Use S3 Workhorse client with consolidated object store settings
In GitLab 13.1.0, we added an S3 client to Workhorse
(gitlab-workhorse!466 (merged)).
Previously this client would only be enabled if AWS instance profiles
(use_iam_profile
) were used. We extend this functionality if the
consolidated object storage settings are enabled for AWS.
This will fix ETag Mismatch errors with non-AWS S3 providers and pave the way for supporting encrypted S3 buckets with customer-provided keys.
Relates to #220288 (closed)
Testing
In the GDK, this can be tested by commenting out all the other XXX.object_store
fields (e.g. lfs.object_store
, artifacts.object_store
, etc.) in gitlab.yml
and adding this blurb:
object_store:
enabled: true
connection:
provider: AWS
aws_access_key_id: minio
aws_secret_access_key: gdk-minio
region: gdk
endpoint: 'http://127.0.0.1:9000'
path_style: true
proxy_download: true
objects:
artifacts:
bucket: artifacts
external_diffs:
bucket: external-diffs
lfs:
bucket: lfs-objects
uploads:
buckets: uploads
packages:
bucket: packages
dependency_proxy:
bucket: dependency_proxy
terraform_state:
bucket: terraform
Edited by Stan Hu