Fix media upload S3 IAM init blocking outside non-AWS environments.

- Update `simples3` to a version that supports IAM timeout. - On IAM error, fall back to key/secret mode (although with empty creds) so that the app still starts.
knadh · Jan 15, 2022 · 7955a4f · 7955a4f
1 parent 4ddd3e8
commit 7955a4f
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 13 deletions.
diff --git a/go.mod b/go.mod
@@ -25,7 +25,7 @@ require (
 	github.com/mitchellh/mapstructure v1.4.2 // indirect
 	github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect
 	github.com/pelletier/go-toml v1.9.4 // indirect
-	github.com/rhnvrm/simples3 v0.8.0
+	github.com/rhnvrm/simples3 v0.8.1
 	github.com/spf13/cast v1.4.1 // indirect
 	github.com/spf13/pflag v1.0.5
 	github.com/yuin/goldmark v1.4.1

diff --git a/go.sum b/go.sum
@@ -144,6 +144,8 @@ github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndr
 github.com/rhnvrm/simples3 v0.6.1/go.mod h1:Y+3vYm2V7Y4VijFoJHHTrja6OgPrJ2cBti8dPGkC3sA=
 github.com/rhnvrm/simples3 v0.8.0 h1:SAjJtsqObltKkejIGl3WgyySq2xdrfwZWXi6njFluuA=
 github.com/rhnvrm/simples3 v0.8.0/go.mod h1:Y+3vYm2V7Y4VijFoJHHTrja6OgPrJ2cBti8dPGkC3sA=
+github.com/rhnvrm/simples3 v0.8.1 h1:jL2yCi9P0pA8hFYkyVWZ4cs5RX3AMgcVsXTOqnCj0/w=
+github.com/rhnvrm/simples3 v0.8.1/go.mod h1:Y+3vYm2V7Y4VijFoJHHTrja6OgPrJ2cBti8dPGkC3sA=
 github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
 github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc=
 github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ=

diff --git a/internal/media/providers/s3/s3.go b/internal/media/providers/s3/s3.go
@@ -31,25 +31,21 @@ type Client struct {
 // NewS3Store initialises store for S3 provider. It takes in the AWS configuration
 // and sets up the `simples3` client to interact with AWS APIs for all bucket operations.
 func NewS3Store(opt Opt) (media.Store, error) {
-	var (
-		cl  *simples3.S3
-		err error
-	)
+	var cl *simples3.S3
 	if opt.URL == "" {
 		opt.URL = fmt.Sprintf("https://s3.%s.amazonaws.com", opt.Region)
 	}
 	opt.URL = strings.TrimRight(opt.URL, "/")
 
-	// Use Access Key/Secret Key if specified in config.
-	if opt.AccessKey != "" && opt.SecretKey != "" {
-		cl = simples3.New(opt.Region, opt.AccessKey, opt.SecretKey)
-	} else {
+	if opt.AccessKey == "" && opt.SecretKey == "" {
 		// fallback to IAM role if no access key/secret key is provided.
-		cl, err = simples3.NewUsingIAM(opt.Region)
-		if err != nil {
-			return nil, err
-		}
+		cl, _ = simples3.NewUsingIAM(opt.Region)
 	}
+
+	if cl == nil {
+		cl = simples3.New(opt.Region, opt.AccessKey, opt.SecretKey)
+	}
+
 	cl.SetEndpoint(opt.URL)
 
 	return &Client{