aws_runas 0.4.2 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 354da6c78da53eb8386cfb4bd53251271e4f19c3
-  data.tar.gz: 39b6306ebfe1599e54abb61507d73a0a3e7b428e
+  metadata.gz: 9eeec3efe7aee175787d2ac5479086e7fed933ef
+  data.tar.gz: cf85fb2f0b0da64650789774d7b197d46b94a21d
 SHA512:
-  metadata.gz: 26d43b13c4c6f7b051f88a053da1ee80ab15b3bc6e9d854eecf9a3db8dc4b952f3dafd35c52e386e48083a8e9137b1fd17536f1532990b5f51e450e5411286e5
-  data.tar.gz: 416193ead9c704909597dd3ee6d94da7b02b0e1845f89a801309f0a764ee7db1a3f5b53ae5bd550826cb5faf796a0d9303980bf202a645d500ee6580fb5c749f
+  metadata.gz: 553fb10ff06a4aad52e00e44c5bb97a8dc2c14b23c4d36817162e129789105d8d6e8b4bb076c092e784167a6df343937adad70e3176760d3fb875184ebf8a62f
+  data.tar.gz: 11ec64975cc9e6396d32c2b58e60ec411d94d2c684093a5ada606ef288de810ab5672073c9d5ce361d5e3589ce7aba12977169fef16dff5f54545ca9b92d1675

data/CHANGELOG.md

@@ -1,3 +1,45 @@
+## v0.5.0
+
+### Zsh Support
+
+`zsh` is now supported for the fancy prompt. When using the shell, your
+existing profile data from `.zshrc` will be copied over into the temporary
+configuration.
+
+### Additional Functionality for Bash and Zsh
+
+2 additional functions are available for `bash` and `zsh` as well:
+
+ * `aws_session_expired`, which reads `AWS_SESSION_EXPIRATION_UNIX` (see below)
+   and compares this with the current Unix timestamp supplied by `date`. It
+   returns 0 on true and 1 on false, which can be used semantically in shell
+   scripts.
+ * `aws_session_status_color`, which works off of `aws_session_expired` to
+   render an ANSI numeric color code - red when `aws_session_expired` is `true`,
+   yellow otherwise.
+
+The prompts for `bash` and `zsh` now work off of these functions to render the
+right color. The prompt will go red when the session has expired.
+
+### Skip Fancy Interactive Prompt
+
+The default interactive prompt that you get when you run `aws-runas` with no
+command supplied can now by skipped by adding `--skip-prompt` to the CLI
+arguments. The profile functions mentioned above are still passed in. This
+allows you to leverage their functionality inside your own scripts and custom
+prompts if you want in other ways. 
+
+### Additional Variables
+
+Several environment variables have been added for more quality-of-life when
+working in the shell or aware tools:
+
+ * `AWS_REGION` and `AWS_DEFAULT_REGION`, which pass through the region
+   configured in the profile, if present
+ * `AWS_SESSION_EXPIRATION` and `AWS_SESSION_EXPIRATION_UNIX` to supply the
+   session expiration time, in both human and UNIX timestamps, respectively
+   named.
+
 ## v0.4.2
 
 The role that aws-runas assumed and the profile it used are now exposed as

data/README.md

@@ -51,14 +51,39 @@ help you determine what credentials are in use locally:
  * `AWS_RUNAS_ASSUMED_ROLE_ARN` - set when a role is assumed (not set if
    `--no-role` is used)
  * `AWS_RUNAS_PROFILE` - set with the profile used when `aws-runas` was run
+ * `AWS_REGION` and `AWS_DEFAULT_REGION` - set with the region name defined in
+   the profile being used
+ * `AWS_SESSION_EXPIRATION` - set with the expiry timestamp in UTC
+ * `AWS_SESSION_EXPIRATION_UNIX` - set with the expiry timestamp in Unix time,
+   useful for scripting
 
-### Fancy Bash Prompt
+### Fancy Bash/Zsh Prompt
 
-If you use `aws-runas` without any options and your default shell is Bash, a
-colorized prompt will appear with the profile that is in use if a role is
+If you use `aws-runas` without any options and your default shell is Bash or
+Zsh, a colorized prompt will appear with the profile that is in use if a role is
 assumed, or a simple `(AWS)` indicator added to the prompt if a session token is
 only obtained. See the video at the start of the doc for a demo!
 
