Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove vendored dependencies, upgrade to aws-sdk-go-v2 #23

Merged
merged 2 commits into from
Mar 14, 2023
Merged

Remove vendored dependencies, upgrade to aws-sdk-go-v2 #23

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
d0b7cb0
Switch dependency mgmt to go modules, upgrade to aws-sdk-go-v2
gl-johnson Mar 6, 2023
b7cb666
Add e2e test
gl-johnson Mar 9, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
1 change: 0 additions & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ pkg
junit.xml
summon-aws
*.sublime-project
secrets.yml

# Compiled Object files, Static and Dynamic libs (Shared Objects)
*.o
Expand Down
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.

## [Unreleased]

### Security
- Switch to go modules (remove vendored dependencies), upgrade to aws-sdk-go-v2.
[cyberark/summon-s3#23](https://github.com/cyberark/summon-s3/pull/23)

## [0.2.0] - 2017-11-22
### Added
- Added alpine linux binary distribution
Expand Down
26 changes: 0 additions & 26 deletions Gopkg.lock
View file
Open in desktop

This file was deleted.

2 changes: 0 additions & 2 deletions Gopkg.toml
View file
Open in desktop

This file was deleted.

4 changes: 4 additions & 0 deletions Jenkinsfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,10 @@ pipeline {
}
}

stage('Test') {
steps { sh 'summon ./e2e_test.sh' }
}

stage('Package') {
steps {
sh './package.sh'
Expand Down
4 changes: 2 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ printenv MONGOPASS

## Configuration

summon-s3 uses the [official AWS Go SDK](https://github.com/aws/aws-sdk-go). It will use
the credentials file or environment variables [as they explain](https://github.com/aws/aws-sdk-go#configuring-credentials).
summon-s3 uses the [official AWS Go SDK (V2)](https://github.com/aws/aws-sdk-go-v2). It will use
the credentials file or environment variables [as they explain](https://aws.github.io/aws-sdk-go-v2/docs/configuring-sdk/#specifying-credentials).

## Contributing

Expand Down
20 changes: 12 additions & 8 deletions build.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#!/bin/bash

APP='summon-s3'
APPDIR='/go/src/summon-s3'
PKGDIR='pkg'
OSES=(
'darwin'
Expand All @@ -14,18 +14,22 @@ for GOOS in "${OSES[@]}"; do
echo "-----"

docker run --rm \
-v "$PWD:/go/src/$APP" -w "/go/src/$APP" \
--entrypoint=/bin/sh \
-v "$PWD:$APPDIR" -w "$APPDIR" \
-e "GOOS=$GOOS" -e "GOARCH=$GOARCH" \
golang:1.9 \
go build -v -o "$PKGDIR/$GOOS/summon-s3"
golang:1.19 -c "
git config --global --add safe.directory \"$APPDIR\" &&
go build -v -o \"$PKGDIR/$GOOS/summon-s3\""
done

echo "Building linux-alpine binary"
echo "-----"

docker run --rm \
-v "$PWD:/go/src/$APP" -w "/go/src/$APP" \
--entrypoint=/bin/sh \
-v "$PWD:$APPDIR" -w "$APPDIR" \
-e "GOOS=linux" -e "GOARCH=$GOARCH" \
golang:1.9-alpine \
go build -v -o "$PKGDIR/linux-alpine/summon-s3"

golang:1.19-alpine -c "
apk add --no-cache git &&
git config --global --add safe.directory \"$APPDIR\" &&
go build -v -o \"$PKGDIR/linux-alpine/summon-s3\""
62 changes: 62 additions & 0 deletions e2e_test.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
#!/bin/bash -e

# Run this script using summon
# summon --provider summon-conjur ./e2e_test.sh

REQUIRED_VARS=(AWS_REGION AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY)
SUMMON_DIR=summon-"$(uuidgen | tr "[:upper:]" "[:lower:]" | head -c 12 | tr -d -)"
export AWS_BUCKET="summon-s3-ci"
export AWS_ARTIFACT="ci-secret.txt"

function finish {
rm -rf $SUMMON_DIR
}

trap finish EXIT

function main {
check_required_vars
build_summon_image
test_output "test secret"
}

function check_required_vars {
for var in "${REQUIRED_VARS[@]}"; do
if [[ -z "${!var}" ]]; then
echo "$var is not set"
exit 1
fi
done
}

function build_summon_image {
git clone "https://github.com/cyberark/summon.git" $SUMMON_DIR
pushd $SUMMON_DIR > /dev/null
docker build . -t test-summon
popd > /dev/null
}

