Fix 'double-storage' workaround in oc-azure-blob-storage #61
Description
Azure Blob Storage handles ACL in a different way than S3 - it does not allow setting permissions per file/blob, but rather per container (something containing multiple blobs).
To that extent we will need to create 2 containers in Azure, one for public files and one for private files.
The only problem with that approach is the fact that oc informs storage adapter if the file is public or private only when writing, but not when reading a file - so we would not know from which container to read the file. While we could extend oc to do that, in order to get something working and then iterate on it I've opted in for a workaround:
- When we ask azure-storage-adapter to read a file we always read it from private container
- When we write a private file we write it to private container
- When we write a public file we write it to both private and public container
This way we can ensure azure-storage-adapter will be compatible with oc storage-adapter api and we do not have to modify oc itself, however in the long run it would be best to modify oc-registry in such a way where we don't need this workaround.