Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(publisher-s3): allow ACL omission #3728

Merged
merged 2 commits into from
Nov 12, 2024
Merged

feat(publisher-s3): allow ACL omission #3728

merged 2 commits into from
Nov 12, 2024

Conversation

JHartman5
Copy link
Contributor

This allows the caller to omit the ACL from the upload request, per Amazon's recommendation of using bucket owner-enforced permissions.

  • I have read the contribution documentation for this project.
  • I agree to follow the code of conduct that this project follows, as appropriate.
  • The changes are appropriately documented (if applicable).
  • The changes have sufficient test coverage (if applicable).
  • The testsuite passes successfully on my local machine (if applicable).

Summarize your changes:

AWS recommends disabling the use of ACLs and instead using bucket owner-enforced permissions (see https://docs.aws.amazon.com/AmazonS3/latest/userguide/ensure-object-ownership.html). The current configuration and implementation of the S3 publisher always applies an ACL, which simply doesn't work with buckets configured this way. This PR adds an omitAcl option to the config that simply omits the ACL from the upload command.

I considered making this config look more like the Google Cloud Storage publisher (which uses essentially applies some of its options, such as predefinedAcl, public, and private, directly to its upload object); however, that would be a breaking change, and I opted for keeping this non-breaking. I'm happy to refactor if you think that is preferred.

@JHartman5
feat(publisher-s3): allow ACL omission
245f7dc 
This allows the caller to omit the ACL from the upload request, per
Amazon's recommendation of using bucket owner-enforced permissions.
@JHartman5 JHartman5 requested a review from a team as a code owner October 4, 2024 14:33
felixrieseberg
felixrieseberg approved these changes Oct 18, 2024
View reviewed changes
Copy link
Member

@felixrieseberg felixrieseberg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Solid change, appreciate the addition. I just left one comment to document that omitAcl results in public having no effect but I think this is otherwise good!

@JHartman5 @felixrieseberg
Update packages/publisher/s3/src/Config.ts
681fbf1 
Updates the documentation for the `omitAcl` option per the pull request review

Co-authored-by: Felix Rieseberg <[email protected]>
@JHartman5
Copy link
Contributor Author

Added your comment, @felixrieseberg. Thank you!

@VerteDinde VerteDinde added this pull request to the merge queue Nov 12, 2024
Merged via the queue into electron:main with commit 2b6da59 Nov 12, 2024
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@VerteDinde VerteDinde VerteDinde approved these changes

@felixrieseberg felixrieseberg felixrieseberg approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@JHartman5 @felixrieseberg @VerteDinde