Uploaded image for project: 'Data Management'
  1. Data Management
  2. DM-20140

Add build registration route that provides presigned URLs

    XMLWordPrintable

    Details

    • Type: Story
    • Status: Done
    • Resolution: Done
    • Fix Version/s: None
    • Component/s: None
    • Labels:

      Description

      In DM-20122 we determined that LTD Keeper can provide a presigned POST URL to build upload clients. This prevents clients from needing to maintain their own S3 credentials.

      This ticket enables LTD Keeper to generate those presigned URLs as part of a new {{POST /products/(slug)/builds/ endpoint.}}

      To prevent this update from breaking older clients, we may want to use accept headers to version the endpoint. This will set a useful precedent for future breaking API changes in LTD Keeper's REST API.

        Attachments

          Issue Links

          has to be done after

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. DM-20141 LTD Keeper security updates (for 2019-07-13)

          • Done
          is triggering

          Bug - A problem which impairs or prevents the functions of the product. DM-20901 Fix v2 PATCH /builds/<id> route's edition creation

          • Done
          relates to

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. DM-20122 Investigate client auth patterns for LSST the Docs

          • Done

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. DM-20139 Add presigned POST-based S3 build uploads to LTD Conveyor

          • Done

            Activity

            Hide
            Permalink
            jsick Jonathan Sick added a comment -

            Releasing this update as 1.15.0. Release notes:

            This version introduces a new "v2" endpoint for POST products/<product>/builds/ that returns two new fields: post_prefix_urls and post_dir_urls. These fields provide a mapping of presigned POST URLs and associated fields for different prefixes/directories in the S3 bucket associated with the registered build. The benefit of using presigned POST URLs is that clients no longer need their own AWS S3 credentials. LTD Keeper exclusively maintains control over S3 credentials and restricts access to S3 resources through these presigned URLs.

            The LTD Conveyor client, version 0.5.0, now uses this new version of the endpoint.

            Version 2 endpoints are accessible through a application/vnd.ltdkeeper.v2+json Accept header. Existing clients are unaffected by this change as the default endpoint will continue to operate for the foreseeable future.

            Show
            jsick Jonathan Sick added a comment - Releasing this update as 1.15.0. Release notes: This version introduces a new "v2" endpoint for POST products/<product>/builds/ that returns two new fields: post_prefix_urls and post_dir_urls . These fields provide a mapping of presigned POST URLs and associated fields for different prefixes/directories in the S3 bucket associated with the registered build. The benefit of using presigned POST URLs is that clients no longer need their own AWS S3 credentials. LTD Keeper exclusively maintains control over S3 credentials and restricts access to S3 resources through these presigned URLs. The LTD Conveyor client, version 0.5.0, now uses this new version of the endpoint. Version 2 endpoints are accessible through a application/vnd.ltdkeeper.v2+json Accept header. Existing clients are unaffected by this change as the default endpoint will continue to operate for the foreseeable future.

              People

              Assignee:
              jsick Jonathan Sick
              Reporter:
              jsick Jonathan Sick
              Watchers:
              Jonathan Sick
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Jenkins

                  No builds found.