Use S3 compatible driver for interacting with GCS #727
Conversation
| @@ -1,10 +1,13 @@ | |||
| # api | |||
|
|
|||
| ## 8x.34.2 - 18 January | |||
| - Use S3 driver for accessing static files in GCP buckets, using proper ACLs | |||
There was a problem hiding this comment.
I wanted to confirm I understand this correctly:
This applies exactly the same logic as #719 but also adds the 'visibility' => 'public' setting to all places we save files. For what it's worth I'd have no objection to also setting this for the whole Storage disk object since I can see us forgetting to set this in future and confusing us.
Indeed if I understood our possible desire to move towards Unified Bucket access (e.g. with no per object ACLs) perhaps we don't want to be having the s3 driver setting these things at at; we might want to advance to the 3.0 version (perhaps with a small feature outage while we do it). This would then allow Laravel to return the the state it was in before of "totally unaware of anything about the file visibility of uploaded logos".
These changes alone are not sufficient to make the feature work (i.e. logos won't be visible to the public) though since now the service account this is using needs to also have the right to make the ACL changes (since 1.0 of league/flysystem-aws-s3-v3) dies if it can't make the ACL changes it tries to.
There was a problem hiding this comment.
These changes alone are not sufficient to make the feature work (i.e. logos won't be visible to the public) though since now the service account this is using needs to also have the right to make the ACL changes (since 1.0 of league/flysystem-aws-s3-v3) dies if it can't make the ACL changes it tries to.
I'm not entirely sure what this paragraph is trying to say.
Ticket https://phabricator.wikimedia.org/T354744