From 60cc43c6593bcb04edfbd50153a3a325378e1237 Mon Sep 17 00:00:00 2001 From: Stefan Heinemann Date: Mon, 8 Jul 2024 15:34:41 +0200 Subject: [PATCH] PB-617 Fix the local setup for the bucket access It's impossible to reproduce the service-account situation for minio, hence we access it the legacy way with access key --- app/config/settings_dev.py | 9 +++++++++ app/config/settings_prod.py | 1 + 2 files changed, 10 insertions(+) diff --git a/app/config/settings_dev.py b/app/config/settings_dev.py index aaac7428..3e606239 100644 --- a/app/config/settings_dev.py +++ b/app/config/settings_dev.py @@ -56,3 +56,12 @@ MANAGED_BUCKET_COLLECTION_PATTERNS = env.list( 'MANAGED_BUCKET_COLLECTION_PATTERNS', default=[r"^ch\.meteoschweiz\.ogd-*"] ) + +# Since it's impossible to recreate the service-account situation with minio +# we inject some configuration in here to access the second bucket +# in the same way as first bucket, via access/secrets +# Like this we can leave the base (prod) configuration clean, while fixing +# the local setup +AWS_SETTINGS['managed']['access_type'] = "key" +AWS_SETTINGS['managed']['ACCESS_KEY_ID'] = env("LEGACY_AWS_ACCESS_KEY_ID") +AWS_SETTINGS['managed']['SECRET_ACCESS_KEY'] = env("LEGACY_AWS_SECRET_ACCESS_KEY") diff --git a/app/config/settings_prod.py b/app/config/settings_prod.py index 3e23ebd1..2b6b69c0 100644 --- a/app/config/settings_prod.py +++ b/app/config/settings_prod.py @@ -232,6 +232,7 @@ }, 'managed': { # The managed configuration will be passed directly via env + # The access to the managed bucket is done via service account "access_type": "service_account", "S3_BUCKET_NAME": env("AWS_S3_BUCKET_NAME"), "S3_REGION_NAME": env('AWS_S3_REGION_NAME', default='eu-central-1'),