Use env.php for storing credentials instead of config

thaiphan / magento2-s3

Use Amazon S3 as the file storage solution for your Magento 2 application

MIT License

142 stars 95 forks source link

Use env.php for storing credentials instead of config #70

Closed Koc closed 5 years ago

Koc commented 5 years ago

Bucket configuration is env-sensetive and should not be hardcoded in global config (like database connection settings). See https://devdocs.magento.com/guides/v2.3/config-guide/config/config-php.html for more details.

thaiphan commented 5 years ago

Hi @Koc

@atishgoswami has made a change as part of #67 to fix the sensitive data leak that you described.

Can you install the latest version of this extension and see if that fixes your problem? Feel free to open this ticket again if not.

Regards,

Thai

ibaldonl commented 5 years ago

Hello. I prefer to have the settings for this extension in the env.php file and locked from the admin panel. So I did this from a test from-scratch install:

bin/magento config:set -l -n thai_s3/general/access_key MinioAccess
bin/magento config:set -l -n thai_s3/general/secret_key MinioSecret
bin/magento config:set -l -n thai_s3/general/bucket magento
bin/magento config:set -l -n thai_s3/general/region us-east-1
bin/magento config:set -l -n thai_s3/custom_endpoint/endpoint http://minio:9000/
bin/magento config:set -l -n thai_s3/custom_endpoint/region us-east-1
bin/magento config:set -l -n thai_s3/custom_endpoint/enabled 1
bin/magento s3:storage:export

But in the s3:storage:export step it says:

"The AWS credentials you provided did not work. Please review your details and try again. You can do so using our config script."

I am understanding it wrongly and doing something wrong or is there something wrong with the extension? Thanks a lot!!!

thaiphan commented 5 years ago

Hey @ibaldonl

You don't have to set the custom_endpoint properties unless you're using an another S3-compatible storage service, e.g. Digital Ocean. If you're not using them, you should clear out those values.

Regards,

Thai

ibaldonl commented 5 years ago

Thanks for your answer @thaiphan !!! Yes, I use and need the custom_endpoint to point it to Minio https://www.minio.io/ which I use in a Docker Compose environment for development and tests. Is that the reason why it doesn't work? Again: thanks!!!

thaiphan commented 5 years ago

Does the bucket that you're connecting to exist yet? If it does then the export might fail.

ibaldonl commented 5 years ago

It does exist and if I configure the extension in this other way it works:

bin/magento s3:config:set --access-key-id MinioAccess --secret-key MinioSecret \
    --bucket magento --region us-east-1
bin/magento s3:custom-endpoint:enable --endpoint http://minio:9000/ --region us-east-1
bin/magento s3:storage:export
bin/magento s3:storage:enable

But we need to have the settings in the env.php file which is not in version control, so we can have different settings for different environments (we have many). Thanks!!!

ibaldonl commented 5 years ago

@thaiphan I am doing something wrong or should I open another issue or do you reopen this one? Thanks!!!