Fix hardcoded credential provides.

Signed-off-by: olegburov <oleg.burov@outlook.com>
2020-09-01 18:08:42 -07:00 · 2020-09-01 18:08:42 -07:00 · 34f1322664
parent 2800ab0224
commit 34f1322664
1 changed files with 9 additions and 13 deletions
--- a/registry/storage/driver/s3-aws/s3.go
+++ b/registry/storage/driver/s3-aws/s3.go
@ -29,7 +29,6 @@ import (
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/aws/aws-sdk-go/aws/credentials"
-	"github.com/aws/aws-sdk-go/aws/defaults"
 	"github.com/aws/aws-sdk-go/aws/endpoints"
 	"github.com/aws/aws-sdk-go/aws/request"
 	"github.com/aws/aws-sdk-go/aws/session"
@ -403,25 +402,22 @@ func New(params DriverParameters) (*Driver, error) {
 		return nil, fmt.Errorf("on Amazon S3 this storage driver can only be used with v4 authentication")
 	}

-	awsConfig := defaults.Config()
-	providers := []credentials.Provider{
-		&credentials.StaticProvider{
-			Value: credentials.Value{
-				AccessKeyID:     params.AccessKey,
-				SecretAccessKey: params.SecretKey,
-				SessionToken:    params.SessionToken,
-			},
-		},
+	awsConfig := aws.NewConfig()
+
+	if params.AccessKey != "" && params.SecretKey != "" {
+		creds := credentials.NewStaticCredentials(
+			params.AccessKey,
+			params.SecretKey,
+			params.SessionToken,
+		)
+		awsConfig.WithCredentials(creds)
 	}
-	providers = append(providers, defaults.CredProviders(awsConfig, defaults.Handlers())...)
-	creds := credentials.NewChainCredentials(providers)

 	if params.RegionEndpoint != "" {
 		awsConfig.WithS3ForcePathStyle(true)
 		awsConfig.WithEndpoint(params.RegionEndpoint)
 	}

-	awsConfig.WithCredentials(creds)
 	awsConfig.WithRegion(params.Region)
 	awsConfig.WithDisableSSL(!params.Secure)