mirrors/versitygw
1
0
Fork 0
mirror of https://github.com/versity/versitygw.git synced 2026-02-06 10:20:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,119 Commits 23 Branches 45 Tags
main
Commit Graph

2119 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ben McClelland
e15bd4a5bc Merge pull request #1818 from versity/test/rest_missing_tests 
test: some not-implemented's, add list-object-v2 working test
 2026-02-05 17:01:25 -08:00
Luke McCrone
44fa5fa178 test: some not-implemented's, add list-object-v2 working test 2026-02-05 10:14:08 -03:00
Ben McClelland
772e33be70 Merge pull request #1801 from wishdev/walker 
fix: Address slowness with lexical sorting
 2026-02-04 08:47:10 -08:00
Ben McClelland
74a0396802 Merge pull request #1800 from versity/test/reporting 
Test/reporting
 2026-02-04 08:44:34 -08:00
Ben McClelland
26490d07b1 Merge pull request #1817 from versity/ben/pin-nats-dep 
fix: pin github.com/nats-io/nkeys version to v0.4.12
 2026-02-04 08:43:51 -08:00
Ben McClelland
63fcdb38e2 fix: pin github.com/nats-io/nkeys version to v0.4.12 
The go mod cache is listing a newer version than the latest tag in
the repo. So we need to pin this older version to prevent dependabot
from updating until the repo tags a newer version.
 2026-02-04 08:30:45 -08:00
Ben McClelland
35605683cf Merge pull request #1807 from versity/dependabot/go_modules/dev-dependencies-50b95ed59f 
chore(deps): bump the dev-dependencies group with 7 updates
 2026-02-04 08:11:55 -08:00
dependabot[bot]
82878f40e1 chore(deps): bump the dev-dependencies group with 7 updates 
Bumps the dev-dependencies group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/DataDog/datadog-go/v5](https://github.com/DataDog/datadog-go) | `5.8.2` | `5.8.3` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.95.1` | `1.96.0` |
| [github.com/gofiber/fiber/v2](https://github.com/gofiber/fiber) | `2.52.10` | `2.52.11` |
| [github.com/clipperhouse/uax29/v2](https://github.com/clipperhouse/uax29) | `2.4.0` | `2.5.0` |
| [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt) | `5.3.0` | `5.3.1` |
| [github.com/nats-io/nkeys](https://github.com/nats-io/nkeys) | `0.4.12` | `0.4.15` |
| [github.com/aws/aws-sdk-go-v2/feature/s3/manager](https://github.com/aws/aws-sdk-go-v2) | `1.21.0` | `1.21.1` |


Updates `github.com/DataDog/datadog-go/v5` from 5.8.2 to 5.8.3
- [Release notes](https://github.com/DataDog/datadog-go/releases)
- [Changelog](https://github.com/DataDog/datadog-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/DataDog/datadog-go/compare/v5.8.2...v5.8.3)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.95.1 to 1.96.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.95.1...service/s3/v1.96.0)

Updates `github.com/gofiber/fiber/v2` from 2.52.10 to 2.52.11
- [Release notes](https://github.com/gofiber/fiber/releases)
- [Commits](https://github.com/gofiber/fiber/compare/v2.52.10...v2.52.11)

Updates `github.com/clipperhouse/uax29/v2` from 2.4.0 to 2.5.0
- [Release notes](https://github.com/clipperhouse/uax29/releases)
- [Commits](https://github.com/clipperhouse/uax29/compare/v2.4.0...v2.5.0)

Updates `github.com/golang-jwt/jwt/v5` from 5.3.0 to 5.3.1
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Commits](https://github.com/golang-jwt/jwt/compare/v5.3.0...v5.3.1)

Updates `github.com/nats-io/nkeys` from 0.4.12 to 0.4.15
- [Release notes](https://github.com/nats-io/nkeys/releases)
- [Commits](https://github.com/nats-io/nkeys/compare/v0.4.12...v0.4.15)

Updates `github.com/aws/aws-sdk-go-v2/feature/s3/manager` from 1.21.0 to 1.21.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.21.0...v1.21.1)

