-
Notifications
You must be signed in to change notification settings - Fork 309
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
refactor minio.credentials #901
refactor minio.credentials #901
Conversation
8b14018
to
5bec5d4
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just few minor nits - Otherwise LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
5bec5d4
to
2956f5a
Compare
101d9c0
to
75419ff
Compare
@balamurugana could you explain what the API change done in this PR ? Also could you make sure that examples are updated ? |
Below is the design change I proposed earlier and this PR is a refactor with this design. from abc import ABCMeta, abstractmethod
from datetime import datetime
class Value():
"""
Denotes credential values such as access key, secret key and session token.
"""
def init(self, access_key, secret_key, session_token):
self.access_key = access_key
self.secret_key = secret_key
self.session_token = session_token
class Provider():
"""Credential retriever."""
metaclass = ABCMeta
@abstractmethod
def retrieve(self) -> (Value, datetime):
"""Retrieve credential value and its expiry."""
class Credentials():
def __init__(self, provider):
self._provider = provider
self._value = None
self._validity = None
def get(self, force=False):
if (
not self._value or
(self._validity and self._validity < datetime.utcnow()) or
force
):
self._value, self._validity = self._provider.retrieva()
return self._value
Let me check once again. |
0cb6611
to
9d01e93
Compare
582b8b5
to
faf329b
Compare
faf329b
to
3696736
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
3696736
to
121694d
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Few comments, LGTM otherwise. Not tested yet
minio/credentials/providers.py
Outdated
# ignore this error and try other providers. | ||
pass | ||
|
||
raise ValueError("no credentials retrieved") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe here we should return the last encountered ValueError exception.. so at least the user can see a more self explaining error.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
minio/api.py
Outdated
@@ -178,10 +177,9 @@ def __init__(self, endpoint, access_key=None, | |||
self._credentials = credentials or Credentials( | |||
provider=Chain( | |||
providers=[ | |||
Static(access_key, secret_key, session_token), | |||
Static(Value(access_key, secret_key, session_token)), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe it is enough if we can credentials in this form:
Static(access_key, secret_key, session_token),
and create a Value instance inside Static init() function.
Let's review the API with @abperiasamy one last time.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have changed to Static(access_key, secret_key, session_token=None, expiry=None)
a15a235
to
1579f2e
Compare
1579f2e
to
f6e3e89
Compare
@@ -181,7 +180,6 @@ def __init__(self, endpoint, access_key=None, | |||
Static(access_key, secret_key, session_token), | |||
EnvAWS(), | |||
EnvMinio(), | |||
IamEc2MetaData(), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Well, this is a breaking change, we should not forget about mentioning it when we release minio-py
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes. I think we are covering in #902
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM & tested, we probably need to write all possible breaking things in a document before we release
ping @Praveenrajmani |
Depends on
Minio.get_assume_role_creds()
in #900