Rename credentials to "static"

Signed-off-by: Gabriel Adrian Samfira <[email protected]>
cloudbase · Jun 10, 2024 · beb3f5f · beb3f5f
1 parent 1cb4ad6
commit beb3f5f
Show file tree

Hide file tree

Showing 6 changed files with 108 additions and 90 deletions.
diff --git a/README.md b/README.md
@@ -28,6 +28,7 @@ region = "eu-central-1"
 subnet_id = "sample_subnet_id"
 
 [credentials]
+    credential_type = "access_key"
     access_key_id = "sample_access_key_id"
     secret_access_key = "sample_secret_access_key"
     session_token = "sample_session_token"

diff --git a/config/config.go b/config/config.go
@@ -28,8 +28,8 @@ import (
 type AWSCredentialType string
 
 const (
-	AWSCredentialTypeAccessKey AWSCredentialType = "access_key"
-	AWSCredentialTypeRole      AWSCredentialType = "role"
+	AWSCredentialTypeStaticCredentials AWSCredentialType = "static"
+	AWSCredentialTypeRole              AWSCredentialType = "role"
 )
 
 // NewConfig returns a new Config
@@ -66,7 +66,7 @@ func (c *Config) Validate() error {
 	return nil
 }
 
-type AccessKeyCredentials struct {
+type StaticCredentials struct {
 	// AWS Access key ID
 	AccessKeyID string `toml:"access_key_id"`
 
@@ -77,7 +77,7 @@ type AccessKeyCredentials struct {
 	SessionToken string `toml:"session_token"`
 }
 
-func (c AccessKeyCredentials) Validate() error {
+func (c StaticCredentials) Validate() error {
 	if c.AccessKeyID == "" {
 		return fmt.Errorf("missing access_key_id")
 	}
@@ -93,15 +93,19 @@ func (c AccessKeyCredentials) Validate() error {
 }
 
 type Credentials struct {
-	CredentialType AWSCredentialType    `toml:"credential_type"`
-	AccessKey      AccessKeyCredentials `toml:"access_key"`
+	CredentialType    AWSCredentialType `toml:"credential_type"`
+	StaticCredentials StaticCredentials `toml:"static"`
 }
 
 func (c Credentials) Validate() error {
 	switch c.CredentialType {
-	case AWSCredentialTypeAccessKey:
-		return c.AccessKey.Validate()
+	case AWSCredentialTypeStaticCredentials:
+		return c.StaticCredentials.Validate()
 	case AWSCredentialTypeRole:
+	case "":
+		return fmt.Errorf("missing credential_type")
+	default:
+		return fmt.Errorf("unknown credential type: %s", c.CredentialType)
 	}
 	return nil
 }
@@ -114,13 +118,13 @@ func (c Config) GetAWSConfig(ctx context.Context) (aws.Config, error) {
 	var cfg aws.Config
 	var err error
 	switch c.Credentials.CredentialType {
-	case AWSCredentialTypeAccessKey:
+	case AWSCredentialTypeStaticCredentials:
 		cfg, err = config.LoadDefaultConfig(ctx,
 			config.WithCredentialsProvider(
 				credentials.NewStaticCredentialsProvider(
-					c.Credentials.AccessKey.AccessKeyID,
-					c.Credentials.AccessKey.SecretAccessKey,
-					c.Credentials.AccessKey.SessionToken)),
+					c.Credentials.StaticCredentials.AccessKeyID,
+					c.Credentials.StaticCredentials.SecretAccessKey,
+					c.Credentials.StaticCredentials.SessionToken)),
 			config.WithRegion(c.Region),
 		)
 	case AWSCredentialTypeRole:

diff --git a/config/config_test.go b/config/config_test.go
@@ -32,11 +32,11 @@ func TestConfigValidate(t *testing.T) {
 			name: "valid config",
 			c: &Config{
 				Credentials: Credentials{
-					CredentialType: AWSCredentialTypeAccessKey,
-					AccessKey: AccessKeyCredentials{
-						AccessKeyID:     "AccessKeyID",
-						SecretAccessKey: "SecretAccessKey",
-						SessionToken:    "SessionToken",
+					CredentialType: AWSCredentialTypeStaticCredentials,
+					StaticCredentials: StaticCredentials{
+						AccessKeyID:     "access_key_id",
+						SecretAccessKey: "secret_access_key",
+						SessionToken:    "session_token",
 					},
 				},
 				SubnetID: "subnet_id",
@@ -48,11 +48,11 @@ func TestConfigValidate(t *testing.T) {
 			name: "missing subnet_id",
 			c: &Config{
 				Credentials: Credentials{
-					CredentialType: AWSCredentialTypeAccessKey,
-					AccessKey: AccessKeyCredentials{
-						AccessKeyID:     "AccessKeyID",
-						SecretAccessKey: "SecretAccessKey",
-						SessionToken:    "SessionToken",
+					CredentialType: AWSCredentialTypeStaticCredentials,
+					StaticCredentials: StaticCredentials{
+						AccessKeyID:     "access_key_id",
+						SecretAccessKey: "secret_access_key",
+						SessionToken:    "session_token",
 					},
 				},
 				Region: "region",
@@ -63,24 +63,35 @@ func TestConfigValidate(t *testing.T) {
 			name: "missing region",
 			c: &Config{
 				Credentials: Credentials{
-					CredentialType: AWSCredentialTypeAccessKey,
-					AccessKey: AccessKeyCredentials{
-						AccessKeyID:     "AccessKeyID",
-						SecretAccessKey: "SecretAccessKey",
-						SessionToken:    "SessionToken",
+					CredentialType: AWSCredentialTypeStaticCredentials,
+					StaticCredentials: StaticCredentials{
+						AccessKeyID:     "access_key_id",
+						SecretAccessKey: "secret_access_key",
+						SessionToken:    "session_token",
 					},
 				},
 				SubnetID: "subnet_id",
 			},
 			errString: "missing region",
 		},
 		{
-			name: "missing credentials",
+			name: "missing credential type",
 			c: &Config{
 				SubnetID: "subnet_id",
 				Region:   "region",
 			},
-			errString: "failed to validate credentials: missing access_key_id",
+			errString: "failed to validate credentials: missing credential_type",
+		},
+		{
+			name: "invalid credential type",
+			c: &Config{
+				SubnetID: "subnet_id",
+				Region:   "region",
+				Credentials: Credentials{
+					CredentialType: AWSCredentialType("bogus"),
+				},
+			},
+			errString: "failed to validate credentials: unknown credential type: bogus",
 		},
 	}
 