# Helper function to build and run the Docker container
function test_output {
local expected_output="$1"
local output=$(docker run --rm \
--entrypoint=/bin/sh \
-v "$PWD":/summon-s3-src -w /summon-s3-src \
-e AWS_REGION -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e AWS_BUCKET -e AWS_ARTIFACT \
test-summon -c "
./$SUMMON_DIR/install.sh > /dev/null && \
summon --provider ./pkg/linux/summon-s3 \
--yaml \"TEST_CRED: !var $AWS_BUCKET/$AWS_ARTIFACT\" \
printenv TEST_CRED") || true

if [ "$output" == "$expected_output" ] && [ $? -eq 0 ]; then
echo "Test passed"
exit 0
else
echo "Test failed"
echo "Expected output to equal: '$expected_output'. Actual output: $output"
exit 1
fi
}

main
27 changes: 27 additions & 0 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
module github.com/cyberark/summon-s3

go 1.19

require (
github.com/aws/aws-sdk-go-v2/config v1.18.15
github.com/aws/aws-sdk-go-v2/service/s3 v1.30.5
)

require (
github.com/aws/aws-sdk-go-v2 v1.17.5 // indirect
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.10 // indirect
github.com/aws/aws-sdk-go-v2/credentials v1.13.15 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.23 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.29 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.23 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.30 // indirect
github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.21 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.11 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.24 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.23 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.13.23 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.12.4 // indirect
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.4 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.18.5 // indirect
github.com/aws/smithy-go v1.13.5 // indirect
)
45 changes: 45 additions & 0 deletions go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
github.com/aws/aws-sdk-go-v2 v1.17.5 h1:TzCUW1Nq4H8Xscph5M/skINUitxM5UBAyvm2s7XBzL4=
github.com/aws/aws-sdk-go-v2 v1.17.5/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw=
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.10 h1:dK82zF6kkPeCo8J1e+tGx4JdvDIQzj7ygIoLg8WMuGs=
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.10/go.mod h1:VeTZetY5KRJLuD/7fkQXMU6Mw7H5m/KP2J5Iy9osMno=
github.com/aws/aws-sdk-go-v2/config v1.18.15 h1:509yMO0pJUGUugBP2H9FOFyV+7Mz7sRR+snfDN5W4NY=
github.com/aws/aws-sdk-go-v2/config v1.18.15/go.mod h1:vS0tddZqpE8cD9CyW0/kITHF5Bq2QasW9Y1DFHD//O0=
github.com/aws/aws-sdk-go-v2/credentials v1.13.15 h1:0rZQIi6deJFjOEgHI9HI2eZcLPPEGQPictX66oRFLL8=
github.com/aws/aws-sdk-go-v2/credentials v1.13.15/go.mod h1:vRMLMD3/rXU+o6j2MW5YefrGMBmdTvkLLGqFwMLBHQc=
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.23 h1:Kbiv9PGnQfG/imNI4L/heyUXvzKmcWSBeDvkrQz5pFc=
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.23/go.mod h1:mOtmAg65GT1HIL/HT/PynwPbS+UG0BgCZ6vhkPqnxWo=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.29 h1:9/aKwwus0TQxppPXFmf010DFrE+ssSbzroLVYINA+xE=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.29/go.mod h1:Dip3sIGv485+xerzVv24emnjX5Sg88utCL8fwGmCeWg=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.23 h1:b/Vn141DBuLVgXbhRWIrl9g+ww7G+ScV5SzniWR13jQ=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.23/go.mod h1:mr6c4cHC+S/MMkrjtSlG4QA36kOznDep+0fga5L/fGQ=
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.30 h1:IVx9L7YFhpPq0tTnGo8u8TpluFu7nAn9X3sUDMb11c0=
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.30/go.mod h1:vsbq62AOBwQ1LJ/GWKFxX8beUEYeRp/Agitrxee2/qM=
github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.21 h1:QdxdY43AiwsqG/VAqHA7bIVSm3rKr8/p9i05ydA0/RM=
github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.21/go.mod h1:QtIEat7ksHH8nFItljyvMI0dGj8lipK2XZ4PhNihTEU=
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.11 h1:y2+VQzC6Zh2ojtV2LoC0MNwHWc6qXv/j2vrQtlftkdA=
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.11/go.mod h1:iV4q2hsqtNECrfmlXyord9u4zyuFEJX9eLgLpSPzWA8=
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.24 h1:Qmm8klpAdkuN3/rPrIMa/hZQ1z93WMBPjOzdAsbSnlo=
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.24/go.mod h1:QelGeWBVRh9PbbXsfXKTFlU9FjT6W2yP+dW5jMQzOkg=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.23 h1:QoOybhwRfciWUBbZ0gp9S7XaDnCuSTeK/fySB99V1ls=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.23/go.mod h1:9uPh+Hrz2Vn6oMnQYiUi/zbh3ovbnQk19YKINkQny44=
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.13.23 h1:qc+RW0WWZ2KApMnsu/EVCPqLTyIH55uc7YQq7mq4XqE=
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.13.23/go.mod h1:FJhZWVWBCcgAF8jbep7pxQ1QUsjzTwa9tvEXGw2TDRo=
github.com/aws/aws-sdk-go-v2/service/s3 v1.30.5 h1:kFfb+NMap4R7nDvBYyABa/nw7KFMtAfygD1Hyoxh4uE=
github.com/aws/aws-sdk-go-v2/service/s3 v1.30.5/go.mod h1:Dze3kNt4T+Dgb8YCfuIFSBLmE6hadKNxqfdF0Xmqz1I=
github.com/aws/aws-sdk-go-v2/service/sso v1.12.4 h1:qJdM48OOLl1FBSzI7ZrA1ZfLwOyCYqkXV5lko1hYDBw=
github.com/aws/aws-sdk-go-v2/service/sso v1.12.4/go.mod h1:jtLIhd+V+lft6ktxpItycqHqiVXrPIRjWIsFIlzMriw=
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.4 h1:YRkWXQveFb0tFC0TLktmmhGsOcCgLwvq88MC2al47AA=
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.4/go.mod h1:zVwRrfdSmbRZWkUkWjOItY7SOalnFnq/Yg2LVPqDjwc=
github.com/aws/aws-sdk-go-v2/service/sts v1.18.5 h1:L1600eLr0YvTT7gNh3Ni24yGI7NSHkq9Gp62vijPRCs=
github.com/aws/aws-sdk-go-v2/service/sts v1.18.5/go.mod h1:1mKZHLLpDMHTNSYPJ7qrcnCQdHCWsNQaT0xRvq2u80s=
github.com/aws/smithy-go v1.13.5 h1:hgz0X/DX0dGqTYpGALqXJoRKRj5oQ7150i5FdTePzO8=
github.com/aws/smithy-go v1.13.5/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
60 changes: 21 additions & 39 deletions main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,32 +1,15 @@
package main

