Use builder fields instead of env vars for determining credential provider #547
Conversation
kylebarron
left a comment
kylebarron
left a comment
There was a problem hiding this comment.
Is this a breaking change? Or is self.web_identity_token_file already seeded with the value of AWS_WEB_IDENTITY_TOKEN_FILE?
That's a good point. That feels like an unusual use case, and this feature has existed for such a short period of time, that I doubt it will affect anyone. But I'm happy to document the breaking change somewhere (I'm not sure what the process here is for breaking changes) I could also make it backwards compatible if necessary, but it would then be a weird config option that behaves different than all the others which doesn't seem like a great option. |
|
I'd love a review from @alamb too |
| std::env::var("AWS_WEB_IDENTITY_TOKEN_FILE"), | ||
| std::env::var("AWS_ROLE_ARN"), | ||
| ) { | ||
| } else if let (Some(token_path), Some(role_arn)) = |
There was a problem hiding this comment.
This change makes sense to me -- thank you @Friede80 and @kylebarron
I double checked that the environment variables are still honored and I think they will be -- specifically, they will be parsed when creating from the environment here:
arrow-rs-object-store/src/aws/builder.rs
Lines 491 to 494 in 1b8ecc7
3 participants
Which issue does this PR close?
Closes #538.
Rationale for this change
Setting
web_identity_token_fileandrole_arnvia the config would be ignored as the builder was still only checking the env vars.What changes are included in this PR?
Are there any user-facing changes?
Setting the AWS web identity fields via the config builder will no longer be ignored