From 9a7706d8b43d0878a2970f748e9ef5e452a609f0 Mon Sep 17 00:00:00 2001 From: Victor Nogueira Date: Sun, 22 Dec 2024 19:06:48 +0100 Subject: [PATCH] Improve code organization and error handling - Add proper error types and handling with severity levels - Improve SSL/TLS configuration and security - Add helper functions for safer field access - Enhance documentation and code organization - Add proper constants and remove magic values - Improve type definitions and validation --- docs/resources/s3_bucket_replication.md | 30 +- .../minio_s3_bucket_replication/resource.tf | 4 +- minio/payload.go | 287 ++++++++++-------- minio/resource_minio_s3_bucket_replication.go | 30 +- ...source_minio_s3_bucket_replication_test.go | 130 ++++---- 5 files changed, 252 insertions(+), 229 deletions(-) diff --git a/docs/resources/s3_bucket_replication.md b/docs/resources/s3_bucket_replication.md index 8c766277..5bf5c95b 100644 --- a/docs/resources/s3_bucket_replication.md +++ b/docs/resources/s3_bucket_replication.md @@ -3,13 +3,10 @@ page_title: "minio_s3_bucket_replication Resource - terraform-provider-minio" subcategory: "" description: |- - --- # minio_s3_bucket_replication (Resource) - - ## Example Usage ```terraform @@ -100,7 +97,7 @@ resource "minio_iam_user" "replication_in_b" { provider = minio.deployment_b name = "my-user" force_destroy = true -} +} resource "minio_iam_user_policy_attachment" "replication_in_b" { provider = minio.deployment_b @@ -130,7 +127,7 @@ resource "minio_s3_bucket_replication" "replication_in_b" { bucket = minio_s3_bucket.my_bucket_in_b.bucket secure = false host = var.minio_server_b - bandwidth_limt = "100M" + bandwidth_limit = "100M" access_key = minio_iam_service_account.replication_in_b.access_key secret_key = minio_iam_service_account.replication_in_b.secret_key } @@ -151,7 +148,7 @@ resource "minio_iam_policy" "replication_in_a" { resource "minio_iam_user" "replication_in_a" { name = "my-user" force_destroy = true -} +} resource "minio_iam_user_policy_attachment" "replication_in_a" { user_name = minio_iam_user.replication_in_a.name @@ -180,7 +177,7 @@ resource "minio_s3_bucket_replication" "replication_in_a" { bucket = minio_s3_bucket.my_bucket_in_a.bucket host = var.minio_server_a secure = false - bandwidth_limt = "100M" + bandwidth_limit = "100M" access_key = minio_iam_service_account.replication_in_a.access_key secret_key = minio_iam_service_account.replication_in_a.secret_key } @@ -194,6 +191,7 @@ resource "minio_s3_bucket_replication" "replication_in_a" { ``` + ## Schema ### Required @@ -209,6 +207,7 @@ resource "minio_s3_bucket_replication" "replication_in_a" { - `id` (String) The ID of this resource. + ### Nested Schema for `rule` Required: @@ -221,17 +220,18 @@ Optional: - `delete_replication` (Boolean) Whether or not to propagate deletion - `enabled` (Boolean) Whether or not this rule is enabled - `existing_object_replication` (Boolean) Whether or not to synchronise object created prior the replication configuration -- `metadata_sync` (Boolean) Whether or not to synchonise buckets and objects metadata (such as locks). This must be enabled to achieve a two-way replication -- `prefix` (String) Bucket prefix object must be in to be syncronised +- `metadata_sync` (Boolean) Whether or not to synchronise buckets and objects metadata (such as locks). This must be enabled to achieve a two-way replication +- `prefix` (String) Bucket prefix object must be in to be synchronised - `priority` (Number) Rule priority. If omitted, the inverted index will be used as priority. This means that the first rule definition will have the higher priority -- `tags` (Map of String) Tags which objects must have to be syncronised +- `tags` (Map of String) Tags which objects must have to be synchronised Read-Only: -- `arn` (String) Rule ARN genrated by MinIO +- `arn` (String) Rule ARN generated by MinIO - `id` (String) Rule ID generated by MinIO + ### Nested Schema for `rule.target` Required: @@ -242,13 +242,13 @@ Required: Optional: -- `bandwidth_limt` (String) Maximum bandwidth in byte per second that MinIO can used when syncronysing this target. Minimum is 100MB +- `bandwidth_limit` (String) Maximum bandwidth in byte per second that MinIO can used when synchronising this target. Minimum is 100MB - `disable_proxy` (Boolean) Disable proxy for this target - `health_check_period` (String) Period where the health of this target will be checked. This must be a valid duration, such as `5s` or `2m` -- `path` (String) Path of the Minio endpoint. This is usefull if MinIO API isn't served on at the root, e.g for `example.com/minio/`, the