Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
68ee6948
Commit
68ee6948
authored
Jul 24, 2020
by
Changzheng Liu
Committed by
Stan Hu
Jul 24, 2020
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Only send AWS Credentials ENV to indexer when AWS config is enabled
parent
06e0d9ea
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
28 additions
and
7 deletions
+28
-7
ee/changelogs/unreleased/231528-conditionally-fetching-aws-creds.yml
...gs/unreleased/231528-conditionally-fetching-aws-creds.yml
+5
-0
ee/lib/gitlab/elastic/indexer.rb
ee/lib/gitlab/elastic/indexer.rb
+3
-1
ee/spec/lib/gitlab/elastic/indexer_spec.rb
ee/spec/lib/gitlab/elastic/indexer_spec.rb
+20
-6
No files found.
ee/changelogs/unreleased/231528-conditionally-fetching-aws-creds.yml
0 → 100644
View file @
68ee6948
---
title
:
Only send AWS Credentials ENV to indexer when AWS config is enabled
merge_request
:
37865
author
:
type
:
fixed
ee/lib/gitlab/elastic/indexer.rb
View file @
68ee6948
...
...
@@ -110,7 +110,9 @@ module Gitlab
}
# Set AWS environment variables for IAM role authentication if present
if
Gitlab
::
CurrentSettings
.
elasticsearch_config
[
:aws
]
vars
=
build_aws_credentials_env
(
vars
)
end
# Users can override default SSL certificate path via SSL_CERT_FILE SSL_CERT_DIR
vars
.
merge
(
ENV
.
slice
(
'SSL_CERT_FILE'
,
'SSL_CERT_DIR'
))
...
...
ee/spec/lib/gitlab/elastic/indexer_spec.rb
View file @
68ee6948
...
...
@@ -345,6 +345,19 @@ RSpec.describe Gitlab::Elastic::Indexer do
allow
(
Gitlab
::
Elastic
::
Client
).
to
receive
(
:aws_credential_provider
).
and_return
(
credentials
)
end
context
'when AWS config is not enabled'
do
it
'credentials env vars will not be included'
do
expect
(
subject
).
not_to
include
(
'AWS_ACCESS_KEY_ID'
)
expect
(
subject
).
not_to
include
(
'AWS_SECRET_ACCESS_KEY'
)
expect
(
subject
).
not_to
include
(
'AWS_SESSION_TOKEN'
)
end
end
context
'when AWS config is enabled'
do
before
do
stub_application_setting
(
elasticsearch_aws:
true
)
end
it
'credentials env vars will be included'
do
expect
(
subject
).
to
include
({
'AWS_ACCESS_KEY_ID'
=>
access_key_id
,
...
...
@@ -353,6 +366,7 @@ RSpec.describe Gitlab::Elastic::Indexer do
})
end
end
end
def
expect_popen
expect
(
Gitlab
::
Popen
).
to
receive
(
:popen
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment