RubyGems - awskeyring - Versions diffs - 1.8.0 → 1.8.5 - Mend

awskeyring 1.8.0 → 1.8.5

Files changed (16) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b48c06baceecbcec6e2b949d0985d8e67b788988385545a0c5c93ef1b355728d
-  data.tar.gz: 5409309869822c30497465a753a40e1717a3cee31f040ad80e287c71bbc2ae50
+  metadata.gz: df8b15491f307691db7f25727bdc12f5a90ba71b816e6b14b14a71bdbd53c594
+  data.tar.gz: af3cc61ea5c8c44025254b5fb9a90a087e67a2c556f7391006acc188ab5be214
 SHA512:
-  metadata.gz: 202db6a54856b8365246994f5a814b657d4b6f4912d170c80cf979d2bd4818d4a58150daf737a2f3085ebb8b4ad39788e92de809b6fbe0dea59315d4abed1717
-  data.tar.gz: 70e3cb77196023d67bd60e5b4b9afc6ddfdbac4b2f5a89610ed5f068e97e604e5884a29c30ae0ec7be3c73f3ad77e613e7f9e957d9ef1e84393a30e6fe55080b
+  metadata.gz: c20ade29e6499e0fa836cb7532dd1dd8776659ed7c3e69cc905c6ea34ae5a46b3af24320a94781996af7cdbb0cc4e69fabe86259d7aaa99048b577c5a9a09208
+  data.tar.gz: 547a0ad97e0e38b7b6e61d7b8275ab75c18a114d83a540de293c410cd4835f4a429bf829863e62fce4c8350ece488d0d4d4a0571c17b9e1a0b97b4416eaa51e2

data/LICENSE.txt CHANGED Viewed

@@ -1,6 +1,6 @@
 The MIT License (MIT)
-Copyright (c) 2017-2020 Tristan Morgan
+Copyright (c) 2017-2021 Tristan Morgan
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md CHANGED Viewed

@@ -2,7 +2,7 @@
 ![Awskeyring](https://raw.githubusercontent.com/servian/awskeyring/main/awskeyring-144.png)
-* [![Build Status](https://travis-ci.org/servian/awskeyring.svg?branch=main)](https://travis-ci.org/servian/awskeyring)
+* [![Build Status](https://travis-ci.com/servian/awskeyring.svg?branch=main)](https://travis-ci.com/servian/awskeyring)
 * [![Gem Version](https://badge.fury.io/rb/awskeyring.svg)](https://badge.fury.io/rb/awskeyring)
 * [![license MIT](https://img.shields.io/badge/license-MIT-brightgreen.svg)](https://opensource.org/licenses/MIT)
 * [![All Downloads](https://ruby-gem-downloads-badge.herokuapp.com/awskeyring?type=total)](https://rubygems.org/gems/awskeyring)
@@ -61,25 +61,25 @@ more details on this config option.
 The CLI is using [Thor](http://whatisthor.com) with help provided interactively.
-    Commands:
-      awskeyring --version, -v               # Prints the version
-      awskeyring add ACCOUNT                 # Adds an ACCOUNT to the keyring
-      awskeyring add-role ROLE               # Adds a ROLE to the keyring
-      awskeyring console ACCOUNT             # Open the AWS Console for the ACCOUNT
-      awskeyring env ACCOUNT                 # Outputs bourne shell environment exports for an ACCOUNT
-      awskeyring exec ACCOUNT command...     # Execute a COMMAND with the environment set for an ACCOUNT
-      awskeyring help [COMMAND]              # Describe available commands or one specific command
-      awskeyring import ACCOUNT              # Import an ACCOUNT to the keyring from ~/.aws/credentials
-      awskeyring initialise                  # Initialises a new KEYCHAIN
-      awskeyring json ACCOUNT                # Outputs AWS CLI compatible JSON for an ACCOUNT
-      awskeyring list                        # Prints a list of accounts in the keyring
-      awskeyring list-role                   # Prints a list of roles in the keyring
-      awskeyring remove ACCOUNT              # Removes an ACCOUNT from the keyring
-      awskeyring remove-role ROLE            # Removes a ROLE from the keyring
-      awskeyring remove-token ACCOUNT        # Removes a token for ACCOUNT from the keyring
-      awskeyring rotate ACCOUNT              # Rotate access keys for an ACCOUNT
-      awskeyring token ACCOUNT [ROLE] [MFA]  # Create an STS Token from a ROLE or an MFA code
-      awskeyring update ACCOUNT              # Updates an ACCOUNT in the keyring
+    Awskeyring commands:
+      awskeyring --version, -v                # Prints the version
+      awskeyring add ACCOUNT                  # Adds an ACCOUNT to the keyring
+      awskeyring add-role ROLE                # Adds a ROLE to the keyring
+      awskeyring console ACCOUNT              # Open the AWS Console for the ACCOUNT
+      awskeyring env ACCOUNT                  # Outputs bourne shell environment exports for an ACCOUNT
+      awskeyring exec ACCOUNT command...      # Execute a COMMAND with the environment set for an ACCOUNT
+      awskeyring help [COMMAND]               # Describe available commands or one specific command
+      awskeyring import ACCOUNT               # Import an ACCOUNT to the keyring from ~/.aws/credentials
+      awskeyring initialise                   # Initialises a new KEYCHAIN
+      awskeyring json ACCOUNT                 # Outputs AWS CLI compatible JSON for an ACCOUNT
+      awskeyring list                         # Prints a list of accounts in the keyring
+      awskeyring list-role                    # Prints a list of roles in the keyring
+      awskeyring remove ACCOUNT               # Removes an ACCOUNT from the keyring
+      awskeyring remove-role ROLE             # Removes a ROLE from the keyring
+      awskeyring remove-token ACCOUNT         # Removes a token for ACCOUNT from the keyring
+      awskeyring rotate ACCOUNT               # Rotate access keys for an ACCOUNT
+      awskeyring token ACCOUNT [ROLE] [CODE]  # Create an STS Token from a ROLE or an mfa CODE
+      awskeyring update ACCOUNT               # Updates an ACCOUNT in the keyring
 and autocomplete that can be installed with:
@@ -91,7 +91,7 @@ There are also short forms of most commands if you prefer:
 To set your environment easily the following bash function helps:
-    awsenv() { eval "$(awskeyring env $@)"; }
+    awsenv() { eval "$(awskeyring env ${@:-$AWS_ACCOUNT_NAME})"; }
 ## Development

