetworkParameter("SystemDNS")
|
||||
if domain == nil {
|
||||
return "", errors.New("system DNS parameter not found or empty")
|
||||
}
|
||||
|
||||
return string(domain), nil
|
||||
}
|
|
@ -1,35 +0,0 @@
|
|||
package resolver
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
"github.com/nspcc-dev/neofs-sdk-go/pool"
|
||||
)
|
||||
|
||||
// NeoFSResolver represents virtual connection to the NeoFS network.
|
||||
// It implements resolver.NeoFS.
|
||||
type NeoFSResolver struct {
|
||||
pool *pool.Pool
|
||||
}
|
||||
|
||||
// NewNeoFSResolver creates new NeoFSResolver using provided pool.Pool.
|
||||
func NewNeoFSResolver(p *pool.Pool) *NeoFSResolver {
|
||||
return &NeoFSResolver{pool: p}
|
||||
}
|
||||
|
||||
// SystemDNS implements resolver.NeoFS interface method.
|
||||
func (x *NeoFSResolver) SystemDNS(ctx context.Context) (string, error) {
|
||||
networkInfo, err := x.pool.NetworkInfo(ctx)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("read network info via client: %w", err)
|
||||
}
|
||||
|
||||
domain := networkInfo.RawNetworkParameter("SystemDNS")
|
||||
if domain == nil {
|
||||
return "", errors.New("system DNS parameter not found or empty")
|
||||
}
|
||||
|
||||
return string(domain), nil
|
||||
}
|
|
@ -6,8 +6,9 @@ import (
|
|||
"fmt"
|
||||
"sync"
|
||||
|
||||
cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/ns"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
|
||||
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/ns"
|
||||
)
|
||||
|
||||
const (
|
||||
|
@ -18,9 +19,9 @@ const (
|
|||
// ErrNoResolvers returns when trying to resolve container without any resolver.
|
||||
var ErrNoResolvers = errors.New("no resolvers")
|
||||
|
||||
// NeoFS represents virtual connection to the NeoFS network.
|
||||
type NeoFS interface {
|
||||
// SystemDNS reads system DNS network parameters of the NeoFS.
|
||||
// FrostFS represents virtual connection to the FrostFS network.
|
||||
type FrostFS interface {
|
||||
// SystemDNS reads system DNS network parameters of the FrostFS.
|
||||
//
|
||||
// Returns exactly on non-zero value. Returns any error encountered
|
||||
// which prevented the parameter to be read.
|
||||
|
@ -28,7 +29,7 @@ type NeoFS interface {
|
|||
}
|
||||
|
||||
type Config struct {
|
||||
NeoFS NeoFS
|
||||
FrostFS FrostFS
|
||||
RPCAddress string
|
||||
}
|
||||
|
||||
|
@ -134,7 +135,7 @@ func (r *ContainerResolver) equals(resolverNames []string) bool {
|
|||
func newResolver(name string, cfg *Config) (*Resolver, error) {
|
||||
switch name {
|
||||
case DNSResolver:
|
||||
return NewDNSResolver(cfg.NeoFS)
|
||||
return NewDNSResolver(cfg.FrostFS)
|
||||
case NNSResolver:
|
||||
return NewNNSResolver(cfg.RPCAddress)
|
||||
default:
|
||||
|
@ -142,17 +143,17 @@ func newResolver(name string, cfg *Config) (*Resolver, error) {
|
|||
}
|
||||
}
|
||||
|
||||
func NewDNSResolver(neoFS NeoFS) (*Resolver, error) {
|
||||
if neoFS == nil {
|
||||
func NewDNSResolver(frostFS FrostFS) (*Resolver, error) {
|
||||
if frostFS == nil {
|
||||
return nil, fmt.Errorf("pool must not be nil for DNS resolver")
|
||||
}
|
||||
|
||||
var dns ns.DNS
|
||||
|
||||
resolveFunc := func(ctx context.Context, name string) (*cid.ID, error) {
|
||||
domain, err := neoFS.SystemDNS(ctx)
|
||||
domain, err := frostFS.SystemDNS(ctx)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("read system DNS parameter of the NeoFS: %w", err)
|
||||
return nil, fmt.Errorf("read system DNS parameter of the FrostFS: %w", err)
