Merge pull request #13803 from pacodelaluna/add-cloud-storage-configuration-for-s3-compatible-alternatives

Add a new cloud storage configuration for s3-compatible alternatives

app/models/application_record.rb

@@ -12,7 +12,10 @@ class ApplicationRecord < ActiveRecord::Base
   self.include_root_in_json = true
 
   def self.image_service
-    ENV["S3_BUCKET"].present? ? :amazon_public : :local
+    return :local if ENV["S3_BUCKET"].blank?
+    return :amazon_public if ENV["S3_ENDPOINT"].blank?
+
+    :s3_compatible_storage_public
   end
 
   # We might have a development environment without S3 but with a database

config/application.rb

@@ -211,7 +211,16 @@ module Openfoodnetwork
 
     Rails.autoloaders.main.ignore(Rails.root.join('app/webpacker'))
 
-    config.active_storage.service = ENV["S3_BUCKET"].present? ? :amazon : :local
+    config.active_storage.service =
+      if ENV["S3_BUCKET"].present?
+        if ENV["S3_ENDPOINT"].present?
+          :s3_compatible_storage
+        else
+          :amazon
+        end
+      else
+        :local
+      end
     config.active_storage.content_types_to_serve_as_binary -= ["image/svg+xml"]
     config.active_storage.variable_content_types += ["image/svg+xml"]
     config.active_storage.url_options = config.action_controller.default_url_options

config/initializers/content_security_policy.rb

@@ -7,7 +7,7 @@
 Rails.application.config.content_security_policy do |policy|
   policy.default_src :self, :https
   policy.font_src :self, :https, :data, "fonts.gstatic.com"
-  policy.img_src :self, :https, :data, "*.s3.amazonaws.com"
+  policy.img_src :self, :https, :data, ENV.fetch("S3_CORS_POLICY_DOMAIN", "*.s3.amazonaws.com")
   policy.img_src :self, :http, :data, ENV["SITE_URL"] if Rails.env.development?
   policy.object_src :none
   policy.frame_ancestors :none

config/storage.yml

@@ -23,3 +23,20 @@ amazon_public:
   secret_access_key: <%= ENV["S3_SECRET"] %>
   bucket: <%= ENV["S3_BUCKET"] %>
   region: <%= ENV.fetch("S3_REGION", "us-east-1") %>
+
+s3_compatible_storage:
+  service: S3
+  endpoint: <%= ENV["S3_ENDPOINT"] %>
+  access_key_id: <%= ENV["S3_ACCESS_KEY"] %>
+  secret_access_key: <%= ENV["S3_SECRET"] %>
+  bucket: <%= ENV["S3_BUCKET"] %>
+  region: <%= ENV["S3_REGION"] %>
+
+s3_compatible_storage_public:
+  service: S3
+  public: true
+  endpoint: <%= ENV["S3_ENDPOINT"] %>
+  access_key_id: <%= ENV["S3_ACCESS_KEY"] %>
+  secret_access_key: <%= ENV["S3_SECRET"] %>
+  bucket: <%= ENV["S3_BUCKET"] %>
+  region: <%= ENV["S3_REGION"] %>

spec/models/application_record_spec.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe ApplicationRecord do
+  describe ".image_service" do
+    subject { described_class.image_service }
+
+    it { is_expected.to eq(:local) }
+
+    context "with a S3 bucket defined" do
+      before do
+        allow(ENV).to receive(:[]).with("S3_BUCKET").and_return("test-bucket")
+        allow(ENV).to receive(:[]).with("S3_ENDPOINT").and_return(nil)
+      end
+
+      it { is_expected.to eq(:amazon_public) }
+
+      context "with a S3 endpoint defined" do
+        before do
+          allow(ENV).to receive(:[]).with("S3_ENDPOINT")
+            .and_return("https://s3-compatible-alternative.com")
+        end
+
+        it { is_expected.to eq(:s3_compatible_storage_public) }
+      end
+    end
+  end
+end