comments

Author: glimberea

commands/cfg/whoami.go

@@ -76,23 +76,22 @@ func handleProvenance(c *core.CommandConfig, cl *client.Client, authErr error) e
 	// Object Storage credential provenance
 	_, _, akSrc, skSrc, _ := client.ResolveObjectStorageCredentials()
 
-	b.WriteString("\nObject Storage credential sources:\n")
+	b.WriteString("\nFor Object Storage, in order of priority:\n")
 
-	b.WriteString("  Access Key:\n")
-	for i, src := range client.ObjectStorageAccessKeyOrder {
-		if akSrc == src {
-			b.WriteString(fmt.Sprintf("  * [%d] %s (USED)\n", i+1, src))
-		} else {
-			b.WriteString(fmt.Sprintf("    [%d] %s\n", i+1, src))
-		}
+	type osPair struct {
+		label string
+		akSrc client.ObjectStorageAccessKeySource
+		skSrc client.ObjectStorageSecretKeySource
 	}
-
-	b.WriteString("  Secret Key:\n")
-	for i, src := range client.ObjectStorageSecretKeyOrder {
-		if skSrc == src {
-			b.WriteString(fmt.Sprintf("  * [%d] %s (USED)\n", i+1, src))
+	pairs := []osPair{
+		{"environment variables: IONOS_S3_ACCESS_KEY, IONOS_S3_SECRET_KEY", client.ObjectStorageAccessKeyEnv, client.ObjectStorageSecretKeyEnv},
+		{"credentials from config file: s3AccessKey, s3SecretKey", client.ObjectStorageAccessKeyCfg, client.ObjectStorageSecretKeyCfg},
+	}
+	for i, p := range pairs {
+		if akSrc == p.akSrc && skSrc == p.skSrc {
+			b.WriteString(fmt.Sprintf("* [%d] %s (USED)\n", i+1, p.label))
 		} else {
-			b.WriteString(fmt.Sprintf("    [%d] %s\n", i+1, src))
+			b.WriteString(fmt.Sprintf("  [%d] %s\n", i+1, p.label))
 		}
 	}
 

commands/object-storage/bucket/create.go

@@ -2,14 +2,14 @@ package bucket
 
 import (
 	"context"
-	"fmt"
 
 	"github.com/ionos-cloud/sdk-go-bundle/products/objectstorage/v2"
 	"github.com/spf13/viper"
 
 	"github.com/ionos-cloud/ionosctl/v6/internal/client"
 	"github.com/ionos-cloud/ionosctl/v6/internal/constants"
 	"github.com/ionos-cloud/ionosctl/v6/internal/core"
+	"github.com/ionos-cloud/ionosctl/v6/internal/printer/table"
 )
 
 func CreateBucketCmd() *core.Command {
@@ -19,7 +19,7 @@ func CreateBucketCmd() *core.Command {
 		Verb:      "create",
 		Aliases:   []string{"c"},
 		ShortDesc: "Create a contract-owned bucket",
-		Example:   "ionosctl object-storage bucket create --name my-bucket\nionosctl object-storage bucket create --name my-bucket --region eu-central-3\nionosctl object-storage bucket create --name my-bucket --object-lock",
+		Example:   "ionosctl object-storage bucket create --name my-bucket\nionosctl object-storage bucket create --name my-bucket --location eu-central-3\nionosctl object-storage bucket create --name my-bucket --object-lock",
 		PreCmdRun: func(c *core.PreCommandConfig) error {
 			return core.CheckRequiredFlags(c.Command, c.NS, constants.FlagName)
 		},
@@ -38,8 +38,13 @@ func CreateBucketCmd() *core.Command {
 				return err
 			}
 
