Documentation
¶
Index ¶
- Constants
- type Backend
- func (b *Backend) Delete(ctx context.Context, name string) error
- func (b *Backend) List(ctx context.Context, prefix string) (blobList simpleblob.BlobList, err error)
- func (b *Backend) Load(ctx context.Context, name string) ([]byte, error)
- func (b *Backend) Store(ctx context.Context, name string, data []byte) error
- type FileSecretsCredentials
- type Options
Constants ¶
View Source
const ( // DefaultEndpointURL is the default S3 endpoint to use if none is set. // Here, no custom endpoint assumes AWS endpoint. DefaultEndpointURL = "https://s3.amazonaws.com" // DefaultRegion is the default S3 region to use, if none is configured DefaultRegion = "us-east-1" // DefaultInitTimeout is the time we allow for initialisation, like credential // checking and bucket creation. We define this here, because we do not // pass a context when initialising a plugin. DefaultInitTimeout = 20 * time.Second // UpdateMarkerFilename is the filename used for the update marker functionality UpdateMarkerFilename = "update-marker" // DefaultUpdateMarkerForceListInterval is the default value for // UpdateMarkerForceListInterval. DefaultUpdateMarkerForceListInterval = 5 * time.Minute // DefaultSecretsRefreshInterval is the default value for RefreshSecrets. // It should not be too high so as to retrieve secrets regularly. DefaultSecretsRefreshInterval = 15 * time.Second // DefaultDisableContentMd5 : disable sending the Content-MD5 header DefaultDisableContentMd5 = false )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Backend ¶
type Backend struct {
// contains filtered or unexported fields
}
func New ¶
New creates a new backend instance. The lifetime of the context passed in must span the lifetime of the whole backend instance, not just the init time, so do not set any timeout on it!
func (*Backend) Delete ¶ added in v0.2.0
Delete removes the object identified by name from the S3 Bucket configured in b.
type FileSecretsCredentials ¶ added in v0.2.5
type FileSecretsCredentials struct {
credentials.Expiry
// Path to the file containing the access key,
// e.g. /etc/s3-secrets/access-key.
AccessKeyFile string
// Path to the file containing the secret key,
// e.g. /etc/s3-secrets/secret-key.
SecretKeyFile string
// Time between each secrets retrieval.
RefreshInterval time.Duration
}
FileSecretsCredentials is an implementation of Minio's credentials.Provider, allowing to read credentials from Kubernetes or Docker secrets, as described in https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure and https://docs.docker.com/engine/swarm/secrets.
func (*FileSecretsCredentials) Retrieve ¶ added in v0.2.5
func (c *FileSecretsCredentials) Retrieve() (credentials.Value, error)
Retrieve implements credentials.Provider. It reads files pointed to by p.AccessKeyFilename and p.SecretKeyFilename.
type Options ¶
type Options struct {
// AccessKey and SecretKey are statically defined here.
AccessKey string `yaml:"access_key"`
SecretKey string `yaml:"secret_key"`
// Path to the file containing the access key
// as an alternative to AccessKey and SecretKey,
// e.g. /etc/s3-secrets/access-key.
AccessKeyFile string `yaml:"access_key_file"`
// Path to the file containing the secret key
// as an alternative to AccessKey and SecretKey,
// e.g. /etc/s3-secrets/secret-key.
SecretKeyFile string `yaml:"secret_key_file"`
// Time between each secrets retrieval.
// Minimum is 1s, lower values are considered an error.
// It defaults to DefaultSecretsRefreshInterval,
// which is currently 15s.
SecretsRefreshInterval time.Duration `yaml:"secrets_refresh_interval"`
// Region defaults to "us-east-1", which also works for Minio
Region string `yaml:"region"`
Bucket string `yaml:"bucket"`
// CreateBucket tells us to try to create the bucket
CreateBucket bool `yaml:"create_bucket"`
// GlobalPrefix is a prefix applied to all operations, allowing work within a prefix
// seamlessly
GlobalPrefix string `yaml:"global_prefix"`
// PrefixFolders can be enabled to make List operations show nested prefixes as folders
// instead of recursively listing all contents of nested prefixes
PrefixFolders bool `yaml:"prefix_folders"`
// EndpointURL can be set to something like "http://localhost:9000" when using Minio
// or "https://s3.amazonaws.com" for AWS S3.
EndpointURL string `yaml:"endpoint_url"`
// DisableContentMd5 defines whether to disable sending the Content-MD5 header
DisableContentMd5 bool `yaml:"disable_send_content_md5"`
// TLS allows customising the TLS configuration
// See https://github.com/PowerDNS/go-tlsconfig for the available options
TLS tlsconfig.Config `yaml:"tls"`
// InitTimeout is the time we allow for initialisation, like credential
// checking and bucket creation. It defaults to DefaultInitTimeout, which
// is currently 20s.
InitTimeout time.Duration `yaml:"init_timeout"`
// UseUpdateMarker makes the backend write and read a file to determine if
// it can cache the last List command. The file contains the name of the
// last file stored or deleted.
// This can reduce the number of LIST commands sent to S3, replacing them
// with GET commands that are about 12x cheaper.
// If enabled, it MUST be enabled on all instances!
// CAVEAT: This will NOT work correctly if the bucket itself is replicated
// in an active-active fashion between data centers! In that case
// do not enable this option.
UseUpdateMarker bool `yaml:"use_update_marker"`
// UpdateMarkerForceListInterval is used when UseUpdateMarker is enabled.
// A LIST command will be sent when this interval has passed without a
// change in marker, to ensure a full sync even if the marker would for
// some reason get out of sync.
UpdateMarkerForceListInterval time.Duration `yaml:"update_marker_force_list_interval"`
// Not loaded from YAML
Logger logr.Logger `yaml:"-"`
}
Options describes the storage options for the S3 backend
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.