+#### Shell Integration Functions
+
+2 functions currently get exported when you run under one of the two supported
+shells:
+
+ * `aws_session_expired`, which reads `AWS_SESSION_EXPIRATION_UNIX` (see above)
+   and compares this with the current Unix timestamp supplied by `date`. It
+   returns 0 on true and 1 on false, which can be used semantically in shell
+   scripts.
+ * `aws_session_status_color`, which works off of `aws_session_expired` to
+   render an ANSI numeric color code - red when `aws_session_expired` is `true`,
+   yellow otherwise.
+
+#### Skipping the Fancy Prompt
+
+If you are doing your own prompt customization based on aws-runas data and don't
+want the prompt modified, you can supply `--skip-prompt` to skip the prompt
+modification. The aforementioned integration functions will still be available
+to you however, which you can use in your own scripts.
+
 Usage
 ------
 
@@ -76,6 +101,7 @@ depending on your system) will launch.
 
 [options] are:
   -n, --no-role        Get a session token only, do not assume a role
+  -s, --skip-prompt    Do not launch interactive sessions with the fancy prompt
   -p, --path=<s>       Path to the AWS config file
   -r, --profile=<s>    The AWS profile to load (default: default)
   -h, --help           Show this message

data/lib/aws_runas/cli.rb

@@ -37,6 +37,7 @@ module AwsRunAs
         EOS
 
         opt :no_role, 'Get a session token only, do not assume a role', type: TrueClass, default: nil
+        opt :skip_prompt, 'Do not launch interactive sessions with the fancy prompt', type: TrueClass, default: nil
         opt :path, 'Path to the AWS config file', type: String
         opt :profile, 'The AWS profile to load', type: String, default: 'default'
         stop_on_unknown
@@ -51,7 +52,7 @@ module AwsRunAs
       @main = AwsRunAs::Main.new(path: opts[:path], profile: opts[:profile], mfa_code: mfa_code, no_role: opts[:no_role])
       @main.assume_role
       command = ARGV.shift
-      @main.handoff(command: command, argv: ARGV)
+      @main.handoff(command: command, argv: ARGV, skip_prompt: opts[:skip_prompt])
     end
 
     # Reads the MFA code from standard input.

data/lib/aws_runas/main.rb

@@ -52,35 +52,52 @@ module AwsRunAs
       mfa_serial = @cfg.load_config_value(key: 'mfa_serial') unless ENV.include?('AWS_SESSION_TOKEN')
       if @no_role
         raise 'No mfa_serial in selected profile, session will be useless' if mfa_serial.nil?
-        @role_credentials = sts_client.get_session_token(
+        @session = sts_client.get_session_token(
           duration_seconds: 3600,
           serial_number: mfa_serial,
           token_code: @mfa_code
-        ).credentials
+        )
       else
-        @role_credentials = Aws::AssumeRoleCredentials.new(
+        @session = Aws::AssumeRoleCredentials.new(
           client: sts_client,
           role_arn: role_arn,
           serial_number: mfa_serial,
           token_code: @mfa_code,
           role_session_name: session_id
-        ).credentials
+        )
       end
     end
 
+    def session_credentials
+      @session.credentials
+    end
+
     def credentials_env
       env = {}
-      env['AWS_ACCESS_KEY_ID'] = @role_credentials.access_key_id
-      env['AWS_SECRET_ACCESS_KEY'] = @role_credentials.secret_access_key
-      env['AWS_SESSION_TOKEN'] = @role_credentials.session_token
+      env['AWS_ACCESS_KEY_ID'] = session_credentials.access_key_id
+      env['AWS_SECRET_ACCESS_KEY'] = session_credentials.secret_access_key
+      env['AWS_SESSION_TOKEN'] = session_credentials.session_token
       env['AWS_RUNAS_PROFILE'] = @cfg.profile
-      env['AWS_RUNAS_ASSUMED_ROLE_ARN'] = @cfg.load_config_value(key: 'role_arn') unless @no_role
+      unless @cfg.load_config_value(key: 'region').nil?
+        env['AWS_REGION'] = @cfg.load_config_value(key: 'region')
+        env['AWS_DEFAULT_REGION'] = @cfg.load_config_value(key: 'region')
+      end
+      if @no_role
+        env['AWS_SESSION_EXPIRATION'] = session_credentials.expiration.to_s
+        env['AWS_SESSION_EXPIRATION_UNIX'] = DateTime.parse(session_credentials.expiration.to_s).strftime('%s')
+      else
+        env['AWS_SESSION_EXPIRATION'] = @session.expiration.to_s
+        env['AWS_SESSION_EXPIRATION_UNIX'] = DateTime.parse(@session.expiration.to_s).strftime('%s')
+        env['AWS_RUNAS_ASSUMED_ROLE_ARN'] = @cfg.load_config_value(key: 'role_arn')
+      end
       env
     end
 
