Skip to content

Commit c8597b5

Browse files
simonrwsimonrw
committed
Take credentials from the environment
By default, we strip the values so we are overwriting but if the user specifies the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY in their AWS_ENVAR_ALLOWLIST then they can read these from the environment
1 parent 04f65b2 commit c8597b5

File tree

2 files changed

+27
-0
lines changed

2 files changed

+27
-0
lines changed

__tests__/index.test.js

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,8 @@ describe("configureEnvironment", () => {
66
const allowListStr = "";
77
configureEnvironment(env, allowListStr);
88
expect(env).toEqual({
9+
AWS_ACCESS_KEY_ID: "test",
10+
AWS_SECRET_ACCESS_KEY: "test",
911
AWS_ENDPOINT_URL: "http://localhost.localstack.cloud:4566",
1012
AWS_ENDPOINT_URL_S3: "http://s3.localhost.localstack.cloud:4566",
1113
});
@@ -19,6 +21,8 @@ describe("configureEnvironment", () => {
1921
const allowListStr = "";
2022
configureEnvironment(env, allowListStr);
2123
expect(env).toEqual({
24+
AWS_ACCESS_KEY_ID: "test",
25+
AWS_SECRET_ACCESS_KEY: "test",
2226
AWS_ENDPOINT_URL: "http://foo.bar:4567",
2327
AWS_ENDPOINT_URL_S3: "http://foo.bar:4567",
2428
});
@@ -39,6 +43,8 @@ describe("configureEnvironment", () => {
3943
const allowListStr = "";
4044
configureEnvironment(env, allowListStr);
4145
expect(env).toEqual({
46+
AWS_ACCESS_KEY_ID: "test",
47+
AWS_SECRET_ACCESS_KEY: "test",
4248
AWS_ENDPOINT_URL: "http://localhost.localstack.cloud:4566",
4349
AWS_ENDPOINT_URL_S3: "http://s3.localhost.localstack.cloud:4566",
4450
});
@@ -51,9 +57,26 @@ describe("configureEnvironment", () => {
5157
const allowListStr = "AWS_PROFILE";
5258
configureEnvironment(env, allowListStr);
5359
expect(env).toEqual({
60+
AWS_ACCESS_KEY_ID: "test",
61+
AWS_SECRET_ACCESS_KEY: "test",
5462
AWS_PROFILE: "my-profile",
5563
AWS_ENDPOINT_URL: "http://localhost.localstack.cloud:4566",
5664
AWS_ENDPOINT_URL_S3: "http://s3.localhost.localstack.cloud:4566",
5765
});
5866
});
67+
68+
test("credentials overriding", () => {
69+
const env = {
70+
AWS_ACCESS_KEY_ID: "something",
71+
AWS_SECRET_ACCESS_KEY: "else",
72+
};
73+
const allowListStr = "AWS_PROFILE,AWS_SECRET_ACCESS_KEY,AWS_ACCESS_KEY_ID";
74+
configureEnvironment(env, allowListStr);
75+
expect(env).toEqual({
76+
AWS_ACCESS_KEY_ID: "something",
77+
AWS_SECRET_ACCESS_KEY: "else",
78+
AWS_ENDPOINT_URL: "http://localhost.localstack.cloud:4566",
79+
AWS_ENDPOINT_URL_S3: "http://s3.localhost.localstack.cloud:4566",
80+
});
81+
});
5982
});

src/index.js

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,10 @@ const configureEnvironment = (env, allowListStr) => {
5252
}
5353
});
5454

55+
// set credentials if not set from the environment
56+
env.AWS_ACCESS_KEY_ID = env.AWS_ACCESS_KEY_ID || "test";
57+
env.AWS_SECRET_ACCESS_KEY = env.AWS_SECRET_ACCESS_KEY || "test";
58+
5559
// Explicitly set AWS_ENDPOINT_URL* to configure network access to LocalStack
5660
// This _must_ use localhost.localstack.cloud as we require valid subdomains of these paths to
5761
// resolve. Unfortunately though `curl` seems to support subdomains of localhost, the CDK does not.

0 commit comments

Comments
 (0)