---
updated-dependencies:
- dependency-name: github.com/DataDog/datadog-go/v5
  dependency-version: 5.8.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-version: 1.96.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: github.com/gofiber/fiber/v2
  dependency-version: 2.52.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/clipperhouse/uax29/v2
  dependency-version: 2.5.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: github.com/golang-jwt/jwt/v5
  dependency-version: 5.3.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/nats-io/nkeys
  dependency-version: 0.4.15
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/feature/s3/manager
  dependency-version: 1.21.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-03 02:40:28 +00:00
John W Higgins
bcf341bdaa Add "lexical" sort to walker.go 2026-02-01 16:10:23 -08:00
Luke McCrone
17adbeca9e test: S3 command coverage reporting 2026-01-30 18:51:02 -03:00
John W Higgins
73e2df4105 Base import of cutdown version of io/fs/walk.go from golang as walker.go 2026-01-29 13:10:01 -08:00
John W Higgins
bef8f38f3e Revert of 34da1833 and 8e18b431 for backend/walk.go 
Revert the changes with regards to lexical sorting but only for the walk.go
code itself. Leave the tests alone.
 2026-01-29 13:10:01 -08:00
Ben McClelland
db12fb94a3 Merge pull request #1798 from versity/sis/listparts-remove-metadata-loading 2026-01-28 21:49:47 -08:00
niksis02
7017ffa2a3 fix: removes object metadata loading from posix ListParts 
In the POSIX `ListParts` implementation, there was a code snippet that loaded the object metadata, even though it wasn’t needed and never used in the response. This redundant code has now been removed.
 2026-01-28 21:12:56 +04:00
Ben McClelland
37e6d96d1b Merge pull request #1796 from versity/sis/revert-nats-nkeys-version 2026-01-27 18:01:29 -08:00
niksis02
03f0be28b6 fix: reverts the nats-io/nkeys package version to v0.4.12 
Fixes #1795
 2026-01-28 01:12:04 +04:00
Ben McClelland
086a622914 Merge pull request #1781 from versity/test/rest_put_object_acl 
test: REST - PutObject object ACLs, object lock header
 2026-01-26 15:52:01 -08:00
khambrecht
f29206afb6 fix: put object on windows when parent directories dont already exists 
The previous logic was not allowing put-object on windows when the parent directory did not already exist, and would
not always return the correct error if an ancestor in the path already existed as a file.

The problem is the different behavior of the os.Stat command in Windows compared to *nix in backend/posix/posix.go
in function PutObjectWithPostFunc. The os.Stat returns ENOTDIR on *nix if the parent object is a file instead of a
directory. On Windows, if the parent object does not exist at all, the return code of such os.Stat is ERROR_PATH_NOT_FOUND which is mapped to ENOTDIR. However this is inappropriate in this case. As a result, the
return code of the os.Stat is incorrectly interpreted as if the parent object is a file instead of the parent object does not
exist. Which then leads to a failed upload.

This fix validates the existing parent structure on put to make sure the correct error is returned or the put is successful.

Fixes #1702
 2026-01-27 08:51:06 +09:00
Ben McClelland
28c805f59e Merge pull request #1793 from versity/dependabot/go_modules/dev-dependencies-34fb423312 
chore(deps): bump github.com/clipperhouse/uax29/v2 from 2.3.1 to 2.4.0 in the dev-dependencies group
 2026-01-26 15:28:56 -08:00
dependabot[bot]
1dfc77dfd4 chore(deps): bump github.com/clipperhouse/uax29/v2 
Bumps the dev-dependencies group with 1 update: [github.com/clipperhouse/uax29/v2](https://github.com/clipperhouse/uax29).


