update lock clucknut
All checks were successful
All checks were successful
This commit is contained in:
11
vendor/google/cloud-storage/src/Bucket.php
vendored
11
vendor/google/cloud-storage/src/Bucket.php
vendored
@@ -1029,6 +1029,17 @@ public function delete(array $options = [])
|
||||
* `projects/my-project/locations/kr-location/keyRings/my-kr/cryptoKeys/my-key`.
|
||||
* Please note the KMS key ring must use the same location as the
|
||||
* bucket.
|
||||
* @type array $encryption.googleManagedEncryptionEnforcementConfig
|
||||
* Enforcement configuration for Google-managed encryption.
|
||||
* @type array $encryption.customerManagedEncryptionEnforcementConfig
|
||||
* Enforcement configuration for Cloud KMS (customer-managed) encryption.
|
||||
* @type array $encryption.customerSuppliedEncryptionEnforcementConfig
|
||||
* Enforcement configuration for customer-supplied encryption keys (CSEK).
|
||||
* @type string $encryption.*.restrictionMode The restriction state of
|
||||
* the encryption policy. Acceptable values are `"NotRestricted"`
|
||||
* and `"FullyRestricted"`.
|
||||
* @type string $encryption.*.effectiveTime [readonly] The time from which
|
||||
* the policy was effective in RFC 3339 format.
|
||||
* @type bool $defaultEventBasedHold When `true`, newly created objects
|
||||
* in this bucket will be retained indefinitely until an event
|
||||
* occurs, signified by the hold's release.
|
||||
|
||||
@@ -500,10 +500,23 @@ private function resolveUploadOptions(array $args)
|
||||
}
|
||||
|
||||
$validate = $this->chooseValidationMethod($args);
|
||||
if ($validate === 'md5') {
|
||||
$args['metadata']['md5Hash'] = base64_encode(Utils::hash($args['data'], 'md5', true));
|
||||
} elseif ($validate === 'crc32') {
|
||||
$args['metadata']['crc32c'] = $this->crcFromStream($args['data']);
|
||||
$xGoogHashHeader = '';
|
||||
if ($validate !== false) {
|
||||
$md5Hash = base64_encode(Utils::hash($args['data'], 'md5', true));
|
||||
$crc32c = $this->crcFromStream($args['data']);
|
||||
|
||||
// Add validation metadata
|
||||
if ($validate === 'md5') {
|
||||
$args['metadata']['md5Hash'] = $md5Hash;
|
||||
} elseif ($validate === 'crc32') {
|
||||
$args['metadata']['crc32c'] = $crc32c;
|
||||
}
|
||||
|
||||
// Prepare the X-Goog-Hash header string
|
||||
$xGoogHashHeader = implode(',', array_filter([
|
||||
$md5Hash ? 'md5=' . $md5Hash : null,
|
||||
$crc32c ? 'crc32c=' . $crc32c : null,
|
||||
]));
|
||||
}
|
||||
|
||||
$args['metadata']['name'] = $args['name'];
|
||||
@@ -532,6 +545,19 @@ private function resolveUploadOptions(array $args)
|
||||
$args['uploaderOptions'] = array_intersect_key($args, array_flip($uploaderOptionKeys));
|
||||
$args = array_diff_key($args, array_flip($uploaderOptionKeys));
|
||||
|
||||
// Add the X-Goog-Hash header only if there are hashes to include
|
||||
if (!empty($xGoogHashHeader)) {
|
||||
$args['uploaderOptions']['restOptions']['headers']['X-Goog-Hash'] = $xGoogHashHeader;
|
||||
}
|
||||
|
||||
if (!empty($args['headers'])) {
|
||||
$args['uploaderOptions']['restOptions']['headers'] = array_merge(
|
||||
$args['uploaderOptions']['restOptions']['headers'] ?? [],
|
||||
$args['headers']
|
||||
);
|
||||
}
|
||||
unset($args['headers']);
|
||||
|
||||
// Passing on custom retry function to $args['uploaderOptions']
|
||||
$retryFunc = $this->getRestRetryFunction(
|
||||
'objects',
|
||||
@@ -714,7 +740,10 @@ private function buildDownloadObjectParams(array $args)
|
||||
private function chooseValidationMethod(array $args)
|
||||
{
|
||||
// If the user provided a hash, skip hashing.
