granblue.team/hensei-api
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add fallbacks for credentials

Browse source
This commit is contained in:
Justin Edmund 2025-01-18 11:45:53 -08:00
parent 737623f59c
commit 5355f57a64
1 changed files with 60 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

91
app/services/aws_service.rb
View file

@ -1,21 +1,21 @@
# frozen_string_literal: true
require 'aws-sdk-s3'
class AwsService
attr_reader :s3_client, :bucket
class ConfigurationError < StandardError; end
def initialize
validate_credentials!
Rails.logger.info "Environment: #{Rails.env}"
# Try different methods of getting credentials
creds = get_credentials
Rails.logger.info "Credentials source: #{creds[:source]}"
@s3_client = Aws::S3::Client.new(
region: Rails.application.credentials.dig(:aws, :region),
access_key_id: Rails.application.credentials.dig(:aws, :access_key_id),
secret_access_key: Rails.application.credentials.dig(:aws, :secret_access_key)
region: creds[:region],
access_key_id: creds[:access_key_id],
secret_access_key: creds[:secret_access_key]
)
@bucket = Rails.application.credentials.dig(:aws, :bucket_name)
@bucket = creds[:bucket_name]
rescue KeyError => e
raise ConfigurationError, "Missing AWS credential: #{e.message}"
end
@ -40,30 +40,59 @@ class AwsService
private
def credentials
@credentials ||= begin
creds = Rails.application.credentials[:aws]
raise ConfigurationError, 'AWS credentials not found' unless creds
{
region: creds[:region],
access_key_id: creds[:access_key_id],
secret_access_key: creds[:secret_access_key],
bucket_name: creds[:bucket_name]
}
end
end
def validate_credentials!
missing = []
creds = Rails.application.credentials[:aws]
%i[region access_key_id secret_access_key bucket_name].each do |key|
missing << key unless creds&.dig(key)
def get_credentials
# Try Rails credentials first
rails_creds = Rails.application.credentials.dig(:aws)
if rails_creds&.dig(:access_key_id)
Rails.logger.info "Using Rails credentials"
return rails_creds.merge(source: 'rails_credentials')
end
return unless missing.any?
# Try string keys
rails_creds = Rails.application.credentials.dig('aws')
if rails_creds&.dig('access_key_id')
Rails.logger.info "Using Rails credentials (string keys)"
return {
region: rails_creds['region'],
access_key_id: rails_creds['access_key_id'],
secret_access_key: rails_creds['secret_access_key'],
bucket_name: rails_creds['bucket_name'],
source: 'rails_credentials_string'
}
end
raise ConfigurationError, "Missing AWS credentials: #{missing.join(', ')}"
# Try environment variables
if ENV['AWS_ACCESS_KEY_ID']
Rails.logger.info "Using environment variables"
return {
region: ENV['AWS_REGION'],
access_key_id: ENV['AWS_ACCESS_KEY_ID'],
secret_access_key: ENV['AWS_SECRET_ACCESS_KEY'],
bucket_name: ENV['AWS_BUCKET_NAME'],
source: 'environment'
}
end
# Try alternate environment variable names
if ENV['RAILS_AWS_ACCESS_KEY_ID']
Rails.logger.info "Using Rails-prefixed environment variables"
return {
region: ENV['RAILS_AWS_REGION'],
access_key_id: ENV['RAILS_AWS_ACCESS_KEY_ID'],
secret_access_key: ENV['RAILS_AWS_SECRET_ACCESS_KEY'],
bucket_name: ENV['RAILS_AWS_BUCKET_NAME'],
source: 'rails_environment'
}
end
validate_credentials = ->(creds, source) {
missing = []
%i[region access_key_id secret_access_key bucket_name].each do |key|
missing << key unless creds[key].present?
end
raise ConfigurationError, "Missing AWS credentials from #{source}: #{missing.join(', ')}" if missing.any?
}
raise ConfigurationError, "No AWS credentials found in any location"
end
end