-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow aws commands to use aws environment variables for auth #223
Allow aws commands to use aws environment variables for auth #223
Conversation
Do not assume credential file creation will have valid credentials. Begin to move away from deprecated ->io constructs. Resolves #222
@apotek Your instructions all worked a charm until I got to the part to put good credentials into
So, the part to enter credentials works great, but my |
Does your .env file have the correct credentials, and is it formatted like this?
(ie, i have made the mistake of copying an ini file to the env file thinking). If all this checks out, I would be interested to see if your environment variables were actually set, ie:
should output the correct credentials. Is that the case? And they should persist even after reboot. Thank you for testing this. You'll have to do a git pull in vendor/chromatic/usher to get latest should you try again. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed this synchronously
@apotek It turns out my
What I had before, when it didn't work, looked like this:
I initially removed |
@mmatsoo Interesting. It should be noted that Usher copies over the creds in the latter format:
So, even Usher doesn't capitalize the variable keys 🤔 |
The AWS credentials file is in a format called an "ini" file, where a configuration section is delineated by a Environment variables are a completely different beast. There is, by the way no technical reason environment variables are all upper case; it's a convention, similar to naming constants in upper case too. The only reason the environment vars have to be upper case when doing an environment config, is that the aws CLI as well as the aws-async php library that Usher uses, expects the environment variables to be upper case. The .env file and the credentials file are entirely different ways to set up your credentials for AWS and can't be interchanged. |
Description
Allow aws commands to use aws environment variables for auth
Do not assume credential file creation will have valid credentials.
Begin to move away from deprecated ->io constructs.
Resolves #222
Testing
Open your composer.json file. Find the "repositories" section and add the Usher repository:
(nb: Make sure you add that comma at the end)
Then require this test branch:
Note: if you have already done this previously, and are coming back for more testing be sure to go to vendor/chromatic/usher in your local repo and do a
git pull
to get latest.Run commands you normally use in your client project.! Report failures here! These are just examples.
First, make sure there are no AWS environment variables set in your container. Also remove the .aws/credentials. You should have an authentication error and be prompted to enter your credentials. Enter bad credentials. You should be prompted to re-enter your credentials. This will keep going until a successful authorization or you cancel.
Now, break your .aws/credentials by modifying key or token so that it won't work. You should see a failure again and a prompt to fix your credentials.
Break your .aws/credentials again. Now, however, create a .ddev/.env file and put GOOD aws credentials in it. Restart your ddev project. Now you should see success and not be prompted to enter the aws credentials, even though your ./aws/credentials file contains a bad token or key.
(The environment variables override the credentials file as per spec).
Now, break your env variables by breaking a key or token in your .ddev/.env file and restarting your ddev project. You should see an error about your AWS environment variables being bad and that you need to fix them.
You can then decide to either remove your environment variables and use the ~/.aws/credentials, or (recommended) just use the .env file.
Remember to remove your modifications to composer.json and composer.lock! Don't commit that change.
Expected Results