|
||||
if (isset($args['metadata']['md5Hash']) || isset($args['metadata']['crc32c'])) {
|
||||
if (isset($args['metadata']['md5Hash'])
|
||||
|| isset($args['metadata']['crc32c'])
|
||||
|| isset($args['headers']['X-Goog-Hash'])
|
||||
) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
@@ -195,6 +195,78 @@
|
||||
"defaultKmsKeyName": {
|
||||
"type": "string",
|
||||
"description": "A Cloud KMS key that will be used to encrypt objects inserted into this bucket, if no encryption method is specified."
|
||||
},
|
||||
"googleManagedEncryptionEnforcementConfig": {
|
||||
"type": "object",
|
||||
"description": "If set, the new objects created in this bucket must comply with this enforcement config. Changing this has no effect on existing objects; it applies to new objects only. If omitted, the new objects are allowed to be encrypted with Google Managed Encryption type by default.",
|
||||
"properties": {
|
||||
"restrictionMode": {
|
||||
"type": "string",
|
||||
"description": "Restriction mode for Google-Managed Encryption Keys. Defaults to NotRestricted.",
|
||||
"enum": [
|
||||
"NotRestricted",
|
||||
"FullyRestricted"
|
||||
],
|
||||
"enumDescriptions": [
|
||||
"Creation of new objects with Google Managed Encryption is not restricted.",
|
||||
"Creation of new objects with Google Managed Encryption is fully restricted."
|
||||
]
|
||||
},
|
||||
"effectiveTime": {
|
||||
"type": "string",
|
||||
"description": "Server-determined value indicating when this configuration became effective. In RFC 3339 format.",
|
||||
"format": "date-time",
|
||||
"readOnly": true
|
||||
}
|
||||
}
|
||||
},
|
||||
"customerManagedEncryptionEnforcementConfig": {
|
||||
"type": "object",
|
||||
"description": "If set, the new objects created in this bucket must comply with this enforcement config. Changing this has no effect on existing objects; it applies to new objects only. If omitted, the new objects are allowed to be encrypted with Customer Managed Encryption type by default.",
|
||||
"properties": {
|
||||
"restrictionMode": {
|
||||
"type": "string",
|
||||
"description": "Restriction mode for Customer-Managed Encryption Keys. Defaults to NotRestricted.",
|
||||
"enum": [
|
||||
"NotRestricted",
|
||||
"FullyRestricted"
|
||||
],
|
||||
"enumDescriptions": [
|
||||
"Creation of new objects with Customer-Managed Encryption is not restricted.",
|
||||
"Creation of new objects with Customer-Managed Encryption is fully restricted."
|
||||
]
|
||||
},
|
||||
"effectiveTime": {
|
||||
"type": "string",
|
||||
"description": "Server-determined value indicating when this configuration became effective. In RFC 3339 format.",
|
||||
"format": "date-time",
|
||||
"readOnly": true
|
||||
}
|
||||
}
|
||||
},
|
||||
"customerSuppliedEncryptionEnforcementConfig": {
|
||||
"type": "object",
|
||||
"description": "If set, the new objects created in this bucket must comply with this enforcement config. Changing this has no effect on existing objects; it applies to new objects only. If omitted, the new objects are allowed to be encrypted with Customer Supplied Encryption type by default.",
|
||||
"properties": {
|
||||
"restrictionMode": {
|
||||
"type": "string",
|
||||
"description": "Restriction mode for Customer-Supplied Encryption Keys. Defaults to NotRestricted.",
|
||||
"enum": [
|
||||
"NotRestricted",
|
||||
"FullyRestricted"
|
||||
],
|
||||
"enumDescriptions": [
|
||||
"Creation of new objects with Customer-Supplied Encryption is not restricted.",
|
||||
"Creation of new objects with Customer-Supplied Encryption is fully restricted."
