From c7e4be222237265e82313b87339cada4739be8ba Mon Sep 17 00:00:00 2001 From: Flavian Missi Date: Wed, 27 Sep 2023 16:57:40 +0200 Subject: [PATCH] registry: add loglevel support for aws s3 storage driver Signed-off-by: Flavian Missi --- docs/configuration.md | 2 ++ docs/storage-drivers/s3.md | 2 ++ registry/storage/driver/s3-aws/s3.go | 32 ++++++++++++++++++++++- registry/storage/driver/s3-aws/s3_test.go | 8 ++++-- 4 files changed, 41 insertions(+), 3 deletions(-) diff --git a/docs/configuration.md b/docs/configuration.md index d5e04ba37b3..58c1164ebb0 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -139,6 +139,7 @@ storage: multipartcopythresholdsize: 33554432 rootdirectory: /s3/object/name/prefix usedualstack: false + loglevel: logdebug inmemory: # This driver takes no parameters delete: enabled: false @@ -410,6 +411,7 @@ storage: multipartcopymaxconcurrency: 100 multipartcopythresholdsize: 33554432 rootdirectory: /s3/object/name/prefix + loglevel: logdebug inmemory: delete: enabled: false diff --git a/docs/storage-drivers/s3.md b/docs/storage-drivers/s3.md index 3122a897986..41ab6dbaac9 100644 --- a/docs/storage-drivers/s3.md +++ b/docs/storage-drivers/s3.md @@ -26,6 +26,7 @@ Amazon S3 or S3 compatible services for object storage. | `rootdirectory` | no | This is a prefix that is applied to all S3 keys to allow you to segment data in your bucket if necessary. | | `storageclass` | no | The S3 storage class applied to each registry file. The default is `STANDARD`. | | `objectacl` | no | The S3 Canned ACL for objects. The default value is "private". | +| `loglevel` | no | The log level for the S3 client. The default value is `logoff`. | > **Note** You can provide empty strings for your access and secret keys to run the driver > on an ec2 instance and handles authentication with the instance's credentials. If you @@ -56,6 +57,7 @@ Amazon S3 or S3 compatible services for object storage. `objectacl`: (optional) The canned object ACL to be applied to each registry object. Defaults to `private`. If you are using a bucket owned by another AWS account, it is recommended that you set this to `bucket-owner-full-control` so that the bucket owner can access your objects. Other valid options are available in the [AWS S3 documentation](http://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl). +`loglevel`: (optional) Valid values are: `logoff` (default), `logdebug`, `logdebugwithsigning`, `logdebugwithhttpbody`, `logdebugwithrequestretries`, `logdebugwithrequesterrors` and `logdebugwitheventstreambody`. See the [AWS SDK for Go API reference](https://docs.aws.amazon.com/sdk-for-go/api/aws/#LogLevelType) for details. ## S3 permission scopes diff --git a/registry/storage/driver/s3-aws/s3.go b/registry/storage/driver/s3-aws/s3.go index 3df5e5b35bc..bb4b50e38fb 100644 --- a/registry/storage/driver/s3-aws/s3.go +++ b/registry/storage/driver/s3-aws/s3.go @@ -117,6 +117,7 @@ type DriverParameters struct { SessionToken string UseDualStack bool Accelerate bool + LogLevel aws.LogLevelType } func init() { @@ -461,11 +462,40 @@ func FromParameters(parameters map[string]interface{}) (*Driver, error) { fmt.Sprint(sessionToken), useDualStackBool, accelerateBool, + getS3LogLevelFromParam(parameters["loglevel"]), } return New(params) } +func getS3LogLevelFromParam(param interface{}) aws.LogLevelType { + if param == nil { + return aws.LogOff + } + logLevelParam := param.(string) + var logLevel aws.LogLevelType + switch strings.ToLower(logLevelParam) { + case "logoff": + logLevel = aws.LogOff + case "logdebug": + logLevel = aws.LogDebug + case "logdebugwithsigning": + logLevel = aws.LogDebugWithSigning + case "logdebugwithhttpbody": + logLevel = aws.LogDebugWithHTTPBody + case "logdebugwithrequestretries": + logLevel = aws.LogDebugWithRequestRetries + case "logdebugwithrequesterrors": + logLevel = aws.LogDebugWithRequestErrors + case "logdebugwitheventstreambody": + logLevel = aws.LogDebugWithEventStreamBody + default: + logLevel = aws.LogOff + } + fmt.Println("=====================", logLevel, "=====================") + return logLevel +} + // getParameterAsInt64 converts parameters[name] to an int64 value (using // defaultt if nil), verifies it is no smaller than min, and returns it. func getParameterAsInt64(parameters map[string]interface{}, name string, defaultt int64, min int64, max int64) (int64, error) { @@ -504,7 +534,7 @@ func New(params DriverParameters) (*Driver, error) { return nil, fmt.Errorf("on Amazon S3 this storage driver can only be used with v4 authentication") } - awsConfig := aws.NewConfig() + awsConfig := aws.NewConfig().WithLogLevel(params.LogLevel) if params.AccessKey != "" && params.SecretKey != "" { creds := credentials.NewStaticCredentials( diff --git a/registry/storage/driver/s3-aws/s3_test.go b/registry/storage/driver/s3-aws/s3_test.go index 4987c52dcc5..5851d665c5f 100644 --- a/registry/storage/driver/s3-aws/s3_test.go +++ b/registry/storage/driver/s3-aws/s3_test.go @@ -21,8 +21,10 @@ import ( "github.com/distribution/distribution/v3/registry/storage/driver/testsuites" ) -var s3DriverConstructor func(rootDirectory, storageClass string) (*Driver, error) -var skipS3 func() string +var ( + s3DriverConstructor func(rootDirectory, storageClass string) (*Driver, error) + skipS3 func() string +) func init() { var ( @@ -42,6 +44,7 @@ func init() { useDualStack = os.Getenv("S3_USE_DUALSTACK") combineSmallPart = os.Getenv("MULTIPART_COMBINE_SMALL_PART") accelerate = os.Getenv("S3_ACCELERATE") + logLevel = os.Getenv("S3_LOGLEVEL") ) root, err := os.MkdirTemp("", "driver-") @@ -135,6 +138,7 @@ func init() { sessionToken, useDualStackBool, accelerateBool, + getS3LogLevelFromParam(logLevel), } return New(parameters)