data/Rakefile CHANGED Viewed

@@ -55,8 +55,9 @@ task :ronn do
 end
 YARD::Rake::YardocTask.new do |t|
-  t.options = ['--fail-on-warning', '--no-progress']
+  t.options = ['--fail-on-warning', '--no-progress', '--files', '*.md']
   t.stats_options = ['--list-undoc']
 end
+desc 'Run Linting, Tests and Documetation tasks'
 task default: %i[filemode rubocop spec ronn yard]

data/awskeyring.gemspec CHANGED Viewed

@@ -15,7 +15,7 @@ Gem::Specification.new do |spec|
   spec.homepage      = Awskeyring::HOMEPAGE
   spec.licenses      = ['MIT']
-  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^spec/|^\..*|^.*\.png}) }
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^spec/|^\..*|C.*\.md|.*\.ronn|.*\.png}) }
   spec.bindir        = 'exe'
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']

data/i18n/en.yml CHANGED Viewed

@@ -1,41 +1,24 @@
 ---
 en:
-  __version:
-    desc: Prints the version
-  add:
-    desc: Adds an ACCOUNT to the keyring
-  add_role:
-    desc: Adds a ROLE to the keyring
-  awskeyring:
-    desc: Autocompletion for bourne shells
-  console:
-    desc: Open the AWS Console for the ACCOUNT
-  env:
-    desc: Outputs bourne shell environment exports for an ACCOUNT
-  exec:
-    desc: Execute a COMMAND with the environment set for an ACCOUNT
-  import:
-    desc: Import an ACCOUNT to the keyring from ~/.aws/credentials
-  initialise:
-    desc: Initialises a new KEYCHAIN
-  json:
-    desc: Outputs AWS CLI compatible JSON for an ACCOUNT
-  list:
-    desc: Prints a list of accounts in the keyring
-  list_role:
-    desc: Prints a list of roles in the keyring
-  remove:
-    desc: Removes an ACCOUNT from the keyring
-  remove_role:
-    desc: Removes a ROLE from the keyring
-  remove_token:
-    desc: Removes a token for ACCOUNT from the keyring
-  rotate:
-    desc: Rotate access keys for an ACCOUNT
-  token:
-    desc: Create an STS Token from a ROLE or an MFA code
-  update:
-    desc: Updates an ACCOUNT in the keyring
+  __version_desc: Prints the version
+  add_desc: Adds an ACCOUNT to the keyring
+  add_role_desc: Adds a ROLE to the keyring
+  awskeyring_desc: Autocompletion for bourne shells
+  console_desc: Open the AWS Console for the ACCOUNT
+  default_desc: Run default help or initialise if needed.
+  env_desc: Outputs bourne shell environment exports for an ACCOUNT
+  exec_desc: Execute a COMMAND with the environment set for an ACCOUNT
+  import_desc: Import an ACCOUNT to the keyring from ~/.aws/credentials
+  initialise_desc: Initialises a new KEYCHAIN
+  json_desc: Outputs AWS CLI compatible JSON for an ACCOUNT
+  list_desc: Prints a list of accounts in the keyring
+  list_role_desc: Prints a list of roles in the keyring
+  remove_desc: Removes an ACCOUNT from the keyring
+  remove_role_desc: Removes a ROLE from the keyring
+  remove_token_desc: Removes a token for ACCOUNT from the keyring
+  rotate_desc: Rotate access keys for an ACCOUNT
+  token_desc: Create an STS Token from a ROLE or an mfa CODE
+  update_desc: Updates an ACCOUNT in the keyring
   method_option:
     arn: 'AWS role arn.'
     code: 'Virtual mfa CODE.'
@@ -50,7 +33,6 @@ en:
     noremote: 'Do not validate with remote api.'
     path: 'The service PATH to open.'
     browser: 'Specify an alternative browser.'
-    role: 'The ROLE to assume.'
     secret: 'AWS account secret.'
     unset: 'Unset environment variables.'
   message:

data/lib/awskeyring/awsapi.rb CHANGED Viewed

@@ -145,7 +145,7 @@ module Awskeyring
     # @param [String] key The aws_access_key_id
     # @param [String] secret The aws_secret_access_key
     # @param [String] token The aws_session_token
-    def self.verify_cred(key:, secret:, token:)
+    def self.verify_cred(key:, secret:, token: nil)
       begin
         ENV['AWS_DEFAULT_REGION'] = 'us-east-1' unless region
         sts = Aws::STS::Client.new(access_key_id: key, secret_access_key: secret, session_token: token)

data/lib/awskeyring/version.rb CHANGED Viewed

@@ -6,7 +6,7 @@ require 'json'
 # Version const and query of latest.
 module Awskeyring
   # The Gem's version number
-  VERSION = '1.8.0'
+  VERSION = '1.8.5'
   # The Gem's homepage
   HOMEPAGE = 'https://github.com/servian/awskeyring'

