Use S3 Workhorse client with consolidated object store settings (!35480) · Merge requests · GitLab.org / GitLab

Stan Hu requested to merge sh-enable-workhorse-s3-client-consolidated into master Jun 27, 2020

In GitLab 13.1.0, we added an S3 client to Workhorse (gitlab-workhorse!466 (merged)). Previously this client would only be enabled if AWS instance profiles (use_iam_profile) were used. We extend this functionality if the consolidated object storage settings are enabled for AWS.

This will fix ETag Mismatch errors with non-AWS S3 providers and pave the way for supporting encrypted S3 buckets with customer-provided keys.

Relates to #220288 (closed)

Testing

In the GDK, this can be tested by commenting out all the other XXX.object_store fields (e.g. lfs.object_store, artifacts.object_store, etc.) in gitlab.yml and adding this blurb:

  object_store:
    enabled: true
    connection:
      provider: AWS
      aws_access_key_id: minio
      aws_secret_access_key: gdk-minio
      region: gdk
      endpoint: 'http://127.0.0.1:9000'
      path_style: true
    proxy_download: true
    objects:
      artifacts:
        bucket: artifacts
      external_diffs:
        bucket: external-diffs
      lfs:
        bucket: lfs-objects
      uploads:
        buckets: uploads
      packages:
        bucket: packages
      dependency_proxy:
        bucket: dependency_proxy
      terraform_state:
        bucket: terraform

Edited Jul 02, 2020 by Stan Hu

Use S3 Workhorse client with consolidated object store settings

Testing

Merge request reports