aptly publish update removes encryption

[rtkghesselink]

When using server side encryption on S3 buckets, I found that running a aptly publish update does not pass through the encryption method:

2017/09/28 14:33:07 DEBUG: Response s3/CopyObject Details:
---[ RESPONSE ]--------------------------------------
HTTP/1.1 403 Forbidden
Transfer-Encoding: chunked
Content-Type: application/xml
Date: Thu, 28 Sep 2017 14:33:07 GMT
Server: AmazonS3
X-Amz-Id-2: PkQDQbeOWrp869GCThKMOIn0LJ5dVV5RInU18wkzeLclG5CFEkOKbRJtYMFj6d3CjfTODm6np5E=
X-Amz-Request-Id: D019B1DA28A54485

but
aws s3 cp s3://bucket/Release.tmp s3:/bucket/Release --sse AES256 works.
Also confirmed by turning off the requirement of encryption on my bucket, that the Release file that is uploaded is not encrypted.

This is on aptly 1.1.1

[smira]

@rtkghesselink could you please provide more details?

specifically, how did you enable SSE with aptly in the first place?

[rtkghesselink]

Sure thing, from aptly.conf:
"S3PublishEndpoints": { "bucket":{ "debug": true, "region":"us-west-2", "bucket":"bucket", "prefix": "prefix", "encryptionMethod": "AES256", "acl":"public-read-write" }

[smira]

Thanks, got it, yep, PUT Copy is missing encryption headers. I'll get fixed.

[smira]

Should be fixed in nightly, version aptly_1.1.1+33+g04b7543