Initial v4 commit

.gitignore

@@ -1,3 +1,6 @@
+# misc
+*.local
+
 # Byte-compiled / optimized / DLL files
 __pycache__/
 *.py[cod]
@@ -109,7 +112,7 @@ Pipfile.lock
 # mypy
 .mypy_cache/
 
-# vscode 
+# vscode
 .vscode
 
 # sandbox files

MANIFEST.in

@@ -1 +1,3 @@
-include package.json
+include readme.md
+include fastentrypoints.py
+include autocomplete.py

Pipfile

@@ -1,20 +1,22 @@
 [[source]]
-url = "https://pypi.python.org/simple"
-verify_ssl = true
 name = "pypi"
+url = "https://pypi.org/simple"
+verify_ssl = true
 
 [dev-packages]
 twine = "*"
+pylint = "*"
+botostubs = "*"
 
 [packages]
-pytest = "*"
-pytest-cov = "*"
-mock = "*"
-python-dateutil = "*"
-"boto3" = "*"
+pluggy = "*"
+boto3 = "*"
+awsume = {editable = true,path = "."}
 psutil = "*"
-yapsy = "*"
-future = "*"
-pylint = "*"
 colorama = "*"
-awsume = {editable = true,path = "."}
+
+[scripts]
+test = "pytest"
+build = "python setup.py sdist"
+deploy-test = "twine upload -r test dist/*"
+deploy-pypi = "twine upload -r pypi dist/*"

README.md

@@ -1,131 +1,3 @@
 # AWSume: AWS Assume Made Awesome
 
-Utility for easily assuming AWS IAM roles from the command line, now in Python!
-
-## What is AWSume?
-
-AWSume is a cross-platform (Mac, Linux, Windows) command-line tool that makes assuming AWS roles and setting user credentials from the AWS CLI easy! It works by scanning your `.aws/config` and `.aws/credentials` files for the profile you give it, making AWS calls to get that profile's credentials, and exporting those credentials to your shell's environment variables. Then, any AWS CLI calls you make in that shell will be under the profile you gave AWSume.
-
-## Installation
-
-### Pip Installation
-
-AWSume has been conveniently wrapped into a Python package and installable with just one simple command:
-
-``` bash
-pip install awsume
-```
-
-The installer places the python and shell scripts into your python directory. If you're using `Bash` or `Zsh`, the installer will add an alias definition (sources awsume when it's called) to their resource control file, either `.bash_alias`, `.bashrc`, `.bash_profile`, or `.zshrc`. When uninstalling AWSume, the alias definition will not be removed.
-
-Once you have AWSume installed, you're ready to set up AWSume!
-
-#### Console Plugin installation
-
-Once you've installed AWSume, you can install the console plugin with:
-
-``` bash
-awsume --install-plugin https://raw.githubusercontent.com/trek10inc/awsume/master/examplePlugin/console.py https://raw.githubusercontent.com/trek10inc/awsume/master/examplePlugin/console.yapsy-plugin
-```
-
-## Setup
-
-### Configuring Using The AWS CLI
-
-`aws configure set <key> <value> --profile <profile_name>`
-
-Where:
-
-- `key` is what you would like to set within the `config`/`credentials` file, such as:
-  - `aws_access_key_id`, `aws_secret_access_key`, `region`, `output`, `mfa_serial`, `role_arn`, or `source_profile`
-- `value` is the value you'd like to set the `key` to
-- `profile_name` is the name of the profile you are creating
-  - `profile_name` is what you will pass into AWSume
-
-### Configuring Manually
-
-Add profiles to
-
-`~/.aws/config` (for macOS / Linux)
-
-`%userprofile%\.aws\config` (for Windows)
-
-#### ~/.aws/config
-
-``` ini
-[default]
-region = us-east-1
-[profile internal-admin]
-role_arn = arn:aws:iam::<your aws account id>:role/admin-role
-source_profile = joel
-region = us-east-1
-[profile client1-admin]
-role_arn = arn:aws:iam::<client #1 account id>:role/admin-role
-mfa_serial = arn:aws:iam::<your aws account id>:mfa/joel
-source_profile = joel
-region = us-west-2
-[profile client2-admin]
-role_arn = arn:aws:iam::<client #2 account id>:role/admin-role
-mfa_serial = arn:aws:iam::<your aws account id>:mfa/joel
-source_profile = joel
-region = us-east-1
-```
-
-Add credentials to
-
-`~/.aws/credentials` (for macOS / Linux)
-
-`%userprofile%\.aws\credentials` (for Windows)
-
-#### ~/.aws/credentials
-
-``` ini
-[default]
-aws_access_key_id = AKIAIOIEUFSN9EXAMPLE
-aws_secret_access_key = wJalrXIneUATF/K7MDENG/jeuFHEnfEXAMPLEKEY
-[joel]
-aws_access_key_id = AKIAIOSFODNN7EXAMPLE
-aws_secret_access_key = wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
-```
-
-### Plugins
-
-AWSume is now extensible. It now comes with a built-in plugin manager! To get started developing plugins, check out our [plugin documentation](https://github.com/trek10inc/awsume/wiki/Plugins).
-
-#### AWSume Console Plugin
-
-To demonstrate the plugin manager, we've extended the functionality of AWSume through the AWSume Console plugin. This plugin will open the AWS console to the assumed role. Read about it [here](https://github.com/trek10inc/awsume/blob/master/examplePlugin/console.md)
-
-### Example Usages
-
-`awsume client1-source-profile`
-Exports `client1-source-profile` credentials into current shell, will ask for MFA if needed
-
-`awsume client1-source-profile -n`
-Exports `client1-source-profile` credentials into current shell, will usually not ask for MFA, but it will if `client1-source-profile` is a role profile instead of a source profile, and requires MFA
-
-`awsume client1-admin`
-Exports `client1-admin` credentials into current shell, will ask for MFA if needed
-
-`awsume`
-Exports the default profile's credentials into current shell, will ask for MFA if needed
-
-`awsume -d`
-Exports the default profile's credentials into current shell, will ask for MFA if needed
-
-`awsume client1-admin -s`
-Outputs export commands to shell, useful if you want to copy / paste into some other shell, will ask for MFA if needed
-
-`awsume client1-admin -r`
-Delete cached credentials and refresh, will always prompt for MFA.
-
-`awsume client1-admin -a`
-Exports auto-refresh profile to shell's `AWS_DEFAULT_PROFILE` and `AWS_PROFILE` environment variables, creates a profile in the `.aws/credentials` file called `auto-refresh-client1-admin` that contains profile's role credentials, and spawns a background process to auto-refresh those role credentials when they expire, for as long as the role's source profile is valid.
-
-`awsume client1-admin -k`
-Removes the `auto-refresh-client1-admin` profile from the `.aws/credentials` file. If no more `auto-refresh-` profiles are left in the `.aws/credentials` file, the auto-refreshing background process will be killed.
-
-`awsume -k`
-Removes all `auto-refresh-` profiles from the `.aws/credentials` file, and kills the auto-refreshing background process.
-
-See our blog posts [AWSume](https://www.trek10.com/blog/awsume-aws-assume-made-awesome/) and [AWSume - Now in Python](https://www.trek10.com/blog/awsume-now-in-python/) for more details.
+Awsume v4 is a work in progress.

