little service proxies access to an S3 bucket
Compile:
npm run compile
Compile and run:
npm start -- [help|launch] [--configFolder configFolder]
Run without compile (assumes compile already done):
npm run go -- [help|launch] [--configFolder configFolder]
The server loads configuration from files under a configuration folder. The configuration folder may be specified in a few ways:
- the
--configflag is checked first - if
--configis not provided, then the code looks under the path specified by theGEN3_CONFIG_FOLDERenvironment folder - otherwise the configuration folder is set to
/etc/gen3
for json configuration files config.json (holds public configuration) and creds.json (holds secret configuration) that combined provide the following data:
{
"bucket": "name",
"prefix": "object prefix",
"AWS": {
"id": "...",
"secret": "..."
}
}
Run npm start -- help for interative help.
Set the debug environment variable to enable verbose logs in the express and s3-proxy modules.
export DEBUG='*'
Note that this service does not secure access to the S3 bucket. Configure the api gateway to authorize access to this service via arborist or some similar policy engine.
Just hit http://localhost:4000/ as a simple health check - should return HTTP 200 with root level keys in the configured bucket.
docker build -t statics:reuben .
docker run --rm -v /home/reuben/Secrets/gen3-statics:/etc/gen3 -p 4000:4000 quay.io/cdis/statics:master launch
We're just using the s3-proxy npm package.