FrostFS S3 Protocol Gateway with fuzzing tests
Find a file
Angira Kekteeva 7a6d562c69 [#634] Update SDK
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-08-16 17:49:15 +03:00
.docker [#570] Fix docker image builds 2022-07-05 15:12:33 +03:00
.github/workflows [#455] Run GitHub Actions in tree-service branch 2022-07-22 15:19:16 +03:00
api [#625] Limit listing generator with maxKeys 2022-08-16 13:47:37 +03:00
authmate [#488] Sync using oid.ID 2022-07-22 15:19:16 +03:00
cmd [#595] Allow SSE-C only with TLS 2022-08-13 10:26:00 +03:00
config [#607] Improve wallet path param 2022-08-03 22:25:59 +03:00
creds [#488] Sync using oid.Address 2022-07-22 15:19:16 +03:00
docs [#595] Update compatibility table 2022-08-13 10:26:00 +03:00
internal [#645] Replace tagging when PutObject 2022-08-10 09:21:27 +03:00
.dockerignore [#471] Add docker/* target in Makefile 2022-06-16 11:12:42 +03:00
.gitignore [#407] Update gitignore 2022-07-22 15:19:16 +03:00
.golangci.yml [#272] Replace golint by revive 2021-10-01 12:25:54 +03:00
CHANGELOG.md [#645] Replace tagging when PutObject 2022-08-10 09:21:27 +03:00
CONTRIBUTING.md [#579] Add CONTRIBUTING guide 2022-07-06 10:49:46 +03:00
CREDITS.md Add credits 2022-07-14 12:08:52 +03:00
go.mod [#634] Update SDK 2022-08-16 17:49:15 +03:00
go.sum [#634] Update SDK 2022-08-16 17:49:15 +03:00
help.mk Refactoring Makefile 2021-02-08 12:45:18 +03:00
LICENSE [#264] Change NeoFS S3 Gateway license to AGPLv3 2021-09-20 10:38:28 +03:00
Makefile [#653] Filter version tags for version calculation 2022-08-12 12:55:53 +03:00
README.md [#607] Improve wallet path param 2022-08-03 22:25:59 +03:00
syncTree.sh [#413] Fix sync tree script 2022-07-22 15:19:16 +03:00
updateTestsResult.sh [#454] Support repeating tests in resulting file 2022-06-07 17:37:05 +03:00
VERSION Release v0.23.0 2022-08-01 22:12:34 +03:00

NeoFS S3 Gateway

NeoFS S3 gateway provides API compatible with Amazon S3 cloud storage service.

Installation

go get -u github.com/nspcc-dev/neofs-s3-gw

Or you can call make to build it from the cloned repository (the binary will end up in bin/neofs-s3-gw with authmate helper in bin/neofs-s3-authmate). To build binaries in clean docker environment, call make docker/all.

Other notable make targets:

dep          Check and ensure dependencies
image        Build clean docker image
dirty-image  Build dirty docker image with host-built binaries
format       Run all code formatters
lint         Run linters
version      Show current version

Or you can also use a Docker image provided for released (and occasionally unreleased) versions of gateway (:latest points to the latest stable release).

Execution

Minimalistic S3 gateway setup needs:

  • NeoFS node(s) address (S3 gateway itself is not a NeoFS node) Passed via -p parameter or via S3_GW_PEERS_<N>_ADDRESS and S3_GW_PEERS_<N>_WEIGHT environment variables (gateway supports multiple NeoFS nodes with weighted load balancing).
  • a wallet used to fetch key and communicate with NeoFS nodes Passed via --wallet parameter or S3_GW_WALLET_PATH environment variable.

These two commands are functionally equivalent, they run the gate with one backend node, some keys and otherwise default settings:

$ neofs-s3-gw -p 192.168.130.72:8080 --wallet wallet.json

$ S3_GW_PEERS_0_ADDRESS=192.168.130.72:8080 \
  S3_GW_WALLET=wallet.json \
  neofs-s3-gw

It's also possible to specify uri scheme (grpc or grpcs) when using -p or environment variables:

$ neofs-s3-gw -p grpc://192.168.130.72:8080 --wallet wallet.json

$ S3_GW_PEERS_0_ADDRESS=grpcs://192.168.130.72:8080 \
  S3_GW_WALLET=wallet.json \
  neofs-s3-gw

AWS SDK Compatibility

To match signature of the request you must not include the following headers to SignedHeaders:

  • User-Agent
  • X-Amzn-Trace-Id

AWS SDK JAVA v1

Using aws-sdk-java you can get the following error:

Exception in thread "main" com.amazonaws.services.s3.model.AmazonS3Exception: 
The request signature we calculated does not match the signature you provided. Check your key and signing method.

To solve this problem you should configure client properly:

RequestHandler2 handler = new RequestHandler2() {
   @Override
   public void beforeAttempt(HandlerBeforeAttemptContext context) {
      context.getRequest().getHeaders().remove("User-Agent");
      super.beforeAttempt(context);
   }
};

AmazonS3 s3Client = AmazonS3ClientBuilder.standard()
   .withRequestHandlers(handler)
   .enablePathStyleAccess()
   // ...
   .build()

Documentation

Credits

Please see CREDITS for details.