-    def handoff(command: nil, argv: nil)
+    def handoff(command: nil, argv: nil, skip_prompt:)
       env = credentials_env
-      AwsRunAs::Utils.handoff_to_shell(env: env, profile: @no_role ? nil : @cfg.profile) unless command
+      unless command
+        AwsRunAs::Utils.handoff_to_shell(env: env, profile: @no_role ? nil : @cfg.profile, skip_prompt: skip_prompt)
+      end
       exec(env, command, *argv)
     end
   end

data/lib/aws_runas/utils.rb

@@ -14,6 +14,8 @@
 
 require 'rbconfig'
 require 'tempfile'
+require 'tmpdir'
+require 'fileutils'
 require 'English'
 
 module AwsRunAs
@@ -21,20 +23,49 @@ module AwsRunAs
   module Utils
     module_function
 
+    # Return the path to the shell_profiles directory vendored with the gem.
+    def shell_profiles_dir
+      File.expand_path('../../../shell_profiles', __FILE__)
+    end
+
     # Run an interactive bash session with a special streamed RC file.  The RC
     # merges a local .bashrc if it exists, with a prompt that includes the
     # computed message from handoff_to_shell.
-    def bash_with_prompt(env:, path:, message:)
+    def handoff_bash(env:, path:, message:, skip_prompt:)
       rc_data = IO.read("#{ENV['HOME']}/.bashrc") if File.exist?("#{ENV['HOME']}/.bashrc")
       rc_file = Tempfile.new('aws_runas_bashrc')
       rc_file.write("#{rc_data}\n") unless rc_data.nil?
-      rc_file.write("PS1=\"\\[\\e[33m\\](#{message})\\[\\e[0m\\] $PS1\"\n")
+      rc_file.write(IO.read("#{shell_profiles_dir}/sh.profile"))
+      unless skip_prompt
+        rc_file.write("PS1=\"\\[\\e[\\$(aws_session_status_color)m\\](#{message})\\[\\e[0m\\] $PS1\"\n")
+      end
       rc_file.close
       system(env, path, '--rcfile', rc_file.path)
     ensure
       rc_file.unlink
     end
 
+    # Run an interactive zsh session with a special streamed RC file.  The RC
+    # merges a local .zshrc if it exists, with a prompt that includes the
+    # computed message from handoff_to_shell.
+    def handoff_zsh(env:, path:, message:, skip_prompt:)
+      rc_data = IO.read("#{ENV['HOME']}/.zshrc") if File.exist?("#{ENV['HOME']}/.zshrc")
+      rc_dir = Dir.mktmpdir('aws_runas_zsh')
+      rc_file = File.new("#{rc_dir}/.zshrc", 'w')
+      rc_file.write("#{rc_data}\n") unless rc_data.nil?
+      rc_file.write(IO.read("#{shell_profiles_dir}/sh.profile"))
+      unless skip_prompt
+        rc_file.write("setopt PROMPT_SUBST\n")
+        rc_file.write("export OLDPROMPT=\"${PROMPT}\"\n")
+        rc_file.write("PROMPT=$'%{\\e[\\%}$(aws_session_status_color)m(#{message})%{\\e[0m%} $OLDPROMPT'\n")
+      end
+      rc_file.close
+      env.store('ZDOTDIR', rc_dir)
+      system(env, path)
+    ensure
+      FileUtils.rmtree(rc_dir)
+    end
+
     # load the shell for a specific operating system.
     # if $SHELL exists, load that.
     def shell
@@ -60,10 +91,12 @@ module AwsRunAs
     # an interactive shell with the shell prompt customized to the current
     # running AWS profile. If the shell is not something we can handle
     # specifically, just run the shell.
-    def handoff_to_shell(env:, profile: nil)
+    def handoff_to_shell(env:, profile: nil, skip_prompt:)
       path = shell
       if path.end_with?('/bash')
-        bash_with_prompt(env: env, path: path, message: compute_message(profile: profile))
+        handoff_bash(env: env, path: path, message: compute_message(profile: profile), skip_prompt: skip_prompt)
+      elsif path.end_with?('/zsh')
+        handoff_zsh(env: env, path: path, message: compute_message(profile: profile), skip_prompt: skip_prompt)
       else
         system(env, path)
       end