data/lib/awskeyring_command.rb CHANGED Viewed

@@ -11,29 +11,37 @@ require 'awskeyring/version'
 # AWSkeyring command line interface.
 class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
+  package_name 'Awskeyring'
   I18n.load_path = Dir.glob(File.join(File.realpath(__dir__), '..', 'i18n', '*.{yml,yaml}'))
   I18n.backend.load_translations
   map %w[--version -v] => :__version
   map %w[--help -h] => :help
-  map ['init'] => :initialise
-  map ['adr'] => :add_role
-  map ['con'] => :console
-  map ['ls'] => :list
-  map ['lsr'] => :list_role
-  map ['rm'] => :remove
-  map ['rmr'] => :remove_role
-  map ['rmt'] => :remove_token
-  map ['rot'] => :rotate
-  map ['tok'] => :token
-  map ['up'] => :update
+  map 'adr' => :add_role
+  map 'assume-role' => :token
+  map 'ls' => :list
+  map 'lsr' => :list_role
+  map 'rm' => :remove
+  map 'rmr' => :remove_role
+  map 'rmt' => :remove_token
+  default_command :default
   # default to returning an error on failure.
   def self.exit_on_failure?
     true
   end
-  desc '--version, -v', I18n.t('__version.desc')
+  desc 'default', I18n.t('default_desc'), hide: true
+  # default command to run
+  def default
+    if Awskeyring.prefs.empty?
+      invoke :initialise
+    else
+      invoke :help
+    end
+  end
+  desc '--version, -v', I18n.t('__version_desc')
   method_option 'no-remote', type: :boolean, aliases: '-r', desc: I18n.t('method_option.noremote'), default: false
   # print the version number
   def __version
@@ -44,7 +52,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     puts "Homepage #{Awskeyring::HOMEPAGE}"
   end
-  desc 'initialise', I18n.t('initialise.desc')
+  desc 'initialise', I18n.t('initialise_desc')
   method_option :keychain, type: :string, aliases: '-n', desc: I18n.t('method_option.keychain')
   # initialise the keychain
   def initialise
@@ -69,7 +77,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     puts I18n.t('message.addkeychain', keychain: keychain, exec_name: exec_name)
   end
-  desc 'list', I18n.t('list.desc')
+  desc 'list', I18n.t('list_desc')
   # list the accounts
   def list
     if Awskeyring.list_account_names.empty?
@@ -79,9 +87,8 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     puts Awskeyring.list_account_names.join("\n")
   end
-  map 'list-role' => :list_role
-  desc 'list-role', I18n.t('list_role.desc')
-  method_option 'detail', type: :boolean, aliases: '-d', desc: I18n.t('method_option.detail'), default: false
+  desc 'list-role', I18n.t('list_role_desc')
+  method_option :detail, type: :boolean, aliases: '-d', desc: I18n.t('method_option.detail'), default: false
   # List roles
   def list_role
     if Awskeyring.list_role_names.empty?
@@ -95,9 +102,9 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     end
   end
-  desc 'env ACCOUNT', I18n.t('env.desc')
+  desc 'env ACCOUNT', I18n.t('env_desc')
   method_option 'no-token', type: :boolean, aliases: '-n', desc: I18n.t('method_option.notoken'), default: false
-  method_option 'unset', type: :boolean, aliases: '-u', desc: I18n.t('method_option.unset'), default: false
+  method_option :unset, type: :boolean, aliases: '-u', desc: I18n.t('method_option.unset'), default: false
   # Print Env vars
   def env(account = nil)
     if options[:unset]
@@ -113,7 +120,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     end
   end
-  desc 'json ACCOUNT', I18n.t('json.desc')
+  desc 'json ACCOUNT', I18n.t('json_desc')
   method_option 'no-token', type: :boolean, aliases: '-n', desc: I18n.t('method_option.notoken'), default: false
   # Print JSON for use with credential_process
   def json(account)
@@ -130,7 +137,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     )
   end
-  desc 'import ACCOUNT', I18n.t('import.desc')
+  desc 'import ACCOUNT', I18n.t('import_desc')
   method_option 'no-remote', type: :boolean, aliases: '-r', desc: I18n.t('method_option.noremote'), default: false
   # Import an Account
   def import(account = nil) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
@@ -166,7 +173,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     end
   end
-  desc 'exec ACCOUNT command...', I18n.t('exec.desc')
+  desc 'exec ACCOUNT command...', I18n.t('exec_desc')
   method_option 'no-token', type: :boolean, aliases: '-n', desc: I18n.t('method_option.notoken'), default: false
   method_option 'no-bundle', type: :boolean, aliases: '-b', desc: I18n.t('method_option.nobundle'), default: false
   # execute an external command with env set
@@ -188,7 +195,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     end
   end
-  desc 'add ACCOUNT', I18n.t('add.desc')
+  desc 'add ACCOUNT', I18n.t('add_desc')
   method_option :key, type: :string, aliases: '-k', desc: I18n.t('method_option.key')
   method_option :secret, type: :string, aliases: '-s', desc: I18n.t('method_option.secret')
   method_option :mfa, type: :string, aliases: '-m', desc: I18n.t('method_option.mfa')
@@ -209,7 +216,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
       existing: options[:mfa], message: I18n.t('message.mfa'),
       flags: 'optional', validator: Awskeyring::Validate.method(:mfa_arn)
     )
-    Awskeyring::Awsapi.verify_cred(key: key, secret: secret, token: nil) unless options['no-remote']
+    Awskeyring::Awsapi.verify_cred(key: key, secret: secret) unless options['no-remote']
     Awskeyring.add_account(
       account: account,
       key: key,
@@ -219,7 +226,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     puts I18n.t('message.addaccount', account: account)
   end
-  desc 'update ACCOUNT', I18n.t('update.desc')
+  desc 'update ACCOUNT', I18n.t('update_desc')
   method_option :key, type: :string, aliases: '-k', desc: I18n.t('method_option.key')
   method_option :secret, type: :string, aliases: '-s', desc: I18n.t('method_option.secret')
   method_option 'no-remote', type: :boolean, aliases: '-r', desc: I18n.t('method_option.noremote'), default: false
@@ -246,8 +253,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     puts I18n.t('message.upaccount', account: account)
   end
-  map 'add-role' => :add_role
-  desc 'add-role ROLE', I18n.t('add_role.desc')
+  desc 'add-role ROLE', I18n.t('add_role_desc')
   method_option :arn, type: :string, aliases: '-a', desc: I18n.t('method_option.arn')
   # Add a role
   def add_role(role = nil)
@@ -267,7 +273,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     puts I18n.t('message.addrole', role: role)
   end
-  desc 'remove ACCOUNT', I18n.t('remove.desc')
+  desc 'remove ACCOUNT', I18n.t('remove_desc')
   # Remove an account
   def remove(account = nil)
     account = ask_check(
@@ -277,18 +283,17 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     Awskeyring.delete_account(account: account, message: I18n.t('message.delaccount', account: account))
   end
-  desc 'remove-token ACCOUNT', I18n.t('remove_token.desc')
+  desc 'remove-token ACCOUNT', I18n.t('remove_token_desc')
   # remove a session token
-  def remove_token(account = nil)
-    account = ask_check(
-      existing: account, message: I18n.t('message.account'), validator: Awskeyring.method(:token_exists),
+  def remove_token(token = nil)
+    token = ask_check(
+      existing: token, message: I18n.t('message.account'), validator: Awskeyring.method(:token_exists),
       limited_to: Awskeyring.list_token_names
     )
-    Awskeyring.delete_token(account: account, message: I18n.t('message.deltoken', account: account))
+    Awskeyring.delete_token(account: token, message: I18n.t('message.deltoken', account: token))
   end
-  map 'remove-role' => :remove_role
-  desc 'remove-role ROLE', I18n.t('remove_role.desc')
+  desc 'remove-role ROLE', I18n.t('remove_role_desc')
   # remove a role
   def remove_role(role = nil)
     role = ask_check(
@@ -298,7 +303,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     Awskeyring.delete_role(role_name: role, message: I18n.t('message.delrole', role: role))
   end
-  desc 'rotate ACCOUNT', I18n.t('rotate.desc')
+  desc 'rotate ACCOUNT', I18n.t('rotate_desc')
   # rotate Account keys
   def rotate(account = nil) # rubocop:disable Metrics/MethodLength
     account = ask_check(
@@ -330,8 +335,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     puts I18n.t('message.upaccount', account: account)
   end
-  desc 'token ACCOUNT [ROLE] [MFA]', I18n.t('token.desc')