|
||||
]
|
||||
},
|
||||
"effectiveTime": {
|
||||
"type": "string",
|
||||
"description": "Server-determined value indicating when this configuration became effective. In RFC 3339 format.",
|
||||
"format": "date-time",
|
||||
"readOnly": true
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
|
||||
@@ -60,7 +60,13 @@ public function getSize(): ?int
|
||||
*/
|
||||
private function getSizeFromMetadata(): int
|
||||
{
|
||||
foreach ($this->stream->getMetadata('wrapper_data') as $value) {
|
||||
$metadata = $this->stream->getMetadata('wrapper_data');
|
||||
|
||||
if (is_null($metadata)) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
foreach ($metadata as $value) {
|
||||
if (substr($value, 0, 15) == 'Content-Length:') {
|
||||
return (int) substr($value, 16);
|
||||
}
|
||||
|
||||
@@ -47,7 +47,7 @@ class StorageClient
|
||||
use ArrayTrait;
|
||||
use ClientTrait;
|
||||
|
||||
const VERSION = '1.49.0';
|
||||
const VERSION = '1.51.0';
|
||||
|
||||
const FULL_CONTROL_SCOPE = 'https://www.googleapis.com/auth/devstorage.full_control';
|
||||
const READ_ONLY_SCOPE = 'https://www.googleapis.com/auth/devstorage.read_only';
|
||||
@@ -454,6 +454,27 @@ public function restore(string $name, string $generation, array $options = [])
|
||||
* `projects/my-project/locations/kr-location/keyRings/my-kr/cryptoKeys/my-key`.
|
||||
* Please note the KMS key ring must use the same location as the
|
||||
* bucket.
|
||||
* @type array $encryption.googleManagedEncryptionEnforcementConfig
|
||||
* Enforcement configuration for Google-managed encryption.
|
||||
* @type string $encryption.googleManagedEncryptionEnforcementConfig.restrictionMode
|
||||
* The restriction state of the encryption policy. Acceptable values are
|
||||
* `"NotRestricted"` and `"FullyRestricted"`.
|
||||
* @type string $encryption.googleManagedEncryptionEnforcementConfig.effectiveTime
|
||||
* [readonly] The time from which the policy was effective in RFC 3339 format.
|
||||
* @type array $encryption.customerManagedEncryptionEnforcementConfig
|
||||
* Enforcement configuration for Cloud KMS (customer-managed) encryption.
|
||||
* @type string $encryption.customerManagedEncryptionEnforcementConfig.restrictionMode
|
||||
* The restriction state of the encryption policy. Acceptable values are
|
||||
* `"NotRestricted"` and `"FullyRestricted"`.
|
||||
* @type string $encryption.customerManagedEncryptionEnforcementConfig.effectiveTime
|
||||
* [readonly] The time from which the policy was effective in RFC 3339 format.
|
||||
* @type array $encryption.customerSuppliedEncryptionEnforcementConfig
|
||||
* Enforcement configuration for customer-supplied encryption keys (CSEK).
|
||||
* @type string $encryption.customerSuppliedEncryptionEnforcementConfig.restrictionMode
|
||||
* The restriction state of the encryption policy. Acceptable values are
|
||||
* `"NotRestricted"` and `"FullyRestricted"`.
|
||||
* @type string $encryption.customerSuppliedEncryptionEnforcementConfig.effectiveTime
|
||||
* [readonly] The time from which the policy was effective in RFC 3339 format.
|
||||
* @type bool $defaultEventBasedHold When `true`, newly created objects
|
||||
* in this bucket will be retained indefinitely until an event
|
||||
* occurs, signified by the hold's release.
|
||||
|
||||
Reference in New Issue
Block a user