Skip to content

Commit

Permalink
Add S3 webresource handler
Browse files Browse the repository at this point in the history
Change-type: minor
  • Loading branch information
otaviojacobi committed Aug 28, 2023
1 parent 72e7454 commit 83b246e
Show file tree
Hide file tree
Showing 7 changed files with 170 additions and 27 deletions.
2 changes: 2 additions & 0 deletions config.ts
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
import type { ConfigLoader } from '@balena/pinejs';
import * as balenaModel from './src/balena';
import { getFileUploadHandler } from './src/fileupload-handler';

export = {
models: [balenaModel],
Expand All @@ -25,4 +26,5 @@ export = {
],
},
],
webResourceHandler: getFileUploadHandler(),
} as ConfigLoader.Config;
11 changes: 10 additions & 1 deletion config/confd/conf.d/env.toml
Original file line number Diff line number Diff line change
Expand Up @@ -53,5 +53,14 @@ keys = [
"VPN_PORT",
"VPN_SERVICE_API_KEY",
"VPN_GUEST_API_KEY",
"VPN_CONNECT_PROXY_PORT"
"VPN_CONNECT_PROXY_PORT",
"WEBRESOURCES_S3_ACCESS_KEY",
"WEBRESOURCES_S3_SECRET_KEY",
"WEBRESOURCES_S3_REGION",
"WEBRESOURCES_S3_HOST",
"WEBRESOURCES_S3_BUCKET",
"WEBRESOURCES_S3_MAX_FILESIZE",
"WEBRESOURCES_CLOUDFRONT_PRIVATEKEY",
"WEBRESOURCES_CLOUDFRONT_PUBLICKEY_ID",
"WEBRESOURCES_CLOUDFRONT_HOST"
]
9 changes: 9 additions & 0 deletions config/confd/templates/env.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -79,3 +79,12 @@ VPN_SERVICE_API_KEY={{getenv "VPN_SERVICE_API_KEY"}}
{{if getenv "VPN_GUEST_API_KEY"}}VPN_GUEST_API_KEY={{getenv "VPN_GUEST_API_KEY"}}{{end}}
{{if getenv "AUTH_RESINOS_REGISTRY_CODE"}}AUTH_RESINOS_REGISTRY_CODE={{getenv "AUTH_RESINOS_REGISTRY_CODE"}}{{end}}
{{if getenv "BROTLI_COMPRESSION_QUALITY"}}BROTLI_COMPRESSION_QUALITY={{getenv "BROTLI_COMPRESSION_QUALITY"}}{{end}}
{{if getenv "WEBRESOURCES_S3_ACCESS_KEY"}}WEBRESOURCES_S3_ACCESS_KEY={{getenv "WEBRESOURCES_S3_ACCESS_KEY"}}{{end}}
{{if getenv "WEBRESOURCES_S3_SECRET_KEY"}}WEBRESOURCES_S3_SECRET_KEY={{getenv "WEBRESOURCES_S3_SECRET_KEY"}}{{end}}
{{if getenv "WEBRESOURCES_S3_REGION"}}WEBRESOURCES_S3_REGION={{getenv "WEBRESOURCES_S3_REGION"}}{{end}}
{{if getenv "WEBRESOURCES_S3_HOST"}}WEBRESOURCES_S3_HOST={{getenv "WEBRESOURCES_S3_HOST"}}{{end}}
{{if getenv "WEBRESOURCES_S3_BUCKET"}}WEBRESOURCES_S3_BUCKET={{getenv "WEBRESOURCES_S3_BUCKET"}}{{end}}
{{if getenv "WEBRESOURCES_S3_MAX_FILESIZE"}}WEBRESOURCES_S3_MAX_FILESIZE={{getenv "WEBRESOURCES_S3_MAX_FILESIZE"}}{{end}}
{{if getenv "WEBRESOURCES_CLOUDFRONT_PRIVATEKEY"}}WEBRESOURCES_CLOUDFRONT_PRIVATEKEY={{getenv "WEBRESOURCES_CLOUDFRONT_PRIVATEKEY"}}{{end}}
{{if getenv "WEBRESOURCES_CLOUDFRONT_PUBLICKEY_ID"}}WEBRESOURCES_CLOUDFRONT_PUBLICKEY_ID={{getenv "WEBRESOURCES_CLOUDFRONT_PUBLICKEY_ID"}}{{end}}
{{if getenv "WEBRESOURCES_CLOUDFRONT_HOST"}}WEBRESOURCES_CLOUDFRONT_HOST={{getenv "WEBRESOURCES_CLOUDFRONT_HOST"}}{{end}}
68 changes: 42 additions & 26 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@
"@balena/es-version": "^1.0.2",
"@balena/node-metrics-gatherer": "^6.0.3",
"@balena/pinejs": "^15.3.0",
"@balena/pinejs-webresource-cloudfront": "^0.0.2",
"@sentry/node": "^7.49.0",
"@types/basic-auth": "^1.1.3",
"@types/bluebird": "^3.5.38",
Expand Down
83 changes: 83 additions & 0 deletions src/fileupload-handler.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
import { webResourceHandler } from '@balena/pinejs';
import { CloudFrontHandler } from '@balena/pinejs-webresource-cloudfront';
import {
WEBRESOURCES_S3_ACCESS_KEY,
WEBRESOURCES_S3_SECRET_KEY,
WEBRESOURCES_S3_REGION,
WEBRESOURCES_S3_HOST,
WEBRESOURCES_S3_BUCKET,
WEBRESOURCES_S3_MAX_FILESIZE,
WEBRESOURCES_CLOUDFRONT_PRIVATEKEY,
WEBRESOURCES_CLOUDFRONT_PUBLICKEY_ID,
WEBRESOURCES_CLOUDFRONT_HOST,
} from './lib/config';

