-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathindex.js
260 lines (222 loc) · 8.55 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
const fs = require('fs')
const path = require('path')
const os = require('os')
const { EOL } = require('os')
const { log, logdev } = require('../printers/index')
/**
* @description Extracts the [default] section of an AWS .aws/config or .aws/credentials file
* @param {string} filecontents File contents of an .aws/credentials or .aws/config file
* @returns {string} The string between [default] and the next [...] header, if exists.
* Otherwise returns empty string
*/
function getDefaultSectionString(filecontents) {
// Collect all lines below the [default] header ...
let defaultSection = filecontents.split(/\[default\]/)[1]
if (typeof defaultSection !== 'string' || !defaultSection.trim()) {
// default section is non-existent
return ''
}
// ... but above the next [...] header (if any)
defaultSection = defaultSection.split(/\[[^\]]*\]/)[0]
return defaultSection
}
// TODO refactor
// TODO split up into better functions, for amazon, google inferrer
// TODO error handling & meaningful stdout
// TODO tests
/**
* @description Extracts aws_access_key_id and aws_secret_access_key fields from a given .aws/credentials file
* @param {string} filecontents File contents of .aws/credentials
* @returns {
* default: {
* aws_access_key_id?: string,
* aws_secret_access_key?: string,
* aws_region?: string
* }}
*/
function parseAwsCredentialsOrConfigFile(filecontents) {
/* filecontents looks something like this:
[default]
region=us-west-2
output=json
[profile user1]
region=us-east-1
output=text
See: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html
*/
const fields = {
default: {},
}
try {
const defaultSectionString = getDefaultSectionString(filecontents)
if (!defaultSectionString || !defaultSectionString.trim()) {
return fields
}
// we found something
const defaultSectionLines = defaultSectionString.split('\n') // TODO split by os-specific newline
// Try to extract aws_access_key_id
if (defaultSectionLines.some((l) => /aws_access_key_id/.test(l))) {
const awsAccessKeyIdLine = defaultSectionLines.filter((l) => /aws_access_key_id/.test(l))[0]
let awsAccessKeyId = awsAccessKeyIdLine.split('=')[1]
if (typeof awsAccessKeyId === 'string') { // don't crash on weird invalid lines such 'aws_access_key_id=' or 'aws_access_key_id'
awsAccessKeyId = awsAccessKeyId.trim()
fields.default.aws_access_key_id = awsAccessKeyId
}
}
// Try to extract aws_secret_access_key
if (defaultSectionLines.some((l) => /aws_secret_access_key/.test(l))) {
const awsSecretAccessKeyLine = defaultSectionLines.filter((l) => /aws_secret_access_key/.test(l))[0]
let awsSecretAccessKey = awsSecretAccessKeyLine.split('=')[1]
if (typeof awsSecretAccessKey === 'string') {
awsSecretAccessKey = awsSecretAccessKey.trim()
fields.default.aws_secret_access_key = awsSecretAccessKey
}
}
// Try to extract region
if (defaultSectionLines.some((l) => /region/.test(l))) {
const regionLine = defaultSectionLines.filter((l) => /region/.test(l))[0]
let region = regionLine.split('=')[1]
if (typeof region === 'string') {
region = region.trim()
fields.default.region = region
}
}
return fields
//
} catch (e) {
// console.log(e)
// non-critical, just return what we have so far
return fields
}
}
/**
* Just creates an empty hyperform.json
* @param {string} absdir
*/
function initDumb(absdir, platform) {
let json
if (platform === 'amazon') {
json = {
amazon: {
aws_access_key_id: '',
aws_secret_access_key: '',
aws_region: '',
},
}
} else if (platform === 'google') {
json = {
google: {
gc_project: '',
gc_region: '',
},
}
} else {
throw new Error(`platform must be google or amazon but is ${platform}`)
}
// append 'hyperform.json' to .gitignore
// (or create .gitignore if it does not exist yet)
fs.appendFileSync(
path.join(absdir, '.gitignore'),
`${EOL}hyperform.json`,
)
// write results to hyperform.json
fs.writeFileSync(
path.join(absdir, 'hyperform.json'),
JSON.stringify(json, null, 2),
)
log('✓ Created `hyperform.json` ') //
log('✓ Added `hyperform.json` to `.gitignore`') //
}
// TODO shorten
/**
* @description Tries to infer AWS credentials and config, and creates a hyperform.json in "absdir" with what it could infer. If hyperform.json already exists in "absdir" it just prints a message.
