Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support detecting region from FIPS URLs #1663

Merged
merged 1 commit into from
Jun 10, 2022
Merged

Support detecting region from FIPS URLs #1663

merged 1 commit into from
Jun 10, 2022

Conversation

balasankarc
Copy link
Contributor

Attempt to fix #1662

@balasankarc balasankarc mentioned this pull request Jun 10, 2022
Closed
@balasankarc balasankarc changed the title Support detecting region from FIPS URLs WIP: Support detecting region from FIPS URLs Jun 10, 2022
@balasankarc balasankarc marked this pull request as draft June 10, 2022 16:09
Support detecting region from FIPS URLs
ccb390c 
Signed-off-by: Balasankar 'Balu' C <balu@dravidam.net>
@balasankarc balasankarc force-pushed the support-fips-getregionfromurl branch from 8f05ea4 to ccb390c Compare June 10, 2022 16:31
@balasankarc balasankarc marked this pull request as ready for review June 10, 2022 16:31
@balasankarc balasankarc changed the title WIP: Support detecting region from FIPS URLs Support detecting region from FIPS URLs Jun 10, 2022
@balasankarc
Copy link
Contributor Author

@harshavardhana Could you please take a look? Thanks. (Apologies if pinging you directly wasn't the right thing to do. I checked the Contributor's guide and couldn't find what I should be doing to request reviews)

github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 10, 2022
View reviewed changes
pkg/s3utils/utils.go Show resolved Hide resolved
pkg/s3utils/utils.go
var amazonS3HostFIPS = regexp.MustCompile(`^s3-fips.(.*?).amazonaws.com$`)

// amazonS3HostFIPSDualStack - regular expression used to determine if an arg is s3 FIPS host dualstack.
var amazonS3HostFIPSDualStack = regexp.MustCompile(`^s3-fips.dualstack.(.*?).amazonaws.com$`)

Check failure

Code scanning / CodeQL

Incomplete regular expression for hostnames

This regular expression has an unescaped dot before 'amazonaws.com', so it might match more hosts than expected when used [here](1).
@harshavardhana harshavardhana merged commit 47da873 into minio:master Jun 10, 2022
@balasankarc
Copy link
Contributor Author

@harshavardhana Thanks a lot for the quick action on this one. Much appreciated.

BTW, is a new patch release planned anytime soon? Asking because this issue essentially prevents users from using FIPS endpoints for the GitLab Runner cache - https://gitlab.com/gitlab-org/gitlab-runner/-/issues/29112

gitlab-runner-bot pushed a commit to gitlabhq/gitlab-runner that referenced this pull request Jun 13, 2022
@stanhu
Update minio-go dependency to fix FIPS endpoints
e3c2e02 
Previously minio-go did not properly detect the region when AWS FIPS
endpoint were used. minio/minio-go#1663 fixes
this issue.

Relates to https://gitlab.com/gitlab-org/gitlab-runner/-/issues/29112
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@harshavardhana harshavardhana harshavardhana approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Uploading files using FIPS endpoints is broken
2 participants
@balasankarc @harshavardhana