-			fmt.Fprintf(c.Command.Command.OutOrStdout(), "Bucket %q created successfully in region %q\n", name, location)
-			return nil
+			info, err := getBucketInfo(c.Context, name)
+			if err != nil {
+				return err
+			}
+
+			cols, _ := c.Command.Command.Flags().GetStringSlice(constants.ArgCols)
+			return c.Out(table.Sprint(allCols, info, cols))
 		},
 		InitClient: false,
 	})

commands/object-storage/bucket/get.go

@@ -20,6 +20,36 @@ type bucketInfo struct {
 	Region       string    `json:"Region"`
 }
 
+// getBucketInfo fetches metadata for a single bucket by name.
+// S3 has no single-bucket GET endpoint; ListBuckets is the only way to retrieve creation date.
+func getBucketInfo(ctx context.Context, name string) (*bucketInfo, error) {
+	result, _, err := client.MustObjectStorage().ObjectStorageClient.BucketsApi.ListBuckets(ctx).Execute()
+	if err != nil {
+		return nil, err
+	}
+
+	var found *bucketInfo
+	for _, b := range result.GetBuckets() {
+		if b.GetName() == name {
+			found = &bucketInfo{
+				Name:         b.GetName(),
+				CreationDate: b.GetCreationDate(),
+			}
+			break
+		}
+	}
+	if found == nil {
+		return nil, fmt.Errorf("bucket %q not found", name)
+	}
+
+	loc, _, err := client.MustObjectStorage().ObjectStorageClient.BucketsApi.GetBucketLocation(ctx, name).Execute()
+	if err == nil && loc != nil {
+		found.Region = loc.GetLocationConstraint()
+	}
+
+	return found, nil
+}
+
 func GetBucketCmd() *core.Command {
 	cmd := core.NewCommand(context.Background(), nil, core.CommandBuilder{
 		Namespace: "object-storage",
@@ -34,32 +64,11 @@ func GetBucketCmd() *core.Command {
 		CmdRun: func(c *core.CommandConfig) error {
 			name := viper.GetString(core.GetFlagName(c.NS, constants.FlagName))
 
-			// S3 has no API to get a single bucket's metadata (creation date).
-			// ListBuckets is the only way to retrieve it.
-			result, _, err := client.MustObjectStorage().ObjectStorageClient.BucketsApi.ListBuckets(c.Context).Execute()
+			found, err := getBucketInfo(c.Context, name)
 			if err != nil {
 				return err
 			}
 
-			var found *bucketInfo
-			for _, b := range result.GetBuckets() {
-				if b.GetName() == name {
-					found = &bucketInfo{
-						Name:         b.GetName(),
-						CreationDate: b.GetCreationDate(),
-					}
-					break
-				}
-			}
-			if found == nil {
-				return fmt.Errorf("bucket %q not found", name)
-			}
-
-			loc, _, err := client.MustObjectStorage().ObjectStorageClient.BucketsApi.GetBucketLocation(c.Context, name).Execute()
-			if err == nil && loc != nil {
-				found.Region = loc.GetLocationConstraint()
-			}
-
 			cols, _ := c.Command.Command.Flags().GetStringSlice(constants.ArgCols)
 			return c.Out(table.Sprint(allCols, found, cols))
 		},

commands/object-storage/bucket/head.go

@@ -2,6 +2,7 @@ package bucket
 
 import (
 	"context"
+	"fmt"
 
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
@@ -41,7 +42,7 @@ func HeadBucketCmd() *core.Command {
 
 			_, err := client.MustObjectStorage().ObjectStorageClient.BucketsApi.HeadBucket(c.Context, name).Execute()
 			if err != nil {
-				return err
+				return fmt.Errorf("checking if bucket %q exists: %w", name, err)
 			}
 