data/lib/aws_runas/version.rb

@@ -13,5 +13,5 @@
 # limitations under the License.
 
 module AwsRunAs
-  VERSION = '0.4.2'
+  VERSION = '0.5.0'
 end

data/shell_profiles/sh.profile

@@ -0,0 +1,23 @@
+# vim:filetype=sh
+#
+# aws_session_expired checks to see if the current session has expired, based
+# off of the value stored in AWS_SESSION_EXPIRATION_UNIX. This functionality
+# relies on date being in $PATH.
+aws_session_expired() {
+  if [[ "${AWS_SESSION_EXPIRATION_UNIX}" -lt "$(date +%s)" ]]; then
+    return 0
+  fi
+  return 1
+}
+
+# aws_session_status_color returns an ANSI color number for the specific status
+# of the session. Note that if session_expired is not correctly functioning,
+# this will always be yellow. Red is shown when it's verified that the session
+# has expired.
+aws_session_status_color() {
+  if aws_session_expired; then
+    echo "31"
+  else
+    echo "33"
+  fi
+}

data/spec/aws_runas/main_spec.rb

@@ -102,14 +102,26 @@ describe AwsRunAs::Main do
     before do
       allow_any_instance_of(AwsRunAs::Main).to receive(:sts_client).and_return(
         Aws::STS::Client.new(
-          stub_responses: true
+          stub_responses: {
+            get_session_token: {
+              credentials: {
+                access_key_id: 'accessKeyIdType',
+                secret_access_key: 'accessKeySecretType',
+                session_token: 'tokenType',
+                expiration: Time.utc(2017, 'jul', 10, 19, 56, 11)
+              }
+            }
+          }
         )
       )
+      allow_any_instance_of(Aws::AssumeRoleCredentials).to receive(:expiration).and_return(
+        Time.utc(2017, 'jul', 10, 19, 56, 11)
+      )
     end
     subject(:env) do
       ENV.delete('AWS_SESSION_TOKEN')
       main = AwsRunAs::Main.new(
-        path: MOCK_AWS_CONFIGPATH,
+        path: cfg_path,
         profile: 'test-profile',
         mfa_code: '123456',
         no_role: no_role
@@ -118,6 +130,7 @@ describe AwsRunAs::Main do
       main.credentials_env
     end
     let(:no_role) { false }
+    let(:cfg_path) { MOCK_AWS_CONFIGPATH }
 
     context 'with role assumed' do
       it 'returns AWS_ACCESS_KEY_ID set in env' do
@@ -135,6 +148,18 @@ describe AwsRunAs::Main do
       it 'has AWS_RUNAS_ASSUMED_ROLE_ARN set to the assumed role ARN' do
         expect(env['AWS_RUNAS_ASSUMED_ROLE_ARN']).to eq('arn:aws:iam::123456789012:role/test-admin')
       end
+      it 'has AWS_SESSION_EXPIRATION set in env' do
+        expect(env['AWS_SESSION_EXPIRATION']).to eq('2017-07-10 19:56:11 UTC')
+      end
+      it 'has AWS_SESSION_EXPIRATION_UNIX set in env' do
+        expect(env['AWS_SESSION_EXPIRATION_UNIX']).to eq('1499716571')
+      end
+      it 'has AWS_REGION set in env' do
+        expect(env['AWS_REGION']).to eq('us-west-1')
+      end
+      it 'has AWS_DEFAULT_REGION set in env' do
+        expect(env['AWS_DEFAULT_REGION']).to eq('us-west-1')
+      end
     end
 
