( ctx context.Context, )
| 125 | } |
| 126 | |
| 127 | func S3Client( |
| 128 | ctx context.Context, |
| 129 | ) (*s3.Client, error) { |
| 130 | creds, err := CachedCredentials(ctx) |
| 131 | if err != nil { |
| 132 | return nil, err |
| 133 | } |
| 134 | config, err := config.LoadDefaultConfig( |
| 135 | ctx, |
| 136 | config.WithCredentialsProvider( |
| 137 | credentials.NewStaticCredentialsProvider( |
| 138 | creds.AccessKeyID, |
| 139 | creds.SecretAccessKey, |
| 140 | creds.SessionToken, |
| 141 | ), |
| 142 | ), |
| 143 | ) |
| 144 | if err != nil { |
| 145 | return nil, errors.WithStack(err) |
| 146 | } |
| 147 | |
| 148 | return s3.NewFromConfig(config), nil |
| 149 | } |
| 150 | |
| 151 | // AWSCredentials are short-lived credentials that grant access to a private Nix |
| 152 | // cache in S3. It marshals to JSON per the schema described in |
no test coverage detected