 			result := headResult{

commands/object-storage/bucket/list.go

@@ -19,7 +19,7 @@ func ListBucketsCmd() *core.Command {
 		Verb:      "list",
 		Aliases:   []string{"ls"},
 		ShortDesc: "List all contract-owned buckets",
-		Example:   "ionosctl object-storage bucket list\nionosctl object-storage bucket list --region eu-central-3",
+		Example:   "ionosctl object-storage bucket list\nionosctl object-storage bucket list --location eu-central-3",
 		PreCmdRun: func(c *core.PreCommandConfig) error {
 			return nil
 		},
@@ -40,7 +40,11 @@ func ListBucketsCmd() *core.Command {
 				loc, apiResp, locErr := client.MustObjectStorage().ObjectStorageClient.BucketsApi.GetBucketLocation(c.Context, b.GetName()).Execute()
 				if locErr != nil {
 					c.Verbose("failed to get location for bucket %q: %v", b.GetName(), locErr)
-					bi.Region = fmt.Sprintf("<%s>", apiResp.Status)
+					if apiResp != nil {
+						bi.Region = fmt.Sprintf("<%s>", apiResp.Status)
+					} else {
+						bi.Region = "<unknown>"
+					}
 				} else {
 					bi.Region = loc.GetLocationConstraint()
 				}

commands/object-storage/object/list.go

@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"time"
 
+	humanize "github.com/dustin/go-humanize"
 	objectstorage "github.com/ionos-cloud/sdk-go-bundle/products/objectstorage/v2"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
@@ -31,7 +32,7 @@ var listCols = []table.Column{
 
 type listObjectInfo struct {
 	Key          string    `json:"Key"`
-	Size         int32     `json:"Size"`
+	Size         string    `json:"Size"`
 	LastModified time.Time `json:"LastModified"`
 	StorageClass string    `json:"StorageClass"`
 	ETag         string    `json:"ETag"`
@@ -129,7 +130,7 @@ func convertObjects(objects []objectstorage.Object) []listObjectInfo {
 	for _, obj := range objects {
 		info := listObjectInfo{
 			Key:  obj.GetKey(),
-			Size: obj.GetSize(),
+			Size: humanize.IBytes(uint64(int64(obj.GetSize()))),
 			ETag: obj.GetETag(),
 		}
 		if obj.LastModified != nil {

docs/subcommands/Object-Storage/bucket/create.md

@@ -62,7 +62,7 @@ Create a contract-owned bucket
 
 ```text
 ionosctl object-storage bucket create --name my-bucket
-ionosctl object-storage bucket create --name my-bucket --region eu-central-3
+ionosctl object-storage bucket create --name my-bucket --location eu-central-3
 ionosctl object-storage bucket create --name my-bucket --object-lock
 ```
 

docs/subcommands/Object-Storage/bucket/list.md

@@ -60,6 +60,6 @@ List all contract-owned buckets
 
 ```text
 ionosctl object-storage bucket list
-ionosctl object-storage bucket list --region eu-central-3
+ionosctl object-storage bucket list --location eu-central-3
 ```
 

internal/client/objectstorageclient.go

@@ -67,67 +67,34 @@ var (
 )
 
 // ResolveObjectStorageCredentials resolves Object Storage access and secret keys, tracking their source.
-// Credentials are resolved in priority order:
-//  1. Environment variables IONOS_S3_ACCESS_KEY / IONOS_S3_SECRET_KEY
-//  2. s3AccessKey / s3SecretKey in the current ionosctl config profile
+// Both keys must come from the same source; mixing is not allowed. Priority order:
+//  1. Environment variables IONOS_S3_ACCESS_KEY / IONOS_S3_SECRET_KEY (both must be set)
+//  2. s3AccessKey / s3SecretKey in the current ionosctl config profile (both must be set)
 func ResolveObjectStorageCredentials() (accessKey, secretKey string, akSrc ObjectStorageAccessKeySource, skSrc ObjectStorageSecretKeySource, err error) {
-	src, cfgErr := retrieveConfigFile()
-	if cfgErr != nil {
-		return accessKey, secretKey, akSrc, skSrc, fmt.Errorf("failed to retrieve config file: %w", cfgErr)
+	// Priority 1: both from environment variables
+	envAccessKey := os.Getenv(shared.IonosS3AccessKeyEnvVar)
+	envSecretKey := os.Getenv(shared.IonosS3SecretKeyEnvVar)
+	if envAccessKey != "" && envSecretKey != "" {
+		return envAccessKey, envSecretKey, ObjectStorageAccessKeyEnv, ObjectStorageSecretKeyEnv, nil
 	}
 
