aws_session_token 0.5.1 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: eb116c276d2c3567e1d0ac87f53304f47c90a4d9
-  data.tar.gz: 9daaa543e79628f12793bb3ad3512fae4ee2407f
+  metadata.gz: 823b2357e963f5cd6bd8f1ee6f8205f70219febc
+  data.tar.gz: e1fcce8d063d5258f9c67fa74b29cd365ff8f779
 SHA512:
-  metadata.gz: f670cef95db2127ae25c05cebc8549553f7821f7090b6731488c68feee9458dba46e30ec8f5b80609182546b84a98639027d8b3f3d261bb2695ce452e411c8d0
-  data.tar.gz: cd62e70391fbf347a3af53f48492dec1470a222b18ca2e33892bdb87ddf09764d434afc8d5cb39c8619071d80813d855f3cfa235f3dc30ae94a43fd8f50535ff
+  metadata.gz: 58a4448806b562224bc95ad5252ecbcfd5c0f1c5a79dd04665df8b54710fead49e6fef83bdc3f3bb2c14af8d74453532cbbec527d897b6f07ac294d6f1305f52
+  data.tar.gz: 7afec25d871d033a05d2908dd08645e31ec412e2eb5e9a65faf31fa58abadfe83f126502fe57796250280b78c1cc249a9f5cb274547e52398ca499b07dfded3f

data/.semver

@@ -1,6 +1,6 @@
 ---
 :major: 0
-:minor: 5
-:patch: 1
+:minor: 6
+:patch: 0
 :special: ''
 :metadata: ''

data/bin/aws_session_token

@@ -1,6 +1,24 @@
 #!/usr/bin/env ruby
 # frozen_string_literal: true
 
+#
+# AWS Session Token Gem - Tool to wrap AWS API to create and store Session tokens
+# so that other commands/tools (e.g. Terraform) can function as necessary.
+#
+# Copyright 2018 Bryan Stopp <bryan.stopp@gmail.com>
+#
+# Licensed under the Apache License, Version 2.0 (the 'License');
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an 'AS IS' BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 $LOAD_PATH.unshift("#{__dir__}/../lib")
 
 require 'aws_session_token'

data/lib/aws_session_token.rb

@@ -25,5 +25,6 @@ require 'semver'
 require 'highline'
 
 require_relative 'aws_session_token/cli'
+require_relative 'aws_session_token/console'
 require_relative 'aws_session_token/credentials_file'
 require_relative 'aws_session_token/options'

data/lib/aws_session_token/cli.rb

@@ -28,6 +28,7 @@ module AwsSessionToken
     def initialize
       @options = Options.new
       @creds_file = CredentialsFile.new
+      @console = Console.new
     end
 
     def run
@@ -37,7 +38,8 @@ module AwsSessionToken
       mfa = mfa_device
       token = @options.token || token_prompt
       creds = session_token(mfa, token)
-      @creds_file.write(@options.credentials_file, @options.session_profile, creds)
+      @creds_file.write(@options.credentials_file, @options.session_profile, creds) if @options.session_profile
+      @console.write(creds) if @options.console
     end
 
     def validate_creds_file

data/lib/aws_session_token/console.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+#
+# AWS Session Token Gem - Tool to wrap AWS API to create and store
+# Session tokens so that other commands/tools (e.g. Terraform) can function as
+# necessary.
+#
+#
+# Copyright 2018 Bryan Stopp <bryan.stopp@gmail.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+module AwsSessionToken
+
+  # Helper class for outputting creds to console in export variable format.
+  class Console
+
+    def write(credentials)
+      $stdout.puts "export AWS_ACCESS_KEY_ID=#{credentials.access_key_id}"
+      $stdout.puts "export AWS_SECRET_ACCESS_KEY=#{credentials.secret_access_key}"
+      $stdout.puts "export AWS_SESSION_TOKEN=#{credentials.session_token}"
+    end
+  end
+end

data/lib/aws_session_token/options.rb

@@ -26,15 +26,15 @@ module AwsSessionToken
     SESSION_PROFILE = 'session_profile'
     DURATION = 3600
 