     context 'with no role assumed' do
@@ -143,6 +168,29 @@ describe AwsRunAs::Main do
       it 'does not have AWS_RUNAS_ASSUMED_ROLE_ARN set' do
         expect(env).to_not have_key('AWS_RUNAS_ASSUMED_ROLE_ARN')
       end
+      it 'has AWS_SESSION_EXPIRATION set in env' do
+        expect(env['AWS_SESSION_EXPIRATION']).to eq('2017-07-10 19:56:11 UTC')
+      end
+      it 'has AWS_SESSION_EXPIRATION_UNIX set in env' do
+        expect(env['AWS_SESSION_EXPIRATION_UNIX']).to eq('1499716571')
+      end
+      it 'has AWS_REGION set in env' do
+        expect(env['AWS_REGION']).to eq('us-west-1')
+      end
+      it 'has AWS_DEFAULT_REGION set in env' do
+        expect(env['AWS_DEFAULT_REGION']).to eq('us-west-1')
+      end
+    end
+
+    context 'with no region in config' do
+      let(:cfg_path) { MOCK_AWS_NO_REGION_PATH }
+
+      it 'does not have AWS_REGION set in env' do
+        expect(env).to_not have_key('AWS_REGION')
+      end
+      it 'does not have AWS_DEFAULT_REGION set in env' do
+        expect(env).to_not have_key('AWS_DEFAULT_REGION')
+      end
     end
   end
 
@@ -154,7 +202,7 @@ describe AwsRunAs::Main do
 
     it 'execs a command when a command is specified' do
       expect(@main).to receive(:exec).with(anything, '/usr/bin/foo', *['--bar', 'baz'])
-      @main.handoff(command: '/usr/bin/foo', argv: ['--bar', 'baz'])
+      @main.handoff(command: '/usr/bin/foo', argv: ['--bar', 'baz'], skip_prompt: false)
     end
   end
 end

data/spec/aws_runas/utils_spec.rb

@@ -13,33 +13,113 @@
 # limitations under the License.
 
 require 'spec_helper'
+require 'tmpdir'
 
 describe AwsRunAs::Utils do
-  describe '::bash_with_prompt' do
+  describe '::shell_profiles_dir' do
+    it 'returns an existent path' do
+      expect(File.directory?(AwsRunAs::Utils.shell_profiles_dir)).to be true
+    end
+    it 'returns a path correctly relative to spec file' do
+      expect(AwsRunAs::Utils.shell_profiles_dir).to eq(File.expand_path('../../../shell_profiles', __FILE__))
+    end
+  end
+
+  describe '::handoff_bash' do
     context 'with RC file' do
       before(:example) do
         allow(IO).to receive(:read).with("#{ENV['HOME']}/.bashrc").and_return(BASHRC_FILE_CONTENTS)
+        allow(IO).to receive(:read).with("#{AwsRunAs::Utils.shell_profiles_dir}/sh.profile").and_call_original
       end
       it 'runs bash with a properly combined RC file' do
         expect(AwsRunAs::Utils).to receive(:system).with(EXPECTED_ENV, '/bin/bash', '--rcfile', anything)
         expect_any_instance_of(Tempfile).to receive(:write).with("#{BASHRC_FILE_CONTENTS}\n")
+        expect_any_instance_of(Tempfile).to receive(:write).with(IO.read("#{AwsRunAs::Utils.shell_profiles_dir}/sh.profile"))
         expect_any_instance_of(Tempfile).to receive(:write).with(BASHRC_EXPECTED_PROMPT)
-        AwsRunAs::Utils.bash_with_prompt(env: EXPECTED_ENV, path: '/bin/bash', message: 'AWS:rspec')
+        AwsRunAs::Utils.handoff_bash(env: EXPECTED_ENV, path: '/bin/bash', message: 'AWS:rspec', skip_prompt: false)
       end
     end
 
