Allow regions to be set and honored for S3 driver. (#7010)

This is necessary for certain users where GetBucketLocation API is disabled using IAM policies. There is a field AmazonS3Region which we need to re-purpose and use to support this properly. Fixes https://github.com/mattermost/platform/issues/6999
2025-02-25 18:55:24 -06:00 · 2017-07-31 09:22:52 -07:00
parent c506c5cac6
commit 489602efe5
5 changed files with 49 additions and 22 deletions
--- a/api4/apitestlib.go
+++ b/api4/apitestlib.go
@@ -23,8 +23,9 @@ import (
 	"github.com/mattermost/platform/utils"
 	"github.com/mattermost/platform/wsapi"

-	s3 "github.com/minio/minio-go"
 	"github.com/mattermost/platform/jobs"
+	s3 "github.com/minio/minio-go"
+	"github.com/minio/minio-go/pkg/credentials"
 )

 type TestHelper struct {
@@ -641,11 +642,19 @@ func readTestFile(name string) ([]byte, error) {
 	}
 }

-func s3New(endpoint, accessKey, secretKey string, secure bool, signV2 bool) (*s3.Client, error) {
+// Similar to s3.New() but allows initialization of signature v2 or signature v4 client.
+// If signV2 input is false, function always returns signature v4.
+//
+// Additionally this function also takes a user defined region, if set
+// disables automatic region lookup.
+func s3New(endpoint, accessKey, secretKey string, secure bool, signV2 bool, region string) (*s3.Client, error) {
+	var creds *credentials.Credentials
 	if signV2 {
-		return s3.NewV2(endpoint, accessKey, secretKey, secure)
+		creds = credentials.NewStatic(accessKey, secretKey, "", credentials.SignatureV2)
+	} else {
+		creds = credentials.NewStatic(accessKey, secretKey, "", credentials.SignatureV4)
 	}
-	return s3.NewV4(endpoint, accessKey, secretKey, secure)
+	return s3.NewWithCredentials(endpoint, creds, secure, region)
 }

 func cleanupTestFile(info *model.FileInfo) error {
@@ -655,7 +664,8 @@ func cleanupTestFile(info *model.FileInfo) error {
 		secretKey := utils.Cfg.FileSettings.AmazonS3SecretAccessKey
 		secure := *utils.Cfg.FileSettings.AmazonS3SSL
 		signV2 := *utils.Cfg.FileSettings.AmazonS3SignV2
-		s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2)
+		region := utils.Cfg.FileSettings.AmazonS3Region
+		s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region)
 		if err != nil {
 			return err
 		}