Skip to content

Commit

Permalink
Fix AWS target check (#347)
Browse files Browse the repository at this point in the history
Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>
  • Loading branch information
fjogeleit authored Oct 12, 2023
1 parent f0894c0 commit 9036018
Showing 1 changed file with 7 additions and 3 deletions.
10 changes: 7 additions & 3 deletions pkg/config/target_factory.go
Original file line number Diff line number Diff line change
Expand Up @@ -598,7 +598,7 @@ func (f *TargetFactory) createS3Client(config, parent *S3) target.Client {
}

config.MapAWSParent(parent.AWSConfig)
if config.Endpoint == "" {
if config.Endpoint == "" && !hasAWSIdentity() {
return nil
}

Expand Down Expand Up @@ -902,11 +902,15 @@ func NewTargetFactory(secretClient secrets.Client) *TargetFactory {
return &TargetFactory{secretClient: secretClient}
}

func checkAWSConfig(name string, config AWSConfig, parent AWSConfig) error {
func hasAWSIdentity() bool {
arn := os.Getenv("AWS_ROLE_ARN")
file := os.Getenv("AWS_WEB_IDENTITY_TOKEN_FILE")

noEnvConfig := arn == "" && file == ""
return arn != "" && file != ""
}

func checkAWSConfig(name string, config AWSConfig, parent AWSConfig) error {
noEnvConfig := !hasAWSIdentity()

if noEnvConfig && (config.AccessKeyID == "" && parent.AccessKeyID == "") {
return fmt.Errorf("%s.AccessKeyID has not been declared", name)
Expand Down

0 comments on commit 9036018

Please sign in to comment.