aws_keychain 0.0.2

data/LICENSE.txt

@@ -0,0 +1,20 @@
+Copyright (c) 2012 Ryan J. Geyer
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,60 @@
+= aws_keychain
+
+Stores AWS Creds and can be used to spit those creds out into useful file formats for AWS CLI tools
+
+{<img src="https://travis-ci.org/rgeyer/aws_keychain.png" />}[https://travis-ci.org/rgeyer/aws_keychain]
+
+== Usage
+
+Requires a JSON input file in the following format
+
+  {
+    "cred-name": {
+      "key": "AWS Access Key",
+      "secret": "AWS Access Key Secret
+    }
+  }
+
+Each cred hash can contain additional information beyond "key" and "secret" but those two are required.
+
+Check out aws_keychain --help for specifics
+
+== Plugins
+
+Currently the aws_keychain includes two plugins.
+
+=== IAM Plugin
+
+The IAM plugin will output the key and secret in the format required for an IAM credential file if you're using the IAM Cli tools.
+
+Example
+
+  aws_keychain --keychain=/path/to/my/keychain.json --action=iam-show --output=~/iamcreds --keyname=key1
+
+
+The above example will create an IAM Credential file at ~/iamcreds with the AWS key and secret found in "key1" of "keychain.json"
+
+=== JSON Plugin
+
+The JSON plugin will usually be used simply to view the key and secret, or to consume the JSON result with another commandline tool.
+
+Example
+
+  aws_keychain --keychain=/path/to/my/keychain.json --action=json-show --keyname=key1
+
+
+The above example will print JSON to STDOUT representing the key "key1" found in "keychain.json".  This will include all values that are part of the hash in the keychain.json file.  I.E. Possibly more than just "key" and "secret"
+
+== Testing
+
+Currently, aws_keychain is bundled with plugins (see "Plugins" above).  The tests make the assumption that the json plugin is available when testing the aws_keychain binary.  This may change later
+
+== TODO
+
+* Validation of keychain data
+* Maybe some encryption or protection?
+* Figure out a better plugin scheme which allows them to be distributed via rubygems.
+
+== Copyright
+
+Copyright (c) 2012 Ryan J. Geyer. See LICENSE.txt for further details.

data/bin/aws_keychain

@@ -0,0 +1,97 @@
+#!/usr/bin/env ruby
+
+# Copyright (c) 2012 Ryan J. Geyer
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+require 'trollop'
+require 'logger'
+require File.expand_path(File.join(File.dirname(__FILE__), '..', 'lib', 'aws_keychain'))
+
+opts = Trollop::options do
+  banner = "Stores AWS Creds and can be used to spit those creds out into useful file formats for AWS CLI tools"
+
+  opt :keychain, "A full or relative path to your keychain file", :type => :string, :default => "aws_keychain.json"
+  opt :keyname, "The name of a key to perform an action with", :type => :string
+  opt :action, "The name of the action to perform.  See --list_actions for a list of available actions", :type => :string
+  opt :output, "A full or relative path to a target file for the output", :type => :string
+  opt :list_actions, "List the available actions to perform on a key"
+  opt :list_keys, "Lists all of the available credentials in the keychain"
+  opt :quiet, "Removes any ancillary output and provides only the output of the action"
+end
+
+class SilentLogger
+  def method_missing(sym, *args, &block)
+    # Do nothing..
+  end
+end
+
+log = opts[:quiet] ? SilentLogger.new() : Logger.new(STDOUT)
+
+plugins = {}
+actions = []
+AwsKeychain::Plugin.constants.each do |plugin_class|
+  plugin_class = AwsKeychain::Plugin.const_get(plugin_class)
+  plugin = plugin_class.new(opts)
+  plugins[plugin.short_name] = plugin
+
+  plugin.actions.each do |action|
+    actions << "#{plugin.short_name}-#{action}"
+  end
+end
+
+if opts[:list_actions]
+  log.info "All available actions listed below"
+  puts actions
+end
+
+# This stuff requires a valid keychain file
+if opts[:action] || opts[:list_keys]
+  keychain = AwsKeychain::Keychain.new(:keychain_file => opts[:keychain])
+
+  if opts[:action]
+    matches = /^([\w]*)-(.*)$/.match(opts[:action])
+    unless actions.include?(opts[:action]) && matches && matches.length == 3
+      log.fatal "The action #{opts[:action]} is invalid, try one of the following #{actions}"
+      exit 1
+    end
+
+    # TODO: Validate that the key exists
+    key = keychain[opts[:keyname]]
+
+    dyn_method = plugins[matches[1]].method(matches[2])
+    dyn_method.call(key) do |content|
+      if opts[:output]
+        File.open(opts[:output], 'w') do |file|
+          log.info("Writing the output of (#{opts[:action]}) to #{opts[:output]}")
+          file.write(content)
+        end
+      else
+        log.info("Action (#{opts[:action]}) produced the following output.")
+        puts content
+      end
+    end
+  end
+
+  if opts[:list_keys]
+    log.info "All available keys in the keychain listed below"
+    puts keychain.list
+  end
+end

