New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix AWS S3 options #1541
Fix AWS S3 options #1541
Conversation
3aa5f3d
to
84ac444
Compare
84ac444
to
4eb33e9
Compare
@@ -8,6 +8,7 @@ s3: &s3 | |||
region: "<%= ENV['AWS_REGION'] %>" | |||
hostname: "<%= ENV['AWS_HOSTNAME'] %>" | |||
protocol: "<%= ENV['AWS_PROTOCOL'] %>" | |||
force_path_style: <%= ENV['AWS_PATH_STYLE'].presence || false %> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@eguzki , I'm afraid we'll need to introduce one more env var, AWS_PATH_STYLE
.
We cannot enforce it by default because path-style endpoints will lose support on 30 Sep 2020. Other "API-compatible" services like minio.io, however, may still require it (at least, http://play.minio.io does).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we decide not to implement this new env var, a workaround is including a dot in the name of the bucket. This will enforce path-style endpoints despite the value of the force_path_style
configuration option. (Only valid when the protocol is https
.)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
AWS_PATH_STYLE will be there
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
PR with the new env var: 3scale/3scale-operator#306
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am not sure to understand correctly this force_path_style
configuration.
Why do we need it? I can't see any discussion in the issue or its comments about this
I just want to understand the need of this, or lets document what is missing in the issue (for future archeologist)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is because https://github.com/aws/aws-sdk-ruby tests if the name of the bucket is "dns-compatible". Whenever it sees a bucket named, for example, "mybucket", it will build an endpoint using the subdomain style: i.e. "https://mybucket.host". On the other hand, if the bucket is named "my.bucket" (i.e. not "dns-compatible"), the endpoint will be built using path style: i.e. "https://host/my.bucket".
http://play.minio.io requires path style always, no matter if the bucket name is "dns compatible" or not. Not having the option to set force_path_style
would make 3scale incompatible with use cases where the name of the bucket is "dns-compatible" but the endpoint must still be in path-style.
Related to THREESCALE-4052
This PR ensures Paperclip will consider the new configuration options introduced by #1522 while uploading attachments to S3, passing them along to the
Aws::S3::Resource
instance.s3_options
with theendpoint
value (matchings3_protocol
ands3_host_name
) if configured by the userforce_path_style: true
by defaultAWS S3
Minio.io