-  method_option :role, type: :string, aliases: '-r', desc: I18n.t('method_option.role')
+  desc 'token ACCOUNT [ROLE] [CODE]', I18n.t('token_desc')
   method_option :code, type: :string, aliases: '-c', desc: I18n.t('method_option.code')
   method_option :duration, type: :string, aliases: '-d', desc: I18n.t('method_option.duration')
   # generate a sessiopn token
@@ -342,7 +346,6 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
       validator: Awskeyring.method(:account_exists),
       limited_to: Awskeyring.list_account_names
     )
-    role ||= options[:role]
     if role
       role = ask_check(
         existing: role, message: I18n.t('message.role'), validator: Awskeyring.method(:role_exists),
@@ -385,7 +388,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     puts I18n.t('message.addtoken', account: account, time: Time.at(new_creds[:expiry].to_i))
   end
-  desc 'console ACCOUNT', I18n.t('console.desc')
+  desc 'console ACCOUNT', I18n.t('console_desc')
   method_option :path, type: :string, aliases: '-p', desc: I18n.t('method_option.path')
   method_option :browser, type: :string, aliases: '-b', desc: I18n.t('method_option.browser')
   method_option 'no-token', type: :boolean, aliases: '-n', desc: I18n.t('method_option.notoken'), default: false
@@ -424,109 +427,142 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     end
   end
-  desc 'awskeyring CURR PREV', I18n.t('awskeyring.desc'), hide: true
+  desc "#{File.basename($PROGRAM_NAME)} CURR PREV", I18n.t('awskeyring_desc'), hide: true
+  map File.basename($PROGRAM_NAME) => :autocomplete
   # autocomplete
-  def awskeyring(curr, prev)
+  def autocomplete(curr, prev = nil)
+    curr, prev = fix_args(curr, prev)
     comp_line = ENV['COMP_LINE']
-    unless comp_line
+    comp_point_str = ENV['COMP_POINT']
+    unless comp_line && comp_point_str
       exec_name = File.basename($PROGRAM_NAME)
       warn I18n.t('message.awskeyring', path: $PROGRAM_NAME, bin: exec_name)
       exit 1
     end
-    curr, comp_len, sub_cmd = comp_type(comp_line: comp_line, curr: curr, prev: prev)
-    print_auto_resp(curr, comp_len, sub_cmd)
+    comp_lines = comp_line[0..(comp_point_str.to_i)].split
+    comp_type, sub_cmd = comp_type(comp_lines: comp_lines, prev: prev)
+    list = fetch_auto_resp(comp_type, sub_cmd)
+    puts list.select { |elem| elem.start_with?(curr) }.sort!.join("\n")
   end
   private
-  def age_check_and_get(account:, no_token:)
-    cred = Awskeyring.get_valid_creds(account: account, no_token: no_token)
-    maxage = Awskeyring.key_age
-    age = (Time.new - cred[:updated]).div Awskeyring::Awsapi::ONE_DAY
-    warn I18n.t('message.age_check', account: account, age: age) unless age < maxage
-    cred
+  # when a double dash is parsed it is dropped from the args but we need it
+  def fix_args(curr, prev)
+    if prev.nil?
+      [ARGV[1], ARGV[2]]
+    else
+      [curr, prev]
+    end
   end
-  def comp_type(comp_line:, curr:, prev:)
-    comp_len = comp_line.split.index(prev)
-    sub_cmd = sub_command(comp_line.split)
-    comp_len = 3 if curr.start_with?('-')
+  # determine the type of completion needed
+  def comp_type(comp_lines:, prev:)
+    sub_cmd = sub_command(comp_lines)
+    comp_idx = comp_lines.rindex(prev)
     case prev
-    when 'help', File.basename($PROGRAM_NAME)
-      comp_len = 0
-    when 'remove-role', '-r', 'rmr'
-      comp_len = 2
     when '--path', '-p'
-      comp_len = 40
-    when 'remove-token', 'rmt'
-      comp_len = 50
+      comp_type = :path_type
     when '--browser', '-b'
-      comp_len = 60
+      comp_type = :browser_type
+    else
+      comp_type = :command
+      comp_type = param_type(comp_idx, sub_cmd) unless sub_cmd.empty?
     end
-    [curr, comp_len, sub_cmd]
+    [comp_type, sub_cmd]
+  end
+  # check params for named params or fall back to flags
+  def param_type(comp_idx, sub_cmd)
+    types = %i[opt req]
+    param_list = method(sub_cmd).parameters.select { |elem| types.include? elem[0] }
+    if comp_idx.zero?
+      :command
+    elsif comp_idx > param_list.length
+      :flag
+    else
+      param_list[comp_idx - 1][1]
+    end
   end
+  # catch the command from prefixes and aliases
   def sub_command(comp_lines)
-    return nil if comp_lines.nil? || comp_lines.length < 2
+    return '' if comp_lines.nil? || comp_lines.length < 2
-    sub_cmd = comp_lines[1]
+    sub_cmd = comp_lines[1].tr('-', '_')
-    return sub_cmd if self.class.all_commands.keys.index(sub_cmd)
+    sub_cmds = self.class.all_commands.keys.select { |elem| elem.start_with?(sub_cmd) }
+    return sub_cmds.first if sub_cmds.length == 1
     self.class.map[sub_cmd].to_s
   end
-  def print_auto_resp(curr, len, sub_cmd) # rubocop:disable Metrics/MethodLength, Metrics/CyclomaticComplexity
-    list = []
-    case len
-    when 0
-      list = list_commands
-    when 1
-      list = Awskeyring.list_account_names
-    when 2
-      list = Awskeyring.list_role_names
-    when 3..10
-      list = list_arguments(command: sub_cmd)
-    when 40
-      list = Awskeyring.list_console_path
-    when 50
-      list = Awskeyring.list_token_names
-    when 60
-      list = Awskeyring.list_browsers
+  # given a type return the right list for completions
+  def fetch_auto_resp(comp_type, sub_cmd)
+    case comp_type
+    when :command
+      list_commands
+    when :account
+      Awskeyring.list_account_names
+    when :role
+      Awskeyring.list_role_names
+    when :path_type
+      Awskeyring.list_console_path
+    when :token
+      Awskeyring.list_token_names
+    when :browser_type
+      Awskeyring.list_browsers
     else
-      exit 1
+      list_arguments(command: sub_cmd)
     end
-    puts list.select { |elem| elem.start_with?(curr) }.sort!.join("\n")
   end
+  # list command names
   def list_commands
-    self.class.all_commands.keys.map { |elem| elem.tr('_', '-') }.reject! { |elem| elem == 'awskeyring' }
+    commands = self.class.all_commands.keys.map { |elem| elem.tr('_', '-') }
+    commands.reject! { |elem| %w[autocomplete default].include?(elem) }
   end
+  # list flags for a command
   def list_arguments(command:)
-    exit 1 if command.empty?
-    self.class.all_commands[command].options.values.map(&:aliases).flatten! +
-      self.class.all_commands[command].options.values.map(&:switch_name)
+    options = self.class.all_commands[command].options.values
+    exit 1 if options.empty?
+    options.map(&:aliases).flatten! +
+      options.map(&:switch_name)
+  end
+  # add warning about old keys
+  def age_check_and_get(account:, no_token:)
+    cred = Awskeyring.get_valid_creds(account: account, no_token: no_token)
+    maxage = Awskeyring.key_age
+    age = (Time.new - cred[:updated]).div Awskeyring::Awsapi::ONE_DAY
+    warn I18n.t('message.age_check', account: account, age: age) unless age < maxage
+    cred
   end
+  # print exports from map
   def put_env_string(cred)
     env_var = Awskeyring::Awsapi.get_env_array(cred)
     env_var.each { |var, value| puts "export #{var}=\"#{value}\"" }
     Awskeyring::Awsapi::AWS_ENV_VARS.each { |key| puts "unset #{key}" unless env_var.key?(key) }
   end
+  # select duration for sts token types
   def default_duration(duration, role, code)
     duration ||= Awskeyring::Awsapi::ONE_HOUR.to_s if role
     duration ||= Awskeyring::Awsapi::TWELVE_HOUR.to_s if code
     duration || Awskeyring::Awsapi::ONE_HOUR.to_s
   end
+  # ask and validate input values.
   def ask_check(existing:, message:, flags: nil, validator: nil, limited_to: nil) # rubocop:disable Metrics/MethodLength
     retries ||= 3
     begin
@@ -547,10 +583,12 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     value
   end
+  # ask for somthinng if its missing.
   def ask_missing(existing:, message:, secure: false, optional: false, limited_to: nil)
     existing || ask(message: message, secure: secure, optional: optional, limited_to: limited_to).strip
   end
+  # ask in different ways
   def ask(message:, secure: false, optional: false, limited_to: nil)
     if secure
       Awskeyring::Input.read_secret("#{message.rjust(20)}: ")
@@ -563,6 +601,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
     end
   end
+  # undo Bundler env vars
   def unbundle
     to_delete = ENV.keys.select { |elem| elem.start_with?('BUNDLER_ORIG_') }
     bundled_env = to_delete.map { |elem| elem[('BUNDLER_ORIG_'.length)..] }

