More aws-sdk-v3 issues

[owen-c]

I'm now getting signature mismatch issues. I will try to dig in but not a JS developer nor do I have time.

Weirdly some of the files are uploaded successfully according to the logs before it blows up.

+- s3
| - validating config
| - Missing config: fileIgnorePattern, using default: null
| - Missing config: prefix, using default: | - Missing config: `profile`, using default:
| - Missing config: acl, using default: public-read
| - Missing config: cacheControl, using default: max-age=63072000, public, immutable
| - Missing config: expires, using default: Tue Jan 01 2030 00:00:00 GMT+0000 (Coordinated Universal Time)
| - Missing config: dotFolders, using default: false
| - Missing config: batchSize, using default: 0
| - Missing config: defaultMimeType, using default: application/octet-stream
| - Missing config: distDir, using default: [Function]
| - Missing config: distFiles, using default: [Function]
| - Missing config: gzippedFiles, using default: [Function]
| - Missing config: brotliCompressedFiles, using default: [Function]
| - Missing config: manifestPath, using default: [Function]
| - Missing config: uploadClient, using default: [Function]
| - Missing config: s3Client, using default: [Function]
| - config ok

+- upload
| |
| +- s3
| - Using AWS access key id and secret access key from config
| - preparing to upload to S3 bucket REDACTED
| - ✔ review.html
| - ✔ robots.txt
| - ✔ review-6076e4fc0df38aaf34a32042b9f139f7.map
| - ✔ oauth-6586b6d4629b3dff3aed4a0311d667a4.js
| ...
| - ✔ assets/chunk.app.d1f3c4eef12c516036e6.js
| - XAmzContentSHA256Mismatch: The provided 'x-amz-content-sha256' header does not match what was computed.
| - XAmzContentSHA256Mismatch: The provided 'x-amz-content-sha256' header does not match what was computed.
at throwDefaultError (/home/circleci/garaje/node_modules/@smithy/smithy-client/dist-cjs/index.js:838:20)
at /home/circleci/garaje/node_modules/@smithy/smithy-client/dist-cjs/index.js:847:5
at de_CommandError (/home/circleci/garaje/node_modules/@aws-sdk/client-s3/dist-cjs/index.js:4756:14)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async /home/circleci/garaje/node_modules/@smithy/middleware-serde/dist-cjs/index.js:35:20
at async /home/circleci/garaje/node_modules/@aws-sdk/middleware-signing/dist-cjs/index.js:225:18
at async /home/circleci/garaje/node_modules/@smithy/middleware-retry/dist-cjs/index.js:320:38
at async /home/circleci/garaje/node_modules/@aws-sdk/middleware-flexible-checksums/dist-cjs/index.js:173:18
at async /home/circleci/garaje/node_modules/@aws-sdk/middleware-sdk-s3/dist-cjs/index.js:97:20
at async /home/circleci/garaje/node_modules/@aws-sdk/middleware-sdk-s3/dist-cjs/index.js:120:14
at async /home/circleci/garaje/node_modules/@aws-sdk/middleware-logger/dist-cjs/index.js:33:22

[owen-c]

@gorner @lukemelia

[owen-c]

https://github.com/aws/aws-sdk-js-v3/blob/main/UPGRADING.md

[gorner]

@owen-c Thanks. There's only so much I can do without access to your AWS config (and I'm not suggesting you should share it here) but I searched the error you found and noticed a couple of references to changing the signatureVersion to 'v4' as being a potential fix.

On the upgrade link you've posted, it's mentioned that AWS SDK v3 only supports a signatureVersion of 'v4' and therefore the option is deprecated. However I've also come across some requests to re-add support for v2 as apparently there are some instances that only support v2, so clearly there are some cases where upgrading is impractical. So I see now that this would be a breaking change for at least some.

Could you please check whether a signatureVersion of v2 is part of your config? If so, and you aren't able to update it to v4, I assume you'll have to stay on SDK v2.

Additionally I see now that the httpOptions from SDK v2, which is used for proxy settings, has been replaced with a different format called requestHandler and is not converted by the codemod. This probably won't affect everyone and hopefully won't require breaking changes from a utilizing app's side once fixed, but it is an additional issue that I should have caught sooner.

Again I apologize for the confusion.

@lukemelia Perhaps under the circumstances, v4.0.1 (using SDK v2) should be re-released as 4.0.4. Ultimately IMHO this addon should still aim to support SDK v3, but in retrospect it should have been a major version bump for the add-on. If you want to pursue as a v5, I'd suggest as a beta or rc until the community is confident it fully supports the updated SDK.

edit: to be clear (to Owen), I am not a maintainer of this addon and unfortunately my expertise in AWS/S3 is limited so I’m not sure what additional time I would be able to devote to further iterations, but happy to help where I can.

[lukemelia]

4.0.3 works fine for me but I agree if it is breaking for some people, it should be a major, so I'll re-release 4.0.1 as 4.0.4 and cut a 5.0.0 beta.

[owen-c]

Here is our config for ember-cli-deploy-s3 which seems pretty standard. I can play around with setting the signature version next week.

ENV.s3 = {
  filePattern: '**/*+(js|css|png|gif|ico|jpg|map|xml|txt|svg|swf|eot|ttf|woff|woff2|review.html)',
   accessKeyId: process.env.S3_AWS_ACCESS_KEY,
   secretAccessKey: process.env.S3_AWS_SECRET_ACCESS_KEY,
   region: config.s3Region,
   bucket: config.s3Bucket,
};

[lukemelia]

Since we haven't had other reports of issues, I'm going to go ahead and release 5.0.0. Let me know if you uncover any changes needed to this plugin or documentation.

[jkburges]

We ran into the same XAmzContentSHA256Mismatch issue as initially reported here. I suspect the root cause is something to do with aws/aws-sdk-js-v3#6115, as the bug was not consistently reproducible for us.