Skip to content

Commit

Permalink
Need A Way To Pass In File Path For Override Cred Provider
Browse files Browse the repository at this point in the history
  • Loading branch information
sethAmazon committed Jul 3, 2023
1 parent b6214f6 commit 88bc372
Show file tree
Hide file tree
Showing 11 changed files with 45 additions and 18 deletions.
2 changes: 2 additions & 0 deletions cmd/configschema/go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -1052,6 +1052,8 @@ exclude github.com/docker/distribution v2.8.0+incompatible

replace github.com/open-telemetry/opentelemetry-collector-contrib/internal/filter => ../../internal/filter

replace github.com/amazon-contributing/opentelemetry-collector-contrib/override/aws => ../../override/aws

retract (
v0.76.2
v0.76.1
Expand Down
2 changes: 0 additions & 2 deletions cmd/configschema/go.sum

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions cmd/otelcontribcol/builder-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -392,4 +392,5 @@ replaces:
- github.com/open-telemetry/opentelemetry-collector-contrib/connector/spanmetricsconnector => ../../connector/spanmetricsconnector
- github.com/openshift/api v3.9.0+incompatible => github.com/openshift/api v0.0.0-20180801171038-322a19404e37
- github.com/outcaste-io/ristretto v0.2.0 => github.com/outcaste-io/ristretto v0.2.1
- github.com/amazon-contributing/opentelemetry-collector-contrib/override/aws => ../../override/aws

2 changes: 2 additions & 0 deletions cmd/otelcontribcol/go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -1063,3 +1063,5 @@ replace github.com/open-telemetry/opentelemetry-collector-contrib/connector/span
replace github.com/openshift/api v3.9.0+incompatible => github.com/openshift/api v0.0.0-20180801171038-322a19404e37

replace github.com/outcaste-io/ristretto v0.2.0 => github.com/outcaste-io/ristretto v0.2.1

replace github.com/amazon-contributing/opentelemetry-collector-contrib/override/aws => ../../override/aws
2 changes: 0 additions & 2 deletions cmd/otelcontribcol/go.sum

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -1050,6 +1050,8 @@ replace github.com/googleapis/gnostic v0.5.6 => github.com/googleapis/gnostic v0
// see https://github.com/open-telemetry/opentelemetry-collector-contrib/pull/12322#issuecomment-1185029670
replace github.com/docker/go-connections v0.4.1-0.20210727194412-58542c764a11 => github.com/docker/go-connections v0.4.0

replace github.com/amazon-contributing/opentelemetry-collector-contrib/override/aws => ./override/aws

retract (
v0.76.2
v0.76.1
Expand Down
2 changes: 0 additions & 2 deletions go.sum

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

33 changes: 27 additions & 6 deletions internal/aws/awsutil/conn.go
Original file line number Diff line number Diff line change
Expand Up @@ -183,15 +183,36 @@ func GetAWSConfigSession(logger *zap.Logger, cn ConnAttr, cfg *AWSSessionSetting
Endpoint: aws.String(cfg.Endpoint),
HTTPClient: http,
}
// do not overwrite for sts assume role
if cfg.RoleARN == "" && len(override.GetCredentialsChainOverride().GetCredentialsChain()) > 0 {
config.Credentials = credentials.NewCredentials(&credentials.ChainProvider{
Providers: customCredentialProvider(cfg, config),
})
}
config.CredentialsChainVerboseErrors = aws.Bool(true)
return config, s, nil
}

func customCredentialProvider(cfg *AWSSessionSettings, config *aws.Config) []credentials.Provider {
defaultCredProviders := defaults.CredProviders(config, defaults.Handlers())
overrideCredProviders := override.GetCredentialsChainOverride().GetCredentialsChain()
credProviders := make([]credentials.Provider, 0, len(defaultCredProviders)+len(overrideCredProviders))
credProviders := make([]credentials.Provider, 0)
// if is for differently configured shared creds file location
// else if is for diff profile but no change in creds file ex run in containers
if cfg.SharedCredentialsFile != nil && len(cfg.SharedCredentialsFile) > 0 {
for _, file := range cfg.SharedCredentialsFile {
credProviders = append(credProviders, &credentials.SharedCredentialsProvider{Filename: file, Profile: cfg.Profile})
}
} else if cfg.Profile != "" {
credProviders = append(credProviders, &credentials.SharedCredentialsProvider{Filename: "", Profile: cfg.Profile})
}
credProviders = append(credProviders, defaultCredProviders...)
credProviders = append(credProviders, overrideCredProviders...)
config.Credentials = credentials.NewCredentials(&credentials.ChainProvider{
Providers: credProviders,
})
return config, s, nil
for _, provider := range overrideCredProviders {
for _, file := range cfg.SharedCredentialsFile {
credProviders = append(credProviders, provider(file))
}
}
return credProviders
}

func findRegions(logger *zap.Logger, cn ConnAttr, cfg *AWSSessionSettings) (string, error) {
Expand Down
2 changes: 1 addition & 1 deletion internal/aws/awsutil/go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ require (
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.3
github.com/stretchr/testify v1.8.0
go.uber.org/zap v1.24.0
golang.org/x/net v0.1.0
golang.org/x/net v0.7.0
)

require (
Expand Down
3 changes: 2 additions & 1 deletion internal/aws/awsutil/go.sum

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 8 additions & 4 deletions override/aws/credential.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ import (
"github.com/aws/aws-sdk-go/aws/credentials"
)

type credentialsProvider []credentials.Provider
type credentialsProvider []func(string) credentials.Provider
type CredentialsChainOverride struct {
credentialsProvider credentialsProvider
}
Expand All @@ -27,15 +27,19 @@ var credentialsChainOverride *CredentialsChainOverride

func GetCredentialsChainOverride() *CredentialsChainOverride {
if credentialsChainOverride == nil {
credentialsChainOverride = &CredentialsChainOverride{credentialsProvider: make([]credentials.Provider, 0)}
credentialsChainOverride = &CredentialsChainOverride{credentialsProvider: make([]func(string) credentials.Provider, 0)}
}
return credentialsChainOverride
}

func (c *CredentialsChainOverride) AppendCredentialsChain(credentialsProvider credentials.Provider) {
func (c *CredentialsChainOverride) AppendCredentialsChain(credentialsProvider func(string) credentials.Provider) {
c.credentialsProvider = append(c.credentialsProvider, credentialsProvider)
}

func (c *CredentialsChainOverride) GetCredentialsChain() []credentials.Provider {
func (c *CredentialsChainOverride) GetCredentialsChain() []func(string) credentials.Provider {
return c.credentialsProvider
}

func init() {
GetCredentialsChainOverride()
}

0 comments on commit 88bc372

Please sign in to comment.