This commit is contained in:
parent
1f9da8db15
commit
aba30ac4f4
GPG key ID:
E41C08AD390E7C49
5 changed files with 38 additions and 10 deletions
27
.github/workflows/ci.yml
vendored
Normal file
27
.github/workflows/ci.yml
vendored
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
name: CI
|
||||
env:
|
||||
DOCKER_BUILDKIT: 1
|
||||
on:
|
||||
push:
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- name: Docker Login
|
||||
env:
|
||||
DOCKER_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
DOCKER_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
|
||||
run: |
|
||||
echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin
|
||||
- name: Run GoReleaser
|
||||
uses: goreleaser/goreleaser-action@v2
|
||||
with:
|
||||
version: latest
|
||||
args: release --rm-dist
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GORELEASER_GITHUB_TOKEN }}
|
||||
7
.goreleaser.yml
Normal file
7
.goreleaser.yml
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
dockers:
|
||||
- goos: linux
|
||||
goarch: amd64
|
||||
image_templates:
|
||||
- "ii64/obs-access-signer:latest"
|
||||
- "ii64/obs-access-signer:v{{ .Version }}"
|
||||
skip_push: auto
|
||||
|
|
@ -6,7 +6,7 @@ COPY . /build
|
|||
RUN apk add --no-cache \
|
||||
make
|
||||
|
||||
RUN --mount=type=cache,mode=0755,target=/go/pkg/mod make dep
|
||||
RUN make dep
|
||||
RUN make build
|
||||
|
||||
|
||||
|
|
|
|||
5
Makefile
5
Makefile
|
|
@ -2,8 +2,6 @@ all: build
|
|||
|
||||
export DOCKER_BUILDKIT=1
|
||||
|
||||
IMAGE := obs-access-signer:dev
|
||||
|
||||
# use zig cc/c++ to statically link deps
|
||||
TARGET_TRIPLE := x86_64-linux
|
||||
|
||||
|
|
@ -19,6 +17,3 @@ dep:
|
|||
|
||||
build:
|
||||
CGO_ENABLED=0 CC="zig cc $(CFLAGS)" CXX="zig c++ $(CXXFLAGS)" go build $(GOFLAGS) .
|
||||
|
||||
build.docker:
|
||||
"docker" build --progress=plain -t $(IMAGE) .
|
||||
|
|
@ -4,12 +4,11 @@ S3 Object Storage access signer.
|
|||
|
||||
Run `obs-access-signer` behind a gateway/cache proxy is preferred as the response is static.
|
||||
|
||||
There's an example of using it with Varnish Cache, you can see [here](docker/docker-compose.yaml).
|
||||
There's an example of using it with Varnish Cache, which you can see [here](docker/docker-compose.yaml).
|
||||
|
||||
## Why?
|
||||
|
||||
Some S3-compatible gateway might not support ACL endpoints but they are support presigned access. Currently, the behavior of `obs-access-signer` is similar to `public-read` ACL where clients can access objects anonymously and redirect them (permanently) to presigned url with `Expires` set to the max signed value of `int64` which has roughly 250yrs lifetime since unix time started.
|
||||
|
||||
Some S3-compatible gateways might not support ACL endpoints but they support presigned access. Currently, the behavior of `obs-access-signer` is similar to `public-read` ACL where clients can access objects anonymously and redirect them (permanently) to presigned URL with `Expires` set to the max signed value of `int64` which has roughly 250yrs lifetime since UNIX time started.
|
||||
|
||||
## License
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue