mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
97dc15b1d1
Previously the timeout was not set in the client's constructor, thus the zero value was used. The client did not wait for invalidation. To prevent this in the future a warning is logged if wait is disabled. Co-authored-by: Daniel Weiße <dw@edgeless.systems>
92 lines
2.9 KiB
Go
92 lines
2.9 KiB
Go
/*
|
|
Copyright (c) Edgeless Systems GmbH
|
|
|
|
SPDX-License-Identifier: AGPL-3.0-only
|
|
*/
|
|
|
|
// package archive is used to archive OS images in S3.
|
|
package archive
|
|
|
|
import (
|
|
"context"
|
|
"io"
|
|
"net/url"
|
|
"time"
|
|
|
|
s3manager "github.com/aws/aws-sdk-go-v2/feature/s3/manager"
|
|
"github.com/aws/aws-sdk-go-v2/service/s3"
|
|
s3types "github.com/aws/aws-sdk-go-v2/service/s3/types"
|
|
"github.com/edgelesssys/constellation/v2/internal/api/versionsapi"
|
|
"github.com/edgelesssys/constellation/v2/internal/constants"
|
|
"github.com/edgelesssys/constellation/v2/internal/logger"
|
|
"github.com/edgelesssys/constellation/v2/internal/staticupload"
|
|
)
|
|
|
|
// Archivist uploads OS images to S3.
|
|
type Archivist struct {
|
|
uploadClient uploadClient
|
|
uploadClientClose func(ctx context.Context) error
|
|
// bucket is the name of the S3 bucket to use.
|
|
bucket string
|
|
|
|
log *logger.Logger
|
|
}
|
|
|
|
// New creates a new Archivist.
|
|
func New(ctx context.Context, region, bucket, distributionID string, log *logger.Logger) (*Archivist, CloseFunc, error) {
|
|
staticUploadClient, staticUploadClientClose, err := staticupload.New(ctx, staticupload.Config{
|
|
Region: region,
|
|
Bucket: bucket,
|
|
DistributionID: distributionID,
|
|
CacheInvalidationStrategy: staticupload.CacheInvalidateBatchOnFlush,
|
|
CacheInvalidationWaitTimeout: 10 * time.Minute,
|
|
}, log)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
archivist := &Archivist{
|
|
uploadClient: staticUploadClient,
|
|
uploadClientClose: staticUploadClientClose,
|
|
bucket: bucket,
|
|
log: log,
|
|
}
|
|
archivistClose := func(ctx context.Context) error {
|
|
return archivist.Close(ctx)
|
|
}
|
|
|
|
return archivist, archivistClose, nil
|
|
}
|
|
|
|
// Close closes the uploader.
|
|
// It invalidates the CDN cache for all uploaded files.
|
|
func (a *Archivist) Close(ctx context.Context) error {
|
|
if a.uploadClientClose == nil {
|
|
return nil
|
|
}
|
|
return a.uploadClientClose(ctx)
|
|
}
|
|
|
|
// Archive reads the OS image in img and uploads it as key.
|
|
func (a *Archivist) Archive(ctx context.Context, version versionsapi.Version, csp, attestationVariant string, img io.Reader) (string, error) {
|
|
key, err := url.JoinPath(version.ArtifactPath(versionsapi.APIV1), version.Kind().String(), "csp", csp, attestationVariant, "image.raw")
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
a.log.Debugf("Archiving OS image %s %s %v to s3://%v/%v", csp, attestationVariant, version.ShortPath(), a.bucket, key)
|
|
_, err = a.uploadClient.Upload(ctx, &s3.PutObjectInput{
|
|
Bucket: &a.bucket,
|
|
Key: &key,
|
|
Body: img,
|
|
ChecksumAlgorithm: s3types.ChecksumAlgorithmSha256,
|
|
})
|
|
return constants.CDNRepositoryURL + "/" + key, err
|
|
}
|
|
|
|
type uploadClient interface {
|
|
Upload(ctx context.Context, input *s3.PutObjectInput, opts ...func(*s3manager.Uploader)) (*s3manager.UploadOutput, error)
|
|
}
|
|
|
|
// CloseFunc is a function that closes the client.
|
|
type CloseFunc func(ctx context.Context) error
|