@@ -105,47 +116,47 @@ func TestCredentialsValidate(t *testing.T) {
 		{
 			name: "valid credentials",
 			c: Credentials{
-				CredentialType: AWSCredentialTypeAccessKey,
-				AccessKey: AccessKeyCredentials{
-					AccessKeyID:     "AccessKeyID",
-					SecretAccessKey: "SecretAccessKey",
-					SessionToken:    "SessionToken",
+				CredentialType: AWSCredentialTypeStaticCredentials,
+				StaticCredentials: StaticCredentials{
+					AccessKeyID:     "access_key_id",
+					SecretAccessKey: "secret_access_key",
+					SessionToken:    "session_token",
 				},
 			},
 			errString: "",
 		},
 		{
 			name: "missing access_key_id",
 			c: Credentials{
-				CredentialType: AWSCredentialTypeAccessKey,
-				AccessKey: AccessKeyCredentials{
-					AccessKeyID:     "AccessKeyID",
-					SecretAccessKey: "SecretAccessKey",
-					SessionToken:    "SessionToken",
+				CredentialType: AWSCredentialTypeStaticCredentials,
+				StaticCredentials: StaticCredentials{
+					AccessKeyID:     "",
+					SecretAccessKey: "secret_access_key",
+					SessionToken:    "session_token",
 				},
 			},
 			errString: "missing access_key_id",
 		},
 		{
 			name: "missing secret_access_key",
 			c: Credentials{
-				CredentialType: AWSCredentialTypeAccessKey,
-				AccessKey: AccessKeyCredentials{
-					AccessKeyID:     "AccessKeyID",
-					SecretAccessKey: "SecretAccessKey",
-					SessionToken:    "SessionToken",
+				CredentialType: AWSCredentialTypeStaticCredentials,
+				StaticCredentials: StaticCredentials{
+					AccessKeyID:     "access_key_id",
+					SecretAccessKey: "",
+					SessionToken:    "session_token",
 				},
 			},
 			errString: "missing secret_access_key",
 		},
 		{
 			name: "missing session_token",
 			c: Credentials{
-				CredentialType: AWSCredentialTypeAccessKey,
-				AccessKey: AccessKeyCredentials{
-					AccessKeyID:     "AccessKeyID",
-					SecretAccessKey: "SecretAccessKey",
-					SessionToken:    "SessionToken",
+				CredentialType: AWSCredentialTypeStaticCredentials,
+				StaticCredentials: StaticCredentials{
+					AccessKeyID:     "access_key_id",
+					SecretAccessKey: "secret_access_key",
+					SessionToken:    "",
 				},
 			},
 			errString: "missing session_token",
@@ -175,6 +186,8 @@ func TestNewConfig(t *testing.T) {
 		region = "region"
 		subnet_id = "subnet_id"
 		[credentials]
+			credential_type = "static"
+			[credentials.static]
 			access_key_id = "access_key_id"
 			secret_access_key = "secret"
 			session_token = "token"
@@ -192,11 +205,11 @@ func TestNewConfig(t *testing.T) {
 		require.NoError(t, err, "NewConfig() should not have returned an error")
 		require.Equal(t, &Config{
 			Credentials: Credentials{
-				CredentialType: AWSCredentialTypeAccessKey,
-				AccessKey: AccessKeyCredentials{
-					AccessKeyID:     "AccessKeyID",
-					SecretAccessKey: "SecretAccessKey",
-					SessionToken:    "SessionToken",
+				CredentialType: AWSCredentialTypeStaticCredentials,
+				StaticCredentials: StaticCredentials{
+					AccessKeyID:     "access_key_id",
+					SecretAccessKey: "secret",
+					SessionToken:    "token",
 				},
 			},
 			SubnetID: "subnet_id",