path would be `/minio/` -- `path_style` (String) Whether to use path-style or virtual-hosted-syle request to this target (https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html#path-style-access). `auto` allows MinIO to chose automatically the appropriate option (Recommened)` +- `path` (String) Path of the Minio endpoint. This is useful if MinIO API isn't served on at the root, e.g for `example.com/minio/`, the path would be `/minio/` +- `path_style` (String) Whether to use path-style or virtual-hosted-style request to this target (https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html#path-style-access). `auto` allows MinIO to chose automatically the appropriate option (Recommend)` - `region` (String) Region of the target MinIO. This will be used to generate the target ARN - `secret_key` (String, Sensitive) Secret key for the replication service account in the target MinIO. This is optional so it can be imported but prevent secret update - `secure` (Boolean) Whether to use HTTPS with this target (Recommended). Note that disabling HTTPS will yield Terraform warning for security reason` - `storage_class` (String) The storage class to use for the object on this target -- `syncronous` (Boolean) Use synchronous replication. +- `synchronous` (Boolean) Use synchronous replication. diff --git a/examples/resources/minio_s3_bucket_replication/resource.tf b/examples/resources/minio_s3_bucket_replication/resource.tf index 966c4206..04e4ea4c 100644 --- a/examples/resources/minio_s3_bucket_replication/resource.tf +++ b/examples/resources/minio_s3_bucket_replication/resource.tf @@ -115,7 +115,7 @@ resource "minio_s3_bucket_replication" "replication_in_b" { bucket = minio_s3_bucket.my_bucket_in_b.bucket secure = false host = var.minio_server_b - bandwidth_limt = "100M" + bandwidth_limit = "100M" access_key = minio_iam_service_account.replication_in_b.access_key secret_key = minio_iam_service_account.replication_in_b.secret_key } @@ -165,7 +165,7 @@ resource "minio_s3_bucket_replication" "replication_in_a" { bucket = minio_s3_bucket.my_bucket_in_a.bucket host = var.minio_server_a secure = false - bandwidth_limt = "100M" + bandwidth_limit = "100M" access_key = minio_iam_service_account.replication_in_a.access_key secret_key = minio_iam_service_account.replication_in_a.secret_key } diff --git a/minio/payload.go b/minio/payload.go index 05f4e3bf..d08edde6 100644 --- a/minio/payload.go +++ b/minio/payload.go @@ -11,30 +11,67 @@ import ( "github.com/minio/minio-go/v7/pkg/sse" ) -// S3MinioConfig defines variable for minio +const ( + // awsResourcePrefix is the standard prefix for AWS S3 resource ARNs + awsResourcePrefix = "arn:aws:s3:::" + + // DefaultHealthCheckPeriod is the default period for replication health checks + DefaultHealthCheckPeriod = 1 * time.Minute + + // DefaultBandwidthLimit is the default bandwidth limit for replication (no limit) + DefaultBandwidthLimit = int64(0) +) + +// S3PathStyle represents the path style used for S3 URLs +type S3PathStyle int8 + +const ( + // S3PathStyleAuto automatically determines the appropriate path style + S3PathStyleAuto S3PathStyle = iota + + // S3PathStyleOn forces path-style URLs + S3PathStyleOn + + // S3PathStyleOff forces virtual-hosted-style URLs + S3PathStyleOff +) + +// String returns the string representation of the S3PathStyle +func (p S3PathStyle) String() string { + switch p { + case S3PathStyleOn: + return "on" + case S3PathStyleOff: + return "off" + default: + return "auto" + } +} + +// S3MinioConfig defines the configuration for connecting to a MinIO server type S3MinioConfig struct { - S3HostPort string - S3UserAccess string - S3UserSecret string - S3Region string - S3SessionToken string - S3APISignature string - S3SSL bool - S3SSLCACertFile string - S3SSLCertFile string - S3SSLKeyFile string - S3SSLSkipVerify bool + S3HostPort string // Server endpoint in format host:port + S3UserAccess string // Access key for authentication + S3UserSecret string // Secret key for authentication + S3Region string // Server region + S3SessionToken string // Optional session token + S3APISignature string // API signature version (v2 or v4) + S3SSL bool // Enable SSL/TLS + S3SSLCACertFile string // Path to CA certificate file + S3SSLCertFile string // Path to client certificate file + S3SSLKeyFile string // Path to client private key file + S3SSLSkipVerify bool // Skip SSL verification (not recommended) } -// S3MinioClient defines default minio +// S3MinioClient represents a MinIO client with both S3 and admin capabilities type S3MinioClient struct { - S3UserAccess string - S3Region