lib/awskeyring_command.rb in awskeyring-0.0.2 vs lib/awskeyring_command.rb in awskeyring-0.0.3
- old
+ new
@@ -9,14 +9,16 @@
require 'awskeyring/version'
# AWS Key-ring command line interface.
class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
map %w[--version -v] => :__version
+ map ['init'] => :initialise
map ['ls'] => :list
map ['lsr'] => :list_role
map ['rm'] => :remove
map ['rmr'] => :remove_role
+ map ['rmt'] => :remove_token
desc '--version, -v', 'Prints the version'
def __version
puts Awskeyring::VERSION
end
@@ -64,10 +66,24 @@
secret: cred.password,
token: token
)
end
+ desc 'exec ACCOUNT command...', 'Execute a COMMAND with the environment set for an ACCOUNT'
+ def exec(account, *command)
+ cred, temp_cred = get_valid_item_pair(account: account)
+ token = temp_cred.password unless temp_cred.nil?
+ env_vars = env_vars(
+ account: cred.attributes[:label],
+ key: cred.attributes[:account],
+ secret: cred.password,
+ token: token
+ )
+ pid = spawn(env_vars, command.join(' '))
+ Process.wait pid
+ end
+
desc 'add ACCOUNT', 'Adds an ACCOUNT to the keyring'
method_option :key, type: :string, aliases: '-k', desc: 'AWS account key id.'
method_option :secret, type: :string, aliases: '-s', desc: 'AWS account secret.'
method_option :mfa, type: :string, aliases: '-m', desc: 'AWS virtual mfa arn.'
def add(account = nil)
@@ -104,10 +120,18 @@
account = ask_missing(existing: account, message: 'account name')
cred, temp_cred = get_valid_item_pair(account: account)
Awskeyring.delete_pair(cred, temp_cred, "# Removing account #{account}")
end
+ desc 'remove-token ACCOUNT', 'Removes a token for ACCOUNT from the keyring'
+ def remove_token(account = nil)
+ account = ask_missing(existing: account, message: 'account name')
+ session_key, session_token = Awskeyring.get_pair(account)
+ session_key, session_token = Awskeyring.delete_expired(session_key, session_token) if session_key
+ Awskeyring.delete_pair(session_key, session_token, "# Removing token for account #{account}") if session_key
+ end
+
map 'remove-role' => :remove_role
desc 'remove-role ROLE', 'Removes a ROLE from the keyring'
def remove_role(role = nil)
role = ask_missing(existing: role, message: 'role name')
item_role = Awskeyring.get_role(role)
@@ -234,11 +258,12 @@
# autocomplete
desc 'awskeyring CURR PREV', 'Autocompletion for bourne shells', hide: true
def awskeyring(curr, prev)
comp_line = ENV['COMP_LINE']
unless comp_line
- warn "enable autocomplete with 'complete -C /path-to-command/awskeyring awskeyring'"
+ exec_name = File.basename($PROGRAM_NAME)
+ warn "enable autocomplete with 'complete -C /path-to-command/#{exec_name} #{exec_name}'"
exit 1
end
comp_len = comp_line.split.length
comp_len += 1 if curr == ''
@@ -281,22 +306,30 @@
exit 2
end
[item, nil]
end
- def put_env_string(account:, key:, secret:, token:)
- puts "export AWS_ACCOUNT_NAME=\"#{account}\""
- puts "export AWS_ACCESS_KEY_ID=\"#{key}\""
- puts "export AWS_ACCESS_KEY=\"#{key}\""
- puts "export AWS_SECRET_ACCESS_KEY=\"#{secret}\""
- puts "export AWS_SECRET_KEY=\"#{secret}\""
+ def env_vars(account:, key:, secret:, token:)
+ env_var = {}
+ env_var['AWS_DEFAULT_REGION'] = 'us-east-1' unless ENV['AWS_DEFAULT_REGION']
+ env_var['AWS_ACCOUNT_NAME'] = account
+ env_var['AWS_ACCESS_KEY_ID'] = key
+ env_var['AWS_ACCESS_KEY'] = key
+ env_var['AWS_SECRET_ACCESS_KEY'] = secret
+ env_var['AWS_SECRET_KEY'] = secret
if token
- puts "export AWS_SECURITY_TOKEN=\"#{token}\""
- puts "export AWS_SESSION_TOKEN=\"#{token}\""
- else
- puts 'unset AWS_SECURITY_TOKEN'
- puts 'unset AWS_SESSION_TOKEN'
+ env_var['AWS_SECURITY_TOKEN'] = token
+ env_var['AWS_SESSION_TOKEN'] = token
end
+ env_var
+ end
+
+ def put_env_string(account:, key:, secret:, token:)
+ env_var = env_vars(account: account, key: key, secret: secret, token: token)
+ env_var.each { |var, value| puts "export #{var}=\"#{value}\"" }
+
+ puts 'unset AWS_SECURITY_TOKEN' unless token
+ puts 'unset AWS_SESSION_TOKEN' unless token
end
def ask_missing(existing:, message:, secure: false, optional: false)
existing || ask(message: message, secure: secure, optional: optional)
end