|
||||
}
|
||||
|
||||
domain = name + "." + domain
|
||||
|
@ -177,7 +178,10 @@ func NewNNSResolver(rpcAddress string) (*Resolver, error) {
|
|||
}
|
||||
|
||||
resolveFunc := func(_ context.Context, name string) (*cid.ID, error) {
|
||||
cnrID, err := nns.ResolveContainerName(name)
|
||||
var d container.Domain
|
||||
d.SetName(name)
|
||||
|
||||
cnrID, err := nns.ResolveContainerDomain(d)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("couldn't resolve container '%s': %w", name, err)
|
||||
}
|
||||
|
|
122
server.go
Normal file
122
server.go
Normal file
|
@ -0,0 +1,122 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"sync"
|
||||
)
|
||||
|
||||
type (
|
||||
ServerInfo struct {
|
||||
Address string
|
||||
TLS ServerTLSInfo
|
||||
}
|
||||
|
||||
ServerTLSInfo struct {
|
||||
Enabled bool
|
||||
CertFile string
|
||||
KeyFile string
|
||||
}
|
||||
|
||||
Server interface {
|
||||
Address() string
|
||||
Listener() net.Listener
|
||||
UpdateCert(certFile, keyFile string) error
|
||||
}
|
||||
|
||||
server struct {
|
||||
address string
|
||||
listener net.Listener
|
||||
tlsProvider *certProvider
|
||||
}
|
||||
|
||||
certProvider struct {
|
||||
Enabled bool
|
||||
|
||||
mu sync.RWMutex
|
||||
certPath string
|
||||
keyPath string
|
||||
cert *tls.Certificate
|
||||
}
|
||||
)
|
||||
|
||||
func (s *server) Address() string {
|
||||
return s.address
|
||||
}
|
||||
|
||||
func (s *server) Listener() net.Listener {
|
||||
return s.listener
|
||||
}
|
||||
|
||||
func (s *server) UpdateCert(certFile, keyFile string) error {
|
||||
return s.tlsProvider.UpdateCert(certFile, keyFile)
|
||||
}
|
||||
|
||||
func newServer(ctx context.Context, serverInfo ServerInfo) (*server, error) {
|
||||
var lic net.ListenConfig
|
||||
ln, err := lic.Listen(ctx, "tcp", serverInfo.Address)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("could not prepare listener: %w", err)
|
||||
}
|
||||
|
||||
tlsProvider := &certProvider{
|
||||
Enabled: serverInfo.TLS.Enabled,
|
||||
}
|
||||
|
||||
if serverInfo.TLS.Enabled {
|
||||
if err = tlsProvider.UpdateCert(serverInfo.TLS.CertFile, serverInfo.TLS.KeyFile); err != nil {
|
||||
return nil, fmt.Errorf("failed to update cert: %w", err)
|
||||
}
|
||||
|
||||
ln = tls.NewListener(ln, &tls.Config{
|
||||
GetCertificate: tlsProvider.GetCertificate,
|
||||
})
|
||||
}
|
||||
|
||||
return &server{
|
||||
address: serverInfo.Address,
|
||||
listener: ln,
|
||||
tlsProvider: tlsProvider,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (p *certProvider) GetCertificate(*tls.ClientHelloInfo) (*tls.Certificate, error) {
|
||||
if !p.Enabled {
|
||||
return nil, errors.New("cert provider: disabled")
|
||||
}
|
||||
|
||||
p.mu.RLock()
|
||||
defer p.mu.RUnlock()
|
||||
return p.cert, nil
|
||||
}
|
||||
|
||||
func (p *certProvider) UpdateCert(certPath, keyPath string) error {
|
||||
if !p.Enabled {
|
||||
return fmt.Errorf("tls disabled")
|
||||
}
|
||||
|
||||
cert, err := tls.LoadX509KeyPair(certPath, keyPath)
|
||||
if err != nil {
|
||||
return fmt.Errorf("cannot load TLS key pair from certFile '%s' and keyFile '%s': %w", certPath, keyPath, err)
|
||||
}
|
||||
|
||||
p.mu.Lock()
|
||||
p.certPath = certPath
|
||||
p.keyPath = keyPath
|
||||
p.cert = &cert
|
||||
p.mu.Unlock()
|
||||
return nil
|
||||
}
|
||||
|
||||
func (p *certProvider) FilePaths() (string, string) {
|
||||
if !p.Enabled {
|
||||
return "", ""
|
||||
}
