apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

ceph: fix SignatureDoesNotMatch by using correct secret key (#11115)

Browse Source 
Ensure bucket.getSecretKey() is used when building the S3 client.
Previously, only getAccessKey() was passed for both key and secret,
causing V4 signature validation failures during operations such as
bucket creation and policy updates.

Co-authored-by: Jean Vetorello <jean@paneas.com>
This commit is contained in:
jeanvetorello 2025-08-03 03:57:09 -03:00 committed by GitHub
parent a84c4cb351
commit ccd86d96d9
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
plugins/storage/object/ceph/src/main/java/org/apache/cloudstack/storage/datastore/driver/CephObjectStoreDriverImpl.java
View File

@ -193,19 +193,19 @@ public class CephObjectStoreDriverImpl extends BaseObjectStoreDriverImpl {
policyConfig = "{\"Version\":\"2012-10-17\",\"Statement\":[]}"; policyConfig = "{\"Version\":\"2012-10-17\",\"Statement\":[]}";
} }
AmazonS3 client = getS3Client(getStoreURL(storeId), bucket.getAccessKey(), bucket.getAccessKey()); AmazonS3 client = getS3Client(getStoreURL(storeId), bucket.getAccessKey(), bucket.getSecretKey());
client.setBucketPolicy(new SetBucketPolicyRequest(bucket.getName(), policyConfig)); client.setBucketPolicy(new SetBucketPolicyRequest(bucket.getName(), policyConfig));
} }
@Override @Override
public BucketPolicy getBucketPolicy(BucketTO bucket, long storeId) { public BucketPolicy getBucketPolicy(BucketTO bucket, long storeId) {
AmazonS3 client = getS3Client(getStoreURL(storeId), bucket.getAccessKey(), bucket.getAccessKey()); AmazonS3 client = getS3Client(getStoreURL(storeId), bucket.getAccessKey(), bucket.getSecretKey());
return client.getBucketPolicy(new GetBucketPolicyRequest(bucket.getName())); return client.getBucketPolicy(new GetBucketPolicyRequest(bucket.getName()));
} }
@Override @Override
public void deleteBucketPolicy(BucketTO bucket, long storeId) { public void deleteBucketPolicy(BucketTO bucket, long storeId) {
AmazonS3 client = getS3Client(getStoreURL(storeId), bucket.getAccessKey(), bucket.getAccessKey()); AmazonS3 client = getS3Client(getStoreURL(storeId), bucket.getAccessKey(), bucket.getSecretKey());
client.deleteBucketPolicy(new DeleteBucketPolicyRequest(bucket.getName())); client.deleteBucketPolicy(new DeleteBucketPolicyRequest(bucket.getName()));
} }
@ -255,7 +255,7 @@ public class CephObjectStoreDriverImpl extends BaseObjectStoreDriverImpl {
@Override @Override
public boolean setBucketVersioning(BucketTO bucket, long storeId) { public boolean setBucketVersioning(BucketTO bucket, long storeId) {
AmazonS3 client = getS3Client(getStoreURL(storeId), bucket.getAccessKey(), bucket.getAccessKey()); AmazonS3 client = getS3Client(getStoreURL(storeId), bucket.getAccessKey(), bucket.getSecretKey());
try { try {
BucketVersioningConfiguration configuration = BucketVersioningConfiguration configuration =
new BucketVersioningConfiguration().withStatus("Enabled"); new BucketVersioningConfiguration().withStatus("Enabled");
@ -272,7 +272,7 @@ public class CephObjectStoreDriverImpl extends BaseObjectStoreDriverImpl {
@Override @Override
public boolean deleteBucketVersioning(BucketTO bucket, long storeId) { public boolean deleteBucketVersioning(BucketTO bucket, long storeId) {
AmazonS3 client = getS3Client(getStoreURL(storeId), bucket.getAccessKey(), bucket.getAccessKey()); AmazonS3 client = getS3Client(getStoreURL(storeId), bucket.getAccessKey(), bucket.getSecretKey());
try { try {
BucketVersioningConfiguration configuration = BucketVersioningConfiguration configuration =
new BucketVersioningConfiguration().withStatus("Suspended"); new BucketVersioningConfiguration().withStatus("Suspended");