-
Notifications
You must be signed in to change notification settings - Fork 100
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
new pragma @upload for user generated content #1475
Comments
Having done very similar things myself via plugins, I'd hugely appreciate this becoming part of the core Architect framework. This proposal covers all of my use cases (and more). One question I have - will this also mean Sandbox support for mocking S3 so we can test uploads locally? |
@brianleroux my only comment is how do we handle redirecting uploads to Public or Private buckets if both exist in the app? |
I think this approach sounds great. Those two use cases (user generated public and private) cover the majority of needs I have seen. For additional context we have solved this a few times by reusing the static asset bucket. To be clear I don't think these are good solutions. They were hacks to solve the problem within the Architect/Begin limitations. Just adding them for context. |
I really like the My only suggestion is considering if that may collide with another primitive that Arc would add later. As a general concept, will we wish that "upload" was available? |
@andybee def want to add sandbox support / thx for mentioning! Will add to the issue. @macdonst all uploads go into the |
Oh wait sorry @macdonst realizing i just re-stated above here. Let me try to explain better! The process for landing the upload somewhere is up to you (code in import arc from '@architect/functions'
await arc.upload.private.list() // etc |
@brianleroux ah yes, thanks for the clarification. That's what I was wondering. It's up to the user to decide where the upload goes. |
@brianleroux @andybee it's been a while but when I implemented https://github.com/filmaj/arc-plugin-s3-image-bucket I had that working without too much trouble. That was a couple major versions of architect back though, and I think uses the beta plugin API (still), but certainly should be doable. IIRC there was an npm package So I guess the idea behind this pattern is similar to following what
Actually I think this answers my musings above and differentiates this |
Looking over my old direct-to-s3 user upload plugin, I recall one thing I struggled with on that plugin was just exposing the plethora of S3 bucket options in one form or another via arc file (CORS and Lambda notifications on bucket events being just two of those I implemented in that plugin). You can see my attempt at that in the plugin's usage instructions. |
Just a quick warning RE: S3rver. The project appears to abandoned and I've had problems recently with signed URL uploads from the v3 AWS SDK (but, interestingly, not v2). Objects would upload, but using the default |
good questions @filmaj, was chatting w Block about this a bit and we def think while this is pretty high level and specific use case(s) around uploading it won't exclude a possible lower level primitive in the future for doing all the things S3 can do. ( and yeah, this is def a lot more burden on docs than code esp around security considerations wrt to the upload form action url signing business. its not…terrible…but it is pretty weird [1]. [1] https://github.com/brianleroux/enhance-example-s3-upload/blob/main/app/elements/s3-form.mjs#L8-L41 |
Love this. I recently abandoned an approach for uploading files in a CMS. Mainly because it became to much of a hassle. I had to string the |
Currently an Architect assumes if you are building a web app you probably want/need a blob store (s3 bucket) for static assets related to web app system chrome (eg. the fonts, css, images, etc). This is represented by the pragma
@static
and by default, and per common convention, we deploy assets found in/public
to said bucket. This has worked well, but isn't super suitable for user generated content that an app may (and may not) want their end users to upload.Architect needs to handle file uploads for, broadly, two use cases:
Uploading needs to be a one way trip, directly into an S3 bucket to thwart size limits of Lambda/API Gateway, and generally be considered 'raw' for processing into other destinations. We don't want to mix the userland upload space with assets that have been processed for a couple of reasons: security (mainly) and to avoid accidentally creating a recursive Lambda invocation. Assets should be uploaded, processed by Lambda writing results elsewhere, and removed from the upload bucket.
Proposed solution
We add a new pragma to Architect:
Implementation
@upload
will create bucket resource namedUploadBucket
andarc.services()
will allow it to be discovered underupload.raw
arc init
will generated a Lambda handler function insrc/upload
by default (can override code path withsrc
) and will receive events for all uploadsendpoint
creates another new resource namedPublicBucket
andarc.services()
will allow it to be discovered underupload.public
endpoint
this will create an API Gateway->S3 proxy (same as @static adding _static in Architect)private true
creates another new resource namedPrivateBucket
andarc.services()
will allow it to be discovered underupload.private
Most cases would either have
endpoint
orprivate
but a more sophisticated application could have both destinations for uploads (eg an app supporting user avatars and user content that isn't necessarily public).Additionally, we will want a helper in
@architect/functions
for generating the upload form because it is pretty weird.Finally, to complete the feature we'll want to support at basic S3 operations in
@architect/sandbox
for local testing. Could put the localPrivateBucket
andPublicBucket
in/tmp
or equiv.Docs notes
Uploading directly to S3 is kind of weird. It requires creating a temporary signed URL with root account credentials. We will need to make this extra clear in the docs.
Alternatives and additional context
The text was updated successfully, but these errors were encountered: