From 8875e3e8165e664f6579095af2027c5d0c6a3d42 Mon Sep 17 00:00:00 2001
From: Achyut Madhusudan <amadhusu@redhat.com>
Date: Mon, 8 Apr 2024 21:19:16 +0530
Subject: [PATCH] UPSTREAM:<carry>:fix:Endpoint fix for AWS S3 Bucket Session

Signed-off-by: Achyut Madhusudan <amadhusu@redhat.com>
---
 backend/src/v2/objectstore/object_store.go | 26 ++++++++++++++++------
 1 file changed, 19 insertions(+), 7 deletions(-)

diff --git a/backend/src/v2/objectstore/object_store.go b/backend/src/v2/objectstore/object_store.go
index 1e3369c67d0e..cc42f5861836 100644
--- a/backend/src/v2/objectstore/object_store.go
+++ b/backend/src/v2/objectstore/object_store.go
@@ -359,13 +359,25 @@ func createBucketSession(ctx context.Context, namespace string, sessionInfo *Ses
 	if err != nil {
 		return nil, err
 	}
-	sess, err := session.NewSession(&aws.Config{
-		Credentials:      creds,
-		Region:           aws.String(sessionInfo.Region),
-		Endpoint:         aws.String(sessionInfo.Endpoint),
-		DisableSSL:       aws.Bool(sessionInfo.DisableSSL),
-		S3ForcePathStyle: aws.Bool(true),
-	})
+	config := &aws.Config{}
+	config.Credentials = creds
+	config.Region = aws.String(sessionInfo.Region)
+	config.DisableSSL = aws.Bool(sessionInfo.DisableSSL)
+	config.S3ForcePathStyle = aws.Bool(true)
+	// AWS Specific:
+	// Path-style S3 endpoints, which are commonly used, may fall into either of two subdomains:
+	// 1) s3.amazonaws.com
+	// 2) s3.<AWS Region>.amazonaws.com
+	// for (1) the endpoint is not required, thus we skip it, otherwise the writer will fail to close due to region mismatch.
+	// https://aws.amazon.com/blogs/infrastructure-and-automation/best-practices-for-using-amazon-s3-endpoints-in-aws-cloudformation-templates/
+	// https://docs.aws.amazon.com/sdk-for-go/api/aws/session/
+	awsEndpoint, _ := regexp.MatchString(`^(http|https)://s3.amazonaws.com`, strings.ToLower(sessionInfo.Endpoint))
+	if !awsEndpoint {
+		config.Endpoint = aws.String(sessionInfo.Endpoint)
+		glog.Info("current session endpoint is not s3.amazonaws.com")
+	}
+	glog.Infof("%s is the current session endpoint", sessionInfo.Endpoint)
+	sess, err := session.NewSession(config)
 	if err != nil {
 		return nil, fmt.Errorf("Failed to create session to access minio: %v", err)
 	}