0
0
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2024-12-28 10:04:43 +01:00
gitea/modules/storage
Michael Owoc 713364fc71
Support optional/configurable IAMEndpoint for Minio Client (#32581) (#32581)
Targeting issue #32271

This modification allows native Kubernetes + AWS (EKS) authentication
with the Minio client, to Amazon S3 using the IRSA role assigned to a
Service account by replacing the hard coded reference to the
`DefaultIAMRoleEndpoint` with an optional configurable endpoint.

Internally, Minio's `credentials.IAM` provider implements a discovery
flow for IAM Endpoints if it is not set.

For backwards compatibility: 
- We have added a configuration mechanism for an `IamEndpoint` to retain
the unit test safety in `minio_test.go`.
- We believe existing clients will continue to function the same without
needing to provide a new config property since the internals of Minio
client also often resolve to the `http://169.254.169.254` default
endpoint that was being hard coded before

To test, we were able to build a docker image from source and, observe
it choosing the expected IAM endpoint, and see files uploaded via the
client.
2024-11-22 20:12:06 +00:00
..
testdata
azureblob.go
azureblob_test.go
helper.go
helper_test.go
local.go
local_test.go
minio.go Support optional/configurable IAMEndpoint for Minio Client (#32581) (#32581) 2024-11-22 20:12:06 +00:00
minio_test.go Support optional/configurable IAMEndpoint for Minio Client (#32581) (#32581) 2024-11-22 20:12:06 +00:00
storage.go
storage_test.go