Open
Conversation
Add SchemeS3 constant and S3 connection singleton following the same pattern as the existing Swift connection (swift.go). Uses minio-go/v7 for S3-compatible storage (OVH, MinIO, Scaleway, etc.). Configuration via fs.url query params: access_key, secret_key, region, bucket_prefix, use_ssl. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New package model/vfs/vfss3/ implements vfs.VFS for S3-compatible object storage, mirroring the Swift V3 implementation. Key design decisions: - Bucket per orgId: <bucket_prefix>-<orgId> (fallback "default") - Key prefix per instance: <DBPrefix>/ - CreateFile uses io.Pipe + PutObject goroutine for streaming - Local MD5 computation for multipart upload fallback - Single PUT when ByteSize known (memory-efficient like Swift) - PartSize=5MiB, NumThreads=1 for multipart (bounded memory) Also adds GetOrgID() accessor on Instance. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add case config.SchemeS3 to every storage dispatch switch: - MakeVFS, AvatarFS, ThumbsFS (instance.go) - Copier, AppsFileServer, KonnectorsFileServer (apps.go) - SystemArchiver (archiver.go) - SystemCache (cache.go) - InitDynamicAssetFS (fs.go) - NewCapabilities (capabilities.go) New S3 implementations: - pkg/appfs/s3.go: S3 Copier and FileServer for app installation - pkg/assets/dynamic/impl_s3.go: S3 dynamic assets storage - S3 preview cache and archiver in their respective files Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add MinIO testcontainer fixture (tests/testutils/minio_utils.go) - Add makeS3FS helper and wire into the VFS test table - All 17 VFS tests pass for the S3 backend Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Document the S3 backend architecture: bucket strategy, object key structure, memory consumption, encryption, differences from Swift, configuration, and testing. Also add S3 URL example to cozy.example.yaml. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Revert accidental commenting of GetLegalNoticeUrl in settings - Remove unused errFailFast variable in fsck.go - Remove unused maxNbFilesToDelete constant in s3.go - Fix s3Cache to return os.ErrNotExist for NoSuchKey errors - Fix indentation in s3Copier.Exist - Fix BucketName to avoid trailing hyphens Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Critical: - Verify MD5 integrity when caller provides expected hash (was skipped) - Limit app file reads to 50 MiB to prevent OOM from corrupted objects High: - Sanitize S3 errors to avoid leaking bucket names and key paths - Prevent path traversal via ".." in app filenames and file serving - Fix fsck DocName to use stripped object name instead of full S3 key Medium: - Replace panic with error return in s3Copier.Copy - Sanitize bucket_prefix config parameter Low: - Add bounds check for ETag substring to prevent panic - Remove unused encoding/hex import Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Contributor
Author
|
I tried it manually with a local minio: I've:
We need to test the :
|
Contributor
Author
Enregistrement.de.l.ecran.2026-03-30.a.18.51.51.mov |
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Crash--
force-pushed
the
feat/s3-vfs-backend
branch
from
81d2b27 to
1dacd7c
Compare
shepilov
reviewed
Apr 2, 2026
shepilov
reviewed
Apr 2, 2026
model/vfs/vfss3/s3.go
Outdated
| @@ -0,0 +1,53 @@ | |||
| package vfss3 | |||
Contributor
There was a problem hiding this comment.
and a little bit confusing to havein s3.go inly provate delete functions
Contributor
There was a problem hiding this comment.
or, maybe I understood, there is duplication with appfs, the same functions.
Does it make sense then to move them to pkg/s3 or pkg/s3util package with
func EnsureBucket(ctx, client, bucket, region) error
func DeleteObjects(ctx, client, bucket, names) error
func WrapNotFound(err) error
Contributor
Author
There was a problem hiding this comment.
shepilov
reviewed
Apr 2, 2026
| domain string | ||
| prefix string // DBPrefix — used as key prefix in the bucket | ||
| contextName string | ||
| ctx context.Context |
Contributor
There was a problem hiding this comment.
I see that we have context in all other vfs, but it's an execution context, not data. Let's do not spread anti-pattern and if not change interface, but at least just pass the context.Background as is
Contributor
Author
There was a problem hiding this comment.
I understand the concern — storing a context in a struct is generally considered an anti-pattern in Go. However, the VFS interface (model/vfs/vfs.go) does not pass a context.Context in its method signatures, so all backends that need one store it as a field. The Swift implementation (vfsswift/impl_v3.go) uses the exact same pattern: ctx: context.Background() set at creation time. Changing this would require updating the VFS interface, which feels out of scope for this PR - and I'm not confortable with that - . Happy to discuss if you think it's worth a broader refactor though.
shepilov
reviewed
Apr 2, 2026
shepilov
reviewed
Apr 2, 2026
| @@ -17,6 +17,7 @@ import ( | |||
|
|
|||
Contributor
There was a problem hiding this comment.
Here, we don't test any error cases during upload. But we run all the PuObject in the background goroutine, so it would be gread to add test when miniio is down during upload to check that all errors are propagated to client
The package is already named `multierror`, so the explicit alias is a no-op. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The 5 GiB maxFileSize constant was carried over from Swift, where it is a real server-side single-object PUT limit. S3 with multipart upload (already configured via minio-go PartSize) handles large files transparently, so the constant was misleading and not consistently enforced. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Crash--
force-pushed
the
feat/s3-vfs-backend
branch
from
614d87e to
f1d60b9
Compare
Verify that when the S3 backend becomes unreachable during a background PutObject goroutine, the error is properly propagated to the caller through Close(). Uses a short HTTP dial timeout to avoid hanging on TCP retries when the minio container is stopped. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Move duplicated S3 utility functions (DeleteObjects, DeletePrefixObjects, EnsureBucket, IsNotFound, WrapNotFound) from vfss3 and appfs into a shared pkg/s3util package. Includes integration tests with minio. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Crash--
force-pushed
the
feat/s3-vfs-backend
branch
from
f1d60b9 to
e82461e
Compare
Contributor
Author
|
I need to retry every thing since the refacto / changes |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
minio-go/v7— no AWS SDK dependency. Targets OVH S3, MinIO, Scaleway, and any S3-compatible provider<prefix>-<orgId>), key prefix per instance (<DBPrefix>/)What's included
docs/s3.md)Configuration
All buckets (apps, assets, previews, exports) are created automatically at startup.
Bucket layout
<prefix>-<orgId><prefix>-apps-web<prefix>-apps-konnectors<prefix>-assets<prefix>-previews<prefix>-exportsSee
docs/s3.mdfor full documentation including a local MinIO setup tutorial.Test plan
/filesAPI🤖 Generated with Claude Code