|
||||
|
||||
p.mu.RLock()
|
||||
defer p.mu.RUnlock()
|
||||
return p.certPath, p.keyPath
|
||||
}
|
151
settings.go
151
settings.go
|
@ -3,13 +3,14 @@ package main
|
|||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"path"
|
||||
"runtime"
|
||||
"sort"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/nspcc-dev/neofs-http-gw/resolver"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/resolver"
|
||||
"github.com/spf13/pflag"
|
||||
"github.com/spf13/viper"
|
||||
"github.com/valyala/fasthttp"
|
||||
|
@ -21,14 +22,16 @@ const (
|
|||
defaultRebalanceTimer = 60 * time.Second
|
||||
defaultRequestTimeout = 15 * time.Second
|
||||
defaultConnectTimeout = 10 * time.Second
|
||||
defaultStreamTimeout = 10 * time.Second
|
||||
|
||||
defaultShutdownTimeout = 15 * time.Second
|
||||
|
||||
defaultPoolErrorThreshold uint32 = 100
|
||||
|
||||
cfgListenAddress = "listen_address"
|
||||
cfgTLSCertificate = "tls_certificate"
|
||||
cfgTLSKey = "tls_key"
|
||||
cfgServer = "server"
|
||||
cfgTLSEnabled = "tls.enabled"
|
||||
cfgTLSCertFile = "tls.cert_file"
|
||||
cfgTLSKeyFile = "tls.key_file"
|
||||
|
||||
// Web.
|
||||
cfgWebReadBufferSize = "web.read_buffer_size"
|
||||
|
@ -46,6 +49,7 @@ const (
|
|||
|
||||
// Pool config.
|
||||
cfgConTimeout = "connect_timeout"
|
||||
cfgStreamTimeout = "stream_timeout"
|
||||
cfgReqTimeout = "request_timeout"
|
||||
cfgRebalance = "rebalance_timer"
|
||||
cfgPoolErrorThreshold = "pool_error_threshold"
|
||||
|
@ -74,13 +78,15 @@ const (
|
|||
cfgZipCompression = "zip.compression"
|
||||
|
||||
// Command line args.
|
||||
cmdHelp = "help"
|
||||
cmdVersion = "version"
|
||||
cmdPprof = "pprof"
|
||||
cmdMetrics = "metrics"
|
||||
cmdWallet = "wallet"
|
||||
cmdAddress = "address"
|
||||
cmdConfig = "config"
|
||||
cmdHelp = "help"
|
||||
cmdVersion = "version"
|
||||
cmdPprof = "pprof"
|
||||
cmdMetrics = "metrics"
|
||||
cmdWallet = "wallet"
|
||||
cmdAddress = "address"
|
||||
cmdConfig = "config"
|
||||
cmdConfigDir = "config-dir"
|
||||
cmdListenAddress = "listen_address"
|
||||
)
|
||||
|
||||
var ignore = map[string]struct{}{
|
||||
|
@ -110,15 +116,17 @@ func settings() *viper.Viper {
|
|||
|
||||
flags.StringP(cmdWallet, "w", "", `path to the wallet`)
|
||||
flags.String(cmdAddress, "", `address of wallet account`)
|
||||
flags.String(cmdConfig, "", "config path")
|
||||
flags.StringArray(cmdConfig, nil, "config paths")
|
||||
flags.String(cmdConfigDir, "", "config dir path")
|
||||
flags.Duration(cfgConTimeout, defaultConnectTimeout, "gRPC connect timeout")
|
||||
flags.Duration(cfgStreamTimeout, defaultStreamTimeout, "gRPC individual message timeout")
|
||||
flags.Duration(cfgReqTimeout, defaultRequestTimeout, "gRPC request timeout")
|
||||
flags.Duration(cfgRebalance, defaultRebalanceTimer, "gRPC connection rebalance timer")
|
||||
|
||||
flags.String(cfgListenAddress, "0.0.0.0:8082", "address to listen")
|
||||
flags.String(cfgTLSCertificate, "", "TLS certificate path")
|
||||
flags.String(cfgTLSKey, "", "TLS key path")
|
||||
peers := flags.StringArrayP(cfgPeers, "p", nil, "NeoFS nodes")
|
||||
flags.String(cmdListenAddress, "0.0.0.0:8080", "addresses to listen")
|
||||
flags.String(cfgTLSCertFile, "", "TLS certificate path")
|
||||
flags.String(cfgTLSKeyFile, "", "TLS key path")
|
||||
peers := flags.StringArrayP(cfgPeers, "p", nil, "FrostFS nodes")
|
||||
|
||||
resolveMethods := flags.StringSlice(cfgResolveOrder, []string{resolver.NNSResolver, resolver.DNSResolver}, "set container name resolve order")
