Add s3 config to list objects version (#6280)

Signed-off-by: SungJin1212 <[email protected]>

CHANGELOG.md

@@ -9,6 +9,7 @@
 * [FEATURE] Ruler: Minimize chances of missed rule group evaluations that can occur due to OOM kills, bad underlying nodes, or due to an unhealthy ruler that appears in the ring as healthy. This feature is enabled via `-ruler.enable-ha-evaluation` flag. #6129
 * [FEATURE] Store Gateway: Add an in-memory chunk cache. #6245
 * [FEATURE] Chunk Cache: Support multi level cache and add metrics. #6249
+* [ENHANCEMENT] S3 Bucket Client: Add a list objects version configs to configure list api object version. #6280
 * [ENHANCEMENT] Query Frontend: Add new query stats metrics `cortex_query_samples_scanned_total` and `cortex_query_peak_samples` to track scannedSamples and peakSample per user. #6228
 * [ENHANCEMENT] Ingester: Add `blocks-storage.tsdb.wal-compression-type` to support zstd wal compression type. #6232
 * [ENHANCEMENT] Query Frontend: Add info field to query response. #6207

docs/blocks-storage/querier.md

@@ -312,6 +312,10 @@ blocks_storage:
     # CLI flag: -blocks-storage.s3.send-content-md5
     [send_content_md5: <boolean> | default = true]
 
+    # The list api version. Supported values are: v1, v2, and ''.
+    # CLI flag: -blocks-storage.s3.list-objects-version
+    [list_objects_version: <string> | default = ""]
+
     # The s3_sse_config configures the S3 server-side encryption.
     # The CLI flags prefix for this block config is: blocks-storage
     [sse: <s3_sse_config>]

docs/blocks-storage/store-gateway.md

@@ -403,6 +403,10 @@ blocks_storage:
     # CLI flag: -blocks-storage.s3.send-content-md5
     [send_content_md5: <boolean> | default = true]
 
+    # The list api version. Supported values are: v1, v2, and ''.
+    # CLI flag: -blocks-storage.s3.list-objects-version
+    [list_objects_version: <string> | default = ""]
+
     # The s3_sse_config configures the S3 server-side encryption.
     # The CLI flags prefix for this block config is: blocks-storage
     [sse: <s3_sse_config>]

docs/configuration/config-file-reference.md

@@ -563,6 +563,10 @@ s3:
   # CLI flag: -alertmanager-storage.s3.send-content-md5
   [send_content_md5: <boolean> | default = true]
 
+  # The list api version. Supported values are: v1, v2, and ''.
+  # CLI flag: -alertmanager-storage.s3.list-objects-version
+  [list_objects_version: <string> | default = ""]
+
   # The s3_sse_config configures the S3 server-side encryption.
   # The CLI flags prefix for this block config is: alertmanager-storage
   [sse: <s3_sse_config>]
@@ -842,6 +846,10 @@ s3:
   # CLI flag: -blocks-storage.s3.send-content-md5
   [send_content_md5: <boolean> | default = true]
 
+  # The list api version. Supported values are: v1, v2, and ''.
+  # CLI flag: -blocks-storage.s3.list-objects-version
+  [list_objects_version: <string> | default = ""]
+
   # The s3_sse_config configures the S3 server-side encryption.
   # The CLI flags prefix for this block config is: blocks-storage
   [sse: <s3_sse_config>]
@@ -4611,6 +4619,10 @@ s3:
   # CLI flag: -ruler-storage.s3.send-content-md5
   [send_content_md5: <boolean> | default = true]
 
+  # The list api version. Supported values are: v1, v2, and ''.
+  # CLI flag: -ruler-storage.s3.list-objects-version
+  [list_objects_version: <string> | default = ""]
+
   # The s3_sse_config configures the S3 server-side encryption.
   # The CLI flags prefix for this block config is: ruler-storage
   [sse: <s3_sse_config>]
@@ -4898,6 +4910,10 @@ s3:
   # CLI flag: -runtime-config.s3.send-content-md5
   [send_content_md5: <boolean> | default = true]
 
