GitLab Next

In GitLab 13.1.0, we added an S3 client to Workhorse (gitlab-workhorse!466 (merged)). Previously this client would only be enabled if AWS instance profiles (use_iam_profile) were used. We extend this functionality if the consolidated object storage settings are enabled for AWS.

This will fix ETag Mismatch errors with non-AWS S3 providers and pave the way for supporting encrypted S3 buckets with customer-provided keys.

Relates to #220288 (closed)

Testing

In the GDK, this can be tested by commenting out all the other XXX.object_store fields (e.g. lfs.object_store, artifacts.object_store, etc.) in gitlab.yml and adding this blurb:

  object_store:
    enabled: true
    connection:
      provider: AWS
      aws_access_key_id: minio
      aws_secret_access_key: gdk-minio
      region: gdk
      endpoint: 'http://127.0.0.1:9000'
      path_style: true
    proxy_download: true
    objects:
      artifacts:
        bucket: artifacts
      external_diffs:
        bucket: external-diffs
      lfs:
        bucket: lfs-objects
      uploads:
        buckets: uploads
      packages:
        bucket: packages
      dependency_proxy:
        bucket: dependency_proxy
      terraform_state:
        bucket: terraform