authentication-provider instance-store does not require role name argument

* NEWS: Update.
* doc/eclat.conf.5: Update.
* lib/Makefile.am: Add new sources.
* lib/istore.c: New file.
* lib/path.c: New file.
* lib/libeclat.h (path_concat)
(instance_store_curl_new)
(instance_store_read): New protos.
* src/config.c (cb_authentication_provider): second argument is
optional for instance-store type.
New compound statement: instance-store.
* src/eclat.h (instance_store_base_url)
(instance_store_port,instance_store_document_path):
(instance_store_credentials_path): New externs.
* src/ispeek.c: Rewrite using new functions.
* src/util.c: Likewise.

1 files changed, 37 insertions, 5 deletions

diff --git a/doc/eclat.conf.5 b/doc/eclat.conf.5
index dd9489c..8b20b48 100644
--- a/doc/eclat.conf.5
+++ b/doc/eclat.conf.5
@@ -13,7 +13,7 @@
 .\"
 .\" You should have received a copy of the GNU General Public License
 .\" along with Eclat.  If not, see <http://www.gnu.org/licenses/>.
-.TH ECLAT.CONF 5 "January 21, 2015" "ECLAT" "Eclat User Reference"
+.TH ECLAT.CONF 5 "January 22, 2015" "ECLAT" "Eclat User Reference"
 .SH NAME
 eclat.conf \- configuration file for
 .BR eclat (1).
@@ -380,7 +380,7 @@ region  us\-west\-2       ec2.us\-west\-2.amazonaws.com;
 .EE
 .SS AUTHENTICATION
 .TP
-\fBauthentication\-provider\fR \fITYPE\fR \fIARG\fB;\fR
+\fBauthentication\-provider\fR \fITYPE\fR [\fIARG\fR]\fB;\fR
 Defines authentication provider to use.  \fIAuthentication provider\fR
 is a service that supplies AWS access key ID and secret key.  See
 .BR eclat (1),
@@ -397,9 +397,11 @@ If \fITYPE\fR is \fBfile\fR, the \fIARG\fR parameter is treated as a
 shell globbing pattern: all files matching this pattern are attempted
 in turn, until a keypair is found in one of them.
 
-If \fITYPE\fR is \fBinstance\-store\fR, \fIARG\fR is the name of the
-IAM role.  Credentials will be obtained from the instance store for
-that role.
+If \fITYPE\fR is \fBinstance\-store\fR, credentials will be obtained
+from the instance store.  \fIARG\fR is optional.  If supplied, it
+should be the name of the IAM role this instance is launched with.
+At the time of this writing, an instance can be associated with a
+single role, which will be used by default.
 .TP
 \fBaccess\-file\fR \fIname\fR;
 This is a shortcut for \fBauthentication\-provider file \fIname\fR.
@@ -446,6 +448,36 @@ By default the CA certificates shipped with
 .BR libcurl (3)
 will be used.  You would rarely need to use \fBca\-file\fR or
 \fBca\-path\fR statements.
+.SH INSTANCE STORE CONFIGURATION
+The \fBinstance\-store\fR compound statement configures HTTP access to
+the instance store.  By default, \fBeclat\fR uses standard AWS values.
+This statement is intended mainly as an aid in debugging:
+.PP
+.EX
+    instance\-store {
+        base\-url \fIURL\fR;
+        port \fINUMBER\fR;
+	document\-path \fISTRING\fR;
+	credentials\-path \fISTRING\fR;
+    }	    
+.EE
+.TP
+.BI base\-url " URL" ;
+Base URL to use, instead of
+.BR http://169.254.169.254/latest .
+.TP
+.BI port " NUMBER" ;
+Port to use (defaults to \fB80\fR).
+.TP
+.BI document\-path " STRING" ;
+Pathname (relative to \fBbase\-url\fR) of the instance identity document
+file.  Default: 
+.BR dynamic/instance-identity/document .
+.TP
+.BI credentials\-path " STRING" ;
+Pathname (relative to \fBbase\-url\fR) of the instance store
+credentials directory.  Default is
+.BR meta-data/iam/security-credentials .
 .SH FORMAT DEFINITIONS
 This group of statements declares the formats to use.
 .TP