Updates `github.com/clipperhouse/uax29/v2` from 2.3.1 to 2.4.0
- [Release notes](https://github.com/clipperhouse/uax29/releases)
- [Commits](https://github.com/clipperhouse/uax29/compare/v2.3.1...v2.4.0)

---
updated-dependencies:
- dependency-name: github.com/clipperhouse/uax29/v2
  dependency-version: 2.4.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-26 22:30:11 +00:00
Luke McCrone
1f9856110d test: PutObject object lock tests and updates, delete bucket test 2026-01-26 16:58:49 -03:00
Ben McClelland
01fc142c1e fix: correct spelling for debuglogger.InternalError() (#1784) 2026-01-24 06:44:54 -08:00
Ben McClelland
ca2dd9b4b3 Merge pull request #1791 from versity/dependabot/go_modules/dev-dependencies-7c76174904 
chore(deps): bump the dev-dependencies group with 2 updates
 2026-01-23 13:56:22 -08:00
Ben McClelland
10152cefbc Merge pull request #1790 from versity/dependabot/github_actions/docker/build-push-action-6 
chore(deps): bump docker/build-push-action from 5 to 6
 2026-01-23 13:56:01 -08:00
Ben McClelland
948b424ed2 Merge pull request #1789 from versity/dependabot/github_actions/actions/checkout-6 
chore(deps): bump actions/checkout from 4 to 6
 2026-01-23 13:55:33 -08:00
dependabot[bot]
d2996e1131 chore(deps): bump the dev-dependencies group with 2 updates 
Bumps the dev-dependencies group with 2 updates: [github.com/nats-io/nkeys](https://github.com/nats-io/nkeys) and [github.com/aws/aws-sdk-go-v2/feature/s3/manager](https://github.com/aws/aws-sdk-go-v2).


Updates `github.com/nats-io/nkeys` from 0.4.12 to 0.4.14
- [Release notes](https://github.com/nats-io/nkeys/releases)
- [Commits](https://github.com/nats-io/nkeys/commits)

Updates `github.com/aws/aws-sdk-go-v2/feature/s3/manager` from 1.20.19 to 1.21.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/feature/s3/manager/v1.20.19...v1.21.0)

---
updated-dependencies:
- dependency-name: github.com/nats-io/nkeys
  dependency-version: 0.4.14
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/feature/s3/manager
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-23 19:52:25 +00:00
dependabot[bot]
2489d876c9 chore(deps): bump docker/build-push-action from 5 to 6 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5 to 6.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v5...v6)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-23 19:51:10 +00:00
dependabot[bot]
a69f5a4db7 chore(deps): bump actions/checkout from 4 to 6 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-23 19:51:06 +00:00
Ben McClelland
df31eb031a Merge pull request #1788 from versity/ben/dependabot-actions 
chore: add dependabot updates for github actions
 2026-01-23 11:50:15 -08:00
Ben McClelland
b70be6116e Merge pull request #1787 from versity/ben/codeql-js 
chore: add codeql ignore for embedded 3rd party js assets
 2026-01-23 11:45:43 -08:00
Ben McClelland
e08539e909 chore: add dependabot updates for github actions 2026-01-23 11:39:53 -08:00
Ben McClelland
f78483a938 chore: add codeql ignore for embedded 3rd party js assets 
We were getting some warnings from the embedded tailwind js file.
We dont need to be scanning these 3rd party assets in this repo.
 2026-01-23 11:34:15 -08:00
Ben McClelland
cb1d469742 Merge pull request #1786 from versity/ben/default-codeql 
chore: add advanced codeql workflow for repo customizations
 2026-01-23 11:22:11 -08:00
Ben McClelland
792a3eb2c5 chore: add advanced codeql workflow for repo customizations 
This is the default generated codeql for the advanced setup
to allow for repo customization
 2026-01-23 11:11:04 -08:00
Ben McClelland
252090d9e9 Merge pull request #1783 from versity/sis/object-acl-headers-not-implemented 
fix: return not implemented in object actions, if acl header is present
 2026-01-23 09:31:59 -08:00
niksis02
8569b158f0 fix: return not implemented in object actions, if acl header is present 
Fixes #1767
Fixes #1773