     context 'without RC file' do
       before(:example) do
         allow(File).to receive(:exist?).with("#{ENV['HOME']}/.bashrc").and_return(false)
+        allow(IO).to receive(:read).with("#{AwsRunAs::Utils.shell_profiles_dir}/sh.profile").and_call_original
       end
       it 'runs bash (no RC file found)' do
         expect(AwsRunAs::Utils).to receive(:system).with(EXPECTED_ENV, '/bin/bash', '--rcfile', anything)
+        expect_any_instance_of(Tempfile).to receive(:write).with(IO.read("#{AwsRunAs::Utils.shell_profiles_dir}/sh.profile"))
         expect_any_instance_of(Tempfile).to receive(:write).with(BASHRC_EXPECTED_PROMPT)
-        AwsRunAs::Utils.bash_with_prompt(env: EXPECTED_ENV, path: '/bin/bash', message: 'AWS:rspec')
+        AwsRunAs::Utils.handoff_bash(env: EXPECTED_ENV, path: '/bin/bash', message: 'AWS:rspec', skip_prompt: false)
+      end
+    end
+
+    context 'with skip_prompt enabled' do
+      before(:example) do
+        allow(IO).to receive(:read).with("#{ENV['HOME']}/.bashrc").and_return(BASHRC_FILE_CONTENTS)
+        allow(IO).to receive(:read).with("#{AwsRunAs::Utils.shell_profiles_dir}/sh.profile").and_call_original
+      end
+      it 'runs bash with a properly combined RC file, but no prompt modification' do
+        expect(AwsRunAs::Utils).to receive(:system).with(EXPECTED_ENV, '/bin/bash', '--rcfile', anything)
+        expect_any_instance_of(Tempfile).to receive(:write).with("#{BASHRC_FILE_CONTENTS}\n")
+        expect_any_instance_of(Tempfile).to receive(:write).with(IO.read("#{AwsRunAs::Utils.shell_profiles_dir}/sh.profile"))
+        AwsRunAs::Utils.handoff_bash(env: EXPECTED_ENV, path: '/bin/bash', message: 'AWS:rspec', skip_prompt: true)
       end
     end
   end
 
+  describe '::handoff_zsh' do
+    context 'with RC file' do
+      before(:example) do
+        allow(IO).to receive(:read).with("#{ENV['HOME']}/.zshrc").and_return(ZSHRC_FILE_CONTENTS)
+        allow(IO).to receive(:read).with("#{AwsRunAs::Utils.shell_profiles_dir}/sh.profile").and_call_original
+      end
+      it 'runs zsh with a properly combined RC file, in special tmp dir' do
+        expect(AwsRunAs::Utils).to receive(:system).with(EXPECTED_ENV_ZSH, '/usr/bin/zsh')
+        expect(Dir).to receive(:mktmpdir).with('aws_runas_zsh') { test_mktmpdir }
+        expect_any_instance_of(File).to receive(:write).with("#{ZSHRC_FILE_CONTENTS}\n")
+        expect_any_instance_of(File).to receive(:write).with(IO.read("#{AwsRunAs::Utils.shell_profiles_dir}/sh.profile"))
+        expect_any_instance_of(File).to receive(:write).with(ZSHRC_EXPECTED_SETSUBST)
+        expect_any_instance_of(File).to receive(:write).with(ZSHRC_EXPECTED_OLDPROMPT)
+        expect_any_instance_of(File).to receive(:write).with(ZSHRC_EXPECTED_PROMPT)
+        env = EXPECTED_ENV.dup
+        AwsRunAs::Utils.handoff_zsh(env: env, path: '/usr/bin/zsh', message: 'AWS:rspec', skip_prompt: false)
+      end
+    end
+
+    context 'without RC file' do
+      before(:example) do
+        allow(File).to receive(:exist?).with("#{ENV['HOME']}/.zshrc").and_return(false)
+        allow(IO).to receive(:read).with("#{AwsRunAs::Utils.shell_profiles_dir}/sh.profile").and_call_original
+      end
+      it 'runs zsh (no RC file found)' do
+        expect(AwsRunAs::Utils).to receive(:system).with(EXPECTED_ENV_ZSH, '/usr/bin/zsh')
+        expect(Dir).to receive(:mktmpdir).with('aws_runas_zsh') { test_mktmpdir }
+        expect_any_instance_of(File).to receive(:write).with(IO.read("#{AwsRunAs::Utils.shell_profiles_dir}/sh.profile"))
+        expect_any_instance_of(File).to receive(:write).with(ZSHRC_EXPECTED_SETSUBST)
+        expect_any_instance_of(File).to receive(:write).with(ZSHRC_EXPECTED_OLDPROMPT)
+        expect_any_instance_of(File).to receive(:write).with(ZSHRC_EXPECTED_PROMPT)
+        env = EXPECTED_ENV.dup
+        AwsRunAs::Utils.handoff_zsh(env: env, path: '/usr/bin/zsh', message: 'AWS:rspec', skip_prompt: false)
+      end
+    end
+
+    context 'with skip_prompt enabled' do
+      before(:example) do
+        allow(IO).to receive(:read).with("#{ENV['HOME']}/.zshrc").and_return(ZSHRC_FILE_CONTENTS)
+        allow(IO).to receive(:read).with("#{AwsRunAs::Utils.shell_profiles_dir}/sh.profile").and_call_original
+      end
+      it 'runs zsh with a properly combined RC file, in special tmp dir' do
+        expect(AwsRunAs::Utils).to receive(:system).with(EXPECTED_ENV_ZSH, '/usr/bin/zsh')
+        expect(Dir).to receive(:mktmpdir).with('aws_runas_zsh') { test_mktmpdir }
+        expect_any_instance_of(File).to receive(:write).with("#{ZSHRC_FILE_CONTENTS}\n")
+        expect_any_instance_of(File).to receive(:write).with(IO.read("#{AwsRunAs::Utils.shell_profiles_dir}/sh.profile"))
+        env = EXPECTED_ENV.dup
+        AwsRunAs::Utils.handoff_zsh(env: env, path: '/usr/bin/zsh', message: 'AWS:rspec', skip_prompt: true)
+      end
+    end
+
+  end
+
   describe '::shell' do
     context 'Non-Windows OS' do
       context 'No $SHELL set' do
@@ -97,8 +177,8 @@ describe AwsRunAs::Utils do
       end
 
