Fix AWS S3 options #1541
Fix AWS S3 options #1541
Conversation
guicassolato
force-pushed
the
fix-s3-api-compatibles
branch
from
3aa5f3d
to
84ac444
Compare
guicassolato
force-pushed
the
fix-s3-api-compatibles
branch
from
84ac444
to
4eb33e9
Compare
| @@ -8,6 +8,7 @@ s3: &s3 | |||
| region: "<%= ENV['AWS_REGION'] %>" | |||
| hostname: "<%= ENV['AWS_HOSTNAME'] %>" | |||
| protocol: "<%= ENV['AWS_PROTOCOL'] %>" | |||
| force_path_style: <%= ENV['AWS_PATH_STYLE'].presence || false %> | |||
There was a problem hiding this comment.
@eguzki , I'm afraid we'll need to introduce one more env var, AWS_PATH_STYLE.
We cannot enforce it by default because path-style endpoints will lose support on 30 Sep 2020. Other "API-compatible" services like minio.io, however, may still require it (at least, http://play.minio.io does).
There was a problem hiding this comment.
If we decide not to implement this new env var, a workaround is including a dot in the name of the bucket. This will enforce path-style endpoints despite the value of the force_path_style configuration option. (Only valid when the protocol is https.)
There was a problem hiding this comment.
PR with the new env var: 3scale/3scale-operator#306
There was a problem hiding this comment.
I am not sure to understand correctly this force_path_style configuration.
Why do we need it? I can't see any discussion in the issue or its comments about this
I just want to understand the need of this, or lets document what is missing in the issue (for future archeologist)
There was a problem hiding this comment.
This is because https://github.com/aws/aws-sdk-ruby tests if the name of the bucket is "dns-compatible". Whenever it sees a bucket named, for example, "mybucket", it will build an endpoint using the subdomain style: i.e. "https://mybucket.host". On the other hand, if the bucket is named "my.bucket" (i.e. not "dns-compatible"), the endpoint will be built using path style: i.e. "https://host/my.bucket".
http://play.minio.io requires path style always, no matter if the bucket name is "dns compatible" or not. Not having the option to set force_path_style would make 3scale incompatible with use cases where the name of the bucket is "dns-compatible" but the endpoint must still be in path-style.
Related to THREESCALE-4052
This PR ensures Paperclip will consider the new configuration options introduced by #1522 while uploading attachments to S3, passing them along to the
Aws::S3::Resourceinstance.s3_optionswith theendpointvalue (matchings3_protocolands3_host_name) if configured by the userforce_path_style: trueby defaultAWS S3
Minio.io