data/man/awskeyring.5 CHANGED Viewed

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "AWSKEYRING" "5" "November 2020" "" ""
+.TH "AWSKEYRING" "5" "June 2021" "" ""
 .
 .SH "NAME"
 \fBAwskeyring\fR \- is a small tool to manage AWS account keys in the macOS Keychain
@@ -189,17 +189,14 @@ rotate ACCOUNT:
 Rotate access keys for an ACCOUNT
 .
 .TP
-token ACCOUNT [ROLE] [MFA]:
+token ACCOUNT [ROLE] [CODE]:
 .
 .IP
-Create an STS Token from a ROLE or an MFA code
+Create an STS Token from a ROLE or an mfa CODE
 .
 .br
 .
 .IP
-\-r, \-\-role=ROLE: The ROLE to assume\.
-.
-.br
 \-c, \-\-code=CODE: Virtual mfa CODE\.
 .
 .br
@@ -267,8 +264,34 @@ awskeyring env personal\-aws
 .
 .IP "" 0
 .
+.P
+To open the AWS Console (web page) with your default browser simply run\.\.\.
+.
+.IP "" 4
+.
+.nf
+awskeyring console personal\-aws
+.
+.fi
+.
+.IP "" 0
+.
+.P
+Autocomplete is enabled in your current shell with the following command\.\.\.
+.
+.IP "" 4
+.
+.nf
+complete \-C /usr/local/bin/awskeyring awskeyring
+.
+.fi
+.
+.IP "" 0
+.
 .SH "HISTORY"
-The motivation of this application is to provide a local secure store of AWS credentials using specifically in the macOS Keychain, to have them easily accessed from the Terminal, and to provide useful functions like assuming roles and opening the AWS Console from the cli\. For Enterprise environments there are better suited tools to use like HashiCorp Vault \fIhttps://vaultproject\.io/\fR\.
+The motivation of this application is to provide a local secure store of AWS credentials using specifically in the macOS Keychain, to have them easily accessed from the Terminal, and to provide useful functions like assuming roles and opening the AWS Console from the cli\. It then expanded to include autocomplete and a desire to have an almost complete test coverage to prevent regressions in its functionality\. For Enterprise environments there are better suited tools to use like HashiCorp Vault \fIhttps://vaultproject\.io/\fR\.
 .
 .SH "SECURITY"
 If you believe you have found a security issue in Awskeyring, please responsibly disclose by contacting me at \fItristan\.morgan@servian\.com\fR\. Awskeyring is a Ruby script and as such Ruby is whitelisted to access your "awskeyring" keychain\. Use a strong password and keep the unlock time short\.