data/lib/aws_keychain.rb

@@ -0,0 +1,24 @@
+# Copyright (c) 2012 Ryan J. Geyer
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+require File.expand_path(File.join(File.dirname(__FILE__), 'keychain'))
+glob_path = File.expand_path(File.join(File.dirname(__FILE__), 'plugins')) + '/**/*.rb'
+Dir.glob(glob_path, &method(:require))

data/lib/keychain.rb

@@ -0,0 +1,61 @@
+# Copyright (c) 2012 Ryan J. Geyer
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+require 'json'
+
+module AwsKeychain
+  class Keychain
+
+    attr_accessor :keychain
+
+    # Initializes a new keychain from the specified keychain file
+    #
+    # @param [Hash] options A hash of options for the class where the keys are one of
+    #   :keychain_file relative or absolute path to a json file containing the keychain data
+    #   :keychain_data a hash containing the keychain data where keys are the name of the credential
+    #     and values are a hash with any keys ("key" and "secret" are required keys)
+    def initialize(options={})
+      unless options.has_key?(:keychain_file) || options.has_key?(:keychain_data)
+        raise ArgumentError, 'Either a keychain_file or keychain_data is required to create a new keychain class'
+      end
+
+      @keychain = options[:keychain_data] || JSON.parse(IO.read(options[:keychain_file]))
+
+      # TODO: Validate that the hash is correct.
+    end
+
+    # Lists the names of all keys in the keychain
+    #
+    # @return [Array] The names of all keys in the keychain
+    def list
+      @keychain.keys
+    end
+
+    # Array operator override to access keys by their name
+    #
+    # @param [String] key The string name of the key to return
+    # @return [Hash] The desired hash
+    def [](key)
+      @keychain[key]
+    end
+
+  end
+end

data/lib/plugins/iam/aws_keychain_plugin_iam.rb

@@ -0,0 +1,45 @@
+# Copyright (c) 2012 Ryan J. Geyer
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+module AwsKeychain
+  module Plugin
+    class Iam
+      def initialize(options={})
+
+      end
+
+      def actions
+        ["show"]
+      end
+
+      def short_name
+        "iam"
+      end
+
+      def show(key, &block)
+        yield <<EOF
+AWSAccessKeyId=#{key['key']}
+AWSSecretKey=#{key['secret']}
+EOF
+      end
+    end
+  end
+end

data/lib/plugins/json/aws_keychain_plugin_json.rb

@@ -0,0 +1,44 @@
+# Copyright (c) 2012 Ryan J. Geyer
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+require 'json'
+
+module AwsKeychain
+  module Plugin
+    class Json
+      def initialize(options={})
+
+      end
+
+      def actions
+        ["show"]
+      end
+
+      def short_name
+        "json"
+      end
+
+      def show(key, &block)
+        yield JSON.pretty_generate(key)
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,93 @@
+--- !ruby/object:Gem::Specification
+name: aws_keychain
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+  prerelease: 
+platform: ruby
+authors:
+- Ryan J. Geyer
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-11-19 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: trollop
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.16'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.16'
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.7'
+description: Stores AWS Creds and can be used to spit those creds out into useful
+  file formats for AWS CLI tools
+email: me@ryangeyer.com
+executables:
+- aws_keychain
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/aws_keychain.rb
+- lib/keychain.rb
+- lib/plugins/iam/aws_keychain_plugin_iam.rb
+- lib/plugins/json/aws_keychain_plugin_json.rb
+- bin/aws_keychain
+- LICENSE.txt
+- README.rdoc
+homepage: https://github.com/rgeyer/aws_keychain
+licenses:
+- MIT
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: 2110839313982916612
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: 2110839313982916612
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.23
+signing_key: 
+specification_version: 3
+summary: Stores AWS Creds and can be used to spit those creds out into useful file
+  formats for AWS CLI tools
+test_files: []