-
Notifications
You must be signed in to change notification settings - Fork 5
/
credentials.go
42 lines (35 loc) · 1.09 KB
/
credentials.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
// Copyright (c) 2021 Yandex LLC. All rights reserved.
// Author: Martynov Pavel <covariance@yandex-team.ru>
package awsutils
import (
"context"
"fmt"
"github.com/aws/aws-sdk-go/aws/credentials"
v1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/types"
"sigs.k8s.io/controller-runtime/pkg/client"
sakey "github.com/yandex-cloud/k8s-cloud-connectors/connector/sakey/api/v1"
)
func CredentialsFromStaticAccessKey(
ctx context.Context, namespace, sakeyName string, cl client.Client,
) (*credentials.Credentials, error) {
var key sakey.StaticAccessKey
if err := cl.Get(
ctx, types.NamespacedName{
Namespace: namespace,
Name: sakeyName,
}, &key,
); err != nil {
return nil, fmt.Errorf("unable to retrieve corresponding SAKey: %w", err)
}
var secret v1.Secret
if err := cl.Get(
ctx, types.NamespacedName{
Namespace: namespace,
Name: key.Status.SecretName,
}, &secret,
); err != nil {
return nil, fmt.Errorf("unable to retrieve corresponding secret: %w", err)
}
return credentials.NewStaticCredentials(string(secret.Data["key"]), string(secret.Data["secret"]), ""), nil
}