From d05cd4a7607b7a11af913e6b1b78d5b92655e375 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Wed, 18 Jul 2018 19:37:05 +0200 Subject: [PATCH 1/3] Do not do an extra HEAD request after a PUT for Last-Modified Use the Date header from a PUT request as the Last-Modified time that we store in Redis --- lib/remote_storage/s3.rb | 4 +--- spec/s3/app_spec.rb | 18 +++++++----------- 2 files changed, 8 insertions(+), 14 deletions(-) diff --git a/lib/remote_storage/s3.rb b/lib/remote_storage/s3.rb index 875f596..6233cff 100644 --- a/lib/remote_storage/s3.rb +++ b/lib/remote_storage/s3.rb @@ -22,12 +22,10 @@ module RemoteStorage "PUT", url, md5, content_type ).merge({ "Content-Type" => content_type, "Content-Md5" => md5 }) res = RestClient.put(url, data, authorization_headers) - # S3 does not return a Last-Modified response header on PUTs - head_res = do_head_request(url) return [ res.headers[:etag].delete('"'), - timestamp_for(head_res.headers[:last_modified]) + timestamp_for(res.headers[:date]) # S3 does not return a Last-Modified response header on PUTs ] end end diff --git a/spec/s3/app_spec.rb b/spec/s3/app_spec.rb index 6e60c41..65950d2 100644 --- a/spec/s3/app_spec.rb +++ b/spec/s3/app_spec.rb @@ -11,11 +11,11 @@ describe "S3 provider" do before do stub_request(:put, "#{container_url_for("phil")}/food/aguacate"). - to_return(status: 200, headers: { etag: '"0815etag"' }) + to_return(status: 200, headers: { etag: '"0815etag"', date: "Fri, 04 Mar 2016 12:20:18 GMT" }) # Write new content with an If-Match header (a new Etag is returned) stub_request(:put, "#{container_url_for("phil")}/food/aguacate"). with(body: "aye"). - to_return(status: 200, headers: { etag: '"0915etag"' }) + to_return(status: 200, headers: { etag: '"0915etag"', date: "Fri, 04 Mar 2016 12:20:18 GMT" }) stub_request(:head, "#{container_url_for("phil")}/food/aguacate"). to_return(status: 200, headers: { last_modified: "Fri, 04 Mar 2016 12:20:18 GMT" }) stub_request(:get, "#{container_url_for("phil")}/food/aguacate"). @@ -26,22 +26,20 @@ describe "S3 provider" do # Write new content to check the metadata in Redis stub_request(:put, "#{container_url_for("phil")}/food/banano"). with(body: "si"). - to_return(status: 200, headers: { etag: '"0815etag"' }) + to_return(status: 200, headers: { etag: '"0815etag"', date: "Fri, 04 Mar 2016 12:20:18 GMT" }) stub_request(:put, "#{container_url_for("phil")}/food/banano"). with(body: "oh, no"). - to_return(status: 200, headers: { etag: '"0817etag"' }) - stub_request(:head, "#{container_url_for("phil")}/food/banano"). - to_return(status: 200, headers: { last_modified: "Fri, 04 Mar 2016 12:20:20 GMT" }) + to_return(status: 200, headers: { etag: '"0817etag"', date: "Fri, 04 Mar 2016 12:20:20 GMT" }) stub_request(:put, "#{container_url_for("phil")}/food/camaron"). - to_return(status: 200, headers: { etag: '"0816etag"' }) + to_return(status: 200, headers: { etag: '"0816etag"', date: "Fri, 04 Mar 2016 12:20:18 GMT" }) stub_request(:head, "#{container_url_for("phil")}/food/camaron"). to_return(status: 200, headers: { last_modified: "Fri, 04 Mar 2016 12:20:18 GMT" }) stub_request(:delete, "#{container_url_for("phil")}/food/camaron"). to_return(status: 200, headers: { etag: '"0816etag"' }) stub_request(:put, "#{container_url_for("phil")}/food/desayunos/bolon"). - to_return(status: 200, headers: { etag: '"0817etag"' }) + to_return(status: 200, headers: { etag: '"0817etag"', date: "Fri, 04 Mar 2016 12:20:18 GMT" }) stub_request(:head, "#{container_url_for("phil")}/food/desayunos/bolon"). to_return(status: 200, headers: { last_modified: "Fri, 04 Mar 2016 12:20:18 GMT" }) stub_request(:delete, "#{container_url_for("phil")}/food/desayunos/bolon"). @@ -49,9 +47,7 @@ describe "S3 provider" do # objects in root dir stub_request(:put, "#{container_url_for("phil")}/bamboo.txt"). - to_return(status: 200, headers: { etag: '"0818etag"' }) - stub_request(:head, "#{container_url_for("phil")}/bamboo.txt"). - to_return(status: 200, headers: { last_modified: "Fri, 04 Mar 2016 12:20:18 GMT" }) + to_return(status: 200, headers: { etag: '"0818etag"', date: "Fri, 04 Mar 2016 12:20:18 GMT" }) # 404 stub_request(:head, "#{container_url_for("phil")}/food/steak"). From b29953c59a0ecaaafe5f58b4f32cbe75adbea5d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Wed, 18 Jul 2018 19:41:53 +0200 Subject: [PATCH 2/3] Update dependencies There is a security issue in Sinatra 2.0.1 --- Gemfile.lock | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index e31610b..749af98 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -8,19 +8,19 @@ GEM tzinfo (~> 1.1) addressable (2.5.2) public_suffix (>= 2.0.2, < 4.0) - backports (3.11.2) + backports (3.11.3) concurrent-ruby (1.0.5) crack (0.4.3) safe_yaml (~> 1.0.0) - domain_name (0.5.20170404) + domain_name (0.5.20180417) unf (>= 0.0.5, < 1.0.0) - faraday (0.14.0) + faraday (0.15.2) multipart-post (>= 1.2, < 3) hashdiff (0.3.7) http-accept (1.7.0) http-cookie (1.0.3) domain_name (~> 0.5) - i18n (1.0.0) + i18n (1.0.1) concurrent-ruby (~> 1.0) kgio (2.11.2) m (1.5.1) @@ -39,8 +39,8 @@ GEM public_suffix (3.0.2) purdytest (2.0.0) minitest (~> 5.5) - rack (2.0.4) - rack-protection (2.0.1) + rack (2.0.5) + rack-protection (2.0.3) rack rack-test (1.0.0) rack (>= 1.0, < 3) @@ -57,19 +57,20 @@ GEM mime-types (>= 1.16, < 4.0) netrc (~> 0.8) safe_yaml (1.0.4) - sentry-raven (2.7.2) + sentry-raven (2.7.4) faraday (>= 0.7.6, < 1.0) - sinatra (2.0.1) + sinatra (2.0.3) mustermann (~> 1.0) rack (~> 2.0) - rack-protection (= 2.0.1) + rack-protection (= 2.0.3) tilt (~> 2.0) - sinatra-contrib (2.0.1) - backports (>= 2.0) + sinatra-contrib (2.0.3) + activesupport (>= 4.0.0) + backports (>= 2.8.2) multi_json mustermann (~> 1.0) - rack-protection (= 2.0.1) - sinatra (= 2.0.1) + rack-protection (= 2.0.3) + sinatra (= 2.0.3) tilt (>= 1.3, < 3) thread_safe (0.3.6) tilt (2.0.8) @@ -81,7 +82,7 @@ GEM unicorn (5.4.0) kgio (~> 2.6) raindrops (~> 0.7) - webmock (3.3.0) + webmock (3.4.2) addressable (>= 2.3.6) crack (>= 0.3.2) hashdiff From 2e02bdfb7bdf85f9b37a3d02785da3de7fe530d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Thu, 19 Jul 2018 12:45:14 +0200 Subject: [PATCH 3/3] Revert "Update dependencies" This reverts commit b29953c59a0ecaaafe5f58b4f32cbe75adbea5d9. This appears to disable hashes with indifferent access on staging, trying to find which gem update broke this --- Gemfile.lock | 29 ++++++++++++++--------------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 749af98..e31610b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -8,19 +8,19 @@ GEM tzinfo (~> 1.1) addressable (2.5.2) public_suffix (>= 2.0.2, < 4.0) - backports (3.11.3) + backports (3.11.2) concurrent-ruby (1.0.5) crack (0.4.3) safe_yaml (~> 1.0.0) - domain_name (0.5.20180417) + domain_name (0.5.20170404) unf (>= 0.0.5, < 1.0.0) - faraday (0.15.2) + faraday (0.14.0) multipart-post (>= 1.2, < 3) hashdiff (0.3.7) http-accept (1.7.0) http-cookie (1.0.3) domain_name (~> 0.5) - i18n (1.0.1) + i18n (1.0.0) concurrent-ruby (~> 1.0) kgio (2.11.2) m (1.5.1) @@ -39,8 +39,8 @@ GEM public_suffix (3.0.2) purdytest (2.0.0) minitest (~> 5.5) - rack (2.0.5) - rack-protection (2.0.3) + rack (2.0.4) + rack-protection (2.0.1) rack rack-test (1.0.0) rack (>= 1.0, < 3) @@ -57,20 +57,19 @@ GEM mime-types (>= 1.16, < 4.0) netrc (~> 0.8) safe_yaml (1.0.4) - sentry-raven (2.7.4) + sentry-raven (2.7.2) faraday (>= 0.7.6, < 1.0) - sinatra (2.0.3) + sinatra (2.0.1) mustermann (~> 1.0) rack (~> 2.0) - rack-protection (= 2.0.3) + rack-protection (= 2.0.1) tilt (~> 2.0) - sinatra-contrib (2.0.3) - activesupport (>= 4.0.0) - backports (>= 2.8.2) + sinatra-contrib (2.0.1) + backports (>= 2.0) multi_json mustermann (~> 1.0) - rack-protection (= 2.0.3) - sinatra (= 2.0.3) + rack-protection (= 2.0.1) + sinatra (= 2.0.1) tilt (>= 1.3, < 3) thread_safe (0.3.6) tilt (2.0.8) @@ -82,7 +81,7 @@ GEM unicorn (5.4.0) kgio (~> 2.6) raindrops (~> 0.7) - webmock (3.4.2) + webmock (3.3.0) addressable (>= 2.3.6) crack (>= 0.3.2) hashdiff