projects / arvados.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1acd7bc)
17590: Error out if both old+new S3 credential configs are provided.
authorTom Clegg <tom@curii.com>
Fri, 7 May 2021 14:33:10 +0000 (10:33 -0400)
committerTom Clegg <tom@curii.com>
Fri, 7 May 2021 14:33:10 +0000 (10:33 -0400)
Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom@curii.com>

lib/config/deprecated.go patch | blob | history
lib/config/deprecated_test.go patch | blob | history

diff --git a/lib/config/deprecated.go b/lib/config/deprecated.go
index aac981da44fa2c9ec0fef75a8348dd0a3e21da8c..5e68bbfcefa7950163791d66a6a533bc65c19097 100644 (file)
--- a/lib/config/deprecated.go
+++ b/lib/config/deprecated.go
@@ -136,7 +136,7 @@ func (ldr *Loader) applyDeprecatedVolumeDriverParameters(cfg *arvados.Config) er
                                }
                                if params.AccessKey != "" || params.SecretKey != "" {
                                        if params.AccessKeyID != "" || params.SecretAccessKey != "" {
-                                               ldr.Logger.Warnf("ignoring old config keys %s.Volumes.%s.DriverParameters.AccessKey/SecretKey because new keys AccessKeyID/SecretAccessKey are also present", clusterID, volID)
+                                               return fmt.Errorf("cannot use old keys (AccessKey/SecretKey) and new keys (AccessKeyID/SecretAccessKey) at the same time in %s.Volumes.%s.DriverParameters -- you must remove the old config keys", clusterID, volID)
                                                continue
                                        }
                                        var allparams map[string]interface{}
diff --git a/lib/config/deprecated_test.go b/lib/config/deprecated_test.go
index 383f03d05f7132796f84c947aa353a3b5de614b6..7cb169c618850a2ca5509dce24d00ee5a7a71f28 100644 (file)
--- a/lib/config/deprecated_test.go
+++ b/lib/config/deprecated_test.go
@@ -74,6 +74,19 @@ Clusters:
        c.Check(logs, check.Matches, `(?ms).*deprecated or unknown config entry: .*AccessKey.*`)
        c.Check(logs, check.Matches, `(?ms).*deprecated or unknown config entry: .*SecretKey.*`)
        c.Check(logs, check.Matches, `(?ms).*using your old config keys z1111\.Volumes\.z1111-nyw5e-aaaaaaaaaaaaaaa\.DriverParameters\.AccessKey/SecretKey -- but you should rename them to AccessKeyID/SecretAccessKey.*`)
+
+       _, err := testLoader(c, `
+Clusters:
+ z1111:
+  Volumes:
+   z1111-nyw5e-aaaaaaaaaaaaaaa:
+    Driver: S3
+    DriverParameters:
+     AccessKey: exampleaccesskey
+     SecretKey: examplesecretkey
+     AccessKeyID: exampleaccesskey
+`, nil).Load()
+       c.Check(err, check.ErrorMatches, `(?ms).*cannot use .*SecretKey.*and.*SecretAccessKey.*in z1111.Volumes.z1111-nyw5e-aaaaaaaaaaaaaaa.DriverParameters.*`)
 }
 
 func (s *LoadSuite) TestDeprecatedNodeProfilesToServices(c *check.C) {