diff options
author | Eelco Dolstra <edolstra@gmail.com> | 2017-11-15 14:16:04 +0100 |
---|---|---|
committer | Eelco Dolstra <edolstra@gmail.com> | 2017-11-15 14:18:20 +0100 |
commit | 8956ae19879e0367250002b94e399d8c771f37a1 (patch) | |
tree | 713b1dd7ec831df06a65e0a93d45d3826e36aa55 /src/libstore | |
parent | 897ca33a1c5df5da77e854dd7dd88dadea4681c8 (diff) |
Add a "profile" option to S3BinaryCacheStore
This allows specifying the AWS configuration profile to use. E.g.
nix copy --from s3://my-cache?profile=aws-dev-account /nix/store/cf3isrlqavvd5w7rpky1fa8j9lcnlggm-...
Diffstat (limited to 'src/libstore')
-rw-r--r-- | src/libstore/download.cc | 2 | ||||
-rw-r--r-- | src/libstore/s3-binary-cache-store.cc | 15 | ||||
-rw-r--r-- | src/libstore/s3.hh | 2 |
3 files changed, 14 insertions, 5 deletions
diff --git a/src/libstore/download.cc b/src/libstore/download.cc index 70f9b1f5e..da31029b4 100644 --- a/src/libstore/download.cc +++ b/src/libstore/download.cc @@ -533,7 +533,7 @@ struct CurlDownloader : public Downloader // FIXME: do this on a worker thread sync2async<DownloadResult>(success, failure, [&]() -> DownloadResult { #ifdef ENABLE_S3 - S3Helper s3Helper(Aws::Region::US_EAST_1); // FIXME: make configurable + S3Helper s3Helper("", Aws::Region::US_EAST_1); // FIXME: make configurable auto slash = request.uri.find('/', 5); if (slash == std::string::npos) throw nix::Error("bad S3 URI '%s'", request.uri); diff --git a/src/libstore/s3-binary-cache-store.cc b/src/libstore/s3-binary-cache-store.cc index 6a0f19238..0079da1be 100644 --- a/src/libstore/s3-binary-cache-store.cc +++ b/src/libstore/s3-binary-cache-store.cc @@ -10,6 +10,8 @@ #include "istringstream_nocopy.hh" #include <aws/core/Aws.h> +#include <aws/core/auth/AWSCredentialsProvider.h> +#include <aws/core/auth/AWSCredentialsProviderChain.h> #include <aws/core/client/ClientConfiguration.h> #include <aws/core/client/DefaultRetryStrategy.h> #include <aws/core/utils/logging/FormattedLogSystem.h> @@ -77,9 +79,15 @@ static void initAWS() }); } -S3Helper::S3Helper(const string & region) +S3Helper::S3Helper(const std::string & profile, const std::string & region) : config(makeConfig(region)) - , client(make_ref<Aws::S3::S3Client>(*config, true, false)) + , client(make_ref<Aws::S3::S3Client>( + profile == "" + ? std::dynamic_pointer_cast<Aws::Auth::AWSCredentialsProvider>( + std::make_shared<Aws::Auth::DefaultAWSCredentialsProviderChain>()) + : std::dynamic_pointer_cast<Aws::Auth::AWSCredentialsProvider>( + std::make_shared<Aws::Auth::ProfileConfigFileAWSCredentialsProvider>(profile.c_str())), + *config, true, false)) { } @@ -148,6 +156,7 @@ S3Helper::DownloadResult S3Helper::getObject( struct S3BinaryCacheStoreImpl : public S3BinaryCacheStore { + const Setting<std::string> profile{this, "", "profile", "The name of the AWS configuration profile to use."}; const Setting<std::string> region{this, Aws::Region::US_EAST_1, "region", {"aws-region"}}; const Setting<std::string> narinfoCompression{this, "", "narinfo-compression", "compression method for .narinfo files"}; const Setting<std::string> lsCompression{this, "", "ls-compression", "compression method for .ls files"}; @@ -163,7 +172,7 @@ struct S3BinaryCacheStoreImpl : public S3BinaryCacheStore const Params & params, const std::string & bucketName) : S3BinaryCacheStore(params) , bucketName(bucketName) - , s3Helper(region) + , s3Helper(profile, region) { diskCache = getNarInfoDiskCache(); } diff --git a/src/libstore/s3.hh b/src/libstore/s3.hh index 08a7fbf96..4f9964003 100644 --- a/src/libstore/s3.hh +++ b/src/libstore/s3.hh @@ -14,7 +14,7 @@ struct S3Helper ref<Aws::Client::ClientConfiguration> config; ref<Aws::S3::S3Client> client; - S3Helper(const std::string & region); + S3Helper(const std::string & profile, const std::string & region); ref<Aws::Client::ClientConfiguration> makeConfig(const std::string & region); |