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: awskeyring
 version: !ruby/object:Gem::Version
-  version: 1.8.0
+  version: 1.8.5
 platform: ruby
 authors:
 - Tristan Morgan
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-12-07 00:00:00.000000000 Z
+date: 2021-06-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-iam
@@ -73,14 +73,10 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
-- CHANGELOG.md
-- CODE_OF_CONDUCT.md
-- CONTRIBUTING.md
 - Gemfile
 - LICENSE.txt
 - README.md
 - Rakefile
-- SECURITY.md
 - awskeyring.gemspec
 - exe/awskeyring
 - i18n/en.yml
@@ -91,15 +87,14 @@ files:
 - lib/awskeyring/version.rb
 - lib/awskeyring_command.rb
 - man/awskeyring.5
-- man/awskeyring.5.ronn
 homepage: https://github.com/servian/awskeyring
 licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/servian/awskeyring/issues
   changelog_uri: https://github.com/servian/awskeyring/blob/main/CHANGELOG.md
-  documentation_uri: https://rubydoc.info/gems/awskeyring/1.8.0
-  source_code_uri: https://github.com/servian/awskeyring/tree/v1.8.0
+  documentation_uri: https://rubydoc.info/gems/awskeyring/1.8.5
+  source_code_uri: https://github.com/servian/awskeyring/tree/v1.8.5
   wiki_uri: https://github.com/servian/awskeyring/wiki
 post_install_message:
 rdoc_options: []

data/CHANGELOG.md DELETED Viewed

@@ -1,152 +0,0 @@
-# Changelog
-## [v1.8.0](https://github.com/servian/awskeyring/tree/v1.8.0) (2020-12-07)
-[Full Changelog](https://github.com/servian/awskeyring/compare/v1.7.0...v1.8.0)
-**Implemented enhancements:**
-- Include expiry time export, AWS\_CREDENTIAL\_EXPIRATION [\#74](https://github.com/servian/awskeyring/pull/74) ([tristanmorgan](https://github.com/tristanmorgan))
-## [v1.7.0](https://github.com/servian/awskeyring/tree/v1.7.0) (2020-11-18)
-[Full Changelog](https://github.com/servian/awskeyring/compare/v1.6.0...v1.7.0)
-**Implemented enhancements:**
-- Allow specifying a browser other than the default [\#71](https://github.com/servian/awskeyring/issues/71)
-- Autocomplete for Browsers [\#73](https://github.com/servian/awskeyring/pull/73) ([tristanmorgan](https://github.com/tristanmorgan))
-**Merged pull requests:**
-- Updates for added RuboCop checks. [\#70](https://github.com/servian/awskeyring/pull/70) ([tristanmorgan](https://github.com/tristanmorgan))
-## [v1.6.0](https://github.com/servian/awskeyring/tree/v1.6.0) (2020-08-11)
-[Full Changelog](https://github.com/servian/awskeyring/compare/v1.5.0...v1.6.0)
-**Implemented enhancements:**
-- Warn about missing accounts/roles [\#69](https://github.com/servian/awskeyring/pull/69) ([tristanmorgan](https://github.com/tristanmorgan))
-- RuboCop and Spec update [\#68](https://github.com/servian/awskeyring/pull/68) ([tristanmorgan](https://github.com/tristanmorgan))
-- Add SimpleCov reports. [\#67](https://github.com/servian/awskeyring/pull/67) ([tristanmorgan](https://github.com/tristanmorgan))
-## [v1.5.0](https://github.com/servian/awskeyring/tree/v1.5.0) (2020-07-08)
-[Full Changelog](https://github.com/servian/awskeyring/compare/v1.4.0...v1.5.0)
-**Implemented enhancements:**
-- No-Bundle env changes for exec. [\#66](https://github.com/servian/awskeyring/pull/66) ([tristanmorgan](https://github.com/tristanmorgan))
-## [v1.4.0](https://github.com/servian/awskeyring/tree/v1.4.0) (2020-06-19)
-[Full Changelog](https://github.com/servian/awskeyring/compare/v1.3.3...v1.4.0)
-**Implemented enhancements:**
-- Import Keys and Tokens from shared credentials files. [\#65](https://github.com/servian/awskeyring/pull/65) ([tristanmorgan](https://github.com/tristanmorgan))
-## [v1.3.3](https://github.com/servian/awskeyring/tree/v1.3.3) (2020-06-04)
-[Full Changelog](https://github.com/servian/awskeyring/compare/v1.3.2...v1.3.3)
-**Implemented enhancements:**
-- Change email references from Vibrato to Servian [\#64](https://github.com/servian/awskeyring/pull/64) ([tristanmorgan](https://github.com/tristanmorgan))
-## [v1.3.2](https://github.com/servian/awskeyring/tree/v1.3.2) (2020-04-27)
-[Full Changelog](https://github.com/servian/awskeyring/compare/v1.3.1...v1.3.2)
-**Fixed bugs:**
-- Fix I18n message load when used as a library. [\#63](https://github.com/servian/awskeyring/pull/63) ([tristanmorgan](https://github.com/tristanmorgan))
-## [v1.3.1](https://github.com/servian/awskeyring/tree/v1.3.1) (2020-03-19)
-[Full Changelog](https://github.com/servian/awskeyring/compare/v1.3.0...v1.3.1)
-**Implemented enhancements:**
-- Markdown linting changes and removed Rubocop-MD. [\#61](https://github.com/servian/awskeyring/pull/61) ([tristanmorgan](https://github.com/tristanmorgan))
-- Removed some redundant code. [\#60](https://github.com/servian/awskeyring/pull/60) ([tristanmorgan](https://github.com/tristanmorgan))
-**Merged pull requests:**
-- Update Ronn code and PR template. [\#59](https://github.com/servian/awskeyring/pull/59) ([tristanmorgan](https://github.com/tristanmorgan))
-## [v1.3.0](https://github.com/servian/awskeyring/tree/v1.3.0) (2020-02-19)
-[Full Changelog](https://github.com/servian/awskeyring/compare/v1.2.0...v1.3.0)
-**Implemented enhancements:**
-- Add a man-page and tweak README. [\#58](https://github.com/servian/awskeyring/pull/58) ([tristanmorgan](https://github.com/tristanmorgan))
-- Enhanced version [\#57](https://github.com/servian/awskeyring/pull/57) ([AzySir](https://github.com/AzySir))
-## [v1.2.0](https://github.com/servian/awskeyring/tree/v1.2.0) (2020-01-20)
-[Full Changelog](https://github.com/servian/awskeyring/compare/v1.1.2...v1.2.0)
-**Implemented enhancements:**
-- Check for existing account keys and role arns [\#56](https://github.com/servian/awskeyring/pull/56) ([tristanmorgan](https://github.com/tristanmorgan))
-## [v1.1.2](https://github.com/servian/awskeyring/tree/v1.1.2) (2020-01-06)
-[Full Changelog](https://github.com/servian/awskeyring/compare/v1.1.1...v1.1.2)
-**Fixed bugs:**
-- Deprecation warning for exit\_on\_failure [\#55](https://github.com/servian/awskeyring/pull/55) ([tristanmorgan](https://github.com/tristanmorgan))
-## [v1.1.1](https://github.com/servian/awskeyring/tree/v1.1.1) (2019-11-27)
-[Full Changelog](https://github.com/servian/awskeyring/compare/v1.1.0...v1.1.1)
-**Implemented enhancements:**
-- Add --detail flag for roles. [\#54](https://github.com/servian/awskeyring/pull/54) ([tristanmorgan](https://github.com/tristanmorgan))
-## [v1.1.0](https://github.com/servian/awskeyring/tree/v1.1.0) (2019-11-06)
-[Full Changelog](https://github.com/servian/awskeyring/compare/v1.0.2...v1.1.0)
-**Implemented enhancements:**
-- Add completion to input prompts [\#53](https://github.com/servian/awskeyring/pull/53) ([tristanmorgan](https://github.com/tristanmorgan))
-- Check for existing \(or not\) role names [\#52](https://github.com/servian/awskeyring/pull/52) ([tristanmorgan](https://github.com/tristanmorgan))
-## [v1.0.2](https://github.com/servian/awskeyring/tree/v1.0.2) (2019-10-18)
-[Full Changelog](https://github.com/servian/awskeyring/compare/v1.0.1...v1.0.2)
-**Implemented enhancements:**
-- Move to a new home, Servian. [\#51](https://github.com/servian/awskeyring/pull/51) ([tristanmorgan](https://github.com/tristanmorgan))
-- Use RuboCop-RSpec too and expect\(\) more. [\#48](https://github.com/servian/awskeyring/pull/48) ([tristanmorgan](https://github.com/tristanmorgan))
-## [v1.0.1](https://github.com/servian/awskeyring/tree/v1.0.1) (2019-05-23)
-[Full Changelog](https://github.com/servian/awskeyring/compare/v1.0.0...v1.0.1)
-**Implemented enhancements:**
-- auto-complete the --version [\#47](https://github.com/servian/awskeyring/pull/47) ([tristanmorgan](https://github.com/tristanmorgan))
-**Fixed bugs:**
-- Unfreeze secret strings. [\#46](https://github.com/servian/awskeyring/pull/46) ([tristanmorgan](https://github.com/tristanmorgan))
-## [v1.0.0](https://github.com/servian/awskeyring/tree/v1.0.0) (2019-05-19)
-[Full Changelog](https://github.com/servian/awskeyring/compare/v0.10.0...v1.0.0)
-**Implemented enhancements:**
-- More RuboCop changes and tweaked version string. [\#45](https://github.com/servian/awskeyring/pull/45) ([tristanmorgan](https://github.com/tristanmorgan))
-\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)*

