drone-s3-sync icon indicating copy to clipboard operation
drone-s3-sync copied to clipboard

Published 20 hours ago verified publisher icon drone-plugins

Plugin can't work if AWS keys are not set (use the given role)

Open omerxx opened this issue 8 years ago • 3 comments

Maybe just ignoring the fact that the credentials are empty is enough (Removing https://github.com/drone-plugins/drone-s3-sync/blob/master/plugin.go#L63)

But basically any plugin communicating with aws should have the ability to work with a role

omerxx avatar Oct 16 '17 16:10 omerxx

Pull requests that implement it similar to https://github.com/drone-plugins/drone-s3/blob/master/plugin.go#L90-L103 are welcome.

tboerger avatar Oct 22 '17 19:10 tboerger

@tboerger I stumbled upon the same problem, so I'll probably make a PR with a fix tomorrow... however, that signed yaml is deprecated, right? I can't find anything about it on the current CLI documentation (http://docs.drone.io/cli-installation/)

Would just this be acceptable then?

	//Allowing to use the instance role or provide a key and secret
	if p.Key != "" && p.Secret != "" {
		conf.Credentials = credentials.NewStaticCredentials(p.Key, p.Secret, "")
	}
	client := s3.New(session.New(), conf)

Or are there other security measures we should be taking?

fernandrone avatar Jan 17 '18 21:01 fernandrone

For example, this: https://github.com/drone-plugins/drone-s3-sync/pull/38

fernandrone avatar Jan 18 '18 11:01 fernandrone