-
Notifications
You must be signed in to change notification settings - Fork 24
/
config.go
90 lines (73 loc) · 2.67 KB
/
config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
package config
import (
"fmt"
"path/filepath"
"github.com/bigkevmcd/go-configparser"
)
// GetSSOConfig retrieves the SSO configuration for a given AWS profile
func GetSSOConfig(profile string, homedir string) (*SSOConfig, error) {
// parse the configuration file
p, err := configparser.NewConfigParserFromFile(filepath.Join(homedir, ".aws", "config"))
if err != nil {
return nil, err
}
// build a section name
var section string
if profile == "" || profile == "default" {
section = "default"
profile = "<default>"
} else {
section = fmt.Sprintf("profile %s", profile)
}
if !p.HasSection(section) {
return nil, fmt.Errorf("unable to find profile: %s", profile)
}
c := &SSOConfig{}
// Check if we have a sso-session section and merge SSO options from the sso-session and profile
// SSO options from the profile take precedence over the shared sso-session
// Any SSO option can be present in either sso-session or profile
ssoSession, err := p.Get(section, "sso_session")
if err == nil {
ssoSection := fmt.Sprintf("sso-session %s", ssoSession)
mergeSSOConfig(p, ssoSection, c)
// sso-session requires sso_start_url and sso_region
if c.Region == "" {
return nil, fmt.Errorf("no sso_region in sso-session %q", ssoSession)
}
if c.StartURL == "" {
return nil, fmt.Errorf("no sso_start_url in sso-session %q", ssoSession)
}
}
mergeSSOConfig(p, section, c)
// Validate the required SSO options
if c.Region == "" {
return nil, fmt.Errorf("no sso_region in profile %q and its sso_session", profile)
}
if c.StartURL == "" {
return nil, fmt.Errorf("no sso_start_url in profile %q and its sso_session", profile)
}
if c.AccountID == "" {
return nil, fmt.Errorf("no sso_account_id in profile %q or its sso_session", profile)
}
if c.RoleName == "" {
return nil, fmt.Errorf("no sso_role_name in profile %q or its sso_session", profile)
}
return c, nil
}
// mergeSSOConfig merges non-empty SSO options from the specified section (sso-session or profile) into the SSOConfig struct s overwriting the existing values
//
// TODO: Should be removed in favor of github.com/aws/aws-sdk-go-v2/config and github.com/aws/aws-sdk-go-v2/credentials
func mergeSSOConfig(p *configparser.ConfigParser, section string, s *SSOConfig) {
if accountID, err := p.Get(section, "sso_account_id"); err == nil && accountID != "" {
s.AccountID = accountID
}
if startURL, err := p.Get(section, "sso_start_url"); err == nil && startURL != "" {
s.StartURL = startURL
}
if region, err := p.Get(section, "sso_region"); err == nil && region != "" {
s.Region = region
}
if roleName, err := p.Get(section, "sso_role_name"); err == nil && roleName != "" {
s.RoleName = roleName
}
}