data/CODE_OF_CONDUCT.md DELETED Viewed

@@ -1,73 +0,0 @@
-# Contributor Covenant Code of Conduct
-## Our Pledge
-In the interest of fostering an open and welcoming environment, we as
-contributors and maintainers pledge to making participation in our project and
-our community a harassment-free experience for everyone, regardless of age, body
-size, disability, ethnicity, gender identity and expression, level of experience,
-education, socio-economic status, nationality, personal appearance, race,
-religion, or sexual identity and orientation.
-## Our Standards
-Examples of behavior that contributes to creating a positive environment
-include:
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
-Examples of unacceptable behavior by participants include:
-* The use of sexualized language or imagery and unwelcome sexual attention or
-  advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or electronic
-  address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
-  professional setting
-## Our Responsibilities
-Project maintainers are responsible for clarifying the standards of acceptable
-behavior and are expected to take appropriate and fair corrective action in
-response to any instances of unacceptable behavior.
-Project maintainers have the right and responsibility to remove, edit, or
-reject comments, commits, code, wiki edits, issues, and other contributions
-that are not aligned to this Code of Conduct, or to ban temporarily or
-permanently any contributor for other behaviors that they deem inappropriate,
-threatening, offensive, or harmful.
-## Scope
-This Code of Conduct applies both within project spaces and in public spaces
-when an individual is representing the project or its community. Examples of
-representing a project or community include using an official project e-mail
-address, posting via an official social media account, or acting as an appointed
-representative at an online or offline event. Representation of a project may be
-further defined and clarified by project maintainers.
-## Enforcement
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at [tristan.morgan@servian.com](mailto:tristan.morgan@servian.com). All
-complaints will be reviewed and investigated and will result in a response that
-is deemed necessary and appropriate to the circumstances. The project team is
-obligated to maintain confidentiality with regard to the reporter of an incident.
-Further details of specific enforcement policies may be posted separately.
-Project maintainers who do not follow or enforce the Code of Conduct in good
-faith may face temporary or permanent repercussions as determined by other
-members of the project's leadership.
-## Attribution
-This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
-available [here](https://www.contributor-covenant.org/version/1/4/code-of-conduct.html)
-[homepage]: https://www.contributor-covenant.org

data/CONTRIBUTING.md DELETED Viewed

@@ -1,48 +0,0 @@
-# How to contribute
-Bug reports and pull requests from users are what keep this project working.
-## Basics
-1. Create an issue and describe your idea
-2. [Fork it](https://github.com/servian/awskeyring/fork)
-3. Create your feature branch (`git checkout -b my-new-feature`)
-4. Commit your changes (`git commit -am 'Add some feature'`)
-5. Publish the branch (`git push origin my-new-feature`)
-6. Create a new Pull Request
-## Checking your work
-You can run the test suite.
-You can run [RuboCop] to check code style.
-You can run [RSpec] to see if anything broke.
-You can run [YARD] to see of your code is documented.
-The default Rake task, runnable using `rake`.
-## Write documentation
-This project has documentation in a few places:
-### Introduction and usage
-A friendly `README.md` written for many audiences.
-### Examples and advanced usage
-The [wiki].
-### API documentation
-API documentation is written as [YARD] docblocks in the Ruby code.
-This is rendered as Web pages on [Rubydoc.info][awskeyring on Rubydoc.info].
-[wiki]: https://github.com/servian/awskeyring/wiki
-[YARD]: https://yardoc.org/
-[awskeyring on Rubydoc.info]: https://www.rubydoc.info/gems/awskeyring
-[RuboCop]: https://rubocop.readthedocs.io/en/latest/
-[Rspec]: https://rspec.info

data/SECURITY.md DELETED Viewed

@@ -1,4 +0,0 @@
-# Security Policy
-If you believe you have found a security issue in Awskeyring, please responsibly disclose by contacting me at
-[tristan.morgan@servian.com](mailto:tristan.morgan@servian.com).

data/man/awskeyring.5.ronn DELETED Viewed

@@ -1,175 +0,0 @@
-# Awskeyring -- is a small tool to manage AWS account keys in the macOS Keychain
-## SYNOPSIS
-awskeyring COMMAND [ACCOUNT|ROLE] [OPTIONS]
-awskeyring help COMMAND
-## DESCRIPTION
-The Awskeyring utility stores and manages AWS access keys and provides the facility to generate access tokens with
-combinations of assumed roles and multi-factor-authentication codes. It includes autocompletion features and multiple
-validation checks for input parsing. It also includes the ability for the AWS CLI to call it directly to provide authentication.
-The commands are as follows:
-* --version, -v:
-    Prints the version<br>
-    -r, --no-remote: Do not validate with remote api.
-* add ACCOUNT:
-    Adds an ACCOUNT to the keyring<br>
-    -k, --key=KEY: AWS account key id.<br>
-    -s, --secret=SECRET: AWS account secret.<br>
-    -m, --mfa=MFA: AWS virtual mfa arn.<br>
-    -r, --no-remote: Do not validate with remote api.
-* add-role ROLE:
-    Adds a ROLE to the keyring<br>
-    -a, --arn=ARN: AWS role arn.
-* awskeyring console ACCOUNT:
-    Open the AWS Console for the ACCOUNT<br>
-    -p, --path=PATH: The service PATH to open.<br>
-    -b, --browser=BROWSER: Specify an alternative browser.<br>
-    -n, --no-token: Do not use saved token.<br>
-    -o, --no-open: Do not open the url.
-* env ACCOUNT:
-    Outputs bourne shell environment exports for an ACCOUNT<br>
-    -n, --no-token: Do not use saved token.<br>
-    -u, --unset, --no-unset: Unset environment variables.
-* exec ACCOUNT command...:
-    Execute a COMMAND with the environment set for an ACCOUNT<br>
-    -n, --no-token: Do not use saved token.<br>
-    -b, --no-bundle: Unset Bundler environment variables.
-* help [COMMAND]:
-    Describe available commands or one specific command
-* import:
-    Import an ACCOUNT to the keyring from ~/.aws/credentials<br>
-    -r, --no-remote: Do not validate with remote api.
-* initialise:
-    Initialises a new KEYCHAIN<br>
-    -n, --keychain=KEYCHAIN: Name of KEYCHAIN to initialise.
-* json ACCOUNT:
-    Outputs AWS CLI compatible JSON for an ACCOUNT<br>
-    -n, --no-token: Do not use saved token.
-* list:
-    Prints a list of accounts in the keyring
-* list-role:
-    Prints a list of roles in the keyring<br>
-    -d, --detail, --no-detail: Show more detail.
-* remove ACCOUNT:
-    Removes an ACCOUNT from the keyring
-* remove-role ROLE:
-    Removes a ROLE from the keyring
-* remove-token ACCOUNT:
-    Removes a token for ACCOUNT from the keyring
-* rotate ACCOUNT:
-    Rotate access keys for an ACCOUNT
-* token ACCOUNT [ROLE] [MFA]:
-    Create an STS Token from a ROLE or an MFA code<br>
-    -r, --role=ROLE: The ROLE to assume.<br>
-    -c, --code=CODE: Virtual mfa CODE.<br>
-    -d, --duration=DURATION: Session DURATION in seconds.
-* update ACCOUNT:
-    Updates an ACCOUNT in the keyring<br>
-    -k, --key=KEY: AWS account key id.<br>
-    -s, --secret=SECRET: AWS account secret.<br>
-    -r, --no-remote: Do not validate with remote api.
-## ENVIRONMENT
-The AWS_DEFAULT_REGION environment variable will be used for AWS API calls where specified or fall back to us-east-1
-when not.
-## EXIT STATUS
-The Awskeyring utility exits 0 on success, and >0 if an error occurs.
-## EXAMPLES
-First you need to initialise your keychain to hold your AWS credentials.
-    awskeyring initialise
-Then add your keys to it.
-    awskeyring add personal-aws
-Now your keys are stored safely in the macOS keychain. To print environment variables run...
-    awskeyring env personal-aws
-## HISTORY
-The motivation of this application is to provide a local secure store of AWS
-credentials using specifically in the macOS Keychain, to have them easily accessed
-from the Terminal, and to provide useful functions like assuming roles and opening
-the AWS Console from the cli.
-For Enterprise environments there are better suited tools to use
-like [HashiCorp Vault](https://vaultproject.io/).
-## SECURITY
-If you believe you have found a security issue in Awskeyring, please responsibly disclose by contacting me at
-[tristan.morgan@servian.com](mailto:tristan.morgan@servian.com). Awskeyring is a Ruby script and as such Ruby is whitelisted to
-access your "awskeyring" keychain. Use a strong password and keep the unlock time short.
-## AUTHOR
-Tristan Morgan <tristan.morgan@servian.com> is the maintainer of Awskeyring.
-## CONTRIBUTORS
-* Tristan [tristanmorgan](https://github.com/tristanmorgan)
-* Adam Sir [AzySir](https://github.com/AzySir)
-* Vito Giarrusso [thtliife](https://github.com/thtliife)
-## LICENSE
-The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).