Add relative URI for AWS fargate.

config.dev.toml

@@ -376,6 +376,10 @@ SingleFlightType = "memory"
         # https://docs.aws.amazon.com/sdk-for-go/api/aws/credentials/endpointcreds/
         CredentialsEndpoint = ""
 
+        # conainer relative url (used by fargate) /v2/....
+        # If this is present, it will concatenate to CredentialsEndpoint
+        AwsContainerCredentialsRelativeURI = ""
+
    [Storage.AzureBlob]
         # Storage Account name for Azure Blob
         # Env override: ATHENS_AZURE_ACCOUNT_NAME

docs/content/configuration/storage.md

@@ -117,30 +117,64 @@ After this you can pass your credentials inside `config.toml` file.  If the acce
     # StorageType sets the type of storage backend the proxy will use.
     # Env override: ATHENS_STORAGE_TYPE
     StorageType = "s3"
-
+    
     [Storage]
-        [Storage.S3]
-            # Region on which your S3 storage exists
+            [Storage.S3]
+            ### The authentication model is as below for S3 in the following order
+            ### If AWS_CREDENTIALS_ENDPOINT is specified and it returns valid results, then it is used
+            ### If config variables are specified and they are valid, then they return valid results, then it is used
+            ### Otherwise, it will default to default configurations which is as follows
+            # attempt to find credentials in the environment, in the shared
+            # configuration (~/.aws/credentials) and from ec2 instance role
+            # credentials. See
+            # https://godoc.org/github.com/aws/aws-sdk-go#hdr-Configuring_Credentials
+            # and
+            # https://godoc.org/github.com/aws/aws-sdk-go/aws/session#hdr-Environment_Variables
+            # for environment variables that will affect the aws configuration.
+            # Setting UseDefaultConfiguration would only use default configuration. It will be deprecated in future releases 
+            # and is recommended not to use it.
+
+            # Region for S3 storage
             # Env override: AWS_REGION
-            Region = "YOUR_AWS_REGION"
+            Region = "MY_AWS_REGION"
 
-            # Access Key to your account
+            # Access Key for S3 storage
             # Env override: AWS_ACCESS_KEY_ID
-            Key = "YOUR_AWS_ACCESS_KEY_ID"
+            Key = "MY_AWS_ACCESS_KEY_ID"
 
-            # Secret Key to your account
+            # Secret Key for S3 storage
             # Env override: AWS_SECRET_ACCESS_KEY
-            Secret = "YOUR_AWS_SECRET_ACCESS_KEY"
-
-            # Not required parameter
+            Secret = "MY_AWS_SECRET_ACCESS_KEY"
+
             # Session Token for S3 storage
+            # Not required parameter
             # Env override: AWS_SESSION_TOKEN
             Token = ""
 
             # S3 Bucket to use for storage
-            # Defaults to gomods
             # Env override: ATHENS_S3_BUCKET_NAME
-            Bucket = "YOUR_S3_BUCKET_NAME"
+            Bucket = "MY_S3_BUCKET_NAME"
+
+            # If true then the default aws configuration will be used. This will
+            # attempt to find credentials in the environment, in the shared
+            # configuration (~/.aws/credentials) and from ec2 instance role
+            # credentials. See
+            # https://godoc.org/github.com/aws/aws-sdk-go#hdr-Configuring_Credentials
+            # and
+            # https://godoc.org/github.com/aws/aws-sdk-go/aws/session#hdr-Environment_Variables
+            # for environment variables that will affect the aws configuration.
+            # Env override: AWS_USE_DEFAULT_CONFIGURATION
+            UseDefaultConfiguration = false
+
+            # https://docs.aws.amazon.com/sdk-for-go/api/aws/credentials/endpointcreds/
+            # Note that this the URI should not end with / when AwsContainerCredentialsRelativeURI is set
+            # Env override: AWS_CREDENTIALS_ENDPOINT
+            CredentialsEndpoint = ""
+
+            # conainer relative url (used by AWS Fargate) /v2/....
+            # If this is present, it will concatenate to CredentialsEndpoint
+            # Env override: AWS_CONTAINER_CREDENTIALS_RELATIVE_URI
+            AwsContainerCredentialsRelativeURI = ""
 
 ## Minio
 

pkg/config/s3.go

@@ -2,11 +2,12 @@ package config
 
 // S3Config specifies the properties required to use S3 as the storage backend
 type S3Config struct {
-	Region                  string `validate:"required" envconfig:"AWS_REGION"`
-	Key                     string `envconfig:"AWS_ACCESS_KEY_ID"`
-	Secret                  string `envconfig:"AWS_SECRET_ACCESS_KEY"`
-	Token                   string `envconfig:"AWS_SESSION_TOKEN"`
-	Bucket                  string `validate:"required" envconfig:"ATHENS_S3_BUCKET_NAME"`
-	UseDefaultConfiguration bool   `envconfig:"AWS_USE_DEFAULT_CONFIGURATION"`
-	CredentialsEndpoint     string `envconfig:"AWS_CREDENTIALS_ENDPOINT"`
+	Region                             string `validate:"required" envconfig:"AWS_REGION"`
+	Key                                string `envconfig:"AWS_ACCESS_KEY_ID"`
+	Secret                             string `envconfig:"AWS_SECRET_ACCESS_KEY"`
+	Token                              string `envconfig:"AWS_SESSION_TOKEN"`
+	Bucket                             string `validate:"required" envconfig:"ATHENS_S3_BUCKET_NAME"`
+	UseDefaultConfiguration            bool   `envconfig:"AWS_USE_DEFAULT_CONFIGURATION"`
+	CredentialsEndpoint                string `envconfig:"AWS_CREDENTIALS_ENDPOINT"`
+	AwsContainerCredentialsRelativeURI string `envconfig:"AWS_CONTAINER_CREDENTIALS_RELATIVE_URI"`
 }

pkg/storage/s3/s3.go

@@ -44,7 +44,7 @@ func New(s3Conf *config.S3Config, timeout time.Duration, options ...func(*aws.Co
 
 	if !s3Conf.UseDefaultConfiguration {
 		endpointcreds := []credentials.Provider{
-			endpointcreds.NewProviderClient(*awsConfig, defaults.Handlers(), s3Conf.CredentialsEndpoint),
+			endpointcreds.NewProviderClient(*awsConfig, defaults.Handlers(), endpointFrom(s3Conf.CredentialsEndpoint, s3Conf.AwsContainerCredentialsRelativeURI)),
 			&credentials.StaticProvider{
 				Value: credentials.Value{
 					AccessKeyID:     s3Conf.Key,
@@ -75,3 +75,7 @@ func New(s3Conf *config.S3Config, timeout time.Duration, options ...func(*aws.Co
 		timeout:  timeout,
 	}, nil
 }
+
+func endpointFrom(credentialsEndpoint string, relativeURI string) string {
+	return credentialsEndpoint + relativeURI
+}