diff options
| author | Matt Brown <matt@mattb.net.nz> | 2023-07-09 00:00:45 +1200 |
|---|---|---|
| committer | Bjørn Erik Pedersen <bjorn.erik.pedersen@gmail.com> | 2023-08-30 16:38:20 +0300 |
| commit | c3f273b2d7b18f921410cde6e01442694cda5fe7 (patch) | |
| tree | cb521da0e0bc16180c6cad9ed5c4ef20e643b14a | |
| parent | d7dcc76d27dc55b10b9a5c4294c4a883d0bdfb2e (diff) | |
deploy: Create AWS session for CloudFront invalidation via Go CDK
This allows the AWS credentials to be picked up from the configured
target URL (like blob does) rather than the current behaviour of only
relying on the defaults.
Relying on the defaults here means having to specify credentials twice
(once in the URL for the blob, once in the environment for this code
path) when non-default AWS credentials are in used (e.g. via a profile).
| -rw-r--r-- | deploy/cloudfront.go | 13 | ||||
| -rw-r--r-- | deploy/deploy.go | 2 |
2 files changed, 10 insertions, 5 deletions
diff --git a/deploy/cloudfront.go b/deploy/cloudfront.go index 2f673dc97..8ed9b858d 100644 --- a/deploy/cloudfront.go +++ b/deploy/cloudfront.go @@ -18,6 +18,7 @@ package deploy import ( "context" + "net/url" "time" "github.com/aws/aws-sdk-go/aws" @@ -26,14 +27,18 @@ import ( ) // InvalidateCloudFront invalidates the CloudFront cache for distributionID. -// It uses the default AWS credentials from the environment. -func InvalidateCloudFront(ctx context.Context, distributionID string) error { - sess, err := gcaws.NewDefaultSession() +// Uses AWS credentials config from the bucket URL. +func InvalidateCloudFront(ctx context.Context, target *Target) error { + u, err := url.Parse(target.URL) + if err != nil { + return err + } + sess, _, err := gcaws.NewSessionFromURLParams(u.Query()) if err != nil { return err } req := &cloudfront.CreateInvalidationInput{ - DistributionId: aws.String(distributionID), + DistributionId: aws.String(target.CloudFrontDistributionID), InvalidationBatch: &cloudfront.InvalidationBatch{ CallerReference: aws.String(time.Now().Format("20060102150405")), Paths: &cloudfront.Paths{ diff --git a/deploy/deploy.go b/deploy/deploy.go index 60a3da363..26fac8975 100644 --- a/deploy/deploy.go +++ b/deploy/deploy.go @@ -271,7 +271,7 @@ func (d *Deployer) Deploy(ctx context.Context) error { } } else { d.logger.Println("Invalidating CloudFront CDN...") - if err := InvalidateCloudFront(ctx, d.target.CloudFrontDistributionID); err != nil { + if err := InvalidateCloudFront(ctx, d.target); err != nil { d.logger.Printf("Failed to invalidate CloudFront CDN: %v\n", err) return err } |