Fixes for runtime builder (#2029)

* util/tar: add archive util funcs

* runtime: add store, builder options

* runtime/local: update RuntimeSource func

* runtime/builder/golang: use tar util

* store/s3: make keys safe

* runtime: add entrypoint options

* runtime/builder: remove debugging

* wip: integrate builder into k8s runtime

* runtime/builder/golang: build for a linux architecture

* runtime/kubernetes: write builds to the users namespace

* runtime/local/source: fixes for mono-repo builds

* runtime/local: stop checking out source (the responsibility is on the client)

* runtime/builder: fix golang tests

* runtime/local: fix out of bounds panic

* Update

* revert changes

* runtime/local/source: refactor git package (wip)

* runtime/kubernetes: map err not found

* fix TestRunGenericRemote test

* runtime/local: fix update not reassining source

* Tidy go mod

* runtime.Pending => runtime.Starting

* store/s3: only use credentials option when set

* store/s3: add tls config option

store/s3/options.go

@@ -1,5 +1,7 @@
 package s3
 
+import "crypto/tls"
+
 // Options used to configure the s3 blob store
 type Options struct {
 	Endpoint        string
@@ -7,6 +9,7 @@ type Options struct {
 	AccessKeyID     string
 	SecretAccessKey string
 	Secure          bool
+	TLSConfig       *tls.Config
 }
 
 // Option configures one or more options
@@ -40,3 +43,10 @@ func Insecure() Option {
 		o.Secure = false
 	}
 }
+
+// TLSConfig sets the tls config for the client
+func TLSConfig(c *tls.Config) Option {
+	return func(o *Options) {
+		o.TLSConfig = c
+	}
+}

store/s3/s3.go

@@ -6,6 +6,7 @@ import (
 	"io"
 	"io/ioutil"
 	"net/http"
+	"regexp"
 
 	"github.com/micro/go-micro/v3/store"
 	"github.com/minio/minio-go/v7"
@@ -13,6 +14,8 @@ import (
 	"github.com/pkg/errors"
 )
 
+var keyRegex = regexp.MustCompile("[^a-zA-Z0-9]+")
+
 // NewBlobStore returns an initialized s3 blob store
 func NewBlobStore(opts ...Option) (store.BlobStore, error) {
 	// parse the options
@@ -20,12 +23,25 @@ func NewBlobStore(opts ...Option) (store.BlobStore, error) {
 	for _, o := range opts {
 		o(&options)
 	}
+	minioOpts := &minio.Options{
+		Secure: options.Secure,
+	}
+	if len(options.AccessKeyID) > 0 || len(options.SecretAccessKey) > 0 {
+		minioOpts.Creds = credentials.NewStaticV4(options.AccessKeyID, options.SecretAccessKey, "")
+	}
+
+	// configure the transport to use custom tls config if provided
+	if options.TLSConfig != nil {
+		ts, err := minio.DefaultTransport(options.Secure)
+		if err != nil {
+			return nil, errors.Wrap(err, "Error setting up s3 blob store transport")
+		}
+		ts.TLSClientConfig = options.TLSConfig
+		minioOpts.Transport = ts
+	}
 
 	// initialize minio client
-	client, err := minio.New(options.Endpoint, &minio.Options{
-		Creds:  credentials.NewStaticV4(options.AccessKeyID, options.SecretAccessKey, ""),
-		Secure: options.Secure,
-	})
+	client, err := minio.New(options.Endpoint, minioOpts)
 	if err != nil {
 		return nil, errors.Wrap(err, "Error connecting to s3 blob store")
 	}
@@ -45,6 +61,9 @@ func (s *s3) Read(key string, opts ...store.BlobOption) (io.Reader, error) {
 		return nil, store.ErrMissingKey
 	}
 
+	// make the key safe for use with s3
+	key = keyRegex.ReplaceAllString(key, "-")
+
 	// parse the options
 	var options store.BlobOptions
 	for _, o := range opts {
@@ -87,6 +106,9 @@ func (s *s3) Write(key string, blob io.Reader, opts ...store.BlobOption) error {
 		return store.ErrMissingKey
 	}
 
+	// make the key safe for use with s3
+	key = keyRegex.ReplaceAllString(key, "-")
+
 	// parse the options
 	var options store.BlobOptions
 	for _, o := range opts {
@@ -130,6 +152,9 @@ func (s *s3) Delete(key string, opts ...store.BlobOption) error {
 		return store.ErrMissingKey
 	}
 
+	// make the key safe for use with s3
+	key = keyRegex.ReplaceAllString(key, "-")
+
 	// parse the options
 	var options store.BlobOptions
 	for _, o := range opts {