Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2025-10-28 00:34:24 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fix multiple credentials in route53 (#2859)

Browse Source
This commit is contained in:
Anshul Sharma
2019-07-04 00:44:31 +05:30
committed by Miek Gieben
parent f5fe98395e
commit 2bd77d0823
1 changed files with 30 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
plugin/route53/setup.go
View File

@@ -35,21 +35,22 @@ func init() {
} }
func setup(c *caddy.Controller, f func(*credentials.Credentials) route53iface.Route53API) error { func setup(c *caddy.Controller, f func(*credentials.Credentials) route53iface.Route53API) error {
keyPairs := map[string]struct{}{}
keys := map[string][]string{}
// Route53 plugin attempts to find AWS credentials by using ChainCredentials.
// And the order of that provider chain is as follows:
// Static AWS keys -> Environment Variables -> Credentials file -> IAM role
// With that said, even though a user doesn't define any credentials in
// Corefile, we should still attempt to read the default credentials file,
// ~/.aws/credentials with the default profile.
sharedProvider := &credentials.SharedCredentialsProvider{}
var providers []credentials.Provider
var fall fall.F
up := upstream.New()
for c.Next() { for c.Next() {
keyPairs := map[string]struct{}{}
keys := map[string][]string{}
// Route53 plugin attempts to find AWS credentials by using ChainCredentials.
// And the order of that provider chain is as follows:
// Static AWS keys -> Environment Variables -> Credentials file -> IAM role
// With that said, even though a user doesn't define any credentials in
// Corefile, we should still attempt to read the default credentials file,
// ~/.aws/credentials with the default profile.
sharedProvider := &credentials.SharedCredentialsProvider{}
var providers []credentials.Provider
var fall fall.F
up := upstream.New()
args := c.RemainingArgs() args := c.RemainingArgs()
for i := 0; i < len(args); i++ { for i := 0; i < len(args); i++ {
@@ -99,23 +100,21 @@ func setup(c *caddy.Controller, f func(*credentials.Credentials) route53iface.Ro
return c.Errf("unknown property '%s'", c.Val()) return c.Errf("unknown property '%s'", c.Val())
} }
} }
providers = append(providers, &credentials.EnvProvider{}, sharedProvider)
client := f(credentials.NewChainCredentials(providers))
ctx := context.Background()
h, err := New(ctx, client, keys, up)
if err != nil {
return c.Errf("failed to create Route53 plugin: %v", err)
}
h.Fall = fall
if err := h.Run(ctx); err != nil {
return c.Errf("failed to initialize Route53 plugin: %v", err)
}
dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler {
h.Next = next
return h
})
} }
providers = append(providers, &credentials.EnvProvider{}, sharedProvider)
client := f(credentials.NewChainCredentials(providers))
ctx := context.Background()
h, err := New(ctx, client, keys, up)
if err != nil {
return c.Errf("failed to create Route53 plugin: %v", err)
}
h.Fall = fall
if err := h.Run(ctx); err != nil {
return c.Errf("failed to initialize Route53 plugin: %v", err)
}
dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler {
h.Next = next
return h
})
return nil return nil
} }