gitlab-org--gitlab-foss/lib/object_storage/config.rb

108 lines
2.4 KiB
Ruby

# frozen_string_literal: true
module ObjectStorage
class Config
AWS_PROVIDER = 'AWS'
AZURE_PROVIDER = 'AzureRM'
GOOGLE_PROVIDER = 'Google'
attr_reader :options
def initialize(options)
@options = options.to_hash.deep_symbolize_keys
end
def load_provider
if aws?
require 'fog/aws'
elsif google?
require 'fog/google'
elsif azure?
require 'fog/azurerm'
end
end
def credentials
@credentials ||= options[:connection] || {}
end
def storage_options
@storage_options ||= options[:storage_options] || {}
end
def enabled?
options[:enabled]
end
def bucket
options[:remote_directory]
end
def consolidated_settings?
options.fetch(:consolidated_settings, false)
end
# AWS-specific options
def aws?
provider == AWS_PROVIDER
end
def use_iam_profile?
Gitlab::Utils.to_boolean(credentials[:use_iam_profile], default: false)
end
def use_path_style?
Gitlab::Utils.to_boolean(credentials[:path_style], default: false)
end
def server_side_encryption
storage_options[:server_side_encryption]
end
def server_side_encryption_kms_key_id
storage_options[:server_side_encryption_kms_key_id]
end
def provider
credentials[:provider].to_s
end
# End AWS-specific options
# Begin Azure-specific options
def azure_storage_domain
credentials[:azure_storage_domain]
end
# End Azure-specific options
def google?
provider == GOOGLE_PROVIDER
end
def azure?
provider == AZURE_PROVIDER
end
def fog_attributes
@fog_attributes ||= begin
return {} unless enabled? && aws?
return {} unless server_side_encryption.present?
aws_server_side_encryption_headers.compact
end
end
private
# This returns a Hash of HTTP encryption headers to send along to S3.
#
# They can also be passed in as Fog::AWS::Storage::File attributes, since there
# are aliases defined for them:
# https://github.com/fog/fog-aws/blob/ab288f29a0974d64fd8290db41080e5578be9651/lib/fog/aws/models/storage/file.rb#L24-L25
def aws_server_side_encryption_headers
{
'x-amz-server-side-encryption' => server_side_encryption,
'x-amz-server-side-encryption-aws-kms-key-id' => server_side_encryption_kms_key_id
}
end
end
end