awsume/__data__.py

@@ -0,0 +1,10 @@
+version = '0.0.3'
+
+name = 'awsume'
+author = 'Trek10, Inc'
+author_email = 'package-management@trek10.com'
+description = 'Awsume - A cli that makes using AWS IAM credentials easy'
+license = 'MIT'
+homepage = 'https://github.com/trek10inc/awsume'
+
+message = 'Thank you for using AWSume! Check us out at https://trek10.com'

awsume/__init__.py

@@ -0,0 +1,12 @@
+from . import *
+from . import __data__
+from . awsumepy import safe_print
+
+__VERSION__ = __data__.version
+__NAME__ = __data__.name
+__AUTHOR__ = __data__.author
+__AUTHOR_EMAIL__ = __data__.author_email
+__DESCRIPTION__ = __data__.description
+__LICENSE__ = __data__.license
+__HOMEPAGE__ = __data__.homepage
+__MESSAGE__ = __data__.message

awsume/autoawsume/__init__.py

@@ -0,0 +1 @@
+from . import *

awsume/autoawsume/main.py

@@ -0,0 +1,42 @@
+import json
+import subprocess
+import configparser
+import time
+from datetime import datetime, timedelta
+
+from ..awsumepy.main import run_awsume
+from ..awsumepy.lib.aws_files import get_aws_files, delete_section
+
+
+def main():
+    _, credentials_file = get_aws_files(None, None)
+    while True:
+        credentials = configparser.ConfigParser()
+        credentials.read(credentials_file)
+        auto_profiles = {k: dict(v) for k, v in credentials._sections.items() if k.startswith('autoawsume-')}
+
+        expirations = []
+        for auto_profile_name, auto_profile in auto_profiles.items():
+            expiration = datetime.strptime(auto_profile['expiration'], '%Y-%m-%d %H:%M:%S')
+            source_expiration = datetime.strptime(auto_profile['source_expiration'], '%Y-%m-%d %H:%M:%S')
+
+            if expiration < datetime.now() and source_expiration < datetime.now():
+                print('Source credentials are expired, removing autoawsume profile')
+                delete_section(auto_profile_name, credentials_file)
+                continue
+
+            if expiration < datetime.now() + timedelta(minutes=5):
+                print('Refreshing {}'.format(auto_profile_name))
+                subprocess.run(auto_profile.get('awsumepy_command').split(' '), stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+                expirations.append(datetime.now() + timedelta(hours=1))
+            else:
+                expirations.append(expiration)
+
+        if not expirations:
+            break
+
+        earliest_expiration = min(expirations)
+        time_to_sleep = (earliest_expiration - datetime.now().replace(tzinfo=earliest_expiration.tzinfo)).total_seconds()
+
+        print('sleeping for {}'.format(time_to_sleep))
+        time.sleep(time_to_sleep)