cloudapi: Drop bucket from composer config

This value is set in the worker config. In future it might also be
passed through the api to upload into target accounts, but it should
never be set in composer.

cmd/osbuild-composer/composer.go

@@ -128,7 +128,6 @@ func (c *Composer) InitWeldr(repoPaths []string, weldrListener net.Listener,
 
 func (c *Composer) InitAPI(cert, key string, enableTLS bool, enableMTLS bool, enableJWT bool, l net.Listener) error {
 	config := v2.ServerConfig{
-		AWSBucket:            c.config.Koji.AWS.Bucket,
 		JWTEnabled:           c.config.Koji.EnableJWT,
 		TenantProviderFields: c.config.Koji.JWTTenantProviderFields,
 	}

cmd/osbuild-composer/config.go

@@ -20,20 +20,15 @@ type ComposerConfigFile struct {
 }
 
 type KojiAPIConfig struct {
-	AllowedDomains          []string  `toml:"allowed_domains"`
-	CA                      string    `toml:"ca"`
-	EnableTLS               bool      `toml:"enable_tls"`
-	EnableMTLS              bool      `toml:"enable_mtls"`
-	EnableJWT               bool      `toml:"enable_jwt"`
-	JWTKeysURLs             []string  `toml:"jwt_keys_urls"`
-	JWTKeysCA               string    `toml:"jwt_ca_file"`
-	JWTACLFile              string    `toml:"jwt_acl_file"`
-	JWTTenantProviderFields []string  `toml:"jwt_tenant_provider_fields"`
-	AWS                     AWSConfig `toml:"aws_config"`
-}
-
-type AWSConfig struct {
-	Bucket string `toml:"bucket"`
+	AllowedDomains          []string `toml:"allowed_domains"`
+	CA                      string   `toml:"ca"`
+	EnableTLS               bool     `toml:"enable_tls"`
+	EnableMTLS              bool     `toml:"enable_mtls"`
+	EnableJWT               bool     `toml:"enable_jwt"`
+	JWTKeysURLs             []string `toml:"jwt_keys_urls"`
+	JWTKeysCA               string   `toml:"jwt_ca_file"`
+	JWTACLFile              string   `toml:"jwt_acl_file"`
+	JWTTenantProviderFields []string `toml:"jwt_tenant_provider_fields"`
 }
 
 type WorkerAPIConfig struct {
@@ -89,9 +84,6 @@ func GetDefaultConfig() *ComposerConfigFile {
 			EnableTLS:  true,
 			EnableMTLS: true,
 			EnableJWT:  false,
-			AWS: AWSConfig{
-				Bucket: "image-builder.service",
-			},
 		},
 		Worker: WorkerAPIConfig{
 			RequestJobTimeout: "0",

cmd/osbuild-composer/config_test.go

@@ -33,9 +33,6 @@ func TestDefaultConfig(t *testing.T) {
 		EnableTLS:  true,
 		EnableMTLS: true,
 		EnableJWT:  false,
-		AWS: AWSConfig{
-			Bucket: "image-builder.service",
-		},
 	}, defaultConfig.Koji)
 
 	require.Equal(t, WorkerAPIConfig{

internal/cloudapi/v2/handler.go

@@ -318,7 +318,6 @@ func (h *apiHandlers) PostCompose(ctx echo.Context) error {
 				t := target.NewAWSTarget(&target.AWSTargetOptions{
 					Filename:          imageType.Filename(),
 					Region:            awsUploadOptions.Region,
-					Bucket:            h.server.config.AWSBucket,
 					Key:               key,
 					ShareWithAccounts: awsUploadOptions.ShareWithAccounts,
 				})
@@ -354,7 +353,6 @@ func (h *apiHandlers) PostCompose(ctx echo.Context) error {
 				t := target.NewAWSS3Target(&target.AWSS3TargetOptions{
 					Filename: imageType.Filename(),
 					Region:   awsS3UploadOptions.Region,
-					Bucket:   h.server.config.AWSBucket,
 					Key:      key,
 				})
 				t.ImageName = key