|
||||
|
||||
|
@ -168,17 +176,31 @@ func settings() *viper.Viper {
|
|||
panic(err)
|
||||
}
|
||||
|
||||
if err := v.BindPFlag(cfgServer+".0.address", flags.Lookup(cmdListenAddress)); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
if err := v.BindPFlag(cfgServer+".0."+cfgTLSKeyFile, flags.Lookup(cfgTLSKeyFile)); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
if err := v.BindPFlag(cfgServer+".0."+cfgTLSCertFile, flags.Lookup(cfgTLSCertFile)); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
if err := flags.Parse(os.Args); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
if v.IsSet(cfgServer+".0."+cfgTLSKeyFile) && v.IsSet(cfgServer+".0."+cfgTLSCertFile) {
|
||||
v.Set(cfgServer+".0."+cfgTLSEnabled, true)
|
||||
}
|
||||
|
||||
if resolveMethods != nil {
|
||||
v.SetDefault(cfgResolveOrder, *resolveMethods)
|
||||
}
|
||||
|
||||
switch {
|
||||
case help != nil && *help:
|
||||
fmt.Printf("NeoFS HTTP Gateway %s\n", Version)
|
||||
fmt.Printf("FrostFS HTTP Gateway %s\n", Version)
|
||||
flags.PrintDefaults()
|
||||
|
||||
fmt.Println()
|
||||
|
@ -210,14 +232,12 @@ func settings() *viper.Viper {
|
|||
|
||||
os.Exit(0)
|
||||
case version != nil && *version:
|
||||
fmt.Printf("NeoFS HTTP Gateway\nVersion: %s\nGoVersion: %s\n", Version, runtime.Version())
|
||||
fmt.Printf("FrostFS HTTP Gateway\nVersion: %s\nGoVersion: %s\n", Version, runtime.Version())
|
||||
os.Exit(0)
|
||||
}
|
||||
|
||||
if v.IsSet(cmdConfig) {
|
||||
if err := readConfig(v); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
if err := readInConfig(v); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
if peers != nil && len(*peers) > 0 {
|
||||
|
@ -231,17 +251,72 @@ func settings() *viper.Viper {
|
|||
return v
|
||||
}
|
||||
|
||||
func readConfig(v *viper.Viper) error {
|
||||
cfgFileName := v.GetString(cmdConfig)
|
||||
cfgFile, err := os.Open(cfgFileName)
|
||||
func readInConfig(v *viper.Viper) error {
|
||||
if v.IsSet(cmdConfig) {
|
||||
if err := readConfig(v); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
if v.IsSet(cmdConfigDir) {
|
||||
if err := readConfigDir(v); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func readConfigDir(v *viper.Viper) error {
|
||||
cfgSubConfigDir := v.GetString(cmdConfigDir)
|
||||
entries, err := os.ReadDir(cfgSubConfigDir)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if err = v.ReadConfig(cfgFile); err != nil {
|
||||
|
||||
for _, entry := range entries {
|
||||
if entry.IsDir() {
|
||||
continue
|
||||
}
|
||||
ext := path.Ext(entry.Name())
|
||||
if ext != ".yaml" && ext != ".yml" {
|
||||
continue
|
||||
}
|
||||
|
||||
if err = mergeConfig(v, path.Join(cfgSubConfigDir, entry.Name())); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func readConfig(v *viper.Viper) error {
|
||||
for _, fileName := range v.GetStringSlice(cmdConfig) {
|
||||
if err := mergeConfig(v, fileName); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func mergeConfig(v *viper.Viper, fileName string) error {
|
||||
cfgFile, err := os.Open(fileName)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return cfgFile.Close()
|
||||
defer func() {
|
||||
if errClose := cfgFile.Close(); errClose != nil {
|
||||
panic(errClose)
|
||||
}
|
||||
}()
|
||||
|
||||
if err = v.MergeConfig(cfgFile); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// newLogger constructs a zap.Logger instance for current application.
|
||||
|
@ -294,3 +369,25 @@ func getLogLevel(v *viper.Viper) (zapcore.Level, error) {
|
|||
}
|
||||
return lvl, nil
|
||||
}
|
||||
|
||||
func fetchServers(v *viper.Viper) []ServerInfo {
|
||||
var servers []ServerInfo
|
||||
|
||||
for i := 0; ; i++ {
|
||||
key := cfgServer + "." + strconv.Itoa(i) + "."
|
||||
|
||||
var serverInfo ServerInfo
|
||||
serverInfo.Address = v.GetString(key + "address")
|
||||
serverInfo.TLS.Enabled = v.GetBool(key + cfgTLSEnabled)
|
||||
serverInfo.TLS.KeyFile = v.GetString(key + cfgTLSKeyFile)
|
||||
serverInfo.TLS.CertFile = v.GetString(key + cfgTLSCertFile)
|
||||
|
||||
if serverInfo.Address == "" {
|
||||
break
|
||||
}
|
||||
|
||||
servers = append(servers, serverInfo)
|
||||
}
|
||||
|
||||
return servers
|
||||
}
|
||||
|
|
|
@ -7,7 +7,7 @@ import (
|
|||
"errors"
|
||||
"fmt"
|
||||
|
||||
"github.com/nspcc-dev/neofs-sdk-go/bearer"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
|
||||
"github.com/valyala/fasthttp"
|
||||
)
|
||||
|
||||
|
|
|
@ -4,9 +4,9 @@ import (
|
|||
"encoding/base64"
|
||||
"testing"
|
||||
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
|
||||
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/bearer"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/user"
|
||||
"github.com/stretchr/testify/require"
|
||||
"github.com/valyala/fasthttp"
|
||||
)
|
||||
|
|
|
@ -7,13 +7,13 @@ import (
|
|||
"strconv"
|
||||
"time"
|
||||
|
||||
"github.com/nspcc-dev/neofs-api-go/v2/object"
|
||||
"github.com/nspcc-dev/neofs-http-gw/utils"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/utils"
|
||||
"github.com/valyala/fasthttp"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
var neofsAttributeHeaderPrefixes = [...][]byte{[]byte("Neofs-"), []byte("NEOFS-"), []byte("neofs-")}
|
||||
var frostfsAttributeHeaderPrefixes = [...][]byte{[]byte("Neofs-"), []byte("NEOFS-"), []byte("neofs-")}
|
||||
|
||||
func systemTranslator(key, prefix []byte) []byte {
|
||||
// replace the specified prefix with `__NEOFS__`
|
||||
|
@ -26,7 +26,8 @@ func systemTranslator(key, prefix []byte) []byte {
|
|||
return bytes.ToUpper(key)
|
||||
}
|
||||
|
||||
func filterHeaders(l *zap.Logger, header *fasthttp.RequestHeader) map[string]string {
|
||||
func filterHeaders(l *zap.Logger, header *fasthttp.RequestHeader) (map[string]string, error) {
|
||||
var err error
|
||||
result := make(map[string]string)
|
||||
prefix := []byte(utils.UserAttributeHeaderPrefix)
|
||||
|
||||
|
@ -42,23 +43,30 @@ func filterHeaders(l *zap.Logger, header *fasthttp.RequestHeader) map[string]str
|
|||
}
|
||||
|
||||
// removing attribute prefix
|
||||
key = bytes.TrimPrefix(key, prefix)
|
||||
clearKey := bytes.TrimPrefix(key, prefix)
|
||||
|
||||
// checks that it's a system NeoFS header
|
||||
for _, system := range neofsAttributeHeaderPrefixes {
|
||||
if bytes.HasPrefix(key, system) {
|
||||
key = systemTranslator(key, system)
|
||||
for _, system := range frostfsAttributeHeaderPrefixes {
|
||||
if bytes.HasPrefix(clearKey, system) {
|
||||
clearKey = systemTranslator(clearKey, system)
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
// checks that the attribute key is not empty
|
||||
if len(key) == 0 {
|
||||
if len(clearKey) == 0 {
|
||||
return
|
||||
}
|
||||
|
||||
// check if key gets duplicated
|
||||
// return error containing full key name (with prefix)
|
||||
if _, ok := result[string(clearKey)]; ok {
|
||||
err = fmt.Errorf("key duplication error: %s", string(key))
|
||||
return
|
||||
}
|
||||
|
||||
// make string representation of key / val
|
||||
k, v := string(key), string(val)
|
||||
k, v := string(clearKey), string(val)
|
||||
|
||||
result[k] = v
|
||||
|
||||
|
@ -67,10 +75,10 @@ func filterHeaders(l *zap.Logger, header *fasthttp.RequestHeader) map[string]str
|
|||
zap.String("val", v))
|
||||
})
|
||||
|
||||
return result
|
||||
return result, err
|
||||
}
|
||||
|
||||
func prepareExpirationHeader(headers map[string]string, epochDurations *epochDurations) error {
|
||||
func prepareExpirationHeader(headers map[string]string, epochDurations *epochDurations, now time.Time) error {
|
||||
expirationInEpoch := headers[object.SysAttributeExpEpoch]
|
||||
|
||||
if timeRFC3339, ok := headers[utils.ExpirationRFC3339Attr]; ok {
|
||||
|
@ -79,7 +87,6 @@ func prepareExpirationHeader(headers map[string]string, epochDurations *epochDur
|
|||
return fmt.Errorf("couldn't parse value %s of header %s", timeRFC3339, utils.ExpirationRFC3339Attr)
|
||||
}
|
||||
|
||||
now := time.Now().UTC()
|
||||
if expTime.Before(now) {
|
||||
return fmt.Errorf("value %s of header %s must be in the future", timeRFC3339, utils.ExpirationRFC3339Attr)
|
||||
}
|
||||
|
@ -94,7 +101,6 @@ func prepareExpirationHeader(headers map[string]string, epochDurations *epochDur
|
|||
}
|
||||
expTime := time.Unix(value, 0)
|
||||
|
||||
now := time.Now()
|
||||
if expTime.Before(now) {
|
||||
return fmt.Errorf("value %s of header %s must be in the future", timestamp, utils.ExpirationTimestampAttr)
|
||||
}
|
||||
|
|
|
@ -6,8 +6,8 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/nspcc-dev/neofs-api-go/v2/object"
|
||||
"github.com/nspcc-dev/neofs-http-gw/utils"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/utils"
|
||||
"github.com/stretchr/testify/require"
|
||||
"github.com/valyala/fasthttp"
|
||||
"go.uber.org/zap"
|
||||
|
@ -16,8 +16,27 @@ import (
|
|||
func TestFilter(t *testing.T) {
|
||||
log := zap.NewNop()
|
||||
|
||||
t.Run("duplicate keys error", func(t *testing.T) {
|
||||
req := &fasthttp.RequestHeader{}
|
||||
req.DisableNormalizing()
|
||||
req.Add("X-Attribute-DupKey", "first-value")
|
||||
req.Add("X-Attribute-DupKey", "second-value")
|
||||
_, err := filterHeaders(log, req)
|
||||
require.Error(t, err)
|
||||
})
|
||||
|
||||
t.Run("duplicate system keys error", func(t *testing.T) {
|
||||
req := &fasthttp.RequestHeader{}
|
||||
req.DisableNormalizing()
|
||||
req.Add("X-Attribute-Neofs-DupKey", "first-value")
|
||||
req.Add("X-Attribute-Neofs-DupKey", "second-value")
|
||||
_, err := filterHeaders(log, req)
|
||||
require.Error(t, err)
|
||||
})
|
||||
|
||||
req := &fasthttp.RequestHeader{}
|
||||
req.DisableNormalizing()
|
||||
|
||||
req.Set("X-Attribute-Neofs-Expiration-Epoch1", "101")
|
||||
req.Set("X-Attribute-NEOFS-Expiration-Epoch2", "102")
|
||||
req.Set("X-Attribute-neofs-Expiration-Epoch3", "103")
|
||||
|
@ -30,7 +49,8 @@ func TestFilter(t *testing.T) {
|
|||
"__NEOFS__EXPIRATION_EPOCH2": "102",
|
||||
}
|
||||
|
||||
result := filterHeaders(log, req)
|
||||
result, err := filterHeaders(log, req)
|
||||
require.NoError(t, err)
|
||||
|
||||
require.Equal(t, expected, result)
|
||||
}
|
||||
|
@ -178,7 +198,7 @@ func TestPrepareExpirationHeader(t *testing.T) {
|
|||
},
|
||||
} {
|
||||
t.Run(tc.name, func(t *testing.T) {
|
||||
err := prepareExpirationHeader(tc.headers, tc.durations)
|
||||
err := prepareExpirationHeader(tc.headers, tc.durations, time.Now())
|
||||
if tc.err {
|
||||
require.Error(t, err)
|
||||
} else {
|
||||
|
|
|
@ -3,7 +3,7 @@ package uploader
|
|||
import (
|
||||
"io"
|
||||
|
||||
"github.com/nspcc-dev/neofs-http-gw/uploader/multipart"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/uploader/multipart"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
|
|
|
@ -5,18 +5,19 @@ import (
|
|||
"encoding/json"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
"strconv"
|
||||
"time"
|
||||
|
||||
"github.com/nspcc-dev/neofs-http-gw/resolver"
|
||||
"github.com/nspcc-dev/neofs-http-gw/response"
|
||||
"github.com/nspcc-dev/neofs-http-gw/tokens"
|
||||
"github.com/nspcc-dev/neofs-http-gw/utils"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/bearer"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/object"
|
||||
oid "github.com/nspcc-dev/neofs-sdk-go/object/id"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/pool"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/user"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/resolver"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/response"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/tokens"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/utils"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
|
||||
oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
|
||||
"github.com/valyala/fasthttp"
|
||||
"go.uber.org/atomic"
|
||||
"go.uber.org/zap"
|
||||
|
@ -113,7 +114,12 @@ func (u *Uploader) Upload(c *fasthttp.RequestCtx) {
|
|||
response.Error(c, "could not receive multipart/form: "+err.Error(), fasthttp.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
filtered := filterHeaders(u.log, &c.Request.Header)
|
||||
filtered, err := filterHeaders(u.log, &c.Request.Header)
|
||||
if err != nil {
|
||||
log.Error("could not process headers", zap.Error(err))
|
||||
response.Error(c, err.Error(), fasthttp.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
if needParseExpiration(filtered) {
|
||||
epochDuration, err := getEpochDurations(c, u.pool)
|
||||
if err != nil {
|
||||
|
@ -121,7 +127,17 @@ func (u *Uploader) Upload(c *fasthttp.RequestCtx) {
|
|||
response.Error(c, "could not get epoch durations from network info: "+err.Error(), fasthttp.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
if err = prepareExpirationHeader(filtered, epochDuration); err != nil {
|
||||
|
||||
now := time.Now()
|
||||
if rawHeader := c.Request.Header.Peek(fasthttp.HeaderDate); rawHeader != nil {
|
||||
if parsed, err := time.Parse(http.TimeFormat, string(rawHeader)); err != nil {
|
||||
log.Warn("could not parse client time", zap.String("Date header", string(rawHeader)), zap.Error(err))
|
||||
} else {
|
||||
now = parsed
|
||||
}
|
||||
}
|
||||
|
||||
if err = prepareExpirationHeader(filtered, epochDuration, now); err != nil {
|
||||
log.Error("could not parse expiration header", zap.Error(err))
|
||||
response.Error(c, "could not parse expiration header: "+err.Error(), fasthttp.StatusBadRequest)
|
||||
return
|
||||
|
@ -166,8 +182,8 @@ func (u *Uploader) Upload(c *fasthttp.RequestCtx) {
|
|||
}
|
||||
|
||||
if idObj, err = u.pool.PutObject(u.appCtx, prm); err != nil {
|
||||
log.Error("could not store file in neofs", zap.Error(err))
|
||||
response.Error(c, "could not store file in neofs: "+err.Error(), fasthttp.StatusBadRequest)
|
||||
log.Error("could not store file in frostfs", zap.Error(err))
|
||||
response.Error(c, "could not store file in frostfs: "+err.Error(), fasthttp.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
package utils
|
||||
|
||||
import (
|
||||
"github.com/nspcc-dev/neofs-http-gw/resolver"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/pool"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/user"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/resolver"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
|
|
|
@ -3,8 +3,8 @@ package utils
|
|||
import (
|
||||
"context"
|
||||
|
||||
"github.com/nspcc-dev/neofs-http-gw/resolver"
|
||||
cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/resolver"
|
||||
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
|
||||
)
|
||||
|
||||
// GetContainerID decode container id, if it's not a valid container id
|
||||
|
|
Loading…
Reference in a new issue