RubyGems - awskeyring - Versions diffs - 1.12.0 → 1.13.0 - Mend

awskeyring 1.12.0 → 1.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 73c6d89c7a836a7f9b8d75bbb1bde93a27792dbfbdc4c8cc563b0f1b4127f811
-  data.tar.gz: fe93e67911337c48cd21c8207bec071de5c5991bbbcccb96fdfc36b2728c346c
+  metadata.gz: 77b3d983a4ed2fefb518f35a38a93070b200b7c6d6a22cb189bf3df954636c6b
+  data.tar.gz: '085d5f2dd6622efd844dcbb952a92030ed9cafb4e52098f96b7fee904c3a5739'
 SHA512:
-  metadata.gz: e91c2c5df102632b00cb823943381c4b1548c2baec16bb72c58724b5e0f790cc2eddac774e96efcc072bd8283efdc356e3ef77a39374659030f1fb4ff4c58ce4
-  data.tar.gz: 70cb85135e88d82902dd3f30e2cd8428f6534480d49c75dfb79001525b31c687bfb11c0df3cc35afe97f41a88e9aa32fc48626539c6788cff0c1c607efbf0a33
+  metadata.gz: cb99fad81b567e8db647ad41b7c3d56c2a42000006c5ef1f9adc9c72db3f524a043c6a0e55d17e82977b9308e242604f5fe4473ab49065698ec440d95fe09727
+  data.tar.gz: f39f3e192b664eab640662e0e74c3d1db37939a4048ee6990c8e1bb411f9b053b24c2dc8614b8ea5f46bc2509a1419b1f32ef5b9799fa6b8284a0930ff4056d9

data/LICENSE.txt CHANGED Viewed

@@ -1,6 +1,6 @@
 The MIT License (MIT)
-Copyright (c) 2016-2022 Tristan Morgan
+Copyright (c) 2016-2025 Tristan Morgan
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md CHANGED Viewed

@@ -2,6 +2,7 @@
 ![Awskeyring](https://raw.githubusercontent.com/tristanmorgan/awskeyring/main/awskeyring-144.png)
+* ![Build Passing](https://github.com/tristanmorgan/awskeyring/actions/workflows/ruby.yml/badge.svg)
 * [![Gem Version](https://img.shields.io/gem/v/awskeyring)](https://badge.fury.io/rb/awskeyring)
 * [![license MIT](https://img.shields.io/badge/license-MIT-brightgreen.svg)](https://opensource.org/licenses/MIT)
 * [![All Downloads](https://img.shields.io/gem/dt/awskeyring)](https://rubygems.org/gems/awskeyring)
@@ -11,6 +12,11 @@
 Awskeyring is a small tool to manage AWS account keys in the macOS Keychain. It has
 grown to incorporate a lot of [features](https://github.com/tristanmorgan/awskeyring/wiki/Awskeyring-features).
+## Project Status
+Awskeyring is a fairly mature project so it it doesn't see frequent updates but is still being maintained.
+It is tested against the version of Ruby that is shipped with the latest version of macOS, but that ruby version is dated.
 ## Motivation
 The motivation of this application is to provide a local secure store of AWS

data/i18n/en.yml CHANGED Viewed

@@ -33,6 +33,7 @@ en:
     notoken: 'Do not use saved token.'
     noremote: 'Do not validate with remote api.'
     path: 'The service PATH to open.'
+    test: 'Generate test credentials.'
     browser: 'Specify an alternative browser.'
     secret: 'AWS account secret.'
     unset: 'Unset environment variables.'

data/lib/awskeyring/awsapi.rb CHANGED Viewed

@@ -3,6 +3,7 @@
 require 'aws-sdk-iam'
 require 'cgi'
 require 'json'
+require 'securerandom'
 # Awskeyring Module,
 # gives you an interface to access keychains and items.
@@ -180,6 +181,23 @@ module Awskeyring
       }
     end
+    # Generate test credentials for AWS
+    #
+    # @return [Hash] with the new credentials
+    #    key The aws_access_key_id
+    #    secret The aws_secret_access_key
+    #    expiry expiry time
+    def self.gen_test_credentials(account:)
+      {
+        account: account,
+        key: "AKIA#{Array.new(16) { [*'A'..'Z', *'2'..'7'].sample }.join}",
+        secret: SecureRandom.base64(30),
+        token: nil,
+        expiry: nil,
+        role: nil
+      }
+    end
     # Retrieves an AWS Console login url
     #
     # @param [String] key The aws_access_key_id

data/lib/awskeyring/version.rb CHANGED Viewed

@@ -6,7 +6,7 @@ require 'json'
 # Version const and query of latest.
 module Awskeyring
   # The Gem's version number
-  VERSION = '1.12.0'
+  VERSION = '1.13.0'
   # The Gem's homepage
   HOMEPAGE = 'https://github.com/tristanmorgan/awskeyring'

