Support separate CAA and EAA access keys

The CAA and EAA actually use different IA credentials to manage their collections. This splits the current configuration options into per-project ones.
metabrainz · May 23, 2024 · 7f40b56 · 7f40b56
1 parent 78c5ee2
commit 7f40b56
Show file tree

Hide file tree

Showing 6 changed files with 31 additions and 8 deletions.
diff --git a/config.default.ini b/config.default.ini
@@ -9,8 +9,10 @@ dbname=musicbrainz_db
 
 [s3]
 url=https://{bucket}.s3.us.archive.org/{file}
-access=
-secret=
+caa_access=
+caa_secret=
+eaa_access=
+eaa_secret=
 
 [sentry]
 dsn=
diff --git a/config.tests.example.ini b/config.tests.example.ini
@@ -10,5 +10,7 @@ dbname=musicbrainz_test_artwork_indexer
 
 [s3]
 url=http://{bucket}.s3.example.com/{file}
-access=user
-secret=pass
+caa_access=caa_user
+caa_secret=caa_pass
+eaa_access=eaa_user
+eaa_secret=eaa_pass
diff --git a/docker/config.ini.ctmpl b/docker/config.ini.ctmpl
@@ -15,5 +15,7 @@ dbname={{ keyOrDefault (print $key_prefix "postgres_database") "musicbrainz_db"
 
 [s3]
 url={{ keyOrDefault (print $key_prefix "s3_url") "https://{bucket}.s3.us.archive.org/{file}" }}
-access={{ keyOrDefault (print $key_prefix "s3_access_key") "" }}
-secret={{ keyOrDefault (print $key_prefix "s3_secret_key") "" }}
+caa_access={{ keyOrDefault (print $key_prefix "caa_s3_access_key") "" }}
+caa_secret={{ keyOrDefault (print $key_prefix "caa_s3_secret_key") "" }}
+eaa_access={{ keyOrDefault (print $key_prefix "eaa_s3_access_key") "" }}
+eaa_secret={{ keyOrDefault (print $key_prefix "eaa_s3_secret_key") "" }}
diff --git a/generate_code.py b/generate_code.py
@@ -442,6 +442,10 @@ def entity_type(self):
             def ia_collection(self):
                 return '{project['ia_collection']}'
 
+            @property
+            def project_abbr(self):
+                return '{project['abbr']}'
+
             @property
             def ws_inc_params(self):
                 return '{project['ws_inc_params']}'

diff --git a/handlers.py b/handlers.py
@@ -21,6 +21,10 @@ def entity_type(self):
     def ia_collection(self):
         return 'coverartarchive'
 
+    @property
+    def project_abbr(self):
+        return 'caa'
+
     @property
     def ws_inc_params(self):
         return 'artists'
@@ -44,6 +48,10 @@ def entity_type(self):
     def ia_collection(self):
         return 'eventartarchive'
 
+    @property
+    def project_abbr(self):
+        return 'eaa'
+
     @property
     def ws_inc_params(self):
         return 'artist-rels+place-rels'

diff --git a/handlers_base.py b/handlers_base.py
@@ -66,12 +66,17 @@ def gid_name(self):
     def ia_collection(self):
         raise NotImplementedError
 
+    @property
+    def project_abbr(self):
+        raise NotImplementedError
+
     def build_authorization_header(self):
+        abbr = self.project_abbr
         s3_conf = self.config['s3']
         return {
             'authorization': 'LOW %s:%s' % (
-                s3_conf['access'],
-                s3_conf['secret'],
+                s3_conf[abbr + '_access'],
+                s3_conf[abbr + '_secret'],
             ),
         }