From d7c9eb9562a3bf12e58c053c351cbafaa5f91d37 Mon Sep 17 00:00:00 2001 From: Kevin Brendle Date: Fri, 18 Feb 2022 11:58:37 -0500 Subject: [PATCH] adding settings key for a map of bucket name to ACL. update upload.putImpl to optionally allow multiple customizations to the PutObjectRequest --- src/main/scala/fm/sbt/S3ResolverPlugin.scala | 5 ++++- src/main/scala/fm/sbt/S3URLHandler.scala | 23 +++++++++++++++++++- 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/src/main/scala/fm/sbt/S3ResolverPlugin.scala b/src/main/scala/fm/sbt/S3ResolverPlugin.scala index 7780d8d..ce19a71 100644 --- a/src/main/scala/fm/sbt/S3ResolverPlugin.scala +++ b/src/main/scala/fm/sbt/S3ResolverPlugin.scala @@ -16,8 +16,8 @@ package fm.sbt import java.net.{URL, URLStreamHandler, URLStreamHandlerFactory} - import com.amazonaws.auth.AWSCredentialsProvider +import com.amazonaws.services.s3.model.CannedAccessControlList import org.apache.ivy.util.url.{URLHandlerDispatcher, URLHandlerRegistry} import sbt.Keys._ import sbt._ @@ -43,6 +43,8 @@ object S3ResolverPlugin extends AutoPlugin { lazy val showS3Credentials: InputKey[Unit] = { InputKey[Unit]("showS3Credentials", "Just outputs credentials that are loaded by the s3credentials provider") } + + lazy val s3ResolverBucketACLMap: SettingKey[Map[String, CannedAccessControlList]] = settingKey[Map[String, CannedAccessControlList]]("This allows us to specify a canned ACL for s3 buckets") } import autoImport._ @@ -121,6 +123,7 @@ object S3ResolverPlugin extends AutoPlugin { val extracted: Extracted = Project.extract(state) S3URLHandler.registerBucketCredentialsProvider(extracted.getOpt(s3CredentialsProvider).getOrElse(S3URLHandler.defaultCredentialsProviderChain)) + S3URLHandler.registerBucketACLMap(extracted.getOpt(s3ResolverBucketACLMap).getOrElse(Map())) state } diff --git a/src/main/scala/fm/sbt/S3URLHandler.scala b/src/main/scala/fm/sbt/S3URLHandler.scala index 8cd80cb..27d8125 100644 --- a/src/main/scala/fm/sbt/S3URLHandler.scala +++ b/src/main/scala/fm/sbt/S3URLHandler.scala @@ -44,10 +44,16 @@ object S3URLHandler { private var bucketCredentialsProvider: String => AWSCredentialsProvider = makePropertiesFileCredentialsProvider + private var bucketACLMap: Map[String, CannedAccessControlList] = Map() + def registerBucketCredentialsProvider(provider: String => AWSCredentialsProvider): Unit = { bucketCredentialsProvider = provider } + def registerBucketACLMap(aclMap: Map[String, CannedAccessControlList]): Unit = { + bucketACLMap = aclMap + } + def getBucketCredentialsProvider: String => AWSCredentialsProvider = bucketCredentialsProvider private class S3URLInfo(available: Boolean, contentLength: Long, lastModified: Long) extends URLHandler.URLInfo(available, contentLength, lastModified) @@ -389,7 +395,22 @@ final class S3URLHandler extends URLHandler { def putImpl(serverSideEncryption: Boolean): PutObjectResult = { val meta: ObjectMetadata = new ObjectMetadata() if (serverSideEncryption) meta.setSSEAlgorithm(ObjectMetadata.AES_256_SERVER_SIDE_ENCRYPTION) - client.putObject(new PutObjectRequest(bucket, key, src).withMetadata(meta)) + + val customizers = Seq[PutObjectRequest => PutObjectRequest]( + // add metadata + x => {x.withMetadata(meta)}, + // add bucket ACL + x => { + bucketACLMap.get(bucket) match { + case Some(y) => x.withCannedAcl(y) + case None => x + } + } + ) + + val req = customizers.foldLeft(new PutObjectRequest(bucket, key, src))((putObjectRequest, customizer) => customizer(putObjectRequest)) + + client.putObject(req) } // Do we know for sure that this bucket requires SSE?