diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-04-20 10:00:54 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-04-20 10:00:54 +0000 |
| commit | 3cccd102ba543e02725d247893729e5c73b38295 (patch) | |
| tree | f36a04ec38517f5deaaacb5acc7d949688d1e187 /workhorse/internal/upload/destination/objectstore/s3_session.go | |
| parent | 205943281328046ef7b4528031b90fbda70c75ac (diff) | |
| download | gitlab-ce-3cccd102ba543e02725d247893729e5c73b38295.tar.gz | |
Add latest changes from gitlab-org/gitlab@14-10-stable-eev14.10.0-rc42
Diffstat (limited to 'workhorse/internal/upload/destination/objectstore/s3_session.go')
| -rw-r--r-- | workhorse/internal/upload/destination/objectstore/s3_session.go | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/workhorse/internal/upload/destination/objectstore/s3_session.go b/workhorse/internal/upload/destination/objectstore/s3_session.go index a0c1f099145..aa38f18ed7a 100644 --- a/workhorse/internal/upload/destination/objectstore/s3_session.go +++ b/workhorse/internal/upload/destination/objectstore/s3_session.go @@ -6,6 +6,7 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/aws/endpoints" "github.com/aws/aws-sdk-go/aws/session" "gitlab.com/gitlab-org/gitlab/workhorse/internal/config" @@ -70,7 +71,23 @@ func setupS3Session(s3Credentials config.S3Credentials, s3Config config.S3Config } if s3Config.Endpoint != "" { - cfg.Endpoint = aws.String(s3Config.Endpoint) + // The administrator has configured an S3 endpoint override, + // e.g. to make use of S3 IPv6 support or S3 FIPS mode. We + // need to configure a custom resolver to make sure that + // the custom endpoint is only used for S3 API calls, and not + // for STS API calls. + s3CustomResolver := func(service, region string, optFns ...func(*endpoints.Options)) (endpoints.ResolvedEndpoint, error) { + if service == endpoints.S3ServiceID { + return endpoints.ResolvedEndpoint{ + URL: s3Config.Endpoint, + SigningRegion: region, + }, nil + } + + return endpoints.DefaultResolver().EndpointFor(service, region, optFns...) + } + + cfg.EndpointResolver = endpoints.ResolverFunc(s3CustomResolver) } sess, err := session.NewSession(cfg) |