string - S3Client *minio.Client - S3Admin *madmin.AdminClient + S3UserAccess string // Access key used for authentication + S3Region string // Server region + S3Client *minio.Client // S3-compatible client + S3Admin *madmin.AdminClient // Admin operations client } -// S3MinioBucket defines minio config +// S3MinioBucket represents a MinIO bucket configuration type S3MinioBucket struct { MinioClient *minio.Client MinioAdmin *madmin.AdminClient @@ -47,83 +84,72 @@ type S3MinioBucket struct { ObjectLockingEnabled bool } -// S3MinioBucketPolicy defines bucket policy config +// S3MinioBucketPolicy represents a bucket policy configuration type S3MinioBucketPolicy struct { MinioClient *minio.Client MinioBucket string MinioBucketPolicy string } -// S3MinioBucketVersioningConfiguration defines bucket versioning config +// S3MinioBucketVersioningConfiguration defines the versioning configuration for a bucket type S3MinioBucketVersioningConfiguration struct { - Status string - ExcludedPrefixes []string - ExcludeFolders bool + Status string // Versioning status (Enabled/Suspended) + ExcludedPrefixes []string // Prefixes to exclude from versioning + ExcludeFolders bool // Whether to exclude folders from versioning } -// S3PathSyle -type S3PathSyle int8 - -const ( - S3PathSyleAuto S3PathSyle = iota - S3PathSyleOn - S3PathSyleOff -) - -func (p S3PathSyle) String() string { - switch p { - case S3PathSyleOn: - return "on" - case S3PathSyleOff: - return "off" - default: - return "auto" - } -} - -// S3MinioBucketReplicationConfiguration defines bucket replication rule +// S3MinioBucketReplicationRule defines a single replication rule type S3MinioBucketReplicationRule struct { - Id string - Arn string - Enabled bool - Priority int - - Prefix string - Tags map[string]string - - DeleteReplication bool - DeleteMarkerReplication bool - ExistingObjectReplication bool - MetadataSync bool + Id string // Unique identifier for the rule + Arn string // ARN of the destination bucket + Enabled bool // Whether the rule is active + Priority int // Rule priority (higher number = higher priority) + Prefix string // Object prefix this rule applies to + Tags map[string]string // Object tags this rule applies to + + // Replication options + DeleteReplication bool // Replicate delete operations + DeleteMarkerReplication bool // Replicate delete markers + ExistingObjectReplication bool // Replicate existing objects + MetadataSync bool // Synchronize metadata Target S3MinioBucketReplicationRuleTarget } -// S3MinioBucketReplicationRuleTarget defines bucket replication rule target +// S3MinioBucketReplicationRuleTarget defines the target configuration for replication type S3MinioBucketReplicationRuleTarget struct { - Bucket string - StorageClass string - Host string - Secure bool - Path string - PathStyle S3PathSyle - Syncronous bool - DisableProxy bool - HealthCheckPeriod time.Duration - BandwidthLimit int64 - Region string - AccessKey string - SecretKey string + Bucket string // Destination bucket name + StorageClass string // Storage class for replicated objects + Host string // Destination server host + Secure bool // Use SSL/TLS for destination + Path string // Custom path in destination bucket + PathStyle S3PathStyle // URL path style for destination + Synchronous bool // Use synchronous replication + DisableProxy bool // Disable proxy for replication + HealthCheckPeriod time.Duration // Period between health checks + BandwidthLimit int64 // Bandwidth limit in bytes/second + Region string // Destination region + AccessKey string // Destination access key + SecretKey string // Destination secret key } -// S3MinioBucketVersioning defines bucket versioning +// NewS3MinioBucketReplicationRuleTarget creates a new replication target with default values +func NewS3MinioBucketReplicationRuleTarget() S3MinioBucketReplicationRuleTarget { + return S3MinioBucketReplicationRuleTarget{ + PathStyle: S3PathStyleAuto, + HealthCheckPeriod: DefaultHealthCheckPeriod, + BandwidthLimit: DefaultBandwidthLimit, + } +} + +// S3MinioBucketVersioning represents bucket versioning configuration type S3MinioBucketVersioning struct { MinioClient *minio.Client MinioBucket string VersioningConfiguration *S3MinioBucketVersioningConfiguration } -// S3MinioBucketReplication defines bucket replication +// S3MinioBucketReplication represents bucket replication configuration type S3MinioBucketReplication struct { MinioAdmin *madmin.AdminClient MinioClient *minio.Client @@ -131,148 +157,148 @@ type S3MinioBucketReplication struct { ReplicationRules []S3MinioBucketReplicationRule } -// S3MinioBucketNotification +// S3MinioBucketNotification represents bucket notification configuration type S3MinioBucketNotification struct { MinioClient *minio.Client MinioBucket string Configuration *notification.Configuration } -// S3MinioBucketServerSideEncryption defines bucket encryption +// S3MinioBucketServerSideEncryption represents bucket encryption configuration type S3MinioBucketServerSideEncryption struct { MinioClient *minio.Client MinioBucket string Configuration *sse.Configuration } -// S3MinioServiceAccountConfig defines service account config +// S3MinioServiceAccountConfig represents service account configuration type S3MinioServiceAccountConfig struct { MinioAdmin *madmin.AdminClient - MinioTargetUser string - MinioAccessKey string - MinioSecretKey string - MinioSAPolicy string - MinioDisableUser bool - MinioForceDestroy bool - MinioUpdateKey bool - MinioIAMTags map[string]string - MinioDescription string - MinioName string - MinioExpiration string + MinioTargetUser string // Target user for the service account + MinioAccessKey string // Access key for the service account + MinioSecretKey string // Secret key for the service account + MinioSAPolicy string // Policy for the service account + MinioDisableUser bool // Whether to disable the user + MinioForceDestroy bool // Force destruction even if not empty + MinioUpdateKey bool // Whether to update access/secret keys + MinioIAMTags map[string]string // Tags for the service account + MinioDescription string // Description of the service account + MinioName string // Name of the service account + MinioExpiration string // Expiration time for the service account } -// S3MinioIAMUserConfig defines IAM config +// S3MinioIAMUserConfig represents IAM user configuration type S3MinioIAMUserConfig struct { MinioAdmin *madmin.AdminClient - MinioIAMName string - MinioSecret string - MinioDisableUser bool - MinioForceDestroy bool - MinioUpdateKey bool - MinioIAMTags map[string]string + MinioIAMName string // IAM user name + MinioSecret string // Secret key for the user + MinioDisableUser bool // Whether to disable the user + MinioForceDestroy bool // Force destruction even if not empty + MinioUpdateKey bool // Whether to update access/secret keys + MinioIAMTags map[string]string // Tags for the IAM user } -// S3MinioIAMGroupConfig defines IAM Group config +// S3MinioIAMGroupConfig represents IAM group configuration type S3MinioIAMGroupConfig struct { MinioAdmin *madmin.AdminClient - MinioIAMName string - MinioDisableGroup bool - MinioForceDestroy bool + MinioIAMName string // IAM group name + MinioDisableGroup bool // Whether to disable the group + MinioForceDestroy bool // Force destruction even if not empty } -// S3MinioIAMGroupAttachmentConfig defines IAM Group membership config +// S3MinioIAMGroupAttachmentConfig represents IAM group membership configuration type S3MinioIAMGroupAttachmentConfig struct { MinioAdmin *madmin.AdminClient - MinioIAMUser string - MinioIAMGroup string + MinioIAMUser string // IAM user to attach + MinioIAMGroup string // IAM group to attach to } -// S3MinioIAMGroupMembershipConfig defines IAM Group membership config +// S3MinioIAMGroupMembershipConfig represents IAM group membership configuration type S3MinioIAMGroupMembershipConfig struct { MinioAdmin *madmin.AdminClient - MinioIAMName string - MinioIAMUsers []*string - MinioIAMGroup string + MinioIAMName string // Name of the membership + MinioIAMUsers []*string // List of IAM users + MinioIAMGroup string // Target IAM group } -// S3MinioIAMPolicyConfig defines IAM Policy config +// S3MinioIAMPolicyConfig represents IAM policy configuration type S3MinioIAMPolicyConfig struct { MinioAdmin *madmin.AdminClient - MinioIAMName string - MinioIAMNamePrefix string - MinioIAMPolicy string + MinioIAMName string // Policy name + MinioIAMNamePrefix string // Policy name prefix + MinioIAMPolicy string // Policy document } -// S3MinioIAMGroupPolicyConfig defines IAM Policy config +// S3MinioIAMGroupPolicyConfig represents IAM group policy configuration type S3MinioIAMGroupPolicyConfig struct { MinioAdmin *madmin.AdminClient - MinioIAMName string - MinioIAMNamePrefix string - MinioIAMPolicy string - MinioIAMGroup string + MinioIAMName string // Policy name + MinioIAMNamePrefix string // Policy name prefix + MinioIAMPolicy string // Policy document + MinioIAMGroup string // Target IAM group } -// S3MinioKMSKeyConfig defines service account config +// S3MinioKMSKeyConfig represents KMS key configuration type S3MinioKMSKeyConfig struct { MinioAdmin *madmin.AdminClient - MinioKMSKeyID string + MinioKMSKeyID string // KMS key