[fastlane] Fix S3ClientHelper side effects (#16687)

* Updates S3ClientHelper to prevent side effects The initializer was calling Aws.config.update which was overwriting existing configuration. This was preventing access when using STS/Aws::AssumeRoleCredentials to assume a temporary IAM role. Removing the need to initialize with access_key/secret allows the caller to update Aws.config before calling fastlane and having their expected credentials used. Credentials will now be pulled from Amazon's documented sources. Maintains `region` option by initializing the S3 client with this option. * Updates match's S3Storage object to initialize S3ClientHelper with new interface. * Updates S3ClientHelper with option s3_client initializer option This is mainly to be used to inject this dependency in for specs, but if callers feel they would rather configure an s3 client this allows them to do so. * Updates S3ClientHelper with much more versatile initializer Reverts changes to keep initializer interface non-breaking. Updates creation of underlying S3 client to support passed in credentials (access_key/secret). Will use AWS config otherwise * Reverts change in S3Storage that prevented access_key/secret from being used if passed in
fastlane · Jul 7, 2020 · a8ed2af · a8ed2af
1 parent 12ef145
commit a8ed2af
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 12 deletions.
diff --git a/fastlane/lib/fastlane/helper/s3_client_helper.rb b/fastlane/lib/fastlane/helper/s3_client_helper.rb
@@ -3,14 +3,15 @@
 module Fastlane
   module Helper
     class S3ClientHelper
-      attr_reader :client
+      attr_reader :access_key
+      attr_reader :region
 
-      def initialize(access_key: nil, secret_access_key: nil, region: nil)
-        creds = Aws::Credentials.new(access_key, secret_access_key)
-        Aws.config.update(
-          region: region,
-          credentials: creds
-        )
+      def initialize(access_key: nil, secret_access_key: nil, region: nil, s3_client: nil)
+        @access_key = access_key
+        @secret_access_key = secret_access_key
+        @region = region
+
+        @client = s3_client
       end
 
       def list_buckets
@@ -50,12 +51,28 @@ def find_bucket!(bucket_name)
 
         return bucket
       end
-    end
 
-    private
+      private
+
+      attr_reader :secret_access_key
+
+      def client
+        @client ||= Aws::S3::Client.new(
+          {
+            region: region,
+            credentials: create_credentials
+          }.compact
+        )
+      end
+
+      def create_credentials
+        return nil if access_key.nil? || secret_access_key.nil?
 
-    def client
-      @client ||= Aws::S3::Client.new
+        Aws::Credentials.new(
+          access_key,
+          secret_access_key
+        )
+      end
     end
   end
 end
diff --git a/fastlane/spec/helper/s3_client_helper_spec.rb b/fastlane/spec/helper/s3_client_helper_spec.rb
@@ -1,5 +1,5 @@
 describe Fastlane::Helper::S3ClientHelper do
-  subject { described_class.new }
+  subject { described_class.new(s3_client: instance_double('Aws::S3::Client')) }
 
   describe '#find_bucket!' do
     before { class_double('Aws::S3::Bucket', new: bucket).as_stubbed_const }