-
Notifications
You must be signed in to change notification settings - Fork 6
/
init.go
130 lines (105 loc) · 2.85 KB
/
init.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
package stscreds
import (
"bufio"
"fmt"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/session"
"gopkg.in/ini.v1"
"os"
"strings"
)
type InitCommand struct {
Profile string
}
func (c *InitCommand) credentialsFile(path string) (*ini.File, error) {
_, err := os.Stat(path)
if os.IsNotExist(err) {
return ini.Empty(), nil
}
if err != nil {
return nil, err
}
return ini.Load(path)
}
func (c *InitCommand) writeFile(accessKey, secretKey, path string) error {
cfg, err := c.credentialsFile(path)
if err != nil {
return err
}
sec, _ := cfg.NewSection(c.Profile)
sec.NewKey("aws_access_key_id", accessKey)
sec.NewKey("aws_secret_access_key", secretKey)
f, err := os.OpenFile(path, os.O_WRONLY|os.O_TRUNC|os.O_CREATE, 0600)
if err != nil {
return err
}
w := bufio.NewWriter(f)
cfg.WriteTo(w)
w.Flush()
return nil
}
func warnOnEnvironmentVariables() {
if os.Getenv("AWS_ACCESS_KEY_ID") != "" {
fmt.Fprintf(os.Stderr, "warning: AWS_ACCESS_KEY_ID environment variable set, may override sts credentials initialised in ~/.aws/credentials.\nwarning: AWS_ACCESS_KEY_ID should probably be removed from your environment; check ~/.bash_profile etc.\n")
}
if os.Getenv("AWS_SECRET_ACCESS_KEY") != "" {
fmt.Fprintf(os.Stderr, "warning: AWS_SECRET_ACCESS_KEY environment variable set, may override sts credentials initialised in ~/.aws/credentials.\nwarning: AWS_SECRET_ACCESS_KEY should probably be removed from your environment; check ~/.bash_profile etc.\n")
}
}
type Keys struct {
AccessKey string
SecretKey string
}
func (k *Keys) Valid() (bool, error) {
sess := session.New(&aws.Config{Credentials: credentials.NewStaticCredentials(k.AccessKey, k.SecretKey, "")})
_, err := getUser(sess)
if err != nil {
return false, err
}
return true, nil
}
func readFromPrompt() (*Keys, error) {
reader := bufio.NewReader(os.Stdin)
fmt.Fprintf(os.Stderr, "AWS Access Key: ")
text, err := reader.ReadString('\n')
if err != nil {
return nil, err
}
accessKey := strings.Trim(text, " \r\n")
fmt.Fprintf(os.Stderr, "AWS Secret Access Key: ")
text, err = reader.ReadString('\n')
if err != nil {
return nil, err
}
secretKey := strings.Trim(text, " \r\n")
return &Keys{accessKey, secretKey}, nil
}
func readAWSKeys() (*Keys, error) {
keys, err := readFromPrompt()
if err != nil {
return nil, err
}
_, err = keys.Valid()
if err != nil {
return nil, err
}
return keys, err
}
func (cmd *InitCommand) Execute() error {
warnOnEnvironmentVariables()
creds, err := DefaultLimitedAccessCredentials(cmd.Profile)
if err != nil {
return err
}
keys, err := readAWSKeys()
if err != nil {
return fmt.Errorf("error with aws credentials: %s", err.Error())
}
err = creds.Initialise(keys)
if err != nil {
return err
}
fmt.Fprintf(os.Stderr, "Successfully wrote %s\n", creds.path)
return nil
}