Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

adding serverside encryption #242

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

adding serverside encryption #242

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
bf27d8f
adding serverside encryption
pschrammel Jun 24, 2024
d45120f
Merge branch 'main' into sse
pschrammel Jun 27, 2024
c965b3c
fixing some tests
pschrammel Jun 27, 2024
9713535
Merge branch 'sse' of github.com:conceptboard/thumbor-aws into sse
pschrammel Jun 27, 2024
4c8cf4b
false thy python style
pschrammel Jun 27, 2024
3fe0f2b
silencing pylint
pschrammel Jun 27, 2024
9aa9bf7
silencing pylint
pschrammel Jun 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions tests/test_storage.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,7 @@ async def test_can_get_crypto_from_s3(self):
b"ACME-SEC2",
"application/text",
"http://my-site.com",
False
)

data = await storage.get_crypto(filepath)
Expand All @@ -163,6 +164,7 @@ async def test_can_get_detector_data_from_s3(self):
b'{"some": "data"}',
"application/text",
"",
False
)

data = await storage.get_detector_data(filepath)
Expand Down
8 changes: 8 additions & 0 deletions thumbor_aws/result_storage.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,13 @@
"AWS Result Storage",
)

Config.define(
"AWS_RESULT_STORAGE_S3_SSE",
False,
"Use server side encryption for result storage.",
"AWS Result Storage",
)


class Storage(BaseStorage, S3Client):
def __init__(self, context):
Expand Down Expand Up @@ -143,6 +150,7 @@ async def put(self, image_bytes: bytes) -> str:
image_bytes,
content_type,
self.context.config.AWS_DEFAULT_LOCATION,
self.context.config.AWS_RESULT_STORAGE_S3_SSE,
)
logger.info(
"[RESULT_STORAGE] Image uploaded successfully to %s", file_abspath
Expand Down
6 changes: 4 additions & 2 deletions thumbor_aws/s3_client.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,20 +104,22 @@ async def upload(
data: bytes,
content_type,
default_location,
encryption
) -> str:
"""Uploads a File to S3"""

async with self.get_client() as client:
response = None
try:
settings = {
"Bucket": self.bucket_name,
"Key": path,
"Body": data,
"ContentType": content_type,
"ContentType": content_type
}
if self.file_acl is not None:
settings["ACL"] = self.file_acl
if encryption:
settings["ServerSideEncryption"] = "AES256"

response = await client.put_object(**settings)
except Exception as error:
Expand Down
10 changes: 10 additions & 0 deletions thumbor_aws/storage.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,13 @@
"AWS Storage",
)

Config.define(
"AWS_STORAGE_S3_SSE",
False,
"Use server side encryption for storage.",
"AWS Storage",
)


class Storage(storages.BaseStorage, S3Client):
def __init__(self, context):
Expand Down Expand Up @@ -100,6 +107,7 @@ async def put(self, path: str, file_bytes: bytes) -> str:
file_bytes,
content_type,
self.context.config.AWS_DEFAULT_LOCATION,
self.context.config.AWS_STORAGE_S3_SSE,
)
return path

Expand All @@ -121,6 +129,7 @@ async def put_crypto(self, path: str) -> str:
key,
"application/text",
self.context.config.AWS_DEFAULT_LOCATION,
self.context.config.AWS_STORAGE_S3_SSE,
)

logger.debug("Stored crypto at %s", crypto_path)
Expand All @@ -136,6 +145,7 @@ async def put_detector_data(self, path: str, data: Any) -> str:
details,
"application/json",
self.context.config.AWS_DEFAULT_LOCATION,
self.context.config.AWS_STORAGE_S3_SSE,
)

async def get(self, path: str) -> bytes:
Expand Down
Loading