Set aws creds through environment variables locally

2022-02-04 16:30:34 -05:00 · 2022-02-04 16:30:34 -05:00 · 040be01e9d
commit 040be01e9d
parent 00dba743d9
4 changed files with 43 additions and 12 deletions
--- a/27
+++ b/27
@ -53,7 +53,20 @@ docker_build("mev-inspect-py", ".",
            trigger="./pyproject.toml"),
    ],
 )
-k8s_yaml(helm('./k8s/mev-inspect', name='mev-inspect'))
+k8s_yaml(helm(
+    './k8s/mev-inspect',
+    name='mev-inspect',
+    set=[
+        "extraEnv[0].name=AWS_ACCESS_KEY_ID",
+        "extraEnv[0].value=foobar",
+        "extraEnv[1].name=AWS_SECRET_ACCESS_KEY",
+        "extraEnv[1].value=foobar",
+        "extraEnv[2].name=AWS_REGION",
+        "extraEnv[2].value=us-east-1",
+        "extraEnv[3].name=AWS_ENDPOINT_URL",
+        "extraEnv[3].value=http://localstack:4566",
+    ],
+))
 k8s_resource(
    workload="mev-inspect",
    resource_deps=["postgresql", "redis-master"],
@ -62,7 +75,17 @@ k8s_resource(
 k8s_yaml(helm(
    './k8s/mev-inspect-workers',
    name='mev-inspect-workers',
-    set=["replicaCount=1"],
+    set=[
+        "extraEnv[0].name=AWS_ACCESS_KEY_ID",
+        "extraEnv[0].value=foobar",
+        "extraEnv[1].name=AWS_SECRET_ACCESS_KEY",
+        "extraEnv[1].value=foobar",
+        "extraEnv[2].name=AWS_REGION",
+        "extraEnv[2].value=us-east-1",
+        "extraEnv[3].name=AWS_ENDPOINT_URL",
+        "extraEnv[3].value=http://localstack:4566",
+        "replicaCount=1",
+    ],
 ))
 k8s_resource(
    workload="mev-inspect-workers",
--- a/k8s/mev-inspect-workers/templates/deployment.yaml
+++ b/k8s/mev-inspect-workers/templates/deployment.yaml
@ -91,6 +91,10 @@ spec:
                name: mev-inspect-listener-healthcheck
                key: url
                optional: true
+          {{- range .Values.extraEnv }}
+          - name: {{ .name }}
+            value: {{ .value }}
+          {{- end }} 
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
--- a/k8s/mev-inspect/templates/deployment.yaml
+++ b/k8s/mev-inspect/templates/deployment.yaml
@ -96,6 +96,10 @@ spec:
              configMapKeyRef:
                name: mev-inspect-export
                key: export-bucket-name
+          {{- range .Values.extraEnv }}
+          - name: {{ .name }}
+            value: {{ .value }}
+          {{- end }} 
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
--- a/mev_inspect/s3_export.py
+++ b/mev_inspect/s3_export.py
@ -1,11 +1,13 @@
 import json
 import logging
 import os
+from typing import Optional

 import boto3

 from mev_inspect.text_io import BytesIteratorIO

+AWS_ENDPOINT_URL_ENV = "AWS_ENDPOINT_URL"
 MEV_SUMMARY_EXPORT_QUERY = """
    SELECT to_json(mev_summary)
    FROM mev_summary
@ -20,8 +22,8 @@ logger = logging.getLogger(__name__)
 def export_block_range(
    inspect_db_session, after_block_number: int, before_block_number
 ) -> None:
+    export_bucket_name = os.environ["EXPORT_BUCKET_NAME"]
    client = get_s3_client()
-    bucket_name = os.environ["EXPORT_BUCKET_NAME"]

    mev_summary_json_results = inspect_db_session.execute(
        statement=MEV_SUMMARY_EXPORT_QUERY,
@ -39,19 +41,17 @@ def export_block_range(

    client.upload_fileobj(
        mev_summary_json_fileobj,
-        Bucket=bucket_name,
+        Bucket=export_bucket_name,
        Key=key,
    )

    logger.info(f"Exported to {key}")


-# TODO - handle for production
 def get_s3_client():
-    return boto3.client(
-        "s3",
-        region_name="us-east-1",
-        endpoint_url="http://localstack:4566",
-        aws_access_key_id="test",
-        aws_secret_access_key="test",
-    )
+    endpoint_url = get_endpoint_url()
+    return boto3.client("s3", endpoint_url=endpoint_url)
+
+
+def get_endpoint_url() -> Optional[str]:
+    return os.environ.get(AWS_ENDPOINT_URL_ENV)