forked from TrueCloudLab/frostfs-s3-gw
[#241] Add aws-cli-credentials flag
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
parent
07dd0e1af4
commit
345dafb29d
2 changed files with 30 additions and 1 deletions
|
@ -8,6 +8,7 @@ import (
|
|||
"fmt"
|
||||
"io"
|
||||
"math"
|
||||
"os"
|
||||
"strconv"
|
||||
"time"
|
||||
|
||||
|
@ -57,6 +58,7 @@ type (
|
|||
ContextRules []byte
|
||||
SessionTkn bool
|
||||
Lifetime uint64
|
||||
AwsCliCredentialsFile string
|
||||
ContainerPolicies ContainerPolicies
|
||||
}
|
||||
|
||||
|
@ -241,7 +243,26 @@ func (a *Agent) IssueSecret(ctx context.Context, w io.Writer, options *IssueSecr
|
|||
|
||||
enc := json.NewEncoder(w)
|
||||
enc.SetIndent("", " ")
|
||||
return enc.Encode(ir)
|
||||
if err = enc.Encode(ir); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if options.AwsCliCredentialsFile != "" {
|
||||
profileName := "authmate_cred_" + address.ObjectID().String()
|
||||
if _, err = os.Stat(options.AwsCliCredentialsFile); os.IsNotExist(err) {
|
||||
profileName = "default"
|
||||
}
|
||||
file, err := os.OpenFile(options.AwsCliCredentialsFile, os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0600)
|
||||
if err != nil {
|
||||
return fmt.Errorf("couldn't open aws cli credentials file: %w", err)
|
||||
}
|
||||
defer file.Close()
|
||||
if _, err = file.WriteString(fmt.Sprintf("\n[%s]\naws_access_key_id = %s\naws_secret_access_key = %s\n",
|
||||
profileName, accessKeyID, secrets.AccessKey)); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// ObtainSecret receives an existing secret access key from NeoFS and
|
||||
|
|
|
@ -47,6 +47,7 @@ var (
|
|||
sessionTokenFlag bool
|
||||
lifetimeFlag uint64
|
||||
containerPolicies string
|
||||
awcCliCredFile string
|
||||
)
|
||||
|
||||
const (
|
||||
|
@ -209,6 +210,12 @@ func issueSecret() *cli.Command {
|
|||
Required: false,
|
||||
Destination: &containerPolicies,
|
||||
},
|
||||
&cli.StringFlag{
|
||||
Name: "aws-cli-credentials",
|
||||
Usage: "path to the aws cli credential file",
|
||||
Required: false,
|
||||
Destination: &awcCliCredFile,
|
||||
},
|
||||
},
|
||||
Action: func(c *cli.Context) error {
|
||||
ctx, log := prepare()
|
||||
|
@ -264,6 +271,7 @@ func issueSecret() *cli.Command {
|
|||
ContainerPolicies: policies,
|
||||
SessionTkn: sessionTokenFlag,
|
||||
Lifetime: lifetimeFlag,
|
||||
AwsCliCredentialsFile: awcCliCredFile,
|
||||
}
|
||||
|
||||
if err = agent.IssueSecret(ctx, os.Stdout, issueSecretOptions); err != nil {
|
||||
|
|
Loading…
Reference in a new issue