Version 0.2.3: Make AWS access keys optional

fdupoux · fdupoux · commit 373b96349b00 · 2016-05-15T21:09:04.000+01:00
diff --git a/ChangeLog b/ChangeLog
@@ -2,6 +2,9 @@
 #                        ChangeLog for rubackup                              #
 ##############################################################################
 
+* 0.2.3 (2016-05-15)
+  - Make AWS access keys optional
+
 * 0.2.2 (2016-05-15)
   - Support for long EC2 instance IDs
 
diff --git a/rubackup.spec b/rubackup.spec
@@ -33,6 +33,9 @@ rsync -a ${RPM_BUILD_DIR}/rubackup-%{version}/src/ ${RPM_BUILD_ROOT}%{deploydir}
 
 %changelog
 
+* Sun May 15 2016 Francois Dupoux - 0.2.3-1
+- Make AWS access keys optional
+
 * Sun May 15 2016 Francois Dupoux - 0.2.2-1
 - Support for long EC2 instance IDs
 
diff --git a/src/lib/core/config.rb b/src/lib/core/config.rb
@@ -159,7 +159,7 @@ def validate_config(config)
     [
         ValidationRule.new(name='bucket', mandatory=true, defval=nil, validator=StringValidator.new),
         ValidationRule.new(name='awsregion', mandatory=true, defval=nil, validator=AwsRegionValidator.new),
-        ValidationRule.new(name='accesskey', mandatory=true, defval=nil, validator=AwsAccessKeyReferenceValidator.new),
+        ValidationRule.new(name='accesskey', mandatory=false, defval=nil, validator=AwsAccessKeyReferenceValidator.new),
     ]
     $resources["aws_s3_buckets"] = load_category(config, "aws_s3_buckets", aws_s3_buckets_val)
 
@@ -169,7 +169,7 @@ def validate_config(config)
     aws_ses_medias_val = 
     [
         ValidationRule.new(name='awsregion', mandatory=true, defval=nil, validator=AwsRegionValidator.new),
-        ValidationRule.new(name='accesskey', mandatory=true, defval=nil, validator=AwsAccessKeyReferenceValidator.new),
+        ValidationRule.new(name='accesskey', mandatory=false, defval=nil, validator=AwsAccessKeyReferenceValidator.new),
         ValidationRule.new(name='mailsrc', mandatory=true, defval=nil, validator=EmailAddressValidator.new),
         ValidationRule.new(name='maildst', mandatory=true, defval=nil, validator=EmailAddressValidator.new),
     ]
diff --git a/src/lib/modules/backup-ebssnap.rb b/src/lib/modules/backup-ebssnap.rb
@@ -37,7 +37,7 @@ def get_options_validation()
             ValidationRule.new(name='fsfreeze', mandatory=false, defval=[], validator=ArrayValidator.new),
             ValidationRule.new(name='stopsvc', mandatory=false, defval=[], validator=ArrayValidator.new),
             ValidationRule.new(name='awsregion', mandatory=true, defval=nil, validator=AwsRegionValidator.new),
-            ValidationRule.new(name='accesskey', mandatory=true, defval=nil, validator=AwsAccessKeyReferenceValidator.new),
+            ValidationRule.new(name='accesskey', mandatory=false, defval=nil, validator=AwsAccessKeyReferenceValidator.new),
         ]
     end
 
@@ -50,11 +50,18 @@ def detect_ec2_instance_id()
 
     def init_ec2_handle(backup_opts)
         awsregion = backup_opts.fetch('awsregion')
-        accesskey = backup_opts.fetch('accesskey')
-        keypublic = accesskey['public']
-        keysecret = accesskey['secret']
-        creds = Aws::Credentials.new(keypublic, keysecret)
-        @ec2 = Aws::EC2::Client.new(region: awsregion, credentials: creds)
+        # get access keys if they are defined
+        keypublic = nil
+        keysecret = nil
+        accesskey = backup_opts.fetch('accesskey', nil)
+        if accesskey then
+            keypublic = accesskey.fetch('public')
+            keysecret = accesskey.fetch('secret')
+            creds = Aws::Credentials.new(keypublic, keysecret)
+            @ec2 = Aws::EC2::Client.new(region: awsregion, credentials: creds)
+        else
+            @ec2 = Aws::EC2::Client.new(region: awsregion)
+        end
     end
 
     def detect_ebs_volumes(instid)
diff --git a/src/lib/modules/notify-aws-ses.rb b/src/lib/modules/notify-aws-ses.rb
@@ -39,13 +39,18 @@ def get_options_validation()
     def get_ses_access(sesmedia)
         # extract information from parameters
         awsregion = sesmedia.fetch('awsregion')
+        # get access keys if they are defined
+        keypublic = nil
+        keysecret = nil
         accesskey = sesmedia.fetch('accesskey')
-        keypublic = accesskey['public']
-        keysecret = accesskey['secret']
-        # get an instance of the S3 interface
-        creds = Aws::Credentials.new(keypublic, keysecret)
-        ses = Aws::SES::Client.new(region: awsregion, credentials: creds)
-        # return s3 object
+        if accesskey then
+            keypublic = accesskey.fetch('public')
+            keysecret = accesskey.fetch('secret')
+            creds = Aws::Credentials.new(keypublic, keysecret)
+            ses = Aws::SES::Client.new(region: awsregion, credentials: creds)
+        else
+            ses = Aws::SES::Client.new(region: awsregion)
+        end
         return ses
     end
 
diff --git a/src/lib/modules/remote-aws-s3.rb b/src/lib/modules/remote-aws-s3.rb
@@ -41,13 +41,20 @@ def get_s3_access(remote_opts)
         # extract information from parameters
         bucketdata = remote_opts.fetch('s3_bucket')
         awsregion = bucketdata.fetch('awsregion')
-        accesskey = bucketdata.fetch('accesskey')
-        keypublic = accesskey.fetch('public')
-        keysecret = accesskey.fetch('secret')
-        # get an instance of the S3 interface.
-        creds = Aws::Credentials.new(keypublic, keysecret)
-        s3clt = Aws::S3::Client.new(region: awsregion, credentials: creds)
-        s3res = Aws::S3::Resource.new(:access_key_id => keypublic, :secret_access_key => keysecret, :region => awsregion)
+        # get access keys if they are defined
+        keypublic = nil
+        keysecret = nil
+        accesskey = bucketdata.fetch('accesskey', nil)
+        if accesskey then
+            keypublic = accesskey.fetch('public')
+            keysecret = accesskey.fetch('secret')
+            creds = Aws::Credentials.new(keypublic, keysecret)
+            s3clt = Aws::S3::Client.new(region: awsregion, credentials: creds)
+            s3res = Aws::S3::Resource.new(:access_key_id => keypublic, :secret_access_key => keysecret, :region => awsregion)
+        else
+            s3clt = Aws::S3::Client.new(region: awsregion)
+            s3res = Aws::S3::Resource.new(:region => awsregion)
+        end
         # return s3 objects
         return s3clt,s3res
     end
diff --git a/src/rubackup.rb b/src/rubackup.rb
@@ -26,7 +26,7 @@
 require 'yaml'
 
 # Define constants
-$RUBACKUP_VERSION = "0.2.2"
+$RUBACKUP_VERSION = "0.2.3"
 $RUBACKUP_MIN_RUBY = 1.9 # Required by Open3.pipeline()
 
 # Define global variables

Original file line number	Diff line number	Diff line change
`@@ -159,7 +159,7 @@ def validate_config(config)`
`159`	`159`	`[`
`160`	`160`	`ValidationRule.new(name='bucket', mandatory=true, defval=nil, validator=StringValidator.new),`
`161`	`161`	`ValidationRule.new(name='awsregion', mandatory=true, defval=nil, validator=AwsRegionValidator.new),`
`162`		`- ValidationRule.new(name='accesskey', mandatory=true, defval=nil, validator=AwsAccessKeyReferenceValidator.new),`
	`162`	`+ ValidationRule.new(name='accesskey', mandatory=false, defval=nil, validator=AwsAccessKeyReferenceValidator.new),`
`163`	`163`	`]`
`164`	`164`	`$resources["aws_s3_buckets"] = load_category(config, "aws_s3_buckets", aws_s3_buckets_val)`
`165`	`165`
`@@ -169,7 +169,7 @@ def validate_config(config)`
`169`	`169`	`aws_ses_medias_val =`
`170`	`170`	`[`
`171`	`171`	`ValidationRule.new(name='awsregion', mandatory=true, defval=nil, validator=AwsRegionValidator.new),`
`172`		`- ValidationRule.new(name='accesskey', mandatory=true, defval=nil, validator=AwsAccessKeyReferenceValidator.new),`
	`172`	`+ ValidationRule.new(name='accesskey', mandatory=false, defval=nil, validator=AwsAccessKeyReferenceValidator.new),`
`173`	`173`	`ValidationRule.new(name='mailsrc', mandatory=true, defval=nil, validator=EmailAddressValidator.new),`
`174`	`174`	`ValidationRule.new(name='maildst', mandatory=true, defval=nil, validator=EmailAddressValidator.new),`
`175`	`175`	`]`