+  # The list api version. Supported values are: v1, v2, and ''.
+  # CLI flag: -runtime-config.s3.list-objects-version
+  [list_objects_version: <string> | default = ""]
+
   # The s3_sse_config configures the S3 server-side encryption.
   # The CLI flags prefix for this block config is: runtime-config
   [sse: <s3_sse_config>]

pkg/storage/bucket/s3/bucket_client.go

@@ -102,9 +102,10 @@ func newS3Config(cfg Config) (s3.Config, error) {
 			Transport:             cfg.HTTP.Transport,
 		},
 		// Enforce signature version 2 if CLI flag is set
-		SignatureV2:      cfg.SignatureVersion == SignatureVersionV2,
-		BucketLookupType: bucketLookupType,
-		AWSSDKAuth:       cfg.AccessKeyID == "",
+		ListObjectsVersion: cfg.ListObjectsVersion,
+		SignatureV2:        cfg.SignatureVersion == SignatureVersionV2,
+		BucketLookupType:   bucketLookupType,
+		AWSSDKAuth:         cfg.AccessKeyID == "",
 	}, nil
 }
 

pkg/storage/bucket/s3/config.go

@@ -31,16 +31,21 @@ const (
 	BucketAutoLookup        = "auto"
 	BucketVirtualHostLookup = "virtual-hosted"
 	BucketPathLookup        = "path"
+
+	ListObjectsVersionV1 = "v1"
+	ListObjectsVersionV2 = "v2"
 )
 
 var (
 	supportedSignatureVersions     = []string{SignatureVersionV4, SignatureVersionV2}
 	supportedSSETypes              = []string{SSEKMS, SSES3}
 	supportedBucketLookupTypes     = []string{BucketAutoLookup, BucketVirtualHostLookup, BucketPathLookup}
+	supportedListObjectsVersion    = []string{ListObjectsVersionV1, ListObjectsVersionV2}
 	errUnsupportedSignatureVersion = errors.New("unsupported signature version")
 	errUnsupportedSSEType          = errors.New("unsupported S3 SSE type")
 	errInvalidSSEContext           = errors.New("invalid S3 SSE encryption context")
 	errInvalidBucketLookupType     = errors.New("invalid bucket lookup type")
+	errInvalidListObjectsVersion   = errors.New("invalid list object version")
 )
 
 // HTTPConfig stores the http.Transport configuration for the s3 minio client.
@@ -58,15 +63,16 @@ func (cfg *HTTPConfig) RegisterFlagsWithPrefix(prefix string, f *flag.FlagSet) {
 
 // Config holds the config options for an S3 backend
 type Config struct {
-	Endpoint         string         `yaml:"endpoint"`
-	Region           string         `yaml:"region"`
-	BucketName       string         `yaml:"bucket_name"`
-	SecretAccessKey  flagext.Secret `yaml:"secret_access_key"`
-	AccessKeyID      string         `yaml:"access_key_id"`
-	Insecure         bool           `yaml:"insecure"`
-	SignatureVersion string         `yaml:"signature_version"`
-	BucketLookupType string         `yaml:"bucket_lookup_type"`
-	SendContentMd5   bool           `yaml:"send_content_md5"`
+	Endpoint           string         `yaml:"endpoint"`
+	Region             string         `yaml:"region"`
+	BucketName         string         `yaml:"bucket_name"`
+	SecretAccessKey    flagext.Secret `yaml:"secret_access_key"`
+	AccessKeyID        string         `yaml:"access_key_id"`
+	Insecure           bool           `yaml:"insecure"`
+	SignatureVersion   string         `yaml:"signature_version"`
+	BucketLookupType   string         `yaml:"bucket_lookup_type"`
+	SendContentMd5     bool           `yaml:"send_content_md5"`
+	ListObjectsVersion string         `yaml:"list_objects_version"`
 
 	SSE  SSEConfig  `yaml:"sse"`
 	HTTP HTTPConfig `yaml:"http"`
@@ -88,6 +94,7 @@ func (cfg *Config) RegisterFlagsWithPrefix(prefix string, f *flag.FlagSet) {
 	f.StringVar(&cfg.SignatureVersion, prefix+"s3.signature-version", SignatureVersionV4, fmt.Sprintf("The signature version to use for authenticating against S3. Supported values are: %s.", strings.Join(supportedSignatureVersions, ", ")))
 	f.StringVar(&cfg.BucketLookupType, prefix+"s3.bucket-lookup-type", BucketAutoLookup, fmt.Sprintf("The s3 bucket lookup style. Supported values are: %s.", strings.Join(supportedBucketLookupTypes, ", ")))
 	f.BoolVar(&cfg.SendContentMd5, prefix+"s3.send-content-md5", true, "If true, attach MD5 checksum when upload objects and S3 uses MD5 checksum algorithm to verify the provided digest. If false, use CRC32C algorithm instead.")
+	f.StringVar(&cfg.ListObjectsVersion, prefix+"s3.list-objects-version", "", fmt.Sprintf("The list api version. Supported values are: %s, and ''.", strings.Join(supportedListObjectsVersion, ", ")))
 	cfg.SSE.RegisterFlagsWithPrefix(prefix+"s3.sse.", f)
 	cfg.HTTP.RegisterFlagsWithPrefix(prefix, f)
 }
@@ -100,6 +107,11 @@ func (cfg *Config) Validate() error {
 	if !util.StringsContain(supportedBucketLookupTypes, cfg.BucketLookupType) {
 		return errInvalidBucketLookupType
 	}
+	if cfg.ListObjectsVersion != "" {
+		if !util.StringsContain(supportedListObjectsVersion, cfg.ListObjectsVersion) {
+			return errInvalidListObjectsVersion
+		}
+	}
 
 	if err := cfg.SSE.Validate(); err != nil {
 		return err

pkg/storage/bucket/s3/config_test.go

@@ -168,6 +168,61 @@ func TestSSEConfig_Validate(t *testing.T) {
 	}
 }
 
+func TestS3Config_Validate(t *testing.T) {
+	tests := map[string]struct {
+		cfg         *Config
+		expectedErr error
+	}{
+		"should pass with valid config": {
+			cfg: &Config{
+				SignatureVersion:   SignatureVersionV4,
+				BucketLookupType:   BucketAutoLookup,
+				ListObjectsVersion: ListObjectsVersionV2,
+			},
+			expectedErr: nil,
+		},
+		"should fail with invalid signature version": {
+			cfg: &Config{
+				SignatureVersion:   "v3",
+				BucketLookupType:   BucketAutoLookup,
+				ListObjectsVersion: ListObjectsVersionV2,
+			},
+			expectedErr: errUnsupportedSignatureVersion,
+		},
+		"should fail with invalid bucket lookup type": {
+			cfg: &Config{
+				SignatureVersion:   SignatureVersionV4,
+				BucketLookupType:   "dummy",
+				ListObjectsVersion: ListObjectsVersionV2,
+			},
+			expectedErr: errInvalidBucketLookupType,
+		},
+		"should fail with invalid list objects version": {
+			cfg: &Config{
+				SignatureVersion:   SignatureVersionV4,
+				BucketLookupType:   BucketAutoLookup,
+				ListObjectsVersion: "v3",
+			},
+			expectedErr: errInvalidListObjectsVersion,
+		},
+		"should pass with empty list objects version": {
+			cfg: &Config{
+				SignatureVersion:   SignatureVersionV4,
+				BucketLookupType:   BucketAutoLookup,
+				ListObjectsVersion: "",
+			},
+			expectedErr: nil,
+		},
+	}
+
+	for testName, test := range tests {
+		t.Run(testName, func(t *testing.T) {
+			err := test.cfg.Validate()
+			require.Equal(t, test.expectedErr, err)
+		})
+	}
+}
+
 func TestSSEConfig_BuildMinioConfig(t *testing.T) {
 	tests := map[string]struct {
 		cfg             *SSEConfig