Skip to content

Commit

Permalink
add k8s specific autofreshing provider (#422)
Browse files Browse the repository at this point in the history 
Add autofreshing provider for k8s so that AWS_WEB_IDENTITY_TOKEN_FILE,
AWS_ROLE_ARN and AWS_ROLE_SESSION_NAME based auth scheme are
automatically detected
  • Loading branch information
@gborough
gborough committed Dec 13, 2022
1 parent 52551af commit 1e00f9b
Show file tree
Hide file tree
Showing 4 changed files with 27 additions and 0 deletions.
16 changes: 16 additions & 0 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 9 additions & 0 deletions crates/esthri-cli/src/cli_utils.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -180,6 +180,15 @@ pub fn setup_s3client_with_cred_provider() -> Result<S3Client> {
Region::default(),
))
}
"k8s" => {
let credentials_provider =
AutoRefreshingProvider::new(WebIdentityProvider::from_k8s_env()).unwrap();
Ok(S3Client::new_with(
http_client,
credentials_provider,
Region::default(),
))
}
"" => {
let credentials_provider = DefaultCredentialsProvider::new().unwrap();
Ok(S3Client::new_with(
Expand Down
1 change: 1 addition & 0 deletions crates/esthri-internals/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ rusoto_core = { version = ">= 0.46, < 1", default-features = false }
rusoto_credential = { version = ">= 0.46, < 1", default-features = false }
rusoto_s3 = { version = ">= 0.46, < 1", default-features = false }
rusoto_signature = { version = ">= 0.46, < 1", default-features = false }
rusoto_sts = { version = ">= 0.46, < 1", default-features = false }

[dependencies.hyper-tls]
version = "0.5"
Expand Down
1 change: 1 addition & 0 deletions crates/esthri-internals/src/rusoto.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,3 +15,4 @@ pub use rusoto_credential::DefaultCredentialsProvider;

pub use rusoto_credential::*;
pub use rusoto_s3::*;
pub use rusoto_sts::*;

0 comments on commit 1e00f9b

Please sign in to comment.