Cleanup support for AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE#43
Conversation
| .through(utf8.decode) | ||
| .compile | ||
| .string | ||
| .adaptError { case _: NoSuchFileException => MissingCredentials() } |
There was a problem hiding this comment.
We do not want to mask errors reading the file if one has been specified. Instead, we surface them to the one requesting credentials, so they can observe the cause.
| } yield Some(Header.Raw(ci"Authorization", s.trim)) | ||
| case None => none[Header.Raw].pure[F] | ||
| } | ||
| .recover { case _ => none[Header.Raw] } |
There was a problem hiding this comment.
Similar to above, we do not want to mask errors here.
| authorizationTokenFile <- ContainerAuthorizationTokenFile[F].read | ||
| .flatMap(_.traverse(readContainerAuthorizationTokenFile)) | ||
| authorizationToken = ContainerAuthorizationToken[F].read | ||
| authorization <- authorizationTokenFile.map(_.some.pure).getOrElse(authorizationToken) |
There was a problem hiding this comment.
According to the documentation, the authorization token file takes precedence.
Note: This setting is an alternative to
AWS_CONTAINER_AUTHORIZATION_TOKEN_FILEand will only be used ifAWS_CONTAINER_AUTHORIZATION_TOKEN_FILEis not set.
Reading AWS_CONTAINER_AUTHORIZATION_TOKEN now only happens if a file has not been specified.
| .flatMap(_.traverse(readContainerAuthorizationTokenFile)) | ||
| .map(_.map(_.some.pure)) | ||
| authorizationToken = ContainerAuthorizationToken[F].read | ||
| authorization <- authorizationTokenFile.getOrElse(authorizationToken) |
There was a problem hiding this comment.
Oh, so we want to prioritize file over header?
jesperoman
left a comment
jesperoman
left a comment
There was a problem hiding this comment.
Only a curious question!
👍
2 participants
Some additional minor cleanup following #42.