Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix GCS credentials when no endpoint specified #138

Merged
merged 3 commits into from
Sep 15, 2020
Merged

Fix GCS credentials when no endpoint specified #138

merged 3 commits into from
Sep 15, 2020

Conversation

atombender
Copy link
Contributor

@atombender atombender commented Sep 14, 2020
edited
Loading

Description

Fixes #137 by not overriding the HTTP client when not necessary.

Without this, GCS errors with 403:

<?xml version='1.0' encoding='UTF-8'?><Error><Code>AccessDenied</Code><Message>Access denied.</Message><Details>Anonymous caller does not have storage.objects.get access to the Google Cloud Storage object.</Details></Error>

This happens when GCS_ENDPOINT isn't set, and the Google SDK is called with option.WithHTTPClient() using a custom HTTP client that disables TLS verification.

Checklist

  • Read the CONTRIBUTING document.
  • Read the CODE OF CONDUCT document.
  • Add tests to cover changes. [Not possible since this only happens with TLS.]
  • Ensure your code follows the code style of this project.
  • Ensure CI and all other PR checks are green OR
    • Code compiles correctly.
    • All new and existing tests passed.
  • Add your changes to Unreleased section of CHANGELOG.

@atombender atombender changed the title Fix gcs credentials Fix GCS credentials when no endpoint specified Sep 14, 2020
kakkoyun
kakkoyun reviewed Sep 15, 2020
View reviewed changes
storage/backend/gcs/gcs.go
}

setAuthenticationMethod(l, c, opts)
opts = setAuthenticationMethod(l, c, opts)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🙈

kakkoyun
kakkoyun previously approved these changes Sep 15, 2020
View reviewed changes
Copy link
Contributor

@kakkoyun kakkoyun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for your contribution! Another great PR! Thanks a lot for fixing those mistakes ❤️

@kakkoyun kakkoyun merged commit c6fa146 into meltwater:master Sep 15, 2020
@danihodovic
Copy link

@kakkoyun could you please update the Docker hub image to include this patch?

@kakkoyun
Copy link
Contributor

kakkoyun commented Aug 4, 2021

@danihodovic We should release a new version. It's been a while. @seandtaber What do you think? Can someone take look at it on your side?

@danihodovic
Copy link

Goreleaser has deprecated building Docker images, so you will have to change that too.

@kakkoyun
Copy link
Contributor

kakkoyun commented Aug 5, 2021

Hey @danihodovic, would you be up for handling it? We always welcome to new contributors 🤗

@danihodovic
Copy link

I would, but I'm on a busy schedule for the next month. I've resolved the blocker for myself by modifying the Dockerfile, building manually and pushing to danihodovic/drone-cache. The image is rather large, but it works for me.

FROM golang:1.14.4-alpine3.12 AS builder
RUN apk add --update --no-cache ca-certificates tzdata && update-ca-certificates
COPY . /app/
WORKDIR /app/
RUN go build
RUN go install
ENTRYPOINT ["drone-cache"]

@seandtaber
Copy link
Contributor

@danihodovic We should release a new version. It's been a while. @seandtaber What do you think? Can someone take look at it on your side?

We can take a look at this issue and will respond here when we identify the issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kakkoyun kakkoyun kakkoyun approved these changes

@limayekaiwalya limayekaiwalya Awaiting requested review from limayekaiwalya

@seandtaber seandtaber Awaiting requested review from seandtaber seandtaber is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

GCS broken due to wrong HTTP client
4 participants
@atombender @danihodovic @kakkoyun @seandtaber