s3: load env creds

Author: jwise

appstore/s3.py

@@ -9,6 +9,29 @@
 session = None
 s3_endpoint = None
 
+# Try loading creds from the environment.
+try:
+    if session is None and config['AWS_ACCESS_KEY'] is not None and config['AWS_SECRET_KEY'] is not None:
+        session = boto3.Session(
+            aws_access_key_id=config['AWS_ACCESS_KEY'],
+            aws_secret_access_key=config['AWS_SECRET_KEY'],
+        )
+        # XXX: for GCP later:
+        # s3_endpoint = creds.get('S3Endpoint')
+except:
+    pass
+
+
+# "Well, the creds were towed outside the environment."  "Into another
+# environment?" "No, no, they've been towed beyond the environment.  They're
+# not in the environment." "No, but from one environment to another
+# environment." "No, it's beyond the environment.  It's not in an
+# environment.  It's been towed beyond the environment." "Well, what's out
+# there?" "Nothing's out there!" "Well there must be something out there"
+# "There's nothing out there!  All there is sea, and birds, and fish."
+# "And?" "And 20,000 tons of AWS creds." "And what else?" "And a fire."
+#
+# Try loading creds from an on-disk .json.
 try:
     if session is None:
         with open('session-token.json', 'r') as f:

appstore/settings.py

@@ -21,5 +21,7 @@
     'HONEYCOMB_KEY': os.environ.get('HONEYCOMB_KEY', None),
     'DISCORD_HOOK_URL': os.environ.get('DISCORD_HOOK_URL', None),
     'DISCORD_ADMIN_HOOK_URL': os.environ.get('DISCORD_ADMIN_HOOK_URL', None),
-    'ALGOLIA_DISABLE': os.environ.get('ALGOLIA_DISABLE', False)
+    'ALGOLIA_DISABLE': os.environ.get('ALGOLIA_DISABLE', False),
+    'AWS_ACCESS_KEY': os.environ.get('AWS_ACCESS_KEY', None),
+    'AWS_SECRET_KEY': os.environ.get('AWS_SECRET_KEY', None),
 }