* @param {string} absdir The directory where 'hyperform.json' should be created
* @returns {{
* amazon: {
* aws_access_key_id: string?,
* aws_secret_access_key: string?,
* aws_region: string?
* }
* }}
*/
function init(absdir) {
const hyperformJsonContents = {
amazon: {
aws_access_key_id: '',
aws_secret_access_key: '',
aws_region: '',
},
google: {
gc_project: '',
gc_region: '',
},
}
const filedest = path.join(absdir, 'hyperform.json')
if (fs.existsSync(filedest)) {
log('hyperform.json exists already.')
return
}
// try to infer AWS credentials
// AWS CLI uses this precedence:
// (1 - highest precedence) Environment variables AWS_ACCESS_KEY_ID, ...
// (2) .aws/credentials and .aws/config
// Hence, do the same here
// First, start with (2)
// Check ~/.aws/credentials and ~/.aws/config
const possibleCredentialsPath = path.join(os.homedir(), '.aws', 'credentials')
if (fs.existsSync(possibleCredentialsPath) === true) {
const credentialsFileContents = fs.readFileSync(possibleCredentialsPath, { encoding: 'utf-8' })
// TODO offer selection to user when there are multiple profiles
const parsedCredentials = parseAwsCredentialsOrConfigFile(credentialsFileContents)
hyperformJsonContents.amazon.aws_access_key_id = parsedCredentials.default.aws_access_key_id
hyperformJsonContents.amazon.aws_secret_access_key = parsedCredentials.default.aws_secret_access_key
logdev(`Inferred AWS credentials from ${possibleCredentialsPath}`)
} else {
logdev(`Could not guess AWS credentials. No AWS credentials file found in ${possibleCredentialsPath}`)
}
/// /////////////////
/// /////////////////
// try to infer AWS region
const possibleConfigPath = path.join(os.homedir(), '.aws', 'config')
if (fs.existsSync(possibleConfigPath) === true) {
const configFileContents = fs.readFileSync(possibleConfigPath, { encoding: 'utf-8' })
const parsedConfig = parseAwsCredentialsOrConfigFile(configFileContents)
hyperformJsonContents.amazon.aws_region = parsedConfig.default.region
logdev(`Inferred AWS region from ${possibleConfigPath}`)
} else {
logdev(`Could not guess AWS region. No AWS config file found in ${possibleConfigPath}`) // TODO region will not be a single region, but smartly multiple ones (or?)
}
// Then, do (1), possibly overriding values
// Check environment variables
if (typeof process.env.AWS_ACCESS_KEY_ID === 'string' && process.env.AWS_ACCESS_KEY_ID.trim().length > 0) {
hyperformJsonContents.amazon.aws_access_key_id = process.env.AWS_ACCESS_KEY_ID.trim()
logdev('Environment variable AWS_ACCESS_KEY_ID set, overriding value from credentials file')
}
if (typeof process.env.AWS_SECRET_ACCESS_KEY === 'string' && process.env.AWS_SECRET_ACCESS_KEY.trim().length > 0) {
hyperformJsonContents.amazon.aws_secret_access_key = process.env.AWS_SECRET_ACCESS_KEY.trim()
logdev('Environment variable AWS_SECRET_ACCESS_KEY set, overriding value from credentials file')
}
if (typeof process.env.AWS_REGION === 'string' && process.env.AWS_REGION.trim().length > 0) {
hyperformJsonContents.amazon.aws_region = process.env.AWS_REGION.trim()
logdev('Environment variable AWS_REGION set, overriding value from config file')
}
// append 'hyperform.json' to .gitignore
// (or create .gitignore if it does not exist yet)
fs.appendFileSync(
path.join(absdir, '.gitignore'),
`${EOL}hyperform.json`,
)
// write results to hyperform.json
fs.writeFileSync(
path.join(absdir, 'hyperform.json'),
JSON.stringify(hyperformJsonContents, null, 2),
)
log('✓ Inferred AWS credentials (\'default\' Profile)') // TODO ask for defaults guide through in init
log('✓ Created hyperform.json') // TODO ask for defaults guide through in init
}
module.exports = {
init,
initDumb,
_only_for_testing_getDefaultSectionString: getDefaultSectionString,
_only_for_testing_parseAwsCredentialsOrConfigFile: parseAwsCredentialsOrConfigFile,
}