From 5750d79181885d24654dda4ecf81bedeaa6aeb34 Mon Sep 17 00:00:00 2001 From: James Letendre Date: Mon, 14 Dec 2020 16:20:30 -0500 Subject: [PATCH] Replace defaultProvider with explicit calls to exclude user home directory lookup Signed-off-by: James Letendre --- .../Files/ObjectStore/S3ConnectionTrait.php | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/lib/private/Files/ObjectStore/S3ConnectionTrait.php b/lib/private/Files/ObjectStore/S3ConnectionTrait.php index f23bcbc675..1a36683a30 100644 --- a/lib/private/Files/ObjectStore/S3ConnectionTrait.php +++ b/lib/private/Files/ObjectStore/S3ConnectionTrait.php @@ -32,6 +32,7 @@ namespace OC\Files\ObjectStore; use Aws\ClientResolver; use Aws\Credentials\CredentialProvider; +use Aws\Credentials\EcsCredentialProvider; use Aws\Credentials\Credentials; use Aws\Exception\CredentialsException; use Aws\S3\Exception\S3Exception; @@ -104,10 +105,23 @@ trait S3ConnectionTrait { $provider = CredentialProvider::memoize( CredentialProvider::chain( $this->paramCredentialProvider(), - CredentialProvider::defaultProvider() + CredentialProvider::env(), + CredentialProvider::instanceProfile() ) ); + // If running in an ECS environment, then also include the ECS task role in the chain + if (!empty(getenv(EcsCredentialProvider::ENV_URI))) { + $provider = CredentialProvider::memoize( + CredentialProvider::chain( + $this->paramCredentialProvider(), + CredentialProvider::env(), + CredentialProvider::ecsCredentials(), + CredentialProvider::instanceProfile() + ) + ); + } + $options = [ 'version' => isset($this->params['version']) ? $this->params['version'] : 'latest', 'credentials' => $provider,