diff --git a/internal/client/aws_test.go b/internal/client/aws_test.go
@@ -35,8 +35,8 @@ func TestStartInstance(t *testing.T) {
 		Region:   "us-west-2",
 		SubnetID: "subnet-1234567890abcdef0",
 		Credentials: config.Credentials{
-			CredentialType: config.AWSCredentialTypeAccessKey,
-			AccessKey: config.AccessKeyCredentials{
+			CredentialType: config.AWSCredentialTypeStaticCredentials,
+			StaticCredentials: config.StaticCredentials{
 				AccessKeyID:     "AccessKeyID",
 				SecretAccessKey: "SecretAccessKey",
 				SessionToken:    "SessionToken",
@@ -65,8 +65,8 @@ func TestStopInstance(t *testing.T) {
 		Region:   "us-west-2",
 		SubnetID: "subnet-1234567890abcdef0",
 		Credentials: config.Credentials{
-			CredentialType: config.AWSCredentialTypeAccessKey,
-			AccessKey: config.AccessKeyCredentials{
+			CredentialType: config.AWSCredentialTypeStaticCredentials,
+			StaticCredentials: config.StaticCredentials{
 				AccessKeyID:     "AccessKeyID",
 				SecretAccessKey: "SecretAccessKey",
 				SessionToken:    "SessionToken",
@@ -95,8 +95,8 @@ func TestFindInstances(t *testing.T) {
 		Region:   "us-west-2",
 		SubnetID: "subnet-1234567890abcdef0",
 		Credentials: config.Credentials{
-			CredentialType: config.AWSCredentialTypeAccessKey,
-			AccessKey: config.AccessKeyCredentials{
+			CredentialType: config.AWSCredentialTypeStaticCredentials,
+			StaticCredentials: config.StaticCredentials{
 				AccessKeyID:     "AccessKeyID",
 				SecretAccessKey: "SecretAccessKey",
 				SessionToken:    "SessionToken",
@@ -154,8 +154,8 @@ func TestFindOneInstanceWithName(t *testing.T) {
 		Region:   "us-west-2",
 		SubnetID: "subnet-1234567890abcdef0",
 		Credentials: config.Credentials{
-			CredentialType: config.AWSCredentialTypeAccessKey,
-			AccessKey: config.AccessKeyCredentials{
+			CredentialType: config.AWSCredentialTypeStaticCredentials,
+			StaticCredentials: config.StaticCredentials{
 				AccessKeyID:     "AccessKeyID",
 				SecretAccessKey: "SecretAccessKey",
 				SessionToken:    "SessionToken",
@@ -207,8 +207,8 @@ func TestFindOneInstanceWithID(t *testing.T) {
 		Region:   "us-west-2",
 		SubnetID: "subnet-1234567890abcdef0",
 		Credentials: config.Credentials{
-			CredentialType: config.AWSCredentialTypeAccessKey,
-			AccessKey: config.AccessKeyCredentials{
+			CredentialType: config.AWSCredentialTypeStaticCredentials,
+			StaticCredentials: config.StaticCredentials{
 				AccessKeyID:     "AccessKeyID",
 				SecretAccessKey: "SecretAccessKey",
 				SessionToken:    "SessionToken",
@@ -249,8 +249,8 @@ func TestGetInstance(t *testing.T) {
 		Region:   "us-west-2",
 		SubnetID: "subnet-1234567890abcdef0",
 		Credentials: config.Credentials{
-			CredentialType: config.AWSCredentialTypeAccessKey,
-			AccessKey: config.AccessKeyCredentials{
+			CredentialType: config.AWSCredentialTypeStaticCredentials,
+			StaticCredentials: config.StaticCredentials{
 				AccessKeyID:     "AccessKeyID",
 				SecretAccessKey: "SecretAccessKey",
 				SessionToken:    "SessionToken",
@@ -288,8 +288,8 @@ func TestTerminateInstance(t *testing.T) {
 		Region:   "us-west-2",
 		SubnetID: "subnet-1234567890abcdef0",
 		Credentials: config.Credentials{
-			CredentialType: config.AWSCredentialTypeAccessKey,
-			AccessKey: config.AccessKeyCredentials{
+			CredentialType: config.AWSCredentialTypeStaticCredentials,
+			StaticCredentials: config.StaticCredentials{
 				AccessKeyID:     "AccessKeyID",
 				SecretAccessKey: "SecretAccessKey",
 				SessionToken:    "SessionToken",
@@ -336,8 +336,8 @@ func TestCreateRunningInstance(t *testing.T) {
 		Region:   "us-west-2",
 		SubnetID: "subnet-1234567890abcdef0",
 		Credentials: config.Credentials{
-			CredentialType: config.AWSCredentialTypeAccessKey,
-			AccessKey: config.AccessKeyCredentials{
+			CredentialType: config.AWSCredentialTypeStaticCredentials,
+			StaticCredentials: config.StaticCredentials{
 				AccessKeyID:     "AccessKeyID",
 				SecretAccessKey: "SecretAccessKey",
 				SessionToken:    "SessionToken",

diff --git a/internal/spec/spec_test.go b/internal/spec/spec_test.go
@@ -120,8 +120,8 @@ func TestGetRunnerSpecFromBootstrapParams(t *testing.T) {
 
 	config := &config.Config{
 		Credentials: config.Credentials{
-			CredentialType: config.AWSCredentialTypeAccessKey,
-			AccessKey: config.AccessKeyCredentials{
+			CredentialType: config.AWSCredentialTypeStaticCredentials,
+			StaticCredentials: config.StaticCredentials{
 				AccessKeyID:     "AccessKeyID",
 				SecretAccessKey: "SecretAccessKey",
 				SessionToken:    "SessionToken",