-
Notifications
You must be signed in to change notification settings - Fork 5
/
exec_unix.go
52 lines (42 loc) · 1.61 KB
/
exec_unix.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
// +build linux darwin
package cmd
import (
"context"
"fmt"
"os"
osexec "os/exec"
"syscall"
"github.com/aws/aws-sdk-go/service/sts"
"github.com/chanzuckerberg/aws-oidc/pkg/aws_config_client"
"github.com/pkg/errors"
)
func exec(ctx context.Context, command string, args []string, env []string) error {
argv0, err := osexec.LookPath(command)
if err != nil {
return errors.Wrap(err, "Error finding command")
}
argv := make([]string, 0, 1+len(args))
argv = append(argv, command)
argv = append(argv, args...)
// Only return if the execution fails.
return errors.Wrap(syscall.Exec(argv0, argv, env), "error executing command")
}
func getAWSEnvVars(assumeRoleOutput *sts.AssumeRoleWithWebIdentityOutput, awsOIDCConfig *aws_config_client.AWSOIDCConfiguration) []string {
// Load config profile values if those environment variables don't exist (lowest precedence)
envVars := []string{}
_, present := os.LookupEnv("AWS_DEFAULT_REGION")
if !present && (awsOIDCConfig.Region != nil) {
envVars = append(envVars, fmt.Sprintf("AWS_DEFAULT_REGION=%s", *awsOIDCConfig.Region))
}
_, present = os.LookupEnv("AWS_DEFAULT_OUTPUT")
if !present && (awsOIDCConfig.Output != nil) {
envVars = append(envVars, fmt.Sprintf("AWS_DEFAULT_OUTPUT=%s", *awsOIDCConfig.Output))
}
// Load assumeRoleOutput credentials
envVars = append(envVars,
fmt.Sprintf("AWS_ACCESS_KEY_ID=%s", string(*assumeRoleOutput.Credentials.AccessKeyId)),
fmt.Sprintf("AWS_SECRET_ACCESS_KEY=%s", string(*assumeRoleOutput.Credentials.SecretAccessKey)),
fmt.Sprintf("AWS_SESSION_TOKEN=%s", string(*assumeRoleOutput.Credentials.SessionToken)),
)
return envVars
}