mirror of
https://github.com/minio/minio.git
synced 2025-01-12 07:23:23 -05:00
ca6b4773ed
This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
59 lines
2.0 KiB
YAML
59 lines
2.0 KiB
YAML
# version format
|
|
version: "{build}"
|
|
|
|
# Operating system (build VM template)
|
|
os: Windows Server 2012 R2
|
|
|
|
# Platform.
|
|
platform: x64
|
|
|
|
clone_folder: c:\gopath\src\github.com\minio\minio
|
|
|
|
# Environment variables
|
|
environment:
|
|
GOPATH: c:\gopath
|
|
GOROOT: c:\go
|
|
|
|
# scripts that run after cloning repository
|
|
install:
|
|
- set PATH=%GOPATH%\bin;%GOROOT%\bin;%PATH%
|
|
- go version
|
|
- go env
|
|
- python --version
|
|
|
|
# To run your custom scripts instead of automatic MSBuild
|
|
build_script:
|
|
# Compile
|
|
# We need to disable firewall - https://github.com/appveyor/ci/issues/1579#issuecomment-309830648
|
|
- ps: Disable-NetFirewallRule -DisplayName 'File and Printer Sharing (SMB-Out)'
|
|
- appveyor AddCompilationMessage "Starting Compile"
|
|
- cd c:\gopath\src\github.com\minio\minio
|
|
- go run buildscripts/gen-ldflags.go > temp.txt
|
|
- set /p BUILD_LDFLAGS=<temp.txt
|
|
- go build -ldflags="%BUILD_LDFLAGS%" -o %GOPATH%\bin\minio.exe
|
|
- appveyor AddCompilationMessage "Compile Success"
|
|
|
|
# To run your custom scripts instead of automatic tests
|
|
test_script:
|
|
# Unit tests
|
|
- ps: Add-AppveyorTest "Unit Tests" -Outcome Running
|
|
- mkdir build\coverage
|
|
- go test -v -timeout 17m -race github.com/minio/minio/cmd...
|
|
- go test -v -race github.com/minio/minio/pkg...
|
|
# FIXME(aead): enable codecov after issue https://github.com/golang/go/issues/18468 is solved.
|
|
# - go test -v -timeout 17m -coverprofile=build\coverage\coverage.txt -covermode=atomic github.com/minio/minio/cmd
|
|
- ps: Update-AppveyorTest "Unit Tests" -Outcome Passed
|
|
|
|
after_test:
|
|
# FIXME(aead): enable codecov after issue https://github.com/golang/go/issues/18468 is solved.
|
|
# - go tool cover -html=build\coverage\coverage.txt -o build\coverage\coverage.html
|
|
# - ps: Push-AppveyorArtifact build\coverage\coverage.txt
|
|
# - ps: Push-AppveyorArtifact build\coverage\coverage.html
|
|
# Upload coverage report.
|
|
# - "SET PATH=C:\\Python34;C:\\Python34\\Scripts;%PATH%"
|
|
# - pip install codecov
|
|
# - codecov -X gcov -f "build\coverage\coverage.txt"
|
|
|
|
# to disable deployment
|
|
deploy: off
|