primal/athens
1
0
Fork 0
mirror of https://github.com/gomods/athens synced 2026-02-03 11:00:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use ambient aws credential provider for s3 (#1041)

Browse Source 
* use ambiant aws credentials

Signed-off-by: Joshua Rubin <joshua@rubixconsulting.com>

* better naming, docs and examples for default aws config

Signed-off-by: Joshua Rubin <joshua@rubixconsulting.com>
This commit is contained in:
Joshua Rubin
2019-01-16 00:47:21 -07:00
committed by Michal Pristas
parent b17bfb3d0a
commit 84eff04ed2
3 changed files with 31 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/storage/s3/s3.go
+15 -20
View File
@@ -3,8 +3,6 @@ package s3
import (
"fmt"
"net/url"
"os/user"
"path/filepath"
"time"
"github.com/aws/aws-sdk-go/aws"
@@ -41,10 +39,7 @@ func New(s3Conf *config.S3Config, timeout time.Duration, options ...func(*aws.Co
return nil, errors.E(op, err)
}
creds, err := buildAWSCredentials(s3Conf)
if err != nil {
return nil, errors.E(op, "unable to build AWS credentials")
}
creds := buildAWSCredentials(s3Conf)
awsConfig := &aws.Config{
Credentials: creds,
@@ -71,20 +66,20 @@ func New(s3Conf *config.S3Config, timeout time.Duration, options ...func(*aws.Co
}, nil
}
// buildAWSCredentials builds the credentials required to create a new AWS session. It will prefer the access key ID and
// secret access key if specified in the S3Config. Otherwise it will look for credentials in the filesystem.
func buildAWSCredentials(s3Conf *config.S3Config) (*credentials.Credentials, error) {
if s3Conf.Key != "" && s3Conf.Secret != "" {
return credentials.NewStaticCredentials(s3Conf.Key, s3Conf.Secret, s3Conf.Token), nil
// buildAWSCredentials builds the credentials required to create a new AWS
// session. It will prefer the access key ID and secret access key if specified
// in the S3Config unless UseDefaultConfiguration is true. If the key ID and
// secret access key are unspecified or UseDefaultConfiguration is true, then
// the default aws configuration will be used. This will attempt to find
// credentials in the environment, in the shared configuration
// (~/.aws/credentials) and from ec2 instance role credentials. See
// https://godoc.org/github.com/aws/aws-sdk-go#hdr-Configuring_Credentials and
// https://godoc.org/github.com/aws/aws-sdk-go/aws/session#hdr-Environment_Variables
// for environment variables that will affect the aws configuration.
func buildAWSCredentials(s3Conf *config.S3Config) *credentials.Credentials {
if !s3Conf.UseDefaultConfiguration && s3Conf.Key != "" && s3Conf.Secret != "" {
return credentials.NewStaticCredentials(s3Conf.Key, s3Conf.Secret, s3Conf.Token)
}
u, err := user.Current()
if err != nil {
return nil, err
}
filename := filepath.Join(u.HomeDir, ".aws", "credentials")
sc := credentials.NewSharedCredentials(filename, "default")
return sc, nil
return nil
}