data/lib/awskeyring_command.rb CHANGED Viewed

@@ -109,10 +109,15 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
   desc 'env ACCOUNT', I18n.t('env_desc')
   method_option :force, type: :boolean, aliases: '-f', desc: I18n.t('method_option.force'), default: false
   method_option 'no-token', type: :boolean, aliases: '-n', desc: I18n.t('method_option.notoken'), default: false
+  method_option :test, type: :boolean, aliases: '-t', desc: I18n.t('method_option.test'), default: false
   method_option :unset, type: :boolean, aliases: '-u', desc: I18n.t('method_option.unset'), default: false
   # Print Env vars
   def env(account = nil)
-    if options[:unset]
+    if options[:test]
+      account ||= 'fakeaccount'
+      cred = Awskeyring::Awsapi.gen_test_credentials(account: account)
+      put_env_string(cred)
+    elsif options[:unset]
       put_env_string(account: nil, key: nil, secret: nil, token: nil)
     else
       output_safe(options[:force])
@@ -129,21 +134,32 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
   desc 'json ACCOUNT', I18n.t('json_desc')
   method_option :force, type: :boolean, aliases: '-f', desc: I18n.t('method_option.force'), default: false
   method_option 'no-token', type: :boolean, aliases: '-n', desc: I18n.t('method_option.notoken'), default: false
+  method_option :test, type: :boolean, aliases: '-t', desc: I18n.t('method_option.test'), default: false
   # Print JSON for use with credential_process
-  def json(account) # rubocop:disable Metrics/AbcSize
-    output_safe(options[:force])
-    account = ask_check(
-      existing: account, message: I18n.t('message.account'), validator: Awskeyring.method(:account_exists),
-      limited_to: Awskeyring.list_account_names
-    )
-    cred = age_check_and_get(account: account, no_token: options['no-token'])
-    expiry = Time.at(cred[:expiry]) unless cred[:expiry].nil?
-    puts Awskeyring::Awsapi.get_cred_json(
-      key: cred[:key],
-      secret: cred[:secret],
-      token: cred[:token],
-      expiry: (expiry || (Time.new + Awskeyring::Awsapi::ONE_HOUR)).iso8601
-    )
+  def json(account) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
+    if options[:test]
+      cred = Awskeyring::Awsapi.gen_test_credentials(account: account)
+      puts Awskeyring::Awsapi.get_cred_json(
+        key: cred[:key],
+        secret: cred[:secret],
+        token: cred[:token],
+        expiry: (Time.new + Awskeyring::Awsapi::TWELVE_HOUR).iso8601
+      )
+    else
+      output_safe(options[:force])
+      account = ask_check(
+        existing: account, message: I18n.t('message.account'), validator: Awskeyring.method(:account_exists),
+        limited_to: Awskeyring.list_account_names
+      )
+      cred = age_check_and_get(account: account, no_token: options['no-token'])
+      expiry = Time.at(cred[:expiry]) unless cred[:expiry].nil?
+      puts Awskeyring::Awsapi.get_cred_json(
+        key: cred[:key],
+        secret: cred[:secret],
+        token: cred[:token],
+        expiry: (expiry || (Time.new + Awskeyring::Awsapi::ONE_HOUR)).iso8601
+      )
+    end
   end
   desc 'import ACCOUNT', I18n.t('import_desc')
@@ -186,8 +202,8 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
   method_option 'no-bundle', type: :boolean, aliases: '-b', desc: I18n.t('method_option.nobundle'), default: false
   method_option 'no-token', type: :boolean, aliases: '-n', desc: I18n.t('method_option.notoken'), default: false
   # execute an external command with env set
-  def exec(account, *command) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
-    if command.empty?
+  def exec(account, *exec) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
+    if exec.empty?
       warn I18n.t('message.exec')
       exit 1
     end
@@ -199,7 +215,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     env_vars = Awskeyring::Awsapi.get_env_array(cred)
     unbundle if options['no-bundle']
     begin
-      pid = Process.spawn(env_vars, command.join(' '))
+      pid = Process.spawn(env_vars, exec.join(' '))
       Process.wait pid
       exit 1 if Process.last_status.exitstatus.positive?
     rescue Errno::ENOENT => e
@@ -456,7 +472,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     comp_lines = comp_line[0..(comp_point_str.to_i)].split
-    comp_type, sub_cmd = comp_type(comp_lines: comp_lines, prev: prev)
+    comp_type, sub_cmd = comp_type(comp_lines: comp_lines, prev: prev, curr: curr)
     list = fetch_auto_resp(comp_type, sub_cmd)
     puts list.select { |elem| elem.start_with?(curr) }.sort!.join("\n")
   end
@@ -473,7 +489,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
   end
   # determine the type of completion needed
-  def comp_type(comp_lines:, prev:)
+  def comp_type(comp_lines:, prev:, curr:)
     sub_cmd = sub_command(comp_lines)
     comp_idx = comp_lines.rindex(prev)
@@ -484,19 +500,19 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
       comp_type = :browser_type
     else
       comp_type = :command
-      comp_type = param_type(comp_idx, sub_cmd) unless sub_cmd.empty?
+      comp_type = param_type(comp_idx, sub_cmd, curr) unless sub_cmd.empty?
     end
     [comp_type, sub_cmd]
   end
   # check params for named params or fall back to flags
-  def param_type(comp_idx, sub_cmd)
-    types = %i[opt req]
+  def param_type(comp_idx, sub_cmd, curr)
+    types = %i[opt req rest]
     param_list = method(sub_cmd).parameters.select { |elem| types.include? elem[0] }
     if comp_idx.zero?
       :command
-    elsif comp_idx > param_list.length
+    elsif comp_idx > param_list.length || curr.start_with?('-')
       :flag
     else
       param_list[comp_idx - 1][1]
@@ -515,7 +531,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
   end
   # given a type return the right list for completions
-  def fetch_auto_resp(comp_type, sub_cmd)
+  def fetch_auto_resp(comp_type, sub_cmd) # rubocop:disable Metrics/CyclomaticComplexity, Metrics/MethodLength
     case comp_type
     when :command
       list_commands
@@ -529,6 +545,8 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
       Awskeyring.list_token_names
     when :browser_type
       Awskeyring.list_browsers
+    when :exec
+      list_exec
     else
       list_arguments(command: sub_cmd)
     end
@@ -540,6 +558,17 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     commands.reject! { |elem| %w[autocomplete default decode].include?(elem) }
   end
+  # list executables
+  def list_exec
+    list = []
+    ENV['PATH'].split(File::PATH_SEPARATOR).each do |path|
+      list.concat(Dir.children(File.expand_path(path)))
+    rescue Errno::ENOENT
+      next
+    end
+    list.flatten
+  end
   # list flags for a command
   def list_arguments(command:)
     options = self.class.all_commands[command].options.values