       it 'Loads bash with the rspec profile prompt' do
-        expect(AwsRunAs::Utils).to receive(:bash_with_prompt).with(env: EXPECTED_ENV, path: '/bin/bash', message: 'AWS:rspec')
-        AwsRunAs::Utils.handoff_to_shell(env: EXPECTED_ENV, profile: 'rspec')
+        expect(AwsRunAs::Utils).to receive(:handoff_bash).with(env: EXPECTED_ENV, path: '/bin/bash', message: 'AWS:rspec', skip_prompt: false)
+        AwsRunAs::Utils.handoff_to_shell(env: EXPECTED_ENV, profile: 'rspec', skip_prompt: false)
       end
     end
 
@@ -110,7 +190,7 @@ describe AwsRunAs::Utils do
 
       it 'starts a default shell without any args' do
         expect(AwsRunAs::Utils).to receive(:system).with(EXPECTED_ENV, '/bin/sh')
-        AwsRunAs::Utils.handoff_to_shell(env: EXPECTED_ENV, profile: nil)
+        AwsRunAs::Utils.handoff_to_shell(env: EXPECTED_ENV, profile: nil, skip_prompt: false)
       end
     end
   end

data/spec/helpers/config_spec.rb

@@ -17,3 +17,4 @@ require 'spec_helper'
 MOCK_AWS_CONFIGPATH = File.expand_path('../files/aws_config', __FILE__)
 MOCK_AWS_NO_MFA_PATH = File.expand_path('../files/aws_config_nomfa', __FILE__)
 MOCK_AWS_NO_SOURCE_PATH = File.expand_path('../files/aws_config_nosource', __FILE__)
+MOCK_AWS_NO_REGION_PATH = File.expand_path('../files/aws_config_noregion', __FILE__)

data/spec/helpers/files/aws_config_noregion

@@ -0,0 +1,6 @@
+[default]
+
+[profile test-profile]
+role_arn = arn:aws:iam::123456789012:role/test-admin
+mfa_serial = arn:aws:iam::123456789012:mfa/test
+source_profile = test-credentials

data/spec/helpers/utils_spec.rb

@@ -1,4 +1,5 @@
 require 'spec_helper'
+require 'tmpdir'
 
 MOCK_BASHRC_PATH = File.expand_path('../files/bashrc', __FILE__)
 
