From 7cb98bbcd16fcd45efbdc699c54726e874028eb5 Mon Sep 17 00:00:00 2001
From: Kent Pitman <kent_pitman@hms.harvard.edu>
Date: Mon, 23 Oct 2023 13:49:30 -0400
Subject: [PATCH] Revert some changes to glacier_utils.py

---
 dcicutils/glacier_utils.py | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/dcicutils/glacier_utils.py b/dcicutils/glacier_utils.py
index bbcf77893..7609ab316 100644
--- a/dcicutils/glacier_utils.py
+++ b/dcicutils/glacier_utils.py
@@ -58,6 +58,10 @@ def __init__(self, env_name: str):
         self.env_key = self.key_manager.get_keydict_for_env(env_name)
         self.health_page = get_health_page(key=self.env_key, ff_env=env_name)
 
+    @property
+    def kms_key_id(self) -> str:
+        return self.health_page.get("s3_encrypt_key_id", "")
+
     @classmethod
     def is_glacier_storage_class(cls, storage_class: S3StorageClass):
         return storage_class in S3_GLACIER_CLASSES
@@ -295,6 +299,9 @@ def _do_multipart_upload(self, bucket: str, key: str, total_size: int, part_size
             }
             if tags:
                 cmu['Tagging'] = tags
+            if self.kms_key_id:
+                cmu['ServerSideEncryption'] = 'aws:kms'
+                cmu['SSEKMSKeyId'] = self.kms_key_id
             mpu = self.s3.create_multipart_upload(**cmu)
             mpu_upload_id = mpu['UploadId']
         except Exception as e:
@@ -381,16 +388,21 @@ def copy_object_back_to_original_location(self, bucket: str, key: str, storage_c
             else:
                 # Force copy the object into standard in a single operation
                 copy_source = {'Bucket': bucket, 'Key': key}
-                copy_target = {
+                copy_args = {
                     'Bucket': bucket, 'Key': key,
                     'StorageClass': storage_class,
                 }
                 if version_id:
                     copy_source['VersionId'] = version_id
-                    copy_target['CopySourceVersionId'] = version_id
+                    copy_args['CopySourceVersionId'] = version_id
                 if tags:
-                    copy_target['Tagging'] = tags
-                response = self.s3.copy_object(CopySource=copy_source, **copy_target)
+                    copy_args['Tagging'] = tags
+                if self.kms_key_id:
+                    copy_args['ServerSideEncryption'] = 'aws:kms'
+                    copy_args['SSEKMSKeyId'] = self.kms_key_id
+                response = self.s3.copy_object(
+                    **copy_args, CopySource=copy_source
+                )
                 PRINT(f'Response from boto3 copy:\n{response}')
                 PRINT(f'Object {bucket}/{key} copied back to its original location in S3')
                 return response