Prepare v0.5.17-pre.2

This release fixes configuration for strict object storage
implementations
This commit is contained in:
asonix 2024-06-25 15:34:41 -05:00
parent 147f9406c8
commit 38a5b72606
10 changed files with 40 additions and 44 deletions

2
Cargo.lock generated
View file

@ -1971,7 +1971,7 @@ dependencies = [
[[package]] [[package]]
name = "pict-rs" name = "pict-rs"
version = "0.5.17-pre.1" version = "0.5.17-pre.2"
dependencies = [ dependencies = [
"actix-form-data", "actix-form-data",
"actix-web", "actix-web",

View file

@ -1,7 +1,7 @@
[package] [package]
name = "pict-rs" name = "pict-rs"
description = "A simple image hosting service" description = "A simple image hosting service"
version = "0.5.17-pre.1" version = "0.5.17-pre.2"
authors = ["asonix <asonix@asonix.dog>"] authors = ["asonix <asonix@asonix.dog>"]
license = "AGPL-3.0" license = "AGPL-3.0"
readme = "README.md" readme = "README.md"

View file

@ -11,7 +11,7 @@
rustPlatform.buildRustPackage { rustPlatform.buildRustPackage {
pname = "pict-rs"; pname = "pict-rs";
version = "0.5.17-pre.1"; version = "0.5.17-pre.2";
src = ./.; src = ./.;
cargoLock = { cargoLock = {

View file

@ -741,14 +741,6 @@ secret_key = 'SECRET_KEY'
# default: empty # default: empty
session_token = 'SESSION_TOKEN' session_token = 'SESSION_TOKEN'
## Optional: set how long object storage signatures are valid for (in seconds)
# environment variable: PICTRS__STORE__SIGNATURE_DURATION
# default: 15
#
# This can be useful if your object storage might take a while to process requests. It should not be
# increased more than needed to prevent replay attacks.
signature_duration = 15
## Optional: set how long pict-rs will wait (in seconds) for a response from object storage ## Optional: set how long pict-rs will wait (in seconds) for a response from object storage
# environment variable: PICTRS__STORE__CLIENT_TIMEOUT # environment variable: PICTRS__STORE__CLIENT_TIMEOUT
# default: 30 # default: 30

14
releases/0.5.17-pre.2.md Normal file
View file

@ -0,0 +1,14 @@
# pict-rs 0.5.17-pre.2
pict-rs is a simple image hosting microservice, designed to handle storing and retrieving images,
animations, and videos, as well as providing basic image processing functionality.
## Overview
pict-rs 0.5.17-pre.2 fixes bugs with object storage configuration introduced in 0.5.17-pre.1, and
removes unused configuration options.
## Upgrade Notes
There are no significant changes from 0.5.17-pre.1. Upgrading should be as simple as pulling a new
version of pict-rs.

View file

@ -1490,13 +1490,6 @@ struct ObjectStorage {
#[serde(skip_serializing_if = "Option::is_none")] #[serde(skip_serializing_if = "Option::is_none")]
session_token: Option<String>, session_token: Option<String>,
/// How long signatures for object storage requests are valid (in seconds)
///
/// This defaults to 15 seconds
#[arg(long)]
#[serde(skip_serializing_if = "Option::is_none")]
signature_duration: Option<u64>,
/// How long a client can wait on an object storage request before giving up (in seconds) /// How long a client can wait on an object storage request before giving up (in seconds)
/// ///
/// This defaults to 30 seconds /// This defaults to 30 seconds

View file

@ -201,8 +201,6 @@ pub(super) struct FilesystemDefaults {
#[derive(Clone, Debug, serde::Serialize)] #[derive(Clone, Debug, serde::Serialize)]
#[serde(rename_all = "snake_case")] #[serde(rename_all = "snake_case")]
pub(super) struct ObjectStorageDefaults { pub(super) struct ObjectStorageDefaults {
pub(super) signature_duration: u64,
pub(super) client_timeout: u64, pub(super) client_timeout: u64,
} }
@ -390,10 +388,7 @@ impl Default for FilesystemDefaults {
impl Default for ObjectStorageDefaults { impl Default for ObjectStorageDefaults {
fn default() -> Self { fn default() -> Self {
Self { Self { client_timeout: 30 }
signature_duration: 15,
client_timeout: 30,
}
} }
} }

View file

@ -81,11 +81,6 @@ pub(crate) struct ObjectStorage {
#[serde(skip_serializing_if = "Option::is_none")] #[serde(skip_serializing_if = "Option::is_none")]
pub(crate) session_token: Option<String>, pub(crate) session_token: Option<String>,
/// How long signatures for object storage requests are valid (in seconds)
///
/// This defaults to 15 seconds
pub(crate) signature_duration: u64,
/// How long a client can wait on an object storage request before giving up (in seconds) /// How long a client can wait on an object storage request before giving up (in seconds)
/// ///
/// This defaults to 30 seconds /// This defaults to 30 seconds
@ -107,9 +102,6 @@ impl From<crate::config::primitives::ObjectStorage> for ObjectStorage {
access_key: value.access_key, access_key: value.access_key,
secret_key: value.secret_key, secret_key: value.secret_key,
session_token: value.session_token, session_token: value.session_token,
signature_duration: value
.signature_duration
.unwrap_or(defaults.signature_duration),
client_timeout: value.client_timeout.unwrap_or(defaults.client_timeout), client_timeout: value.client_timeout.unwrap_or(defaults.client_timeout),
public_endpoint: value.public_endpoint, public_endpoint: value.public_endpoint,
} }

View file

@ -191,13 +191,6 @@ pub(crate) struct ObjectStorage {
#[serde(skip_serializing_if = "Option::is_none")] #[serde(skip_serializing_if = "Option::is_none")]
pub(crate) session_token: Option<String>, pub(crate) session_token: Option<String>,
/// How long signatures for object storage requests are valid (in seconds)
///
/// This defaults to 15 seconds
#[arg(long)]
#[serde(skip_serializing_if = "Option::is_none")]
pub(crate) signature_duration: Option<u64>,
/// How long a client can wait on an object storage request before giving up (in seconds) /// How long a client can wait on an object storage request before giving up (in seconds)
/// ///
/// This defaults to 30 seconds /// This defaults to 30 seconds

View file

@ -20,6 +20,9 @@ const CHUNK_SIZE: usize = 8_388_608; // 8 Mebibytes, min is 5 (5_242_880);
#[derive(Debug, thiserror::Error)] #[derive(Debug, thiserror::Error)]
pub(crate) enum ObjectError { pub(crate) enum ObjectError {
#[error("Failed to set the vhost-style bucket name")]
SetHost,
#[error("IO Error")] #[error("IO Error")]
IO(#[from] std::io::Error), IO(#[from] std::io::Error),
@ -36,7 +39,9 @@ pub(crate) enum ObjectError {
impl ObjectError { impl ObjectError {
pub(super) const fn error_code(&self) -> ErrorCode { pub(super) const fn error_code(&self) -> ErrorCode {
match self { match self {
Self::BuildClient(_) | Self::Request(_) => ErrorCode::OBJECT_REQUEST_ERROR, Self::SetHost | Self::BuildClient(_) | Self::Request(_) => {
ErrorCode::OBJECT_REQUEST_ERROR
}
Self::IO(_) => ErrorCode::OBJECT_IO_ERROR, Self::IO(_) => ErrorCode::OBJECT_IO_ERROR,
Self::Canceled => ErrorCode::PANIC, Self::Canceled => ErrorCode::PANIC,
} }
@ -306,7 +311,7 @@ impl ObjectStore {
#[tracing::instrument(skip(access_key, secret_key, session_token))] #[tracing::instrument(skip(access_key, secret_key, session_token))]
pub(crate) async fn new( pub(crate) async fn new(
crate::config::ObjectStorage { crate::config::ObjectStorage {
endpoint, mut endpoint,
bucket_name, bucket_name,
use_path_style, use_path_style,
region, region,
@ -315,7 +320,6 @@ impl ObjectStore {
session_token, session_token,
client_timeout, client_timeout,
public_endpoint, public_endpoint,
signature_duration: _,
}: crate::config::ObjectStorage, }: crate::config::ObjectStorage,
) -> Result<ObjectStore, StoreError> { ) -> Result<ObjectStore, StoreError> {
let https = endpoint.scheme() == "https"; let https = endpoint.scheme() == "https";
@ -324,10 +328,23 @@ impl ObjectStore {
.with_timeout(Duration::from_secs(client_timeout)) .with_timeout(Duration::from_secs(client_timeout))
.with_allow_http(!https); .with_allow_http(!https);
let use_vhost_style = !use_path_style;
if use_vhost_style {
if let Some(host) = endpoint.host() {
if !host.to_string().starts_with(&bucket_name) {
let new_host = format!("{bucket_name}.{host}");
endpoint
.set_host(Some(&new_host))
.map_err(|_| ObjectError::SetHost)?;
}
}
}
let builder = AmazonS3Builder::new() let builder = AmazonS3Builder::new()
.with_endpoint(endpoint) .with_endpoint(endpoint.as_str().trim_end_matches('/'))
.with_bucket_name(bucket_name) .with_bucket_name(bucket_name)
.with_virtual_hosted_style_request(!use_path_style) .with_virtual_hosted_style_request(use_vhost_style)
.with_region(region) .with_region(region)
.with_access_key_id(access_key) .with_access_key_id(access_key)
.with_secret_access_key(secret_key) .with_secret_access_key(secret_key)