Nexus S3 blob store doesn't work


#1

Nexus S3 blob store doesn’t work as expected.

Description of issue:

  • S3 bucket created (dot-docker)
  • IAM user created with IAM policy following the Configuring Blob Stores doc attached
  • Using the AWS CLI tools using the user’s credentials work:
$ aws s3 --profile dot-docker --region eu-central-1 cp ~/Pictures/test.jpg s3://dot-docker/
upload: ../../../../../../Pictures/test.jpg to s3://dot-docker/test.jpg
$ aws s3 --profile dot-docker --region eu-central-1 ls s3://dot-docker/ 
2018-09-19 09:41:49     825867 test.jpg
  • A Nexus S3 blob store created using the same credentials
  • New raw hosted repo created using the S3 blob store ^^
  • Testing the upload using the #browse/upload returns Component uploaded to the test repository, view it now
  • Checking the S3 content does not show the uploaded file. In the log file i see following WARN message:
2018-09-19 08:01:53,301+0000 INFO  [qtp963674945-420]  admin org.sonatype.nexus.coreui.internal.UploadService - Asset with parameters: file="test.jpg" filename="test.jpg" 
2018-09-19 08:01:54,043+0000 WARN  [qtp963674945-420]  admin com.amazonaws.services.s3.internal.S3AbortableInputStream - Not all bytes were read from the S3ObjectInputStream, aborting HTTP connection. This is likely an error and may result in sub-optimal behavior. Request only the bytes you need via a ranged GET or drain the input stream after use.
2018-09-19 08:01:54,048+0000 WARN  [qtp963674945-420]  admin com.amazonaws.services.s3.internal.S3AbortableInputStream - Not all bytes were read from the S3ObjectInputStream, aborting HTTP connection. This is likely an error and may result in sub-optimal behavior. Request only the bytes you need via a ranged GET or drain the input stream after use.

I tried to create also docker hosted repository, but i had the same issues, pushing images to the repo got stuck.

Is there a bug in the s3 blob store functionality?

Using nexus OSS 3.13.0.

Thanks in advance!


#2

I found that it actually works. Problem is, that using this S3 blob store as a Docker registry doesn’t work. Even i have the S3 bucket policy set as documented in Configuring Blob Stores i receive Caused by: com.amazonaws.services.s3.model.AmazonS3Exception: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: 773XXXAB1ED94E4; S3 Extended Request ID: ez0xEJ02kaYOhK4kCGmt8IhRvgg4+DtJwCX7oY0vovxxXXXXXXXXQ4IIVXA3g2yyc7I=)

Did anyone succeed to configure nexus as a docker registry with S3 blob store?