Prepare v0.5.17-pre.2

This release fixes configuration for strict object storage implementations
2024-11-20 11:21:14 +00:00 · 2024-06-25 15:34:41 -05:00 · 2024-06-25 15:34:41 -05:00 · 38a5b72606
commit 38a5b72606
parent 147f9406c8
10 changed files with 40 additions and 44 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -1971,7 +1971,7 @@ dependencies = [

 [[package]]
 name = "pict-rs"
-version = "0.5.17-pre.1"
+version = "0.5.17-pre.2"
 dependencies = [
 "actix-form-data",
 "actix-web",
--- a/Cargo.toml
+++ b/Cargo.toml
@ -1,7 +1,7 @@
 [package]
 name = "pict-rs"
 description = "A simple image hosting service"
-version = "0.5.17-pre.1"
+version = "0.5.17-pre.2"
 authors = ["asonix <asonix@asonix.dog>"]
 license = "AGPL-3.0"
 readme = "README.md"
--- a/pict-rs.nix
+++ b/pict-rs.nix
@ -11,7 +11,7 @@

 rustPlatform.buildRustPackage {
  pname = "pict-rs";
-  version = "0.5.17-pre.1";
+  version = "0.5.17-pre.2";
  src = ./.;

  cargoLock = {
--- a/pict-rs.toml
+++ b/pict-rs.toml
@ -741,14 +741,6 @@ secret_key = 'SECRET_KEY'
 # default: empty
 session_token = 'SESSION_TOKEN'

-## Optional: set how long object storage signatures are valid for (in seconds)
-# environment variable: PICTRS__STORE__SIGNATURE_DURATION
-# default: 15
-#
-# This can be useful if your object storage might take a while to process requests. It should not be
-# increased more than needed to prevent replay attacks.
-signature_duration = 15
-
 ## Optional: set how long pict-rs will wait (in seconds) for a response from object storage
 # environment variable: PICTRS__STORE__CLIENT_TIMEOUT
 # default: 30
--- a/releases/0.5.17-pre.2.md
+++ b/releases/0.5.17-pre.2.md
@ -0,0 +1,14 @@
+# pict-rs 0.5.17-pre.2
+
+pict-rs is a simple image hosting microservice, designed to handle storing and retrieving images,
+animations, and videos, as well as providing basic image processing functionality.
+
+## Overview
+
+pict-rs 0.5.17-pre.2 fixes bugs with object storage configuration introduced in 0.5.17-pre.1, and
+removes unused configuration options.
+
+## Upgrade Notes
+
+There are no significant changes from 0.5.17-pre.1. Upgrading should be as simple as pulling a new
+version of pict-rs.
--- a/src/config/commandline.rs
+++ b/src/config/commandline.rs
@ -1490,13 +1490,6 @@ struct ObjectStorage {
    #[serde(skip_serializing_if = "Option::is_none")]
    session_token: Option<String>,

-    /// How long signatures for object storage requests are valid (in seconds)
-    ///
-    /// This defaults to 15 seconds
-    #[arg(long)]
-    #[serde(skip_serializing_if = "Option::is_none")]
-    signature_duration: Option<u64>,
-
    /// How long a client can wait on an object storage request before giving up (in seconds)
    ///
    /// This defaults to 30 seconds
--- a/src/config/defaults.rs
+++ b/src/config/defaults.rs
@ -201,8 +201,6 @@ pub(super) struct FilesystemDefaults {
 #[derive(Clone, Debug, serde::Serialize)]
 #[serde(rename_all = "snake_case")]
 pub(super) struct ObjectStorageDefaults {
-    pub(super) signature_duration: u64,
-
    pub(super) client_timeout: u64,
 }

@ -390,10 +388,7 @@ impl Default for FilesystemDefaults {

 impl Default for ObjectStorageDefaults {
    fn default() -> Self {
-        Self {
-            signature_duration: 15,
-            client_timeout: 30,
-        }
+        Self { client_timeout: 30 }
    }
 }

--- a/src/config/file.rs
+++ b/src/config/file.rs
@ -81,11 +81,6 @@ pub(crate) struct ObjectStorage {
    #[serde(skip_serializing_if = "Option::is_none")]
    pub(crate) session_token: Option<String>,

