From 1ebae804a831672fc064182a004836f4b0385467 Mon Sep 17 00:00:00 2001 From: AvivGuiser Date: Sat, 3 Aug 2024 19:33:04 +0300 Subject: [PATCH] added check for missing kms key id Signed-off-by: AvivGuiser --- tempodb/backend/s3/s3.go | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/tempodb/backend/s3/s3.go b/tempodb/backend/s3/s3.go index 9cf12675a01..0f200ad28c1 100644 --- a/tempodb/backend/s3/s3.go +++ b/tempodb/backend/s3/s3.go @@ -126,6 +126,7 @@ func internalNew(cfg *Config, confirm bool) (*readerWriter, error) { core: core, hedgedCore: hedgedCore, } + return rw, nil } @@ -706,7 +707,7 @@ func parseKMSEncryptionContext(data string) (map[string]string, error) { } decoded := map[string]string{} - err := fmt.Errorf("unable to parse KMS encryption context %w", json.Unmarshal([]byte(data), &decoded)) + err := json.Unmarshal([]byte(data), &decoded) return decoded, err } @@ -715,16 +716,20 @@ func buildSSEConfig(cfg *Config) (encrypt.ServerSide, error) { case "": return nil, nil case SSEKMS: - encryptionCtx, err := parseKMSEncryptionContext(cfg.SSE.KMSEncryptionContext) - if err != nil { - return nil, err - } + if cfg.SSE.KMSKeyID == "" { + return nil, errors.New("KMSKeyID is missing") + } else { + encryptionCtx, err := parseKMSEncryptionContext(cfg.SSE.KMSEncryptionContext) + if err != nil { + return nil, err + } + if encryptionCtx == nil { + // To overcome a limitation in Minio which checks interface{} == nil. - if encryptionCtx == nil { - // To overcome a limitation in Minio which checks interface{} == nil. - return encrypt.NewSSEKMS(cfg.SSE.KMSKeyID, nil) + return encrypt.NewSSEKMS(cfg.SSE.KMSKeyID, nil) + } + return encrypt.NewSSEKMS(cfg.SSE.KMSKeyID, encryptionCtx) } - return encrypt.NewSSEKMS(cfg.SSE.KMSKeyID, encryptionCtx) case SSES3: return encrypt.NewSSE(), nil default: