Read client secret from env var first since the location has a default (

#312) Signed-off-by: Katrina Rogan <katroganGH@gmail.com>
flyteorg · Aug 9, 2022 · 0b20c5c · 0b20c5c
1 parent dbeb016
commit 0b20c5c
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/clients/go/admin/token_source_provider.go b/clients/go/admin/token_source_provider.go
@@ -136,15 +136,15 @@ type ClientCredentialsTokenSourceProvider struct {
 func NewClientCredentialsTokenSourceProvider(ctx context.Context, cfg *Config,
 	clientMetadata *service.PublicClientAuthConfigResponse, tokenURL string) (TokenSourceProvider, error) {
 	var secret string
-	if len(cfg.ClientSecretLocation) > 0 {
+	if len(cfg.ClientSecretEnvVar) > 0 {
+		secret = os.Getenv(cfg.ClientSecretEnvVar)
+	} else if len(cfg.ClientSecretLocation) > 0 {
 		secretBytes, err := ioutil.ReadFile(cfg.ClientSecretLocation)
 		if err != nil {
 			logger.Errorf(ctx, "Error reading secret from location %s", cfg.ClientSecretLocation)
 			return nil, err
 		}
 		secret = string(secretBytes)
-	} else if len(cfg.ClientSecretEnvVar) > 0 {
-		secret = os.Getenv(cfg.ClientSecretEnvVar)
 	}
 	secret = strings.TrimSpace(secret)