ID } -// Princ defines policy princ +// Princ represents a policy principal type Princ struct { AWS set.StringSet `json:"AWS,omitempty"` CanonicalUser set.StringSet `json:"CanonicalUser,omitempty"` } -// BucketPolicy defines bucket policy +// BucketPolicy represents a bucket policy document type BucketPolicy struct { Version string `json:",omitempty"` ID string `json:",omitempty"` Statements []policy.Statement `json:"Statement"` } -// IAMPolicyDoc returns IAM policy +// IAMPolicyDoc represents an IAM policy document type IAMPolicyDoc struct { Version string `json:"Version,omitempty"` ID string `json:"Id,omitempty"` Statements []*IAMPolicyStatement `json:"Statement"` } -// IAMPolicyStatement returns IAM policy statement +// IAMPolicyStatement represents a statement in an IAM policy type IAMPolicyStatement struct { - Sid string - Effect string `json:",omitempty"` + Sid string `json:"Sid,omitempty"` + Effect string `json:"Effect,omitempty"` Actions interface{} `json:"Action,omitempty"` Resources interface{} `json:"Resource,omitempty"` Principal string `json:"Principal,omitempty"` Conditions interface{} `json:"Condition,omitempty"` } -// IAMPolicyStatementCondition returns IAM policy condition +// IAMPolicyStatementCondition represents a condition in an IAM policy statement type IAMPolicyStatementCondition struct { - Test string `json:"-"` - Variable string `json:"-"` - Values interface{} + Test string `json:"-"` + Variable string `json:"-"` + Values interface{} `json:",inline"` } -// IAMPolicyStatementConditionSet returns IAM policy condition set +// IAMPolicyStatementConditionSet represents a set of IAM policy conditions type IAMPolicyStatementConditionSet []IAMPolicyStatementCondition -// ServiceAccountStatus User status +// ServiceAccountStatus represents the status of a service account type ServiceAccountStatus struct { AccessKey string `json:"accessKey,omitempty"` SecretKey string `json:"secretKey,omitempty"` AccountStatus string `json:"status,omitempty"` } -// UserStatus User status +// UserStatus represents the status of a user type UserStatus struct { AccessKey string `json:"accessKey,omitempty"` SecretKey string `json:"secretKey,omitempty"` Status madmin.AccountStatus `json:"status,omitempty"` } -// ResponseError handles error message +// ResponseError represents an error response from the MinIO server type ResponseError struct { Code string `json:"Code,omitempty"` Message string `json:"Message,omitempty"` @@ -280,9 +306,6 @@ type ResponseError struct { Region string `json:"Region,omitempty"` } -// Resource prefix for all aws resources. -const awsResourcePrefix = "arn:aws:s3:::" - // All bucket actions. var allBucketActions = set.CreateStringSet("s3:GetBucketLocation", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:GetObject", "s3:AbortMultipartUpload", "s3:DeleteObject", "s3:ListMultipartUploadParts", "s3:PutObject", "s3:CreateBucket", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteObject", "s3:GetBucketLocation", "s3:GetBucketNotification", "s3:GetBucketPolicy", "s3:GetObject", "s3:HeadBucket", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListenBucketNotification", "s3:ListMultipartUploadParts", "s3:PutObject", "s3:PutBucketPolicy", "s3:PutBucketNotification") //"s3:PutBucketLifecycle", "s3:GetBucketLifecycle" diff --git a/minio/resource_minio_s3_bucket_replication.go b/minio/resource_minio_s3_bucket_replication.go index c7e0457a..786dcc86 100644 --- a/minio/resource_minio_s3_bucket_replication.go +++ b/minio/resource_minio_s3_bucket_replication.go @@ -152,7 +152,7 @@ func resourceMinioBucketReplication() *schema.Resource { Description: "Path of the Minio endpoint. This is usefull if MinIO API isn't served on at the root, e.g for `example.com/minio/`, the path would be `/minio/`", Optional: true, }, - "syncronous": { + "synchronous": { Type: schema.TypeBool, Description: "Use synchronous replication.", Optional: true, @@ -175,7 +175,7 @@ func resourceMinioBucketReplication() *schema.Resource { }, ValidateFunc: validation.StringMatch(regexp.MustCompile(`^[0-9]+\s?