in core/src/services/s3/backend.rs [691:881]
fn build(&mut self) -> Result<Self::Accessor> {
debug!("backend build started: {:?}", &self);
let root = normalize_root(&self.root.take().unwrap_or_default());
debug!("backend use root {}", &root);
// Handle bucket name.
let bucket = if self.is_bucket_valid() {
Ok(&self.bucket)
} else {
Err(
Error::new(ErrorKind::ConfigInvalid, "The bucket is misconfigured")
.with_context("service", Scheme::S3),
)
}?;
debug!("backend use bucket {}", &bucket);
let default_storage_class = match &self.default_storage_class {
None => None,
Some(v) => Some(
build_header_value(v).map_err(|err| err.with_context("key", "storage_class"))?,
),
};
let server_side_encryption = match &self.server_side_encryption {
None => None,
Some(v) => Some(
build_header_value(v)
.map_err(|err| err.with_context("key", "server_side_encryption"))?,
),
};
let server_side_encryption_aws_kms_key_id =
match &self.server_side_encryption_aws_kms_key_id {
None => None,
Some(v) => Some(build_header_value(v).map_err(|err| {
err.with_context("key", "server_side_encryption_aws_kms_key_id")
})?),
};
let server_side_encryption_customer_algorithm =
match &self.server_side_encryption_customer_algorithm {
None => None,
Some(v) => Some(build_header_value(v).map_err(|err| {
err.with_context("key", "server_side_encryption_customer_algorithm")
})?),
};
let server_side_encryption_customer_key =
match &self.server_side_encryption_customer_key {
None => None,
Some(v) => Some(build_header_value(v).map_err(|err| {
err.with_context("key", "server_side_encryption_customer_key")
})?),
};
let server_side_encryption_customer_key_md5 =
match &self.server_side_encryption_customer_key_md5 {
None => None,
Some(v) => Some(build_header_value(v).map_err(|err| {
err.with_context("key", "server_side_encryption_customer_key_md5")
})?),
};
let client = if let Some(client) = self.http_client.take() {
client
} else {
HttpClient::new().map_err(|err| {
err.with_operation("Builder::build")
.with_context("service", Scheme::S3)
})?
};
// This is our current config.
let mut cfg = AwsConfig::default();
if !self.disable_config_load {
cfg = cfg.from_profile();
cfg = cfg.from_env();
}
if let Some(v) = self.region.take() {
cfg.region = Some(v);
}
if cfg.region.is_none() {
return Err(Error::new(
ErrorKind::ConfigInvalid,
"region is missing. Please find it by S3::detect_region() or set them in env.",
)
.with_operation("Builder::build")
.with_context("service", Scheme::S3));
}
let region = cfg.region.to_owned().unwrap();
debug!("backend use region: {region}");
// Building endpoint.
let endpoint = self.build_endpoint(®ion);
debug!("backend use endpoint: {endpoint}");
// Setting all value from user input if available.
if let Some(v) = self.access_key_id.take() {
cfg.access_key_id = Some(v)
}
if let Some(v) = self.secret_access_key.take() {
cfg.secret_access_key = Some(v)
}
if let Some(v) = self.security_token.take() {
cfg.session_token = Some(v)
}
let mut loader: Option<Box<dyn AwsCredentialLoad>> = None;
// If customed_credential_load is set, we will use it.
if let Some(v) = self.customed_credential_load.take() {
loader = Some(v);
}
// If role_arn is set, we must use AssumeRoleLoad.
if let Some(role_arn) = self.role_arn.take() {
// use current env as source credential loader.
let default_loader = AwsDefaultLoader::new(client.client(), cfg.clone());
// Build the config for assume role.
let assume_role_cfg = AwsConfig {
region: Some(region.clone()),
role_arn: Some(role_arn),
external_id: self.external_id.clone(),
sts_regional_endpoints: "regional".to_string(),
..Default::default()
};
let assume_role_loader = AwsAssumeRoleLoader::new(
client.client(),
assume_role_cfg,
Box::new(default_loader),
)
.map_err(|err| {
Error::new(
ErrorKind::ConfigInvalid,
"The assume_role_loader is misconfigured",
)
.with_context("service", Scheme::S3)
.set_source(err)
})?;
loader = Some(Box::new(assume_role_loader));
}
// If loader is not set, we will use default loader.
let loader = match loader {
Some(v) => v,
None => {
let mut default_loader = AwsDefaultLoader::new(client.client(), cfg);
if self.disable_ec2_metadata {
default_loader = default_loader.with_disable_ec2_metadata();
}
Box::new(default_loader)
}
};
let signer = AwsV4Signer::new("s3", ®ion);
let write_min_size = self.write_min_size.unwrap_or(DEFAULT_WRITE_MIN_SIZE);
if write_min_size < 5 * 1024 * 1024 {
return Err(Error::new(
ErrorKind::ConfigInvalid,
"The write minimum buffer size is misconfigured",
)
.with_context("service", Scheme::S3));
}
let batch_max_operations = self
.batch_max_operations
.unwrap_or(DEFAULT_BATCH_MAX_OPERATIONS);
debug!("backend build finished");
Ok(S3Backend {
core: Arc::new(S3Core {
bucket: bucket.to_string(),
endpoint,
root,
server_side_encryption,
server_side_encryption_aws_kms_key_id,
server_side_encryption_customer_algorithm,
server_side_encryption_customer_key,
server_side_encryption_customer_key_md5,
default_storage_class,
allow_anonymous: self.allow_anonymous,
signer,
loader,
client,
write_min_size,
batch_max_operations,
}),
})
}