-    attr_accessor :credentials_file, :duration, :profile, :profile_provided, :session_profile, :token, :user
+    attr_accessor :console, :credentials_file, :duration, :profile, :profile_provided, :session_profile, :token, :user
 
     def initialize
       creds = Aws::SharedCredentials.new
       self.credentials_file = creds.path
       self.profile = creds.profile_name
-      self.session_profile = SESSION_PROFILE
       self.duration = DURATION
       self.profile_provided = false
+      self.console = false
     end
 
     def parse(args)
@@ -54,6 +54,7 @@ module AwsSessionToken
       user_option(opts)
       profile_option(opts)
       session_profile_option(opts)
+      console_option(opts)
       duration_option(opts)
       token_option(opts)
       common_options(opts)
@@ -82,9 +83,16 @@ module AwsSessionToken
     end
 
     def session_profile_option(opts)
-      opts.on('-s', '--session SESSION_PROFILE',
+      opts.on('-s', '--session [SESSION_PROFILE]',
               'Specify the name of the profile used to store the session credentials.') do |s|
-        self.session_profile = s
+        self.session_profile = s || SESSION_PROFILE
+      end
+    end
+
+    def console_option(opts)
+      opts.on('-c', '--console',
+              'Output session information to the console as environment variables available to export.') do
+        self.console = true
       end
     end
 
@@ -96,7 +104,7 @@ module AwsSessionToken
     end
 
     def token_option(opts)
-      opts.on('-t', '--token TOKEN',
+      opts.on('-t', '--token [TOKEN]',
               'Specify the OTP Token to use for creating the session credentials.') do |t|
         self.token = t
       end
@@ -117,12 +125,17 @@ module AwsSessionToken
 
     def validate
       validate_profiles
+      validate_output
     end
 
     def validate_profiles
       raise ArgumentError, 'Profile and Session Profile must be different.' if profile == session_profile
       self.user ||= profile if profile_provided
     end
+
+    def validate_output
+      raise ArgumentError, 'Either Console or Session Profile is required.' unless console || session_profile
+    end
   end
 
 end

data/spec/aws_session_token/cli_spec.rb

@@ -50,6 +50,10 @@ describe AwsSessionToken::CLI do
   let(:mfa_token) { '123456' }
 
   describe 'run' do
+    before do
+      ARGV.clear
+      ARGV << '-s'
+    end
     it 'should work' do
       expect(cli).to receive(:set_aws_creds)
       expect(cli).to receive(:mfa_device).and_return(mfa_arn)

data/spec/aws_session_token/options_spec.rb

@@ -47,9 +47,6 @@ describe AwsSessionToken::Options, :isolated_environment do
     it 'should default the profile name' do
       expect(options.profile).to eq(demo_creds.profile_name)
     end
-    it 'should default the session_profile name' do
-      expect(options.session_profile).to eq('session_profile')
-    end
     it 'should default the duration' do
       expect(options.duration).to eq(AwsSessionToken::Options::DURATION)
     end
@@ -74,9 +71,10 @@ describe AwsSessionToken::Options, :isolated_environment do
               -f, --file FILE                  Specify a custom credentials file.
               -u, --user USER                  Specify the AWS User name for passing to API.
               -p, --profile PROFILE            Specify the AWS credentials profile to use. Also sets user, if user is not provided.
-              -s, --session SESSION_PROFILE    Specify the name of the profile used to store the session credentials.
+              -s, --session [SESSION_PROFILE]  Specify the name of the profile used to store the session credentials.
+              -c, --console                    Output session information to the console as environment variables available to export.
               -d, --duration DURATION          Specify the duration the of the token in seconds. (Default 3600)
-              -t, --token TOKEN                Specify the OTP Token to use for creating the session credentials.
+              -t, --token [TOKEN]              Specify the OTP Token to use for creating the session credentials.
 
           Common options:
               -h, --help                       Show this message.
@@ -107,8 +105,8 @@ describe AwsSessionToken::Options, :isolated_environment do
         expect { options.parse(['--file']) }.to raise_error(OptionParser::MissingArgument)
       end
       it 'succeeds with an argument' do
-        expect { options.parse(%w[-f /foo/bar]) }.to_not raise_error(OptionParser::MissingArgument)
-        expect { options.parse(%w[--file /foo/bar]) }.to_not raise_error(OptionParser::MissingArgument)
+        expect { options.parse(%w[-f /foo/bar -c]) }.to_not raise_error(OptionParser::MissingArgument)
+        expect { options.parse(%w[--file /foo/bar -c]) }.to_not raise_error(OptionParser::MissingArgument)
       end
     end
 
@@ -118,8 +116,8 @@ describe AwsSessionToken::Options, :isolated_environment do
         expect { options.parse(['--profile']) }.to raise_error(OptionParser::MissingArgument)
       end
       it 'succeeds with an argument' do
-        expect { options.parse(%w[-p foo]) }.to_not raise_error(OptionParser::MissingArgument)
-        expect { options.parse(%w[--profile foo]) }.to_not raise_error(OptionParser::MissingArgument)
+        expect { options.parse(%w[-p foo -c]) }.to_not raise_error(OptionParser::MissingArgument)
+        expect { options.parse(%w[--profile foo -c]) }.to_not raise_error(OptionParser::MissingArgument)
       end
     end
 
@@ -129,15 +127,19 @@ describe AwsSessionToken::Options, :isolated_environment do
         expect { options.parse(['--user']) }.to raise_error(OptionParser::MissingArgument)
       end
       it 'succeeds with an argument' do
-        expect { options.parse(%w[-u foo]) }.to_not raise_error(OptionParser::MissingArgument)
-        expect { options.parse(%w[--user foo]) }.to_not raise_error(OptionParser::MissingArgument)
+        expect { options.parse(%w[-u foo -c]) }.to_not raise_error(OptionParser::MissingArgument)
+        expect { options.parse(%w[--user foo -c]) }.to_not raise_error(OptionParser::MissingArgument)
       end
     end
 
     describe '-s/--session' do
-      it 'fails if no argument' do
-        expect { options.parse(['-s']) }.to raise_error(OptionParser::MissingArgument)
-        expect { options.parse(['--session']) }.to raise_error(OptionParser::MissingArgument)
+      it '-s defaults with no argument' do
+        options.parse(['-s'])
+        expect(options.session_profile).to eq('session_profile')
+      end
+      it '-s defaults with no argument' do
+        options.parse(['--session'])
+        expect(options.session_profile).to eq('session_profile')
       end
       it 'succeeds with an argument' do
         expect { options.parse(%w[-s bar]) }.to_not raise_error(OptionParser::MissingArgument)
@@ -155,19 +157,19 @@ describe AwsSessionToken::Options, :isolated_environment do
         expect { options.parse(%w[--duration abc]) }.to raise_error(OptionParser::InvalidArgument)
       end
       it 'succeeds if argument is an integer' do
-        expect { options.parse(%w[-d 1800]) }.to_not raise_error
-        expect { options.parse(%w[--duration 1800]) }.to_not raise_error
+        expect { options.parse(%w[-d 1800 -c]) }.to_not raise_error
+        expect { options.parse(%w[--duration 1800 -c]) }.to_not raise_error
       end
     end
 
     describe '-t/--token' do
       it 'succeeds with optional argument' do
-        expect { options.parse(['-t']) }.to raise_error(OptionParser::MissingArgument)
-        expect { options.parse(['--token']) }.to raise_error(OptionParser::MissingArgument)
+        expect { options.parse(%w[-t -c]) }.to_not raise_error
+        expect { options.parse(%w[--token -c]) }.to_not raise_error
       end
       it 'succeeds with an argument' do
-        expect { options.parse(%w[-t 123456]) }.to_not raise_error
-        expect { options.parse(%w[--token 123456]) }.to_not raise_error
+        expect { options.parse(%w[-t 123456 -c]) }.to_not raise_error
+        expect { options.parse(%w[--token 123456 -c]) }.to_not raise_error
       end
     end
 
@@ -175,8 +177,12 @@ describe AwsSessionToken::Options, :isolated_environment do
       it 'does not allow -p & -s' do
         expect { options.parse(%w[-p default -s default]) }.to raise_error(ArgumentError)
       end
+      it 'requires either -c or -s' do
+        expect { options.parse(%w[-p default]) }.to raise_error(ArgumentError)
+      end
+
       it 'defaults profile attr to user if unspecified' do
-        options.parse(%w[-p foo])
+        options.parse(%w[-p foo -c])
         expect(options.profile).to eq(options.user)
       end
     end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws_session_token
 version: !ruby/object:Gem::Version
-  version: 0.5.1
+  version: 0.6.0
 platform: ruby
 authors:
 - Bryan Stopp
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-05-21 00:00:00.000000000 Z
+date: 2018-11-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -205,6 +205,7 @@ files:
 - config/syntax.yaml
 - lib/aws_session_token.rb
 - lib/aws_session_token/cli.rb
+- lib/aws_session_token/console.rb
 - lib/aws_session_token/credentials_file.rb
 - lib/aws_session_token/options.rb
 - spec/aws_session_token/cli_spec.rb