[s|m|h]$`), "must be a valid golang duration"), }, - "bandwidth_limt": { + "bandwidth_limit": { Type: schema.TypeString, Description: "Maximum bandwidth in byte per second that MinIO can used when syncronysing this target. Minimum is 100MB", Optional: true, @@ -189,7 +189,7 @@ func resourceMinioBucketReplication() *schema.Resource { if !ok { diags = append(diags, diag.Diagnostic{ Severity: diag.Error, - Summary: "expected type of bandwidth_limt to be string", + Summary: "expected type of bandwidth_limit to be string", }) return } @@ -202,14 +202,14 @@ func resourceMinioBucketReplication() *schema.Resource { if err != nil { diags = append(diags, diag.Diagnostic{ Severity: diag.Error, - Summary: "bandwidth_limt must be a positive value. It may use suffixes (k, m, g, ..) ", + Summary: "bandwidth_limit must be a positive value. It may use suffixes (k, m, g, ..) ", }) return } if val < uint64(100*humanize.BigMByte.Int64()) { diags = append(diags, diag.Diagnostic{ Severity: diag.Error, - Summary: "When set, bandwidth_limt must be at least 100MBps", + Summary: "When set, bandwidth_limit must be at least 100MBps", }) } @@ -405,10 +405,10 @@ func minioReadBucketReplication(ctx context.Context, d *schema.ResourceData, met target["secure"] = remoteTarget.Secure target["path_style"] = remoteTarget.Path target["path"] = strings.Join(pathComponent[:len(pathComponent)-1], "/") - target["syncronous"] = remoteTarget.ReplicationSync + target["synchronous"] = remoteTarget.ReplicationSync target["disable_proxy"] = remoteTarget.DisableProxy target["health_check_period"] = shortDur(remoteTarget.HealthCheckDuration) - target["bandwidth_limt"] = humanize.Bytes(uint64(remoteTarget.BandwidthLimit)) + target["bandwidth_limit"] = humanize.Bytes(uint64(remoteTarget.BandwidthLimit)) target["region"] = remoteTarget.Region target["access_key"] = remoteTarget.Credentials.AccessKey @@ -516,7 +516,7 @@ func convertBucketReplicationConfig(bucketReplicationConfig *S3MinioBucketReplic Type: madmin.ReplicationService, Region: rule.Target.Region, BandwidthLimit: rule.Target.BandwidthLimit, - ReplicationSync: rule.Target.Syncronous, + ReplicationSync: rule.Target.Synchronous, DisableProxy: rule.Target.DisableProxy, HealthCheckDuration: rule.Target.HealthCheckPeriod, } @@ -730,19 +730,19 @@ func getBucketReplicationConfig(v []interface{}) (result []S3MinioBucketReplicat }) } - result[i].Target.Syncronous, ok = target["syncronous"].(bool) - result[i].Target.Syncronous = result[i].Target.Syncronous && ok + result[i].Target.Synchronous, ok = target["synchronous"].(bool) + result[i].Target.Synchronous = result[i].Target.Synchronous && ok result[i].Target.DisableProxy, ok = target["disable_proxy"].(bool) result[i].Target.DisableProxy = result[i].Target.DisableProxy && ok var bandwidthStr string var bandwidth uint64 var err error - if bandwidthStr, ok = target["bandwidth_limt"].(string); ok { + if bandwidthStr, ok = target["bandwidth_limit"].(string); ok { bandwidth, err = humanize.ParseBytes(bandwidthStr) if err != nil { log.Printf("[WARN] invalid bandwidth value %q: %v", result[i].Target.BandwidthLimit, err) - errs = append(errs, diag.Errorf("rule[%d].target.bandwidth_limt is invalid. Make sure to use k, m, g as preffix only", i)...) + errs = append(errs, diag.Errorf("rule[%d].target.bandwidth_limit is invalid. Make sure to use k, m, g as preffix only", i)...) } else { result[i].Target.BandwidthLimit = int64(bandwidth) } @@ -761,9 +761,9 @@ func getBucketReplicationConfig(v []interface{}) (result []S3MinioBucketReplicat pathstyle, _ = target["path_style"].(string) switch strings.TrimSpace(strings.ToLower(pathstyle)) { case "on": - result[i].Target.PathStyle = S3PathSyleOn + result[i].Target.PathStyle = S3PathStyleOn case "off": - result[i].Target.PathStyle = S3PathSyleOff + result[i].Target.PathStyle = S3PathStyleOff default: if pathstyle != "auto" && pathstyle != "" { errs = append(errs, diag.Diagnostic{ @@ -771,7 +771,7 @@ func getBucketReplicationConfig(v []interface{}) (result []S3MinioBucketReplicat Summary: fmt.Sprintf("rule[%d].target.path_style must be \"on\", \"off\" or \"auto\". Defaulting to \"auto\"", i), }) } - result[i].Target.PathStyle = S3PathSyleAuto + result[i].Target.PathStyle = S3PathStyleAuto } } diff --git a/minio/resource_minio_s3_bucket_replication_test.go b/minio/resource_minio_s3_bucket_replication_test.go index 7de618d5..e233d7f6 100644 --- a/minio/resource_minio_s3_bucket_replication_test.go +++ b/minio/resource_minio_s3_bucket_replication_test.go @@ -77,7 +77,7 @@ resource "minio_s3_bucket_replication" "replication_in_all" { host = local.fourth_minio_host region = "us-west-2" secure = false - bandwidth_limt = "1G" + bandwidth_limit = "1G" access_key = minio_iam_service_account.replication_in_d.access_key secret_key = minio_iam_service_account.replication_in_d.secret_key } @@ -94,23 +94,23 @@ resource "minio_s3_bucket_replication" "replication_in_all" { // ( // // resourceName, -// minioIdentidier, +// minioIdentifier, // minioProvider, -// ruleOneMinioIdentidier, +// ruleOneMinioIdentifier, // ruleOneMinioHost, // ruleOneMinioRegion, -// ruleOneMinioIdentidier, -// ruleOneMinioIdentidier, -// ruleTwoMinioIdentidier, +// ruleOneMinioIdentifier, +// ruleOneMinioIdentifier, +// ruleTwoMinioIdentifier, // ruleTwoMinioHost, // ruleTwoMinioRegion, -// ruleTwoMinioIdentidier, -// ruleTwoMinioIdentidier, -// ruleThreeMinioIdentidier, +// ruleTwoMinioIdentifier, +// ruleTwoMinioIdentifier, +// ruleThreeMinioIdentifier, // ruleThreeMinioHost, // ruleThreeMinioRegion, -// ruleThreeMinioIdentidier, -// ruleThreeMinioIdentidier, +// ruleThreeMinioIdentifier, +// ruleThreeMinioIdentifier, // // ) const kTemplateComplexResource = ` @@ -174,7 +174,7 @@ resource "minio_s3_bucket_replication" "%s" { secure = false access_key = minio_iam_service_account.replication_in_%s.access_key secret_key = minio_iam_service_account.replication_in_%s.secret_key - bandwidth_limt = "1G" + bandwidth_limit = "1G" } } @@ -301,7 +301,7 @@ resource "minio_s3_bucket_replication" "replication_in_b" { bucket = minio_s3_bucket.my_bucket_in_b.bucket host = local.second_minio_host secure = false - bandwidth_limt = "100M" + bandwidth_limit = "100M" access_key = minio_iam_service_account.replication_in_b.access_key secret_key = minio_iam_service_account.replication_in_b.secret_key } @@ -330,8 +330,8 @@ resource "minio_s3_bucket_replication" "replication_in_b" { host = local.second_minio_host secure = false region = "eu-west-1" - syncronous = true - bandwidth_limt = "100M" + synchronous = true + bandwidth_limit = "100M" access_key = minio_iam_service_account.replication_in_b.access_key secret_key = minio_iam_service_account.replication_in_b.secret_key } @@ -360,7 +360,7 @@ resource "minio_s3_bucket_replication" "replication_in_a" { host = local.primary_minio_host region = "eu-north-1" secure = false - bandwidth_limt = "800M" + bandwidth_limit = "800M" health_check_period = "2m" access_key = minio_iam_service_account.replication_in_a.access_key secret_key = minio_iam_service_account.replication_in_a.secret_key @@ -416,9 +416,9 @@ func TestAccS3BucketReplication_oneway_simple(t *testing.T) { Host: secondaryMinioEndpoint, Path: "/", Region: "", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 30, BandwidthLimit: 100000000, }, @@ -433,7 +433,7 @@ func TestAccS3BucketReplication_oneway_simple(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ "rule.0.target.0.secret_key", - "rule.0.priority", // This is ommited in our test case, so it gets automatically generated and thus mismatch + "rule.0.priority", // This is omitted in our test case, so it gets automatically generated and thus mismatch }, Config: kOneWaySimpleResource, }, @@ -484,9 +484,9 @@ func TestAccS3BucketReplication_oneway_simple_update(t *testing.T) { Host: secondaryMinioEndpoint, Path: "/", Region: "", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 30, BandwidthLimit: 100000000, }, @@ -515,7 +515,7 @@ resource "minio_s3_bucket_replication" "replication_in_b" { bucket = minio_s3_bucket.my_bucket_in_b.bucket host = local.second_minio_host secure = false - bandwidth_limt = "150M" + bandwidth_limit = "150M" health_check_period = "5m" access_key = minio_iam_service_account.replication_in_b.access_key secret_key = minio_iam_service_account.replication_in_b.secret_key @@ -549,9 +549,9 @@ resource "minio_s3_bucket_replication" "replication_in_b" { Host: secondaryMinioEndpoint, Path: "/", Region: "", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Minute * 5, BandwidthLimit: 150000000, }, @@ -582,7 +582,7 @@ resource "minio_s3_bucket_replication" "replication_in_b" { bucket = minio_s3_bucket.my_bucket_in_b.bucket host = local.second_minio_host secure = false - bandwidth_limt = "150M" + bandwidth_limit = "150M" health_check_period = "5m" access_key = minio_iam_service_account.replication_in_b.access_key secret_key = minio_iam_service_account.replication_in_b.secret_key @@ -616,9 +616,9 @@ resource "minio_s3_bucket_replication" "replication_in_b" { Host: secondaryMinioEndpoint, Path: "/", Region: "", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Minute * 5, BandwidthLimit: 150000000, }, @@ -656,9 +656,9 @@ resource "minio_s3_bucket_replication" "replication_in_b" { Host: secondaryMinioEndpoint, Path: "/", Region: "", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 30, BandwidthLimit: 100000000, }, @@ -729,9 +729,9 @@ func TestAccS3BucketReplication_oneway_complex(t *testing.T) { Host: secondaryMinioEndpoint, Path: "/", Region: "eu-west-1", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 30, BandwidthLimit: 0, }, @@ -754,9 +754,9 @@ func TestAccS3BucketReplication_oneway_complex(t *testing.T) { Host: thirdMinioEndpoint, Path: "/", Region: "ap-south-1", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 60, BandwidthLimit: 0, }, @@ -781,9 +781,9 @@ func TestAccS3BucketReplication_oneway_complex(t *testing.T) { Host: fourthMinioEndpoint, Path: "/", Region: "us-west-2", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 30, BandwidthLimit: 1 * humanize.BigGByte.Int64(), }, @@ -849,9 +849,9 @@ func TestAccS3BucketReplication_twoway_simple(t *testing.T) { StorageClass: "", Host: secondaryMinioEndpoint, Region: "eu-west-1", - Syncronous: true, + Synchronous: true, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 30, BandwidthLimit: 100000000, }, @@ -878,9 +878,9 @@ func TestAccS3BucketReplication_twoway_simple(t *testing.T) { StorageClass: "", Host: primaryMinioEndpoint, Region: "eu-north-1", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 120, BandwidthLimit: 800000000, }, @@ -959,9 +959,9 @@ func TestAccS3BucketReplication_twoway_complex(t *testing.T) { Host: secondaryMinioEndpoint, Path: "/", Region: "eu-west-1", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 30, BandwidthLimit: 0, }, @@ -984,9 +984,9 @@ func TestAccS3BucketReplication_twoway_complex(t *testing.T) { Host: thirdMinioEndpoint, Path: "/", Region: "ap-south-1", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 60, BandwidthLimit: 0, }, @@ -1011,9 +1011,9 @@ func TestAccS3BucketReplication_twoway_complex(t *testing.T) { Host: fourthMinioEndpoint, Path: "/", Region: "us-west-2", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 30, BandwidthLimit: 1 * humanize.BigGByte.Int64(), }, @@ -1041,9 +1041,9 @@ func TestAccS3BucketReplication_twoway_complex(t *testing.T) { Host: thirdMinioEndpoint, Path: "/", Region: "ap-south-1", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 30, BandwidthLimit: 0, }, @@ -1066,9 +1066,9 @@ func TestAccS3BucketReplication_twoway_complex(t *testing.T) { Host: fourthMinioEndpoint, Path: "/", Region: "us-west-2", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 60, BandwidthLimit: 0, }, @@ -1093,9 +1093,9 @@ func TestAccS3BucketReplication_twoway_complex(t *testing.T) { Host: primaryMinioEndpoint, Path: "/", Region: "eu-central-1", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 30, BandwidthLimit: 1 * humanize.BigGByte.Int64(), }, @@ -1123,9 +1123,9 @@ func TestAccS3BucketReplication_twoway_complex(t *testing.T) { Host: fourthMinioEndpoint, Path: "/", Region: "us-west-2", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 30, BandwidthLimit: 0, }, @@ -1148,9 +1148,9 @@ func TestAccS3BucketReplication_twoway_complex(t *testing.T) { Host: primaryMinioEndpoint, Path: "/", Region: "eu-central-1", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 60, BandwidthLimit: 0, }, @@ -1175,9 +1175,9 @@ func TestAccS3BucketReplication_twoway_complex(t *testing.T) { Host: secondaryMinioEndpoint, Path: "/", Region: "eu-west-1", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 30, BandwidthLimit: 1 * humanize.BigGByte.Int64(), }, @@ -1205,9 +1205,9 @@ func TestAccS3BucketReplication_twoway_complex(t *testing.T) { Host: primaryMinioEndpoint, Path: "/", Region: "eu-central-1", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 30, BandwidthLimit: 0, }, @@ -1230,9 +1230,9 @@ func TestAccS3BucketReplication_twoway_complex(t *testing.T) { Host: secondaryMinioEndpoint, Path: "/", Region: "eu-west-1", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 60, BandwidthLimit: 0, }, @@ -1257,9 +1257,9 @@ func TestAccS3BucketReplication_twoway_complex(t *testing.T) { Host: thirdMinioEndpoint, Path: "/", Region: "ap-south-1", - Syncronous: false, + Synchronous: false, Secure: false, - PathStyle: S3PathSyleAuto, + PathStyle: S3PathStyleAuto, HealthCheckPeriod: time.Second * 30, BandwidthLimit: 1 * humanize.BigGByte.Int64(), }, @@ -1635,8 +1635,8 @@ func testAccCheckBucketHasReplication(n string, config []S3MinioBucketReplicatio if existingTarget.TargetBucket != bucket { return fmt.Errorf("Mismatch TargetBucket %q, rule#%d:\n\nexpected: %v\n\ngot: %v", n, i, existingTarget.TargetBucket, bucket) } - if existingTarget.ReplicationSync != rule.Target.Syncronous { - return fmt.Errorf("Mismatch synchronous mode %q, rule#%d:\n\nexpected: %v\n\ngot: %v", n, i, existingTarget.ReplicationSync, rule.Target.Syncronous) + if existingTarget.ReplicationSync != rule.Target.Synchronous { + return fmt.Errorf("Mismatch synchronous mode %q, rule#%d:\n\nexpected: %v\n\ngot: %v", n, i, existingTarget.ReplicationSync, rule.Target.Synchronous) } if existingTarget.Region != rule.Target.Region { return fmt.Errorf("Mismatch region %q, rule#%d:\n\nexpected: %v\n\ngot: %v", n, i, existingTarget.Region, rule.Target.Region)