Merge pull request #7461 from Budibase/fix/remove-global-aws-configs

fixing s3 outage errors and scoping AWS configuration to service level
2022-08-25 18:11:52 +01:00 · 2022-08-25 18:11:52 +01:00 · faa2b5f138
parent 5de35111e5 2470d711b0
commit faa2b5f138
4 changed files with 67 additions and 33 deletions
--- a/packages/backend-core/src/objectStore/index.ts
+++ b/packages/backend-core/src/objectStore/index.ts
@ -66,15 +66,13 @@ const PUBLIC_BUCKETS = [ObjectStoreBuckets.APPS, ObjectStoreBuckets.GLOBAL]
 * @constructor
 */
 export const ObjectStore = (bucket: any) => {
-  AWS.config.update({
-    accessKeyId: env.MINIO_ACCESS_KEY,
-    secretAccessKey: env.MINIO_SECRET_KEY,
-    region: env.AWS_REGION,
-  })
  const config: any = {
    s3ForcePathStyle: true,
    signatureVersion: "v4",
    apiVersion: "2006-03-01",
+    accessKeyId: env.MINIO_ACCESS_KEY,
+    secretAccessKey: env.MINIO_SECRET_KEY,
+    region: env.AWS_REGION,
  }
  if (bucket) {
    config.params = {
--- a/packages/server/src/db/dynamoClient.js
+++ b/packages/server/src/db/dynamoClient.js
@ -103,11 +103,9 @@ class Table {

 exports.init = endpoint => {
  let AWS = require("aws-sdk")
-  AWS.config.update({
-    region: AWS_REGION,
-  })
  let docClientParams = {
    correctClockSkew: true,
+    region: AWS_REGION,
  }
  if (endpoint) {
    docClientParams.endpoint = endpoint
--- a/packages/server/src/integrations/dynamodb.ts
+++ b/packages/server/src/integrations/dynamodb.ts
@ -13,7 +13,8 @@ module DynamoModule {
    region: string
    accessKeyId: string
    secretAccessKey: string
-    endpoint: string
+    endpoint?: string
+    currentClockSkew?: boolean
  }

  const SCHEMA: Integration = {
@ -132,31 +133,20 @@ module DynamoModule {

    constructor(config: DynamoDBConfig) {
      this.config = config
-      if (this.config.endpoint && !this.config.endpoint.includes("localhost")) {
-        this.connect()
+
+      // User is using a local dynamoDB endpoint, don't auth with remote
+      if (this.config?.endpoint?.includes("localhost")) {
+        // @ts-ignore
+        this.config = {}
      }
-      let options = {
-        correctClockSkew: true,
-        region: this.config.region || AWS_REGION,
-        endpoint: config.endpoint ? config.endpoint : undefined,
+
+      this.config = {
+        ...this.config,
+        currentClockSkew: true,
+        region: config.region || AWS_REGION,
+        endpoint: config.endpoint || undefined,
      }
-      this.client = new AWS.DynamoDB.DocumentClient(options)
-    }
-
-    end() {
-      this.disconnect()
-    }
-
-    connect() {
-      AWS.config.update(this.config)
-    }
-
-    disconnect() {
-      AWS.config.update({
-        secretAccessKey: undefined,
-        accessKeyId: undefined,
-        region: AWS_REGION,
-      })
+      this.client = new AWS.DynamoDB.DocumentClient(this.config)
    }

    async create(query: { table: string; json: object }) {
@ -197,7 +187,7 @@ module DynamoModule {
      const params = {
        TableName: query.table,
      }
-      return new AWS.DynamoDB().describeTable(params).promise()
+      return new AWS.DynamoDB(this.config).describeTable(params).promise()
    }

    async get(query: { table: string; json: object }) {
--- a/packages/server/src/integrations/tests/dynamodb.spec.js
+++ b/packages/server/src/integrations/tests/dynamodb.spec.js
@ -100,4 +100,52 @@ describe("DynamoDB Integration", () => {
      Name: "John"
    })
  })
+
+  it("configures the dynamoDB constructor based on an empty endpoint parameter", async () => {
+    const config = {
+      region: "us-east-1",
+      accessKeyId: "test",
+      secretAccessKeyId: "test"
+    }
+
+    const integration = new DynamoDBIntegration.integration(config)
+
+    expect(integration.config).toEqual({
+      currentClockSkew: true,
+      ...config
+    })
+  })
+
+  it("configures the dynamoDB constructor based on a localhost endpoint parameter", async () => {
+    const config = {
+      region: "us-east-1",
+      accessKeyId: "test",
+      secretAccessKeyId: "test",
+      endpoint: "localhost:8080"
+    }
+
+    const integration = new DynamoDBIntegration.integration(config)
+
+    expect(integration.config).toEqual({
+      region: "us-east-1",
+      currentClockSkew: true,
+      endpoint: "localhost:8080"
+    })
+  })
+
+  it("configures the dynamoDB constructor based on a remote endpoint parameter", async () => {
+    const config = {
+      region: "us-east-1",
+      accessKeyId: "test",
+      secretAccessKeyId: "test",
+      endpoint: "dynamodb.aws.foo.net"
+    }
+
+    const integration = new DynamoDBIntegration.integration(config)
+
+    expect(integration.config).toEqual({
+      currentClockSkew: true,
+      ...config
+    })
+  })
 })