-	accessKey = os.Getenv(shared.IonosS3AccessKeyEnvVar)
-	if accessKey != "" {
-		akSrc = ObjectStorageAccessKeyEnv
-	}
-
-	secretKey = os.Getenv(shared.IonosS3SecretKeyEnvVar)
-	if secretKey != "" {
-		skSrc = ObjectStorageSecretKeyEnv
-	}
-
-	// Fall back to config file if either key is missing
-	if accessKey == "" || secretKey == "" {
-		accessKey, akSrc, secretKey, skSrc = fillObjectStorageCredsFromConfig(src, accessKey, akSrc, secretKey, skSrc)
-	}
-
-	if accessKey == "" {
-		akSrc = ObjectStorageAccessKeyNone
-	}
-	if secretKey == "" {
-		skSrc = ObjectStorageSecretKeyNone
+	// Priority 2: both from config file
+	src, cfgErr := retrieveConfigFile()
+	if cfgErr != nil {
+		return "", "", ObjectStorageAccessKeyNone, ObjectStorageSecretKeyNone,
+			fmt.Errorf("failed to retrieve config file: %w", cfgErr)
 	}
-
-	if accessKey == "" || secretKey == "" {
-		return "", "", akSrc, skSrc, fmt.Errorf(
-			"object storage credentials not found. Set %s and %s environment variables, or configure s3AccessKey/s3SecretKey in your ionosctl profile",
-			shared.IonosS3AccessKeyEnvVar, shared.IonosS3SecretKeyEnvVar,
-		)
+	if src.Config != nil && src.Config.GetCurrentProfile() != nil {
+		creds := src.Config.GetCurrentProfile().Credentials
+		if creds.S3AccessKey != "" && creds.S3SecretKey != "" {
+			return creds.S3AccessKey, creds.S3SecretKey, ObjectStorageAccessKeyCfg, ObjectStorageSecretKeyCfg, nil
+		}
 	}
 
-	return accessKey, secretKey, akSrc, skSrc, nil
-}
-
-// fillObjectStorageCredsFromConfig fills in blank Object Storage access/secret keys from the config
-// file's current profile, returning the (possibly updated) values and their sources.
-func fillObjectStorageCredsFromConfig(
-	src ConfigSource,
-	accessKey string, akSrc ObjectStorageAccessKeySource,
-	secretKey string, skSrc ObjectStorageSecretKeySource,
-) (string, ObjectStorageAccessKeySource, string, ObjectStorageSecretKeySource) {
-	if src.Config == nil || src.Config.GetCurrentProfile() == nil {
-		return accessKey, akSrc, secretKey, skSrc
-	}
-	creds := src.Config.GetCurrentProfile().Credentials
-	if accessKey == "" && creds.S3AccessKey != "" {
-		accessKey = creds.S3AccessKey
-		akSrc = ObjectStorageAccessKeyCfg
-	}
-	if secretKey == "" && creds.S3SecretKey != "" {
-		secretKey = creds.S3SecretKey
-		skSrc = ObjectStorageSecretKeyCfg
-	}
-	return accessKey, akSrc, secretKey, skSrc
+	return "", "", ObjectStorageAccessKeyNone, ObjectStorageSecretKeyNone, fmt.Errorf(
+		"object storage credentials not found. Set %s and %s environment variables, or configure s3AccessKey/s3SecretKey in your ionosctl profile",
+		shared.IonosS3AccessKeyEnvVar, shared.IonosS3SecretKeyEnvVar,
+	)
 }
 
 // newObjectStorageClient builds a new ObjectStorageClient for the given endpoint.