From 3d69647e06fdc5a04cb4f981cbbabbd11cec0684 Mon Sep 17 00:00:00 2001 From: Giteabot Date: Thu, 10 Aug 2023 22:11:22 +0800 Subject: [PATCH] minio: add missing region on client initialization (#26412) (#26438) Backport #26412 by @nekrondev The MinIO client isn't redirecting to the correct AWS endpoint if a non-default data center is used. In my use case I created an AWS bucket at `eu-central-1` region. Because of the missing region initialization of the client the default `us-east-1` API endpoint is used returning a `301 Moved Permanently` response that's not handled properly by MinIO client. This in return aborts using S3 storage on AWS as the `BucketExists()` call will fail with the http moved error. MinIO client trace shows the issue: ```text ---------START-HTTP--------- HEAD / HTTP/1.1 Host: xxxxxxxxxxx-prod-gitea-data.s3.dualstack.us-east-1.amazonaws.com User-Agent: MinIO (windows; amd64) minio-go/v7.0.61 Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20230809/accesspoint.eu-central-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED** X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 X-Amz-Date: 20230809T141143Z HTTP/1.1 301 Moved Permanently Connection: close Content-Type: application/xml Date: Wed, 09 Aug 2023 14:11:43 GMT Server: AmazonS3 X-Amz-Bucket-Region: eu-central-1 X-Amz-Id-2: UK7wfeYi0HcTcytNvQ3wTAZ5ZP1mOSMnvRZ9Fz4xXzeNsS47NB/KfFx2unFxo3L7XckHpMNPPVo= X-Amz-Request-Id: S1V2MJV8SZ11GEVN ---------END-HTTP--------- ``` Co-authored-by: nekrondev Co-authored-by: Heiko Besemann (cherry picked from commit 981ab48503997bf3b2cefcfe623fba49c4317450) --- modules/storage/minio.go | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/storage/minio.go b/modules/storage/minio.go index e2ce09d07a..e7c315ae44 100644 --- a/modules/storage/minio.go +++ b/modules/storage/minio.go @@ -84,6 +84,7 @@ func NewMinioStorage(ctx context.Context, cfg *setting.Storage) (ObjectStorage, Creds: credentials.NewStaticV4(config.AccessKeyID, config.SecretAccessKey, ""), Secure: config.UseSSL, Transport: &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: config.InsecureSkipVerify}}, + Region: config.Location, }) if err != nil { return nil, convertMinioErr(err)