-    /// How long signatures for object storage requests are valid (in seconds)
-    ///
-    /// This defaults to 15 seconds
-    pub(crate) signature_duration: u64,
-
    /// How long a client can wait on an object storage request before giving up (in seconds)
    ///
    /// This defaults to 30 seconds
@ -107,9 +102,6 @@ impl From<crate::config::primitives::ObjectStorage> for ObjectStorage {
            access_key: value.access_key,
            secret_key: value.secret_key,
            session_token: value.session_token,
-            signature_duration: value
-                .signature_duration
-                .unwrap_or(defaults.signature_duration),
            client_timeout: value.client_timeout.unwrap_or(defaults.client_timeout),
            public_endpoint: value.public_endpoint,
        }
--- a/src/config/primitives.rs
+++ b/src/config/primitives.rs
@ -191,13 +191,6 @@ pub(crate) struct ObjectStorage {
    #[serde(skip_serializing_if = "Option::is_none")]
    pub(crate) session_token: Option<String>,

-    /// How long signatures for object storage requests are valid (in seconds)
-    ///
-    /// This defaults to 15 seconds
-    #[arg(long)]
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub(crate) signature_duration: Option<u64>,
-
    /// How long a client can wait on an object storage request before giving up (in seconds)
    ///
    /// This defaults to 30 seconds
--- a/src/store/object_store.rs
+++ b/src/store/object_store.rs
@ -20,6 +20,9 @@ const CHUNK_SIZE: usize = 8_388_608; // 8 Mebibytes, min is 5 (5_242_880);

 #[derive(Debug, thiserror::Error)]
 pub(crate) enum ObjectError {
+    #[error("Failed to set the vhost-style bucket name")]
+    SetHost,
+
    #[error("IO Error")]
    IO(#[from] std::io::Error),

@ -36,7 +39,9 @@ pub(crate) enum ObjectError {
 impl ObjectError {
    pub(super) const fn error_code(&self) -> ErrorCode {
        match self {
-            Self::BuildClient(_) | Self::Request(_) => ErrorCode::OBJECT_REQUEST_ERROR,
+            Self::SetHost | Self::BuildClient(_) | Self::Request(_) => {
+                ErrorCode::OBJECT_REQUEST_ERROR
+            }
            Self::IO(_) => ErrorCode::OBJECT_IO_ERROR,
            Self::Canceled => ErrorCode::PANIC,
        }
@ -306,7 +311,7 @@ impl ObjectStore {
    #[tracing::instrument(skip(access_key, secret_key, session_token))]
    pub(crate) async fn new(
        crate::config::ObjectStorage {
-            endpoint,
+            mut endpoint,
            bucket_name,
            use_path_style,
            region,
@ -315,7 +320,6 @@ impl ObjectStore {
            session_token,
            client_timeout,
            public_endpoint,
-            signature_duration: _,
        }: crate::config::ObjectStorage,
    ) -> Result<ObjectStore, StoreError> {
        let https = endpoint.scheme() == "https";
@ -324,10 +328,23 @@ impl ObjectStore {
            .with_timeout(Duration::from_secs(client_timeout))
            .with_allow_http(!https);

+        let use_vhost_style = !use_path_style;
+
+        if use_vhost_style {
+            if let Some(host) = endpoint.host() {
+                if !host.to_string().starts_with(&bucket_name) {
+                    let new_host = format!("{bucket_name}.{host}");
+                    endpoint
+                        .set_host(Some(&new_host))
+                        .map_err(|_| ObjectError::SetHost)?;
+                }
+            }
+        }
+
        let builder = AmazonS3Builder::new()
-            .with_endpoint(endpoint)
+            .with_endpoint(endpoint.as_str().trim_end_matches('/'))
            .with_bucket_name(bucket_name)
-            .with_virtual_hosted_style_request(!use_path_style)
+            .with_virtual_hosted_style_request(use_vhost_style)
            .with_region(region)
            .with_access_key_id(access_key)
            .with_secret_access_key(secret_key)