如果找不到环境变量，如何从文件回退到凭据？

Question

如果找不到环境变量，我如何回退以使用解析文件(config.yml)中的凭据？为了进行测试，我使用了this example

extern crate rusoto_core;
extern crate rusoto_s3;

use rusoto_core::credential::ChainProvider;
use rusoto_core::request::HttpClient;
use rusoto_core::Region;
use rusoto_s3::{S3, S3Client};
use std::time::{Duration, Instant};

fn main() {
    let mut chain = ChainProvider::new();
    chain.set_timeout(Duration::from_millis(200));
    let s3client = S3Client::new_with(
        HttpClient::new().expect("failed to create request dispatcher"),
        chain,
        Region::UsEast1,
    );

    let start = Instant::now();
    println!("Starting up at {:?}", start);

    match s3client.list_buckets().sync() {
        Err(e) => println!("Error listing buckets: {}", e),
        Ok(buckets) => println!("Buckets found: {:?}", buckets),
    };
    println!("Took {:?}", Instant::now().duration_since(start));
}

它可以工作，但需要环境变量AWS_ACCESS_KEY_ID和AWS_SECRET_ACCESS_KEY。我想扩展它，这样如果没有定义环境变量，我可以使用在解析文件中找到的键：

// parse config file
let file = std::fs::File::open("config.yml").expect("Unable to open file");
let yml: Config = match serde_yaml::from_reader(file) {
    Err(err) => {
        println!("Error: {}", err);
        return;
    }
    Ok(yml) => yml,
};

例如，config.yml可能是这样的：

---
endpoint: s3.provider
access_key: ACCESS_KEY_ID
secret_key: SECRET_ACCESS_KEY

为了使用在config.yml中找到的凭据，我可以向chain添加什么，可能如下所示：

let config_provider = StaticProvider::new_minimal(yml.access_key, yml.secret_key);

如何优先考虑环境，如果找不到，则使用StaticProvider提供的凭据

Answer 1

ChainProvider实际上有four sources来检查亚马逊网络服务的凭证。第三个文件是位于用户主目录中的AWS配置文件。但它的格式是预先确定的。

如果您坚持使用自己的YAML文件，您可以将EnvironmentProvider和StaticProvider链接在一起，如下所示：

//# futures01 = { package = "futures", version = "0.1.28" }
//# rusoto_core = "0.41.0"
//# rusoto_s3 = "0.41.0"
//# rusoto_credential = "0.41.1"
use futures01::future::Future;
use rusoto_core::request::HttpClient;
use rusoto_core::Region;
use rusoto_credential::{
    AwsCredentials,
    CredentialsError,
    EnvironmentProvider,
    ProvideAwsCredentials,
    StaticProvider,
};
use rusoto_s3::{S3, S3Client};
use std::time::Instant;

struct MyChainProvider<'a> {
    access_key: &'a str,
    secret_key: &'a str,
}

impl<'a> ProvideAwsCredentials for MyChainProvider<'a> {
    type Future = Box<dyn Future<Item=AwsCredentials, Error=CredentialsError> + Send>;

    fn credentials(&self) -> Self::Future {
        let future = EnvironmentProvider::default().credentials()
            .or_else({
                let access_key = self.access_key.to_string();
                let secret_key = self.secret_key.to_string();

                move |_| -> Self::Future {
                    Box::new(StaticProvider::new_minimal(access_key, secret_key).credentials())
                }
            });

        Box::new(future)
    }
}

fn main() {
    let chain = MyChainProvider {
        access_key: ...,
        secret_key: ...,
    };

    ...
}