From 52bb2cab831b07b8a233f72eed1f94db6486192e Mon Sep 17 00:00:00 2001 From: Vittorio Palmisano Date: Mon, 24 Jul 2023 16:59:46 +0200 Subject: [PATCH 1/3] Add S3 server side encryption option --- net/aws/src/s3sink/imp.rs | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/net/aws/src/s3sink/imp.rs b/net/aws/src/s3sink/imp.rs index a86cc418..3cd2190f 100644 --- a/net/aws/src/s3sink/imp.rs +++ b/net/aws/src/s3sink/imp.rs @@ -20,7 +20,7 @@ use aws_sdk_s3::{ upload_part::builders::UploadPartFluentBuilder, }, primitives::ByteStream, - types::{CompletedMultipartUpload, CompletedPart}, + types::{CompletedMultipartUpload, CompletedPart, ServerSideEncryption}, Client, }; @@ -30,6 +30,7 @@ use std::collections::HashMap; use std::convert::From; use std::sync::Mutex; use std::time::Duration; +use std::str::FromStr; use crate::s3url::*; use crate::s3utils::{self, duration_from_millis, duration_to_millis, WaitError}; @@ -103,6 +104,7 @@ struct Settings { key: Option, content_type: Option, content_disposition: Option, + server_side_encryption: Option, buffer_size: u64, access_key: Option, secret_access_key: Option, @@ -156,6 +158,7 @@ impl Default for Settings { key: None, content_type: None, content_disposition: None, + server_side_encryption: None, access_key: None, secret_access_key: None, session_token: None, @@ -355,6 +358,7 @@ impl S3Sink { let content_type = settings.content_type.clone(); let content_disposition = settings.content_disposition.clone(); let metadata = settings.to_metadata(self); + let server_side_encryption = ServerSideEncryption::from_str(&settings.server_side_encryption.clone().unwrap()).unwrap(); client .create_multipart_upload() @@ -363,6 +367,7 @@ impl S3Sink { .set_content_type(content_type) .set_content_disposition(content_disposition) .set_metadata(metadata) + .set_server_side_encryption(Some(server_side_encryption)) } fn create_abort_multipart_upload_request( @@ -766,6 +771,10 @@ impl ObjectImpl for S3Sink { .nick("content-disposition") .blurb("Content-Disposition header to set for uploaded object") .build(), + glib::ParamSpecString::builder("server-side-encryption") + .nick("server-side-encryption") + .blurb("The S3 server side encryption algorithm to use (AES256 or aws:kms)") + .build(), ] }); @@ -879,6 +888,11 @@ impl ObjectImpl for S3Sink { .get::>() .expect("type checked upstream"); } + "server-side-encryption" => { + settings.server_side_encryption = value + .get::>() + .expect("type checked upstream"); + } _ => unimplemented!(), } } @@ -920,6 +934,7 @@ impl ObjectImpl for S3Sink { "endpoint-uri" => settings.endpoint_uri.to_value(), "content-type" => settings.content_type.to_value(), "content-disposition" => settings.content_disposition.to_value(), + "server-side-encryption" => settings.server_side_encryption.to_value(), _ => unimplemented!(), } } From bab141a503e67fb82ecfe1b7c46eac5f97a2e3e5 Mon Sep 17 00:00:00 2001 From: Vittorio Palmisano Date: Mon, 24 Jul 2023 18:11:13 +0200 Subject: [PATCH 2/3] Handle errors --- net/aws/src/s3sink/imp.rs | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/net/aws/src/s3sink/imp.rs b/net/aws/src/s3sink/imp.rs index 3cd2190f..8f580ebe 100644 --- a/net/aws/src/s3sink/imp.rs +++ b/net/aws/src/s3sink/imp.rs @@ -358,7 +358,10 @@ impl S3Sink { let content_type = settings.content_type.clone(); let content_disposition = settings.content_disposition.clone(); let metadata = settings.to_metadata(self); - let server_side_encryption = ServerSideEncryption::from_str(&settings.server_side_encryption.clone().unwrap()).unwrap(); + let server_side_encryption = match ServerSideEncryption::from_str(&settings.server_side_encryption.clone().unwrap_or_default()) { + Ok(v) => Some(v), + Err(_e) => None, + }; client .create_multipart_upload() @@ -367,7 +370,7 @@ impl S3Sink { .set_content_type(content_type) .set_content_disposition(content_disposition) .set_metadata(metadata) - .set_server_side_encryption(Some(server_side_encryption)) + .set_server_side_encryption(server_side_encryption) } fn create_abort_multipart_upload_request( From e344cde714df35252d321150ff0078cff699a8ad Mon Sep 17 00:00:00 2001 From: Vittorio Palmisano Date: Wed, 26 Jul 2023 11:39:14 +0200 Subject: [PATCH 3/3] Lint --- net/aws/src/s3sink/imp.rs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/net/aws/src/s3sink/imp.rs b/net/aws/src/s3sink/imp.rs index 8f580ebe..0caa8af1 100644 --- a/net/aws/src/s3sink/imp.rs +++ b/net/aws/src/s3sink/imp.rs @@ -28,9 +28,9 @@ use futures::future; use gst::glib::once_cell::sync::Lazy; use std::collections::HashMap; use std::convert::From; +use std::str::FromStr; use std::sync::Mutex; use std::time::Duration; -use std::str::FromStr; use crate::s3url::*; use crate::s3utils::{self, duration_from_millis, duration_to_millis, WaitError}; @@ -358,7 +358,9 @@ impl S3Sink { let content_type = settings.content_type.clone(); let content_disposition = settings.content_disposition.clone(); let metadata = settings.to_metadata(self); - let server_side_encryption = match ServerSideEncryption::from_str(&settings.server_side_encryption.clone().unwrap_or_default()) { + let server_side_encryption = match ServerSideEncryption::from_str( + &settings.server_side_encryption.clone().unwrap_or_default(), + ) { Ok(v) => Some(v), Err(_e) => None, };