Make S3::credentials_provider_ a local variable.

TileDB-Inc · Sep 6, 2024 · 88fae67 · 88fae67
1 parent 074035f
commit 88fae67
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 11 deletions.
diff --git a/tiledb/sm/filesystem/s3.cc b/tiledb/sm/filesystem/s3.cc
@@ -239,7 +239,6 @@ S3::S3(
     : s3_params_(S3Parameters(config))
     , stats_(parent_stats->create_child("S3"))
     , state_(State::UNINITIALIZED)
-    , credentials_provider_(nullptr)
     , file_buffer_size_(
           s3_params_.multipart_part_size_ * s3_params_.max_parallel_ops_)
     , vfs_thread_pool_(thread_pool)
@@ -1380,11 +1379,13 @@ Status S3::init_client() const {
   client_config.payloadSigningPolicy =
       Aws::Client::AWSAuthV4Signer::PayloadSigningPolicy::Never;
 
+  shared_ptr<Aws::Auth::AWSCredentialsProvider> credentials_provider;
+
   // If the user says not to sign a request, use the
   // AnonymousAWSCredentialsProvider This is equivalent to --no-sign-request on
   // the aws cli
   if (s3_params_.no_sign_request_) {
-    credentials_provider_ =
+    credentials_provider =
         make_shared<Aws::Auth::AnonymousAWSCredentialsProvider>(HERE());
   } else {  // Check other authentication methods
     switch ((!s3_params_.aws_access_key_id_.empty() ? 1 : 0) +
@@ -1407,7 +1408,7 @@ Status S3::init_client() const {
             !s3_params_.aws_session_token_.empty() ?
                 s3_params_.aws_session_token_.c_str() :
                 "");
-        credentials_provider_ =
+        credentials_provider =
             make_shared<Aws::Auth::SimpleAWSCredentialsProvider>(
                 HERE(), access_key_id, secret_access_key, session_token);
         break;
@@ -1428,7 +1429,7 @@ Status S3::init_client() const {
             !s3_params_.aws_session_name_.empty() ?
                 s3_params_.aws_session_name_.c_str() :
                 "");
-        credentials_provider_ =
+        credentials_provider =
             make_shared<Aws::Auth::STSAssumeRoleCredentialsProvider>(
                 HERE(),
                 role_arn,
@@ -1451,13 +1452,13 @@ Status S3::init_client() const {
             "temporary authentication credentials are configured");
       }
       case 8: {
-        credentials_provider_ =
+        credentials_provider =
             make_shared<Aws::Auth::ProfileConfigFileAWSCredentialsProvider>(
                 HERE());
         break;
       }
       case 16: {
-        credentials_provider_ = make_shared<
+        credentials_provider = make_shared<
             Aws::Auth::STSProfileWithWebIdentityCredentialsProvider>(
             HERE(),
             Aws::Auth::GetConfigProfileName(),
@@ -1495,12 +1496,12 @@ Status S3::init_client() const {
   static std::mutex static_client_init_mtx;
   {
     std::lock_guard<std::mutex> static_lck(static_client_init_mtx);
-    if (credentials_provider_ == nullptr) {
+    if (credentials_provider == nullptr) {
       client_ =
           make_shared<TileDBS3Client>(HERE(), s3_params_, *client_config_);
     } else {
       client_ = make_shared<TileDBS3Client>(
-          HERE(), s3_params_, credentials_provider_, *client_config_);
+          HERE(), s3_params_, credentials_provider, *client_config_);
     }
   }
 

diff --git a/tiledb/sm/filesystem/s3.h b/tiledb/sm/filesystem/s3.h
@@ -1342,9 +1342,6 @@ class S3 : FilesystemBase {
    */
   mutable shared_ptr<TileDBS3Client> client_;
 
-  /** The AWS credetial provider. */
-  mutable shared_ptr<Aws::Auth::AWSCredentialsProvider> credentials_provider_;
-
   /**
    * Mutex protecting client initialization. This is mutable so that nominally
    * const functions can call init_client().