@@ -6,10 +7,30 @@ BASHRC_FILE_CONTENTS = <<EOS.freeze
 foobar
 EOS
 
-BASHRC_EXPECTED_PROMPT = "PS1=\"\\[\\e[33m\\](AWS:rspec)\\[\\e[0m\\] $PS1\"\n".freeze
+ZSHRC_FILE_CONTENTS = <<EOS.freeze
+bazqux
+EOS
+
+BASHRC_EXPECTED_PROMPT   = "PS1=\"\\[\\e[\\$(aws_session_status_color)m\\](AWS:rspec)\\[\\e[0m\\] $PS1\"\n".freeze
+ZSHRC_EXPECTED_PROMPT    = "PROMPT=$'%{\\e[\\%}$(aws_session_status_color)m(AWS:rspec)%{\\e[0m%} $OLDPROMPT'\n".freeze
+ZSHRC_EXPECTED_SETSUBST  = "setopt PROMPT_SUBST\n".freeze
+ZSHRC_EXPECTED_OLDPROMPT = "export OLDPROMPT=\"${PROMPT}\"\n".freeze
+ZSH_MOCK_TMPDIR          = "#{Dir.tmpdir}/aws_runas_zsh_rspec".freeze
 
 EXPECTED_ENV = {
   'AWS_ACCESS_KEY_ID' => 'AccessKeyId',
   'AWS_SECRET_ACCESS_KEY' => 'SecretAccessKey',
   'AWS_SESSION_TOKEN' => 'Token'
 }.freeze
+
+EXPECTED_ENV_ZSH = {
+  'AWS_ACCESS_KEY_ID' => 'AccessKeyId',
+  'AWS_SECRET_ACCESS_KEY' => 'SecretAccessKey',
+  'AWS_SESSION_TOKEN' => 'Token',
+  'ZDOTDIR' => ZSH_MOCK_TMPDIR
+}.freeze
+
+def test_mktmpdir
+  Dir.mkdir(ZSH_MOCK_TMPDIR)
+  ZSH_MOCK_TMPDIR
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: aws_runas
 version: !ruby/object:Gem::Version
-  version: 0.4.2
+  version: 0.5.0
 platform: ruby
 authors:
 - Chris Marchesi
@@ -31,7 +31,7 @@ cert_chain:
   80WBA6xKwX0zwURD8J7WNieL2iY5AhBg26cHuFLMQGTCyNEeZHZHnJhCwuBcnV1w
   2zQ=
   -----END CERTIFICATE-----
-date: 2017-05-03 00:00:00.000000000 Z
+date: 2017-07-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk
@@ -156,6 +156,7 @@ files:
 - lib/aws_runas/main.rb
 - lib/aws_runas/utils.rb
 - lib/aws_runas/version.rb
+- shell_profiles/sh.profile
 - spec/aws_runas/cli_spec.rb
 - spec/aws_runas/config_spec.rb
 - spec/aws_runas/main_spec.rb
@@ -163,8 +164,8 @@ files:
 - spec/helpers/config_spec.rb
 - spec/helpers/files/aws_config
 - spec/helpers/files/aws_config_nomfa
+- spec/helpers/files/aws_config_noregion
 - spec/helpers/files/aws_config_nosource
-- spec/helpers/files/bashrc
 - spec/helpers/utils_spec.rb
 - spec/spec_helper.rb
 homepage: https://github.com/vancluever/aws-runas
@@ -199,7 +200,7 @@ test_files:
 - spec/helpers/config_spec.rb
 - spec/helpers/files/aws_config
 - spec/helpers/files/aws_config_nomfa
+- spec/helpers/files/aws_config_noregion
 - spec/helpers/files/aws_config_nosource
-- spec/helpers/files/bashrc
 - spec/helpers/utils_spec.rb
 - spec/spec_helper.rb

metadata.gz.sig

@@ -1,3 +1,3 @@
-����бa��v��ߝW�v[�d[R���_��JY����1�?�7
-��O빜��
-5���l@�i��_��%����{���Y
+��չۙ���j=7[^s*�3��_l�*�	�!������t����U���H�Ř�l�����;��L(~LfE�'O�"T_j8p��b؀*��b�,W}C����$C��ߪ,�o��b��9�I̼m+�ʊ�I���
+���fE�]�ĸB���I�?��/�ݾ��ڬ
�
+�6�Rp;pja���E�3��žFi��F������T���_�)�⳵����Kˀ��w�/[����|8��S��xlh����~E(

data/spec/helpers/files/bashrc

@@ -1 +0,0 @@
-foobar