Feature - Directory Bucket Support (S3 Express) #187
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: Itai-Melamed The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
ack-prow
bot
added
the
needs-ok-to-test
|
Hi @Itai-Melamed. Thanks for your PR. I'm waiting for a aws-controllers-k8s member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/ok-to-test |
ack-prow
bot
added
ok-to-test
|
/test s3-kind-e2e |
There was a problem hiding this comment.
@Itai-Melamed Thanks for the contribution!
Left a few comments. In addition to this we'll also need to add some e2e tests to validate that we can create, update, and delete a directory bucket similar to the other test found in the test/e2e directory.
| build_date: "2025-10-23T09:42:09Z" | ||
| build_hash: eaabefb6bd7b2be8a1baf4478f22b3310e6921c8 | ||
| go_version: go1.25.3 | ||
| version: v0.52.0-6-geaabefb-dirty |
There was a problem hiding this comment.
Did you need to modify the ackgenerate tool to make these changes? If not could you rebuild the controller with an unmodified version.
There was a problem hiding this comment.
I'm not sure what caused this change, I assumed the ack-generate tool updated some metadata and didn't think much of it. I don't think it is crucial to the implementation.
Could you maybe elaborate on how to know what the actual values should be?
pkg/resource/bucket/hook.go
Outdated
| // isDirectoryBucketName checks if a bucket name follows the directory bucket naming pattern. | ||
| // Directory buckets must end with "--x-s3" suffix and follow the format: | ||
| // bucket-base-name--zone-id--x-s3 | ||
| func isDirectoryBucketName(bucketName string) bool { |
There was a problem hiding this comment.
The logic looks good, but could you add some unit tests for this function.
| ctx context.Context, | ||
| r *resource, | ||
| ) error { | ||
| // Check if this is a directory bucket to skip unsupported operations |
There was a problem hiding this comment.
We don't want to silently ignore values in the spec field. If a user provides an invalid combination of values in their spec we want them to get feedback that the controller isn't able apply the desired state. Often this just involves calling the API and surfacing the returned validation error.
There was a problem hiding this comment.
That makes sense. I modified it to use a validation function that returns error if the type of bucket and properties provided are incompatible
apis/v1alpha1/generator.yaml
Outdated
| - CreateBucketInput.CreateBucketConfiguration.Bucket | ||
| - LoggingEnabled.TargetObjectKeyFormat | ||
| operations: | ||
| ListDirectoryBuckets: |
There was a problem hiding this comment.
With customFindBucket being used is this still needed?
There was a problem hiding this comment.
Don't think it is. it was probably here since a previous iteration when the SDK automatically assumed ListBucket as the list operation which is not supported for directory buckets.
| ) error { | ||
| rlog := ackrtlog.FromContext(ctx) | ||
|
|
||
| s3controlClient := s3control.NewFromConfig(rm.clientcfg) |
There was a problem hiding this comment.
We may need to make some changes to the underlying runtime to make sure this is assuming the correct IAM role when using CARM or future IAMSelector functionality.
| ) error { | ||
| rlog := ackrtlog.FromContext(ctx) | ||
|
|
||
| s3controlClient := s3control.NewFromConfig(rm.clientcfg) |
There was a problem hiding this comment.
We don't normally work with multiple sdk clients within an individual ACK controller. Looking at how we setup the client config in our core runtime this should have the correct role credentials, but we'll want to do some extra testing to verify that this works as expected when using CARM or non-default regions.
…cket is used instead)
|
/retest |
|
@Itai-Melamed: The following test failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
2 participants
Issue #2658
Description of changes:
Implemented support for DirectoryBuckets Creation by removing ignore of DirectoryBucket Fields.
CreateBucketConfiguration.BucketCreateBucketConfiguration.LocationOverrided some of the operations that don't support directory buckets with the equivalent S3 Express operations.
(in - pkg/resource/bucket/hook.go)
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.