Burtiraven2/session_redis_public
1
0
Fork 0
mirror of https://github.com/camptocamp/odoo-cloud-platform.git synced 2026-06-24 08:47:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

BSQOQ-647: allow instance profiles authentication

Browse Source 
By dropping the requirement to have `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` envvars set, we can let the more secure IAM instance-profile take over the authentication.

This can be used immediatly on the rancher platform, and NB that this will become a requirement on the kubernetes platform in a couple of weeks.
This commit is contained in:
Marc Fournier
2022-03-15 15:24:43 +01:00
committed by Yann Soubeyrand
co-authored by Yann Soubeyrand
parent 0c5999eaca
commit e8d8cb94d6
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
attachment_s3/models/ir_attachment.py
+4 -4
View File
@@ -58,10 +58,12 @@ class IrAttachment(models.Model):
# replaces {db} by the database name to handle multi-tenancy # replaces {db} by the database name to handle multi-tenancy
bucket_name = bucket_name.format(db=self.env.cr.dbname) bucket_name = bucket_name.format(db=self.env.cr.dbname)
params = { params = {
'aws_access_key_id': access_key,
'aws_secret_access_key': secret_key,
'bucket_name': bucket_name, 'bucket_name': bucket_name,
} }
if access_key:
params['aws_access_key_id'] = access_key
if secret_key:
params['aws_secret_access_key'] = secret_key
if host: if host:
params['endpoint_url'] = host params['endpoint_url'] = host
if region_name: if region_name:
@@ -89,8 +91,6 @@ class IrAttachment(models.Model):
# keyword argument 'bucket_name' # keyword argument 'bucket_name'
bucket_name = params.pop("bucket_name") bucket_name = params.pop("bucket_name")
if not ( if not (
params["aws_access_key_id"] and
params["aws_secret_access_key"] and
bucket_name bucket_name
): ):
msg = _('If you want to read from the %s S3 bucket, the following ' msg = _('If you want to read from the %s S3 bucket, the following '