aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar Rutger Broekhoff2023-12-29 21:48:45 +0100
committerLibravatar Rutger Broekhoff2023-12-29 21:48:45 +0100
commitae7e8cff49148926a4e445c94ac0206c466bb4e8 (patch)
tree10511516b5e82f8f09d9b1459df8f11c187d238e
parent404aeae4545d2426c089a5f8d5e82dae56f5212b (diff)
downloadgitolfs3-ae7e8cff49148926a4e445c94ac0206c466bb4e8.tar.gz
gitolfs3-ae7e8cff49148926a4e445c94ac0206c466bb4e8.zip
Read S3 secrets from file
-rw-r--r--cmd/git-lfs-server/main.go36
1 files changed, 23 insertions, 13 deletions
diff --git a/cmd/git-lfs-server/main.go b/cmd/git-lfs-server/main.go
index fc32f41..f264aa0 100644
--- a/cmd/git-lfs-server/main.go
+++ b/cmd/git-lfs-server/main.go
@@ -286,34 +286,44 @@ func die(msg string, args ...any) {
286} 286}
287 287
288func main() { 288func main() {
289 anonUser := os.Getenv("ANON_USER")
289 endpoint := os.Getenv("S3_ENDPOINT") 290 endpoint := os.Getenv("S3_ENDPOINT")
290 accessKeyID := os.Getenv("S3_ACCESS_KEY_ID")
291 secretAccessKey := os.Getenv("S3_SECRET_ACCESS_KEY")
292 bucket := os.Getenv("S3_BUCKET") 291 bucket := os.Getenv("S3_BUCKET")
293 anonUser := os.Getenv("ANON_USER") 292 accessKeyIDFile := os.Getenv("S3_ACCESS_KEY_ID_FILE")
293 secretAccessKeyFile := os.Getenv("S3_SECRET_ACCESS_KEY_FILE")
294 294
295 if anonUser == "" {
296 die("Expected environment variable ANON_USER to be set")
297 }
295 if endpoint == "" { 298 if endpoint == "" {
296 die("Expected environment variable S3_ENDPOINT to be set") 299 die("Expected environment variable S3_ENDPOINT to be set")
297 } 300 }
298 if accessKeyID == "" {
299 die("Expected environment variable S3_ACCESS_KEY_ID to be set")
300 }
301 if secretAccessKey == "" {
302 die("Expected environment variable S3_SECRET_ACCESS_KEY to be set")
303 }
304 if bucket == "" { 301 if bucket == "" {
305 die("Expected environment variable S3_BUCKET to be set") 302 die("Expected environment variable S3_BUCKET to be set")
306 } 303 }
307 if anonUser == "" { 304
308 die("Expected environment variable ANON_USER to be set") 305 if accessKeyIDFile == "" {
306 die("Expected environment variable S3_ACCESS_KEY_ID_FILE to be set")
307 }
308 if secretAccessKeyFile == "" {
309 die("Expected environment variable S3_SECRET_ACCESS_KEY_FILE to be set")
310 }
311
312 accessKeyID, err := os.ReadFile(accessKeyIDFile)
313 if err != nil {
314 die("Failed to read access key ID from specified file: %s", err)
315 }
316 secretAccessKey, err := os.ReadFile(secretAccessKeyFile)
317 if err != nil {
318 die("Failed to read secret access key from specified file: %s", err)
309 } 319 }
310 320
311 mc, err := minio.New(endpoint, &minio.Options{ 321 mc, err := minio.New(endpoint, &minio.Options{
312 Creds: credentials.NewStaticV4(accessKeyID, secretAccessKey, ""), 322 Creds: credentials.NewStaticV4(string(accessKeyID), string(secretAccessKey), ""),
313 Secure: true, 323 Secure: true,
314 }) 324 })
315 if err != nil { 325 if err != nil {
316 die("Failed to create S3 client") 326 die("Failed to create S3 client: %s", err)
317 } 327 }
318 328
319 if err = cgi.Serve(&handler{mc, bucket, anonUser}); err != nil { 329 if err = cgi.Serve(&handler{mc, bucket, anonUser}); err != nil {