internal/cloudapi/v2/server.go

@@ -42,7 +42,6 @@ type Server struct {
 }
 
 type ServerConfig struct {
-	AWSBucket            string
 	TenantProviderFields []string
 	JWTEnabled           bool
 }

internal/cloudapi/v2/v2_test.go

@@ -33,7 +33,6 @@ func newV2Server(t *testing.T, dir string, depsolveChannels []string, enableJWT
 	require.NotNil(t, distros)
 
 	config := v2.ServerConfig{
-		AWSBucket:            "image-builder.service",
 		JWTEnabled:           enableJWT,
 		TenantProviderFields: []string{"rh-org-id", "account_id"},
 	}

templates/composer.yml

@@ -259,8 +259,6 @@ objects:
       jwt_keys_urls = ["${RH_SSO_BASE_URL}/protocol/openid-connect/certs", "${MAS_SSO_BASE_URL}/protocol/openid-connect/certs"]
       jwt_acl_file = "${COMPOSER_CONFIG_DIR}/acl.yml"
       jwt_tenant_provider_fields = ["rh-org-id", "account_id"]
-      [koji.aws_config]
-      bucket = "${COMPOSER_CONFIG_BUCKET_NAME}"
       [worker]
       request_job_timeout = "20s"
       base_path = "/api/image-builder-worker/v1"
@@ -419,10 +417,6 @@ parameters:
     name: COMPOSER_CONFIG_DIR
     required: true
     value: "/etc/osbuild-composer"
-  - description: Bucket to store aws artifacts
-    name: COMPOSER_CONFIG_BUCKET_NAME
-    required: true
-    value: "imagebuilder.service.staging"
   - description: Allowed tenants based on org id
     name: ACL_ORG_ID_TENANTS
     value: "15842261|15877963|15885990|16057323"

test/cases/api.sh

@@ -82,8 +82,6 @@ log_level = "debug"
 [koji]
 allowed_domains = [ "localhost", "client.osbuild.org" ]
 ca = "/etc/osbuild-composer/ca-crt.pem"
-[koji.aws_config]
-bucket = "${AWS_BUCKET}"
 [worker]
 allowed_domains = [ "localhost", "worker.osbuild.org" ]
 ca = "/etc/osbuild-composer/ca-crt.pem"

test/cases/multi-tenancy.sh

@@ -71,8 +71,6 @@ jwt_keys_urls = ["https://localhost:8082/certs"]
 jwt_ca_file = "/etc/osbuild-composer/ca-crt.pem"
 jwt_acl_file = ""
 jwt_tenant_provider_fields = ["rh-org-id"]
-[koji.aws_config]
-bucket = "${AWS_BUCKET}"
 [worker]
 enable_artifacts = false
 enable_tls = true
@@ -99,6 +97,7 @@ principal = "osbuild-krb@LOCAL"
 keytab = "/etc/osbuild-worker/client.keytab"
 
 [aws]
+bucket = "${AWS_BUCKET}"
 credentials = "/etc/osbuild-worker/aws-credentials.toml"
 EOF
 

test/cases/regression-old-worker-new-composer.sh

@@ -89,8 +89,6 @@ log_level = "debug"
 [koji]
 allowed_domains = [ "localhost", "client.osbuild.org" ]
 ca = "/etc/osbuild-composer/ca-crt.pem"
-[koji.aws_config]
-bucket = "${AWS_BUCKET}"
 [worker]
 allowed_domains = [ "localhost", "worker.osbuild.org" ]
 ca = "/etc/osbuild-composer/ca-crt.pem"

tools/provision.sh

@@ -78,6 +78,7 @@ EOF
 
 [aws]
 credentials = "/etc/osbuild-worker/aws-credentials.toml"
+bucket = "${AWS_BUCKET}"
 EOF
     set -x
 fi