Adds new s3 driver using aws-sdk-go instead of goamz

Keeps old s3 driver, renames to s3goamz, registers new s3 driver as both "s3" and "s3aws" Changes cloudfront middleware to use aws-sdk-go Signed-off-by: Brian Bland <brian.bland@docker.com>
2016-01-21 18:17:53 -08:00 · 2016-01-21 18:17:53 -08:00 · d5a38e4c5f
commit d5a38e4c5f
parent 3cf01ffa1f
5 changed files with 1204 additions and 22 deletions
--- a/docs/storage/driver/middleware/cloudfront/middleware.go
+++ b/docs/storage/driver/middleware/cloudfront/middleware.go
@ -8,12 +8,14 @@ import (
 	"encoding/pem"
 	"fmt"
 	"io/ioutil"
+	"net/url"
+	"strings"
 	"time"

+	"github.com/aws/aws-sdk-go/service/cloudfront/sign"
 	"github.com/docker/distribution/context"
 	storagedriver "github.com/docker/distribution/registry/storage/driver"
 	storagemiddleware "github.com/docker/distribution/registry/storage/driver/middleware"
-	"github.com/docker/goamz/cloudfront"
 )

 // cloudFrontStorageMiddleware provides an simple implementation of layerHandler that
@ -21,8 +23,9 @@ import (
 // then issues HTTP Temporary Redirects to this CloudFront content URL.
 type cloudFrontStorageMiddleware struct {
 	storagedriver.StorageDriver
-	cloudfront *cloudfront.CloudFront
-	duration   time.Duration
+	urlSigner *sign.URLSigner
+	baseURL   string
+	duration  time.Duration
 }

 var _ storagedriver.StorageDriver = &cloudFrontStorageMiddleware{}
@ -33,15 +36,24 @@ var _ storagedriver.StorageDriver = &cloudFrontStorageMiddleware{}
 func newCloudFrontStorageMiddleware(storageDriver storagedriver.StorageDriver, options map[string]interface{}) (storagedriver.StorageDriver, error) {
 	base, ok := options["baseurl"]
 	if !ok {
-		return nil, fmt.Errorf("No baseurl provided")
+		return nil, fmt.Errorf("no baseurl provided")
 	}
 	baseURL, ok := base.(string)
 	if !ok {
 		return nil, fmt.Errorf("baseurl must be a string")
 	}
+	if !strings.Contains(baseURL, "://") {
+		baseURL = "https://" + baseURL
+	}
+	if !strings.HasSuffix(baseURL, "/") {
+		baseURL += "/"
+	}
+	if _, err := url.Parse(baseURL); err != nil {
+		return nil, fmt.Errorf("invalid baseurl: %v", err)
+	}
 	pk, ok := options["privatekey"]
 	if !ok {
-		return nil, fmt.Errorf("No privatekey provided")
+		return nil, fmt.Errorf("no privatekey provided")
 	}
 	pkPath, ok := pk.(string)
 	if !ok {
@ -49,7 +61,7 @@ func newCloudFrontStorageMiddleware(storageDriver storagedriver.StorageDriver, o
 	}
 	kpid, ok := options["keypairid"]
 	if !ok {
-		return nil, fmt.Errorf("No keypairid provided")
+		return nil, fmt.Errorf("no keypairid provided")
 	}
 	keypairID, ok := kpid.(string)
 	if !ok {
@ -58,19 +70,19 @@ func newCloudFrontStorageMiddleware(storageDriver storagedriver.StorageDriver, o

 	pkBytes, err := ioutil.ReadFile(pkPath)
 	if err != nil {
-		return nil, fmt.Errorf("Failed to read privatekey file: %s", err)
+		return nil, fmt.Errorf("failed to read privatekey file: %s", err)
 	}

 	block, _ := pem.Decode([]byte(pkBytes))
 	if block == nil {
-		return nil, fmt.Errorf("Failed to decode private key as an rsa private key")
+		return nil, fmt.Errorf("failed to decode private key as an rsa private key")
 	}
 	privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
 	if err != nil {
 		return nil, err
 	}

-	cf := cloudfront.New(baseURL, privateKey, keypairID)
+	urlSigner := sign.NewURLSigner(keypairID, privateKey)

 	duration := 20 * time.Minute
 	d, ok := options["duration"]
@ -81,13 +93,18 @@ func newCloudFrontStorageMiddleware(storageDriver storagedriver.StorageDriver, o
 		case string:
 			dur, err := time.ParseDuration(d)
 			if err != nil {
-				return nil, fmt.Errorf("Invalid duration: %s", err)
+				return nil, fmt.Errorf("invalid duration: %s", err)
 			}
 			duration = dur
 		}
 	}

-	return &cloudFrontStorageMiddleware{StorageDriver: storageDriver, cloudfront: cf, duration: duration}, nil
+	return &cloudFrontStorageMiddleware{
+		StorageDriver: storageDriver,
+		urlSigner:     urlSigner,
+		baseURL:       baseURL,
+		duration:      duration,
+	}, nil
 }

 // S3BucketKeyer is any type that is capable of returning the S3 bucket key
@ -106,7 +123,7 @@ func (lh *cloudFrontStorageMiddleware) URLFor(ctx context.Context, path string,
 		return lh.StorageDriver.URLFor(ctx, path, options)
 	}

-	cfURL, err := lh.cloudfront.CannedSignedURL(keyer.S3BucketKey(path), "", time.Now().Add(lh.duration))
+	cfURL, err := lh.urlSigner.Sign(lh.baseURL+keyer.S3BucketKey(path), time.Now().Add(lh.duration))
 	if err != nil {
 		return "", err
 	}