import (
"context"
"fmt"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/service/s3"
"github.com/aws/aws-sdk-go/aws/session"
"io/ioutil"
"io"
"os"
"strings"
)

func handlePotentialError(err error, variableName string) {
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
var errMessage string
// A service error occurred
if reqErr, ok := err.(awserr.RequestFailure); ok {
errMessage = fmt.Sprintf("%v %v %v", reqErr.StatusCode(), reqErr.Message(), variableName)
} else {
errMessage = fmt.Sprintf("%v %v", awsErr.Code(), awsErr.Message())
}
printAndExit(errMessage)
} else {
printAndExit(err.Error())
}
}
}
"github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/service/s3"
)

func main() {
if len(os.Args) != 2 {
Expand All @@ -36,34 +19,33 @@ func main() {
bucketName := strings.Split(variableName, "/")[0]
keyName := strings.Join(strings.Split(variableName, "/")[1:], "/")

sess := session.Must(session.NewSessionWithOptions(session.Options{
SharedConfigState: session.SharedConfigEnable,
}))

if sess == nil {
sess := session.Must(session.NewSession())
_ = sess
cfg, err := config.LoadDefaultConfig(context.Background())
if err != nil {
printAndExit(fmt.Sprintf("%v %v", err.Error(), variableName))
}

svc := s3.New(sess)
svc := s3.NewFromConfig(cfg)

// make sure bucket exists
params := &s3.HeadBucketInput{
Bucket: aws.String(bucketName),
_, err = svc.HeadBucket(context.TODO(), &s3.HeadBucketInput{
Bucket: &bucketName,
})
if err != nil {
printAndExit(fmt.Sprintf("%v %v", err.Error(), variableName))
}
_, err := svc.HeadBucket(params)
handlePotentialError(err, variableName)

getParams := &s3.GetObjectInput{
Bucket: aws.String(bucketName),
Key: aws.String(keyName),
Bucket: &bucketName,
Key: &keyName,
}

resp, err := svc.GetObject(getParams)
handlePotentialError(err, variableName)
resp, err := svc.GetObject(context.Background(), getParams)
if err != nil {
printAndExit(fmt.Sprintf("%v %v", err.Error(), variableName))
}

defer resp.Body.Close()
contents, err := ioutil.ReadAll(resp.Body)
contents, err := io.ReadAll(resp.Body)
if err != nil {
printAndExit(err.Error())
}
Expand Down
3 changes: 3 additions & 0 deletions secrets.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
AWS_REGION: !var dev/aws/iam/users/sys_powerful/region
AWS_ACCESS_KEY_ID: !var dev/aws/iam/users/sys_powerful/access_key_id
AWS_SECRET_ACCESS_KEY: !var dev/aws/iam/users/sys_powerful/secret_access_key
14 changes: 0 additions & 14 deletions vendor/github.com/aws/aws-sdk-go/.github/ISSUE_TEMPLATE.md
View file
Open in desktop

This file was deleted.

3 changes: 0 additions & 3 deletions vendor/github.com/aws/aws-sdk-go/.github/PULL_REQUEST_TEMPLATE.md
View file
Open in desktop

This file was deleted.

11 changes: 0 additions & 11 deletions vendor/github.com/aws/aws-sdk-go/.gitignore
View file
Open in desktop

This file was deleted.

14 changes: 0 additions & 14 deletions vendor/github.com/aws/aws-sdk-go/.godoc_config
View file
Open in desktop

This file was deleted.