granblue.team/hensei-api
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add fallbacks for credentials

Browse source
This commit is contained in:
Justin Edmund 2025-01-18 11:45:53 -08:00
parent 737623f59c
commit 5355f57a64
1 changed files with 60 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

79
app/services/aws_service.rb
View file

@ -1,21 +1,21 @@
# frozen_string_literal: true
require 'aws-sdk-s3'
class AwsService class AwsService
attr_reader :s3_client, :bucket attr_reader :s3_client, :bucket
class ConfigurationError < StandardError; end class ConfigurationError < StandardError; end
def initialize def initialize
validate_credentials! Rails.logger.info "Environment: #{Rails.env}"
# Try different methods of getting credentials
creds = get_credentials
Rails.logger.info "Credentials source: #{creds[:source]}"
@s3_client = Aws::S3::Client.new( @s3_client = Aws::S3::Client.new(
region: Rails.application.credentials.dig(:aws, :region), region: creds[:region],
access_key_id: Rails.application.credentials.dig(:aws, :access_key_id), access_key_id: creds[:access_key_id],
secret_access_key: Rails.application.credentials.dig(:aws, :secret_access_key) secret_access_key: creds[:secret_access_key]
) )
@bucket = Rails.application.credentials.dig(:aws, :bucket_name) @bucket = creds[:bucket_name]
rescue KeyError => e rescue KeyError => e
raise ConfigurationError, "Missing AWS credential: #{e.message}" raise ConfigurationError, "Missing AWS credential: #{e.message}"
end end
@ -40,30 +40,59 @@ class AwsService
private private
def credentials def get_credentials
@credentials ||= begin # Try Rails credentials first
creds = Rails.application.credentials[:aws] rails_creds = Rails.application.credentials.dig(:aws)
raise ConfigurationError, 'AWS credentials not found' unless creds if rails_creds&.dig(:access_key_id)
Rails.logger.info "Using Rails credentials"
return rails_creds.merge(source: 'rails_credentials')
end
{ # Try string keys
region: creds[:region], rails_creds = Rails.application.credentials.dig('aws')
access_key_id: creds[:access_key_id], if rails_creds&.dig('access_key_id')
secret_access_key: creds[:secret_access_key], Rails.logger.info "Using Rails credentials (string keys)"
bucket_name: creds[:bucket_name] return {
region: rails_creds['region'],
access_key_id: rails_creds['access_key_id'],
secret_access_key: rails_creds['secret_access_key'],
bucket_name: rails_creds['bucket_name'],
source: 'rails_credentials_string'
} }
end end
# Try environment variables
if ENV['AWS_ACCESS_KEY_ID']
Rails.logger.info "Using environment variables"
return {
region: ENV['AWS_REGION'],
access_key_id: ENV['AWS_ACCESS_KEY_ID'],
secret_access_key: ENV['AWS_SECRET_ACCESS_KEY'],
bucket_name: ENV['AWS_BUCKET_NAME'],
source: 'environment'
}
end end
def validate_credentials! # Try alternate environment variable names
if ENV['RAILS_AWS_ACCESS_KEY_ID']
Rails.logger.info "Using Rails-prefixed environment variables"
return {
region: ENV['RAILS_AWS_REGION'],
access_key_id: ENV['RAILS_AWS_ACCESS_KEY_ID'],
secret_access_key: ENV['RAILS_AWS_SECRET_ACCESS_KEY'],
bucket_name: ENV['RAILS_AWS_BUCKET_NAME'],
source: 'rails_environment'
}
end
validate_credentials = ->(creds, source) {
missing = [] missing = []
creds = Rails.application.credentials[:aws]
%i[region access_key_id secret_access_key bucket_name].each do |key| %i[region access_key_id secret_access_key bucket_name].each do |key|
missing << key unless creds&.dig(key) missing << key unless creds[key].present?
end end
raise ConfigurationError, "Missing AWS credentials from #{source}: #{missing.join(', ')}" if missing.any?
}
return unless missing.any? raise ConfigurationError, "No AWS credentials found in any location"
raise ConfigurationError, "Missing AWS credentials: #{missing.join(', ')}"
end end
end end