As object ACLs are not supported in the gateway, any attempt to set an ACL during object creation must return a NotImplemented error. A check has now been added to `PutObject`, `CopyObject`, and `CreateMultipartUpload` to detect any ACL-related headers and return a NotImplemented error accordingly.
 2026-01-23 17:03:03 +04:00
Ben McClelland
45b6a4a74e Merge pull request #1779 from versity/sis/admin-flags 
feat: makes root creds usable for admin subcommand with lower precendence
 2026-01-22 14:44:43 -08:00
Ben McClelland
b576ed87c5 Merge pull request #1777 from eest/support-tls-cert-reload 
Reload TLS certificates on SIGHUP
 2026-01-22 14:43:36 -08:00
Ben McClelland
0ba5cbe8b9 Merge pull request #1762 from versity/test/reorganization 
Test: break up, speed up REST tests, openssl command logging
 2026-01-22 13:20:36 -08:00
Luke McCrone
a4d341fc4e test: speed up/reorganize REST tests, openssl logging 2026-01-22 15:54:47 -03:00
niksis02
6c564febb9 feat: makes root creds usable for admin subcommand with lower precendence 
Closes #1760

The admin subcommand accepts the `--access` and `--secret` flags as admin user credentials. This change makes these flags optional and allows the root user credentials to be used as admin credentials with lower precedence when the admin flags are omitted.

Both invocation styles are now valid:

```bash
versitygw admin --access user --secret pass -er http://127.0.0.1:7070 list-buckets
```

and

```bash
versitygw --access user --secret pass admin -er http://127.0.0.1:7070 list-buckets
```

Additionally, if `ROOT_ACCESS_KEY` and `ROOT_SECRET_KEY` are already set, the following also works:

```bash
versitygw admin -er http://127.0.0.1:7070 list-buckets
```
 2026-01-22 21:14:19 +04:00
Patrik Lundin
0c520a30cf Reload TLS certificates on SIGHUP 
* Add utils.CertStorage for holding cert data that can be updated
  at runtime.
* Add utils.NewTLSListener() to have a central place to control e.g. TLS
  MinVersion across different servers.
* Add WithTLS() to webserver code so it looks more like the other
  servers.

Fixes #1299
 2026-01-22 14:12:07 +01:00
Ben McClelland
935e322764 Merge pull request #1772 from versity/sis/block-createbucket-readonly-mode 
fix: fixes some write operations blocking in read-only mode
 2026-01-21 19:12:52 -08:00
niksis02
f6225aa968 fix: fixes some write operations blocking in read-only mode 
Fixes #1765
Fixes #1771

This PR addresses two issues:

1. CreateBucket was previously allowed when the gateway was running in read-only mode. It is now correctly blocked.
2. Write operations were permitted on public buckets in read-only mode because the public access checks in `auth.VerifyAccess` were evaluated before the read-only check. The read-only check now takes precedence, and all write operations on public buckets are blocked.
 2026-01-21 13:51:46 +04:00
Ben McClelland
1d30567129 Merge pull request #1770 from versity/sis/s3-actions-on-delete-markers 
fix: fixes delete markers access for some actions
 2026-01-20 10:12:32 -08:00
Luke McCrone
bfc753b302 test: test fix 2026-01-20 11:29:41 -03:00
niksis02
86e2b02e55 fix: fixes delete markers access for some actions 
Fixes #1766
Fixes #1750

This PR focuses on two bug fixes:

First, it blocks access to delete `DeleteMarkers` for the following operations by returning a `MethodNotAllowed` error: `PutObjectTagging`, `GetObjectTagging`, `DeleteObjectTagging`, `PutObjectLegalHold`, `GetObjectLegalHold`, `PutObjectRetention`, and `GetObjectRetention`.

Second, it removes the access check that previously prevented deleting a delete marker locked by a bucket default retention rule. A delete marker should always be allowed to be deleted.
 2026-01-20 16:24:46 +04:00
Ben McClelland
2cf8610831 Merge pull request #1768 from versity/sis/streaming-test-failure 2026-01-19 15:57:51 -08:00
Ben McClelland
8e3e633a24 Merge pull request #1763 from versity/ben/webgui 2026-01-19 15:57:09 -08:00
niksis02
12092cf297 fix: fixes the SignedStreamingPayloadTrailer_success test failure 
In the `SignedStreamingPayloadTrailer_success` integration test, the signing date was not using UTC. This caused an incorrect string-to-sign and signature calculation, because the timestamp used for `x-amz-date` (which is always UTC) differed from the timestamp used for streaming payload signature generation. The test now uses UTC, resolving the issue that occurred when the local time zone differed from UTC, specifically in terms of the `yyyymmdd` date component.
 2026-01-20 02:32:54 +04:00