const getS3Config = (): webResourceHandler.S3HandlerProps | undefined => {
if (
WEBRESOURCES_S3_ACCESS_KEY != null &&
WEBRESOURCES_S3_SECRET_KEY != null &&
WEBRESOURCES_S3_REGION != null &&
WEBRESOURCES_S3_HOST != null &&
WEBRESOURCES_S3_BUCKET != null
) {
return {
accessKey: WEBRESOURCES_S3_ACCESS_KEY,
secretKey: WEBRESOURCES_S3_SECRET_KEY,
region: WEBRESOURCES_S3_REGION,
endpoint: WEBRESOURCES_S3_HOST,
bucket: WEBRESOURCES_S3_BUCKET,
maxSize: WEBRESOURCES_S3_MAX_FILESIZE,
};
}
};

const getCloudfrontConfig = (): any | undefined => {
const s3Config = getS3Config();
if (
s3Config != null &&
WEBRESOURCES_CLOUDFRONT_PRIVATEKEY != null &&
WEBRESOURCES_CLOUDFRONT_PUBLICKEY_ID != null &&
WEBRESOURCES_CLOUDFRONT_HOST != null
) {
// TODO: PRIVATEKEY has to be parsed from JSON64 encoded
return {
cfPublicKeyId: WEBRESOURCES_CLOUDFRONT_PUBLICKEY_ID,
cfSecretKey: WEBRESOURCES_CLOUDFRONT_PRIVATEKEY,
cfDistributionDomain: WEBRESOURCES_CLOUDFRONT_HOST,
...s3Config,
};
}
};

let handler: webResourceHandler.WebResourceHandler | undefined;
export const getFileUploadHandler = () => {
if (handler == null) {
const cfConfig = getCloudfrontConfig();
if (cfConfig != null) {
handler = new CloudFrontHandler(cfConfig);
console.log('Successfully initialised webresource CloudFront handler.');
console.log({
region: cfConfig.region,
endpoint: cfConfig.endpoint,
bucket: cfConfig.bucket,
cFhost: cfConfig.cfDistributionDomain,
});
return handler;
}

const s3Config = getS3Config();
if (s3Config != null) {
handler = new webResourceHandler.S3Handler(s3Config);
console.log('Successfully initialised webresource S3 handler.');
console.log({
region: s3Config.region,
endpoint: s3Config.endpoint,
bucket: s3Config.bucket,
});
return handler;
}

console.log('No webresource handler loaded.');
}
return handler;
};
23 changes: 23 additions & 0 deletions src/lib/config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -415,6 +415,29 @@ export const IGNORE_FROZEN_DEVICE_PERMISSIONS = boolVar(
false,
);

export const WEBRESOURCES_S3_HOST = optionalVar('WEBRESOURCES_S3_HOST');
export const WEBRESOURCES_S3_REGION = optionalVar('WEBRESOURCES_S3_REGION');
export const WEBRESOURCES_S3_ACCESS_KEY = optionalVar(
'WEBRESOURCES_S3_ACCESS_KEY',
);
export const WEBRESOURCES_S3_SECRET_KEY = optionalVar(
'WEBRESOURCES_S3_SECRET_KEY',
);
export const WEBRESOURCES_S3_BUCKET = optionalVar('WEBRESOURCES_S3_BUCKET');
export const WEBRESOURCES_S3_MAX_FILESIZE = intVar(
'WEBRESOURCES_S3_MAX_FILESIZE',
10000000,
);
export const WEBRESOURCES_CLOUDFRONT_PRIVATEKEY = optionalVar(
'WEBRESOURCES_CLOUDFRONT_PRIVATEKEY',
);
export const WEBRESOURCES_CLOUDFRONT_PUBLICKEY_ID = optionalVar(
'WEBRESOURCES_CLOUDFRONT_PUBLICKEY_ID',
);
export const WEBRESOURCES_CLOUDFRONT_HOST = optionalVar(
'WEBRESOURCES_CLOUDFRONT_HOST',
);

/**
* Splits an env var in the format of `${username}:${password}`
* into a RedisAuth object. Auth is optional, so this can return
Expand Down

0 comments on commit 83b246e

Please sign in to comment.