-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(storage): add allow list check on S3 creation #858
base: master
Are you sure you want to change the base?
Conversation
d599d4e
to
fddf2c5
Compare
storage/s3.go
Outdated
}) | ||
} | ||
|
||
func NewS3(cfg S3Config, opts ...s3Opt) *S3 { | ||
func NewS3(cfg S3Config, opts ...S3Opt) (*S3, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Issue: Usually we don't want New
functions to return error. It should only instantiate the object.
In addition, this will break retro-compatibility.
Suggestion: From #804 (comment) suggestion is to log something in run time.
But if you really prefer to throw an error, I'd see either:
- return it in runtime (e.g.
Get
,Upload
, ...) but not very practical in fact - create a dedicated helper to validate the list. But it need to add this check everywhere.
- keep it like this. In that case take look at the current implementations in our code base
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I changed the way it's handled. WDYT?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for the delay and the change of mind, as we are in a context of configuration issue we should get an error as soon as possible. Hence the need to use an error in constructor (so your proposal in this commit: d599d4e...fddf2c5) 👍
From our implementation in code base (e.g. on database-core) we should make some change to fit the logic, i.e add a BackendGetter
struct on boot of the related service.
Note: this will imply to make a major update of the package.
For the record: https://scalingo.slack.com/archives/CRC7L0XM2/p1714063053317099?thread_ts=1714058866.915739&cid=CRC7L0XM2
03e6551
to
9ef694d
Compare
9ef694d
to
fc47dc8
Compare
<<<<<<< HEAD | ||
======= | ||
github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= | ||
github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= | ||
>>>>>>> 9ef694d (fix(s3): update go version) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is still a remaining conflict here
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh sorry, missed that one
storage/s3.go
Outdated
}) | ||
} | ||
|
||
func NewS3(cfg S3Config, opts ...s3Opt) *S3 { | ||
func NewS3(cfg S3Config, opts ...S3Opt) (*S3, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for the delay and the change of mind, as we are in a context of configuration issue we should get an error as soon as possible. Hence the need to use an error in constructor (so your proposal in this commit: d599d4e...fddf2c5) 👍
From our implementation in code base (e.g. on database-core) we should make some change to fit the logic, i.e add a BackendGetter
struct on boot of the related service.
Note: this will imply to make a major update of the package.
For the record: https://scalingo.slack.com/archives/CRC7L0XM2/p1714063053317099?thread_ts=1714058866.915739&cid=CRC7L0XM2
SigningRegion: cfg.Region, | ||
}, nil | ||
}) | ||
if endpointIsAllowed(cfg.Endpoint) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Suggestion(wording):
if endpointIsAllowed(cfg.Endpoint) { | |
if isEndpointAllowed(cfg.Endpoint) { |
@curzolapierre when you say "major update", what does this imply ? We're trying to keep a small scope in this change... |
As discussed with @leo-scalingo InfoSec will add the checks in the library and let IST update the projects during normal maintenance cycles |
CHANGELOG.md
NCP-555
Fix #804