Closed de-jcup closed 4 years ago
Potential java library to use for native s3 object storage:
https://www.baeldung.com/aws-s3-java
https://github.com/minio/minio-java https://docs.min.io/docs/minio-client-complete-guide
https://stackoverflow.com/questions/55402610/configuring-minio-server-for-use-with-testcontainers
https://icicimov.github.io/blog/virtualization/Kubernetes-shared-storage-with-S3-backend/ uses https://github.com/s3fs-fuse/s3fs-fuse
alpine linux has s3fs-fuse inside official packages (but testing only) https://pkgs.alpinelinux.org/packages?name=s3fs*&branch=edge&repo=testing
Testing package dependencies for apk can be added as described at https://wiki.alpinelinux.org/wiki/Alpine_Linux_package_management
Maybe a good alternative to s3s-fuse, written in Go. see https://github.com/kahing/goofys
not available in alpine linux packages ,but ...
https://github.com/gliderlabs/docker-alpine/issues/268 shows usage in alpine docker image. (but there is a git checkout on docker image build time - so not production ready. But we could build go client in a dedicated version/commitId and use this inside docker creation)
Should we provide S3 native or by "pseudo filesystem" ?
A native approach is better than providing s3 by a "pseudo filesystem".
If somebody wants to use the "pseudo filesystem" this will still work.
One S3 storage test did fail because of a minio problem already issued at https://github.com/minio/minio-java/issues/710 . This seems to be same, but the issue is closed.
There is also the possibliity to use amazon s3 sdk client instead of minio. We will check what memory footprint will be in sechub server bootJar when switching to aws s3 variant and if test do no longer fail with amzon s3 sdk client.
Currenlty we provide only file system based upload directories. There shall be an option to store data instead to an s3 bucket (e.g. source uploads).
This must be configurable, default shall be filesystem as before.
The easiest way would be to provide S3 storage system as pseudo file system so no changes would be necessary. Other way would be to provide a native approach and support S3 directly by SecHub.
This issue will gather information and has as result either implementation in SecHub or just provide a documentation how to setup S3 storage as a "pseudo filesystem" as a replacement for NFS.