data/man/awskeyring.5 CHANGED Viewed

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "AWSKEYRING" "5" "December 2023" "" ""
+.TH "AWSKEYRING" "5" "February 2025" "" ""
 .
 .SH "NAME"
 \fBAwskeyring\fR \- is a small tool to manage AWS account keys in the macOS Keychain
@@ -95,7 +95,10 @@ Outputs bourne shell environment exports for an ACCOUNT
 \-n, \-\-no\-token: Do not use saved token\.
 .
 .br
-\-u, \-\-unset, \-\-no\-unset: Unset environment variables\.
+\-t, \-\-test: Generate test credentials\.
+.
+.br
+\-u, \-\-unset: Unset environment variables\.
 .
 .TP
 exec ACCOUNT command\.\.\.:
@@ -153,6 +156,9 @@ Outputs AWS CLI compatible JSON for an ACCOUNT
 .br
 \-n, \-\-no\-token: Do not use saved token\.
 .
+.br
+\-t, \-\-test: Generate test credentials\.
+.
 .TP
 list:
 .
@@ -347,7 +353,7 @@ The motivation of this application is to provide a local secure store of AWS cre
 If you believe you have found a security issue in Awskeyring, please responsibly disclose by contacting me at \fItristan\.morgan@gmail\.com\fR\. Awskeyring is a Ruby script and as such Ruby is whitelisted to access your "awskeyring" keychain\. Use a strong password and keep the unlock time short\.
 .
 .SH "AUTHOR"
-Tristan Morgan \fItristan\.morgan@gmail\.com\fR is the maintainer of Awskeyring\.
+Tristan Morgan \fItristan\.morgan@gmail\.com\fR is the maintainer and author of Awskeyring\.
 .
 .SH "CONTRIBUTORS"
 .

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: awskeyring
 version: !ruby/object:Gem::Version
-  version: 1.12.0
+  version: 1.13.0
 platform: ruby
 authors:
 - Tristan Morgan
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-12-04 00:00:00.000000000 Z
+date: 2025-02-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-iam
@@ -92,9 +92,9 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/tristanmorgan/awskeyring/issues
   changelog_uri: https://github.com/tristanmorgan/awskeyring/blob/main/CHANGELOG.md
-  documentation_uri: https://rubydoc.info/gems/awskeyring/1.12.0
+  documentation_uri: https://rubydoc.info/gems/awskeyring/1.13.0
   rubygems_mfa_required: 'true'
-  source_code_uri: https://github.com/tristanmorgan/awskeyring/tree/v1.12.0
+  source_code_uri: https://github.com/tristanmorgan/awskeyring/tree/v1.13.0
   wiki_uri: https://github.com/tristanmorgan/awskeyring/wiki
 post_install_message:
 rdoc_options: []