Omit canonical ports for S3 endpoints

Stan Hurequested to merge
sh-omit-canonical-http-port-s3 into main

What does this MR do?

If ServerAddress included the :443 suffix, then presigned URLs for S3 may fail with 403 Forbidden because the AWS SDK appears to use the full endpoint to sign URLs. This was reported in the AWS SDK JavaScript issue tracker (https://github.com/aws/aws-sdk-js/issues/4062), and it appears to be an issue with Go as well.

Fix this by dropping the canonical ports for HTTP and HTTPS if present.

Why was this MR needed?

Preserves backwards compatibility when ServerAddress is something like minio.example.com:443.

What's the best way to test this MR?

  1. Spin up some public Minio or S3 endpoint.
  2. Use :443 in ServerAddress.
  [runners.cache]
    Type = "s3"
    MaxUploadedArchiveSize = 0
    [runners.cache.s3]
    BucketName = "runner-cache"
    DualStack = true
    AccessKey = "YOUR-ACCESS-KEY"
    SecretKey = "YOUR-SECRET-KEY"
    ServerAddress = "minio.example.com:443"

What are the relevant issue numbers?

Relates to #38282 (closed)

Edited by Stan Hu

Merge request reports