You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Motivation
Some files may be large and can not be uploaded directly to S3 through the upload endpoint and has to be delegated to the client for performance and reliability reasons.
One example are jobs in the parallel cluster which will rely on S3-DRA to push the file to S3
Acceptance criteria
The user can provide optional metadata
If the user has no write access to this storage (permission/deprecated project) if the metadata/id is invalid, an error is returned
If the provided input is valid, a temporary he necessary information to push the file (bucket / object key / id) is returned to the user
This payload is signed to make sure it is not modified by the client
Once the file is pushed to the bucket, the client calls Delta again the signed payload, if the payload can be verified and has not reached an expiration date, the file is created in Nexus
@imsdu "If the provided input is valid" what is the provided input? Is it only the metadata? What about filename, media type, etc? Can they also provide a tag?
I'm also not clear on where the client includes the Id for the second call?
@dantb This operation is meant to replace the legacy link operation so it would be the metadata + the content type.
And other controls must be performed related to access, project / storage deprecation, ...
Don't hesitate to do 2 PRs if you feel like it helps, one to generate the signed payload, the second to submit it again
Motivation
Some files may be large and can not be uploaded directly to S3 through the upload endpoint and has to be delegated to the client for performance and reliability reasons.
One example are jobs in the parallel cluster which will rely on S3-DRA to push the file to S3
Acceptance criteria
Implementation notes
https://connect2id.com/products/nimbus-jose-jwt/examples/jws-json-multiple-signatures
Not in scope
The text was updated successfully, but these errors were encountered: