Assets: how they work
There are two types of asset files.
Uploaded assets - also called attachments - are files like PDFs, CSVs and images which are uploaded via the publishing apps and attached to documents.
How users access assets
The GOV.UK content delivery network is in front of our assets
assets.publishing.service.gov.uk and equivalents in other
environments). The CDN fetches anything not in its cache from
Assets at origin
Assets are served by the cache machines in all environments.
The cache machines proxy requests to the application hostnames based on the
first segment of the path. For example
/government-frontend/ is proxied to
the hostname for
government-frontend in that environment.
All other assets that have a path that don’t match fall back to the static application.
Asset Manager is an API that is called internally by Publisher, Specialist
Publisher, Manuals Publisher, Travel Advice Publisher and Whitehall to manage
their uploads. It serves the uploaded assets on
How uploaded assets are stored and served
Asset files are stored in an S3 bucket (e.g.
production) and Asset Manager instructs nginx to proxy requests to them.
It should be noted that Asset Manager does actually serve the asset requests, rather than letting nginx serve directly from the share. This is to enable the following features:
- Assets are not served until they have been virus scanned; a placeholder image or page is shown for assets that are not finished scanning.
- Assets can be access-limited so that only authorised users can see them.
- Asset files can be replaced, and a request to the original path redirects to the replacement. Currently only Whitehall and Specialist Publisher support this.