fix: drop duplicate aws auth field in postgresql

Signed-off-by: Eileen Yu <eileenylj@gmail.com>
dapr · Aug 30, 2024 · 6206aea · 6206aea
1 parent b6a5e80
commit 6206aea
Show file tree

Hide file tree

Showing 8 changed files with 36 additions and 87 deletions.
diff --git a/bindings/postgres/metadata.go b/bindings/postgres/metadata.go
@@ -16,7 +16,6 @@ package postgres
 import (
 	"time"
 
-	"github.com/dapr/components-contrib/common/authentication/aws"
 	pgauth "github.com/dapr/components-contrib/common/authentication/postgresql"
 	kitmd "github.com/dapr/kit/metadata"
 )
@@ -27,8 +26,18 @@ const (
 
 type psqlMetadata struct {
 	pgauth.PostgresAuthMetadata `mapstructure:",squash"`
-	aws.AWSIAM                  `mapstructure:",squash"`
 	Timeout                     time.Duration `mapstructure:"timeout" mapstructurealiases:"timeoutInSeconds"`
+
+	// aws region in which SNS/SQS should create resources.
+	Region string `json:"region" mapstructure:"region" mapstructurealiases:"awsRegion" mdignore:"true"`
+
+	// Ignored by metadata parser because included in built-in authentication profile
+	// access key to use for accessing sqs/sns.
+	AccessKey string `json:"accessKey" mapstructure:"accessKey" mdignore:"true"`
+	// secret key to use for accessing sqs/sns.
+	SecretKey string `json:"secretKey" mapstructure:"secretKey" mdignore:"true"`
+	// aws session token to use.
+	SessionToken string `mapstructure:"sessionToken" mdignore:"true"`
 }
 
 func (m *psqlMetadata) InitWithMetadata(meta map[string]string) error {

diff --git a/bindings/postgres/metadata.yaml b/bindings/postgres/metadata.yaml
@@ -56,25 +56,6 @@ builtinAuthenticationProfiles:
         example: |
           "host=mydb.postgres.database.aws.com user=myapplication port=5432 dbname=dapr_test sslmode=require"
         type: string
-      - name: awsRegion
-        type: string
-        required: true
-        description: |
-          The AWS Region where the AWS Relational Database Service is deployed to.
-        example: '"us-east-1"'
-      - name: awsAccessKey
-        type: string
-        required: true
-        description: |
-          AWS access key associated with an IAM account.
-        example: '"AKIAIOSFODNN7EXAMPLE"'
-      - name: awsSecretKey
-        type: string
-        required: true
-        sensitive: true
-        description: |
-          The secret key associated with the access key.
-        example: '"wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"'
 authenticationProfiles:
   - title: "Connection string"
     description: "Authenticate using a Connection String"

diff --git a/common/authentication/postgresql/metadata.go b/common/authentication/postgresql/metadata.go
@@ -91,15 +91,15 @@ func (m *PostgresAuthMetadata) ValidateAwsIamFields() (string, string, string, e
 	if awsRegion == "" {
 		return "", "", "", errors.New("metadata property AWSRegion is missing")
 	}
-	awsAccessKey, _ := metadata.GetMetadataProperty(m.awsEnv.Metadata, "AWSAccessKey")
-	if awsAccessKey == "" {
+	accessKey, _ := metadata.GetMetadataProperty(m.awsEnv.Metadata, "AccessKey")
+	if accessKey == "" {
 		return "", "", "", errors.New("metadata property AWSAccessKey is missing")
 	}
-	awsSecretKey, _ := metadata.GetMetadataProperty(m.awsEnv.Metadata, "AWSSecretKey")
-	if awsSecretKey == "" {
+	secretKey, _ := metadata.GetMetadataProperty(m.awsEnv.Metadata, "SecretKey")
+	if secretKey == "" {
 		return "", "", "", errors.New("metadata property AWSSecretKey is missing")
 	}
-	return awsRegion, awsAccessKey, awsSecretKey, nil
+	return awsRegion, accessKey, secretKey, nil
 }
 
 // GetPgxPoolConfig returns the pgxpool.Config object that contains the credentials for connecting to PostgreSQL.

diff --git a/common/component/postgresql/v1/metadata.go b/common/component/postgresql/v1/metadata.go
@@ -17,7 +17,6 @@ import (
 	"errors"
 	"time"
 
-	"github.com/dapr/components-contrib/common/authentication/aws"
 	pgauth "github.com/dapr/components-contrib/common/authentication/postgresql"
 	"github.com/dapr/components-contrib/state"
 	"github.com/dapr/kit/metadata"
@@ -38,8 +37,16 @@ type pgMetadata struct {
 	MetadataTableName string         `mapstructure:"metadataTableName"` // Could be in the format "schema.table" or just "table"
 	Timeout           time.Duration  `mapstructure:"timeout" mapstructurealiases:"timeoutInSeconds"`
 	CleanupInterval   *time.Duration `mapstructure:"cleanupInterval" mapstructurealiases:"cleanupIntervalInSeconds"`
+	// aws region in which SNS/SQS should create resources.
+	Region string `json:"region" mapstructure:"region" mapstructurealiases:"awsRegion" mdignore:"true"`
 
-	aws.AWSIAM `mapstructure:",squash"`
+	// Ignored by metadata parser because included in built-in authentication profile
+	// access key to use for accessing sqs/sns.
+	AccessKey string `json:"accessKey" mapstructure:"accessKey" mdignore:"true"`
+	// secret key to use for accessing sqs/sns.
+	SecretKey string `json:"secretKey" mapstructure:"secretKey" mdignore:"true"`
+	// aws session token to use.
+	SessionToken string `mapstructure:"sessionToken" mdignore:"true"`
 }
 
 func (m *pgMetadata) InitWithMetadata(meta state.Metadata, opts pgauth.InitWithMetadataOpts) error {

diff --git a/configuration/postgres/metadata.go b/configuration/postgres/metadata.go
@@ -17,7 +17,6 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/dapr/components-contrib/common/authentication/aws"
 	pgauth "github.com/dapr/components-contrib/common/authentication/postgresql"
 	kitmd "github.com/dapr/kit/metadata"
 )
@@ -31,7 +30,17 @@ type metadata struct {
 	Timeout                     time.Duration `mapstructure:"timeout" mapstructurealiases:"timeoutInSeconds"`
 	ConfigTable                 string        `mapstructure:"table"`
 	MaxIdleTimeoutOld           time.Duration `mapstructure:"connMaxIdleTime"` // Deprecated alias for "connectionMaxIdleTime"
-	aws.AWSIAM                  `mapstructure:",squash"`
+
+	// aws region in which SNS/SQS should create resources.
+	Region string `json:"region" mapstructure:"region" mapstructurealiases:"awsRegion" mdignore:"true"`
+
+	// Ignored by metadata parser because included in built-in authentication profile
+	// access key to use for accessing sqs/sns.
+	AccessKey string `json:"accessKey" mapstructure:"accessKey" mdignore:"true"`
+	// secret key to use for accessing sqs/sns.
+	SecretKey string `json:"secretKey" mapstructure:"secretKey" mdignore:"true"`
+	// aws session token to use.
+	SessionToken string `mapstructure:"sessionToken" mdignore:"true"`
 }
 
 func (m *metadata) InitWithMetadata(meta map[string]string) error {

diff --git a/configuration/postgres/metadata.yaml b/configuration/postgres/metadata.yaml
@@ -46,25 +46,6 @@ builtinAuthenticationProfiles:
         example: |
           "host=mydb.postgres.database.aws.com user=myapplication port=5432 dbname=dapr_test sslmode=require"
         type: string
-      - name: awsRegion
-        type: string
-        required: true
-        description: |
-          The AWS Region where the AWS Relational Database Service is deployed to.
-        example: '"us-east-1"'
-      - name: awsAccessKey
-        type: string
-        required: true
-        description: |
-          AWS access key associated with an IAM account.
-        example: '"AKIAIOSFODNN7EXAMPLE"'
-      - name: awsSecretKey
-        type: string
-        required: true
-        sensitive: true
-        description: |
-          The secret key associated with the access key.
-        example: '"wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"'
 authenticationProfiles:
   - title: "Connection string"
     description: "Authenticate using a Connection String."

diff --git a/state/postgresql/v1/metadata.yaml b/state/postgresql/v1/metadata.yaml
@@ -53,25 +53,6 @@ builtinAuthenticationProfiles:
         example: |
           "host=mydb.postgres.database.aws.com user=myapplication port=5432 dbname=dapr_test sslmode=require"
         type: string
-      - name: awsRegion
-        type: string
-        required: true
-        description: |
-          The AWS Region where the AWS Relational Database Service is deployed to.
-        example: '"us-east-1"'
-      - name: awsAccessKey
-        type: string
-        required: true
-        description: |
-          AWS access key associated with an IAM account.
-        example: '"AKIAIOSFODNN7EXAMPLE"'
-      - name: awsSecretKey
-        type: string
-        required: false
-        sensitive: true
-        description: |
-          The secret key associated with the access key.
-        example: '"wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"'
 authenticationProfiles:
   - title: "Connection string"
     description: "Authenticate using a Connection String"

diff --git a/state/postgresql/v2/metadata.yaml b/state/postgresql/v2/metadata.yaml
@@ -52,25 +52,6 @@ builtinAuthenticationProfiles:
         example: |
           "host=mydb.postgres.database.aws.com user=myapplication port=5432 dbname=dapr_test sslmode=require"
         type: string
-      - name: awsRegion
-        type: string
-        required: true
-        description: |
-          The AWS Region where the AWS Relational Database Service is deployed to.
-        example: '"us-east-1"'
-      - name: awsAccessKey
-        type: string
-        required: false
-        description: |
-          AWS access key associated with an IAM account.
-        example: '"AKIAIOSFODNN7EXAMPLE"'
-      - name: awsSecretKey
-        type: string
-        required: false
-        sensitive: true
-        description: |
-          The secret key associated with the access key.
-        example: '"wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"'
 authenticationProfiles:
   - title: "Connection string"
     description: "Authenticate using a Connection String"