diff --git a/src/libstore/aws-creds.cc b/src/libstore/aws-creds.cc index b0e1b7ed1..93fc3da33 100644 --- a/src/libstore/aws-creds.cc +++ b/src/libstore/aws-creds.cc @@ -1,6 +1,6 @@ #include "nix/store/aws-creds.hh" -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH # include # include "nix/store/s3-url.hh" diff --git a/src/libstore/builtins/fetchurl.cc b/src/libstore/builtins/fetchurl.cc index d55915183..126fb922e 100644 --- a/src/libstore/builtins/fetchurl.cc +++ b/src/libstore/builtins/fetchurl.cc @@ -41,7 +41,7 @@ static void builtinFetchurl(const BuiltinBuilderContext & ctx) FileTransferRequest request(VerbatimURL{url}); request.decompress = false; -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH // Use pre-resolved credentials if available if (ctx.awsCredentials && request.uri.scheme() == "s3") { debug("[pid=%d] Using pre-resolved AWS credentials from parent process", getpid()); diff --git a/src/libstore/filetransfer.cc b/src/libstore/filetransfer.cc index 65fcbea5f..981d49d77 100644 --- a/src/libstore/filetransfer.cc +++ b/src/libstore/filetransfer.cc @@ -10,7 +10,7 @@ #include "store-config-private.hh" #include "nix/store/s3-url.hh" #include -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH # include "nix/store/aws-creds.hh" #endif @@ -435,7 +435,7 @@ struct curlFileTransfer : public FileTransfer } } -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH // Set up AWS SigV4 signing if this is an S3 request // Note: AWS SigV4 support guaranteed available (curl >= 7.75.0 checked at build time) // The username/password (access key ID and secret key) are set via the general @@ -874,7 +874,7 @@ void FileTransferRequest::setupForS3() // Update the request URI to use HTTPS (works without AWS SDK) uri = parsedS3.toHttpsUrl(); -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH // Auth-specific code only compiled when AWS support is available awsSigV4Provider = "aws:amz:" + parsedS3.region.value_or("us-east-1") + ":s3"; diff --git a/src/libstore/include/nix/store/aws-creds.hh b/src/libstore/include/nix/store/aws-creds.hh index dcafa9c75..6e653936c 100644 --- a/src/libstore/include/nix/store/aws-creds.hh +++ b/src/libstore/include/nix/store/aws-creds.hh @@ -2,7 +2,7 @@ ///@file #include "nix/store/config.hh" -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH # include "nix/store/s3-url.hh" # include "nix/util/error.hh" diff --git a/src/libstore/include/nix/store/builtins.hh b/src/libstore/include/nix/store/builtins.hh index 6b9431331..6925e61c1 100644 --- a/src/libstore/include/nix/store/builtins.hh +++ b/src/libstore/include/nix/store/builtins.hh @@ -4,7 +4,7 @@ #include "nix/store/derivations.hh" #include "nix/store/config.hh" -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH # include "nix/store/aws-creds.hh" #endif @@ -18,7 +18,7 @@ struct BuiltinBuilderContext std::string caFileData; Path tmpDirInSandbox; -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH /** * Pre-resolved AWS credentials for S3 URLs in builtin:fetchurl. * When present, these should be used instead of creating new credential providers. diff --git a/src/libstore/include/nix/store/filetransfer.hh b/src/libstore/include/nix/store/filetransfer.hh index 8b2c7eb31..34ec316ef 100644 --- a/src/libstore/include/nix/store/filetransfer.hh +++ b/src/libstore/include/nix/store/filetransfer.hh @@ -12,7 +12,7 @@ #include "nix/util/url.hh" #include "nix/store/config.hh" -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH # include "nix/store/aws-creds.hh" #endif #include "nix/store/s3-url.hh" @@ -114,7 +114,7 @@ struct FileTransferRequest * When provided, these credentials will be used with curl's CURLOPT_USERNAME/PASSWORD option. */ std::optional usernameAuth; -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH /** * Pre-resolved AWS session token for S3 requests. * When provided along with usernameAuth, this will be used instead of fetching fresh credentials. @@ -136,7 +136,7 @@ struct FileTransferRequest private: friend struct curlFileTransfer; void setupForS3(); -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH std::optional awsSigV4Provider; #endif }; diff --git a/src/libstore/meson.build b/src/libstore/meson.build index af01c8652..78a3dd9b3 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -160,7 +160,7 @@ if curl_s3_store_opt.enabled() deps_other += aws_crt_cpp endif -configdata_pub.set('NIX_WITH_S3_SUPPORT', curl_s3_store_opt.enabled().to_int()) +configdata_pub.set('NIX_WITH_AWS_AUTH', curl_s3_store_opt.enabled().to_int()) subdir('nix-meson-build-support/generate-header') diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index d0c8cce06..831f1fa9e 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -46,7 +46,7 @@ #include "store-config-private.hh" #include "build/derivation-check.hh" -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH # include "nix/store/aws-creds.hh" # include "nix/store/s3-url.hh" # include "nix/util/url.hh" @@ -296,7 +296,7 @@ protected: */ virtual void startChild(); -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH /** * Pre-resolve AWS credentials for S3 URLs in builtin:fetchurl. * This should be called before forking to ensure credentials are available in child. @@ -359,7 +359,7 @@ protected: */ struct RunChildArgs { -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH std::optional awsCredentials; #endif }; @@ -945,7 +945,7 @@ void DerivationBuilderImpl::openSlave() throw SysError("cannot pipe standard error into log file"); } -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH std::optional DerivationBuilderImpl::preResolveAwsCredentials() { if (drv.isBuiltin() && drv.builder == "builtin:fetchurl") { @@ -974,7 +974,7 @@ std::optional DerivationBuilderImpl::preResolveAwsCredentials() void DerivationBuilderImpl::startChild() { RunChildArgs args{ -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH .awsCredentials = preResolveAwsCredentials(), #endif }; @@ -1255,7 +1255,7 @@ void DerivationBuilderImpl::runChild(RunChildArgs args) BuiltinBuilderContext ctx{ .drv = drv, .tmpDirInSandbox = tmpDirInSandbox(), -#if NIX_WITH_S3_SUPPORT +#if NIX_WITH_AWS_AUTH .awsCredentials = args.awsCredentials, #endif }; diff --git a/src/libstore/unix/build/linux-derivation-builder.cc b/src/libstore/unix/build/linux-derivation-builder.cc index 07e421bef..e96f83700 100644 --- a/src/libstore/unix/build/linux-derivation-builder.cc +++ b/src/libstore/unix/build/linux-derivation-builder.cc @@ -277,7 +277,7 @@ struct ChrootLinuxDerivationBuilder : ChrootDerivationBuilder, LinuxDerivationBu void startChild() override { RunChildArgs args{ -# if NIX_WITH_S3_SUPPORT +# if NIX_WITH_AWS_AUTH .awsCredentials = preResolveAwsCredentials(), # endif };