[exporter/awss3] Fix outdated StorageClass and ACL validation by using AWS SDK types#46846
Open
57Ajay wants to merge 1 commit intoopen-telemetry:mainfrom
Open
[exporter/awss3] Fix outdated StorageClass and ACL validation by using AWS SDK types#4684657Ajay wants to merge 1 commit intoopen-telemetry:mainfrom
57Ajay wants to merge 1 commit intoopen-telemetry:mainfrom
Conversation
…lidation Signed-off-by: 57Ajay <57ajay.u@gmail.com>
Contributor
Author
|
/rerun |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
fixes #46825
Problem
The
awss3exporterconfig validation inconfig.gouses hardcoded maps to validateStorageClassandACLvalues. TheStorageClassallowlist was missing several valid AWS S3 storage classes:GLACIER_IRREDUCED_REDUNDANCYEXPRESS_ONEZONEThis caused users configuring any of these storage classes to receive the error:
The same maintenance concern applies to the
ACLvalidation map - while it happens to be complete today, it is equally susceptible to going stale if AWS introduces new canned ACL values in the future.Root Cause
The exporter treats
StorageClassandACLas pass-through values - the config string is cast directly to the corresponding AWS SDK type (s3types.StorageClass/s3types.ObjectCannedACL) and forwarded to the S3 API with no class-specific or ACL-specific logic. The hardcoded validation maps were therefore both redundant and incomplete.Fix
Replaced both hardcoded validation maps with dynamic lookups using the AWS SDK's own type values:
StorageClass: now validated againsts3types.StorageClassStandard.Values()ACL: now validated againsts3types.ObjectCannedACLPrivate.Values()This ensures validation stays in sync with the AWS SDK automatically, eliminating the need for manual updates when AWS introduces new storage classes or ACL types.
Testing
TestConfig_ValidateforGLACIER_IR,REDUCED_REDUNDANCY, andEXPRESS_ONEZONEstorage classes -- these fail against the old code and pass with the fix.FAKE_CLASS) to verify rejection still works correctly.Changes
exporter/awss3exporter/config.govalidStorageClassesandvalidACLsmaps with AWS SDK.Values()lookupsexporter/awss3exporter/config_test.go.chloggen/fix-awss3exporter-storage-class-acl-validation.yaml