Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(s3): Don't wait indefinitely for S3 to return #46317

Merged
merged 1 commit into from
Jul 9, 2024
Merged

fix(s3): Don't wait indefinitely for S3 to return #46317

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
66 changes: 37 additions & 29 deletions lib/private/Files/ObjectStore/S3ConnectionTrait.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
use GuzzleHttp\Promise\Create;
use GuzzleHttp\Promise\RejectedPromise;
use OCP\ICertificateManager;
use OCP\Server;
use Psr\Log\LoggerInterface;

trait S3ConnectionTrait {
Expand Down Expand Up @@ -98,7 +99,11 @@ public function getConnection() {
'signature_provider' => \Aws\or_chain([self::class, 'legacySignatureProvider'], ClientResolver::_default_signature_provider()),
'csm' => false,
'use_arn_region' => false,
'http' => ['verify' => $this->getCertificateBundlePath()],
'http' => [
'verify' => $this->getCertificateBundlePath(),
// Timeout for the connection to S3 server, not for the request.
'connect_timeout' => 5
],
'use_aws_shared_config_files' => false,
];

Expand All @@ -116,35 +121,38 @@ public function getConnection() {
}
$this->connection = new S3Client($options);

if (!$this->connection::isBucketDnsCompatible($this->bucket)) {
$logger = \OC::$server->get(LoggerInterface::class);
$logger->debug('Bucket "' . $this->bucket . '" This bucket name is not dns compatible, it may contain invalid characters.',
['app' => 'objectstore']);
}

if ($this->params['verify_bucket_exists'] && !$this->connection->doesBucketExist($this->bucket)) {
$logger = \OC::$server->get(LoggerInterface::class);
try {
$logger->info('Bucket "' . $this->bucket . '" does not exist - creating it.', ['app' => 'objectstore']);
if (!$this->connection::isBucketDnsCompatible($this->bucket)) {
throw new \Exception("The bucket will not be created because the name is not dns compatible, please correct it: " . $this->bucket);
}
$this->connection->createBucket(['Bucket' => $this->bucket]);
$this->testTimeout();
} catch (S3Exception $e) {
$logger->debug('Invalid remote storage.', [
'exception' => $e,
'app' => 'objectstore',
]);
if ($e->getAwsErrorCode() !== "BucketAlreadyOwnedByYou") {
throw new \Exception('Creation of bucket "' . $this->bucket . '" failed. ' . $e->getMessage());
try {
$logger = Server::get(LoggerInterface::class);
if (!$this->connection::isBucketDnsCompatible($this->bucket)) {
$logger->debug('Bucket "' . $this->bucket . '" This bucket name is not dns compatible, it may contain invalid characters.',
['app' => 'objectstore']);
}

if ($this->params['verify_bucket_exists'] && !$this->connection->doesBucketExist($this->bucket)) {
try {
$logger->info('Bucket "' . $this->bucket . '" does not exist - creating it.', ['app' => 'objectstore']);
if (!$this->connection::isBucketDnsCompatible($this->bucket)) {
throw new \Exception("The bucket will not be created because the name is not dns compatible, please correct it: " . $this->bucket);
}
$this->connection->createBucket(['Bucket' => $this->bucket]);
$this->testTimeout();
} catch (S3Exception $e) {
$logger->debug('Invalid remote storage.', [
'exception' => $e,
'app' => 'objectstore',
]);
if ($e->getAwsErrorCode() !== 'BucketAlreadyOwnedByYou') {
throw new \Exception('Creation of bucket "' . $this->bucket . '" failed. ' . $e->getMessage());
}
}
}
}

// google cloud's s3 compatibility doesn't like the EncodingType parameter
if (strpos($base_url, 'storage.googleapis.com')) {
$this->connection->getHandlerList()->remove('s3.auto_encode');

// google cloud's s3 compatibility doesn't like the EncodingType parameter
if (strpos($base_url, 'storage.googleapis.com')) {
$this->connection->getHandlerList()->remove('s3.auto_encode');
}
} catch (S3Exception $e) {
throw new \Exception('S3 service is unable to handle request: ' . $e->getMessage());
}

return $this->connection;
Expand Down Expand Up @@ -193,7 +201,7 @@ protected function getCertificateBundlePath(): ?string {
// since we store the certificate bundles on the primary storage, we can't get the bundle while setting up the primary storage
if (!isset($this->params['primary_storage'])) {
/** @var ICertificateManager $certManager */
$certManager = \OC::$server->get(ICertificateManager::class);
$certManager = Server::get(ICertificateManager::class);
return $certManager->getAbsoluteBundlePath();
} else {
return \OC::$SERVERROOT . '/resources/config/ca-bundle.crt';
Expand Down
Loading