awskeyring 1.8.3 → 1.9.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +19 -19
- data/Rakefile +4 -4
- data/i18n/en.yml +1 -2
- data/lib/awskeyring/awsapi.rb +1 -1
- data/lib/awskeyring/version.rb +1 -1
- data/lib/awskeyring.rb +14 -3
- data/lib/awskeyring_command.rb +101 -74
- data/man/awskeyring.5 +3 -6
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a30aa3b190aaf468207e6b79f4b2169561ddf4f5ceaad9f195d38a0cd1d4e1c8
|
4
|
+
data.tar.gz: e00232d1936ed6a99d5b7926a19a2d7b472ebce13b61d9bbd153a28c2bb2ef85
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 26193f4fb124fbcab81c96828a33a23f5ee19f00512a9e4ed458ed4e75dbec31992a92ad886c54e7e8d2f594fd169ac8349ff1a3b541f6b53fcce2b0b8c2c051
|
7
|
+
data.tar.gz: aa7d5787dc45b3b9b213bbf186b1531cd4b89d9684b3a4ac535f7fd5674b4251147a32fe4c2ec2944988a0b514acaa92b3052185f6e16acd5bd51dd775ed133f
|
data/README.md
CHANGED
@@ -62,24 +62,24 @@ more details on this config option.
|
|
62
62
|
The CLI is using [Thor](http://whatisthor.com) with help provided interactively.
|
63
63
|
|
64
64
|
Awskeyring commands:
|
65
|
-
awskeyring --version, -v
|
66
|
-
awskeyring add ACCOUNT
|
67
|
-
awskeyring add-role ROLE
|
68
|
-
awskeyring console ACCOUNT
|
69
|
-
awskeyring env ACCOUNT
|
70
|
-
awskeyring exec ACCOUNT command...
|
71
|
-
awskeyring help [COMMAND]
|
72
|
-
awskeyring import ACCOUNT
|
73
|
-
awskeyring initialise
|
74
|
-
awskeyring json ACCOUNT
|
75
|
-
awskeyring list
|
76
|
-
awskeyring list-role
|
77
|
-
awskeyring remove ACCOUNT
|
78
|
-
awskeyring remove-role ROLE
|
79
|
-
awskeyring remove-token ACCOUNT
|
80
|
-
awskeyring rotate ACCOUNT
|
81
|
-
awskeyring token ACCOUNT [ROLE] [
|
82
|
-
awskeyring update ACCOUNT
|
65
|
+
awskeyring --version, -v # Prints the version
|
66
|
+
awskeyring add ACCOUNT # Adds an ACCOUNT to the keyring
|
67
|
+
awskeyring add-role ROLE # Adds a ROLE to the keyring
|
68
|
+
awskeyring console ACCOUNT # Open the AWS Console for the ACCOUNT
|
69
|
+
awskeyring env ACCOUNT # Outputs bourne shell environment exports for an ACCOUNT
|
70
|
+
awskeyring exec ACCOUNT command... # Execute a COMMAND with the environment set for an ACCOUNT
|
71
|
+
awskeyring help [COMMAND] # Describe available commands or one specific command
|
72
|
+
awskeyring import ACCOUNT # Import an ACCOUNT to the keyring from ~/.aws/credentials
|
73
|
+
awskeyring initialise # Initialises a new KEYCHAIN
|
74
|
+
awskeyring json ACCOUNT # Outputs AWS CLI compatible JSON for an ACCOUNT
|
75
|
+
awskeyring list # Prints a list of accounts in the keyring
|
76
|
+
awskeyring list-role # Prints a list of roles in the keyring
|
77
|
+
awskeyring remove ACCOUNT # Removes an ACCOUNT from the keyring
|
78
|
+
awskeyring remove-role ROLE # Removes a ROLE from the keyring
|
79
|
+
awskeyring remove-token ACCOUNT # Removes a token for ACCOUNT from the keyring
|
80
|
+
awskeyring rotate ACCOUNT # Rotate access keys for an ACCOUNT
|
81
|
+
awskeyring token ACCOUNT [ROLE] [CODE] # Create an STS Token from a ROLE or an mfa CODE
|
82
|
+
awskeyring update ACCOUNT # Updates an ACCOUNT in the keyring
|
83
83
|
|
84
84
|
and autocomplete that can be installed with:
|
85
85
|
|
@@ -91,7 +91,7 @@ There are also short forms of most commands if you prefer:
|
|
91
91
|
|
92
92
|
To set your environment easily the following bash function helps:
|
93
93
|
|
94
|
-
awsenv() { eval "$(awskeyring env
|
94
|
+
awsenv() { eval "$(awskeyring env ${@:-$AWS_ACCOUNT_NAME})"; }
|
95
95
|
|
96
96
|
## Development
|
97
97
|
|
data/Rakefile
CHANGED
@@ -1,7 +1,6 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
require 'bundler/gem_tasks'
|
4
|
-
require 'rspec/core/rake_task'
|
5
4
|
require 'rubocop/rake_task'
|
6
5
|
require 'ronn'
|
7
6
|
require 'github_changelog_generator/task'
|
@@ -49,13 +48,14 @@ end
|
|
49
48
|
desc 'generate manpage'
|
50
49
|
task :ronn do
|
51
50
|
puts 'Running Ronn...'
|
52
|
-
|
53
|
-
|
51
|
+
doc = Ronn::Document.new('man/awskeyring.5.ronn')
|
52
|
+
doc.date = Time.parse(`git show -s --format=%ad --date=short`)
|
53
|
+
File.write('man/awskeyring.5', doc.to_roff)
|
54
54
|
puts "done\n\n"
|
55
55
|
end
|
56
56
|
|
57
57
|
YARD::Rake::YardocTask.new do |t|
|
58
|
-
t.options = ['--fail-on-warning', '--no-progress']
|
58
|
+
t.options = ['--fail-on-warning', '--no-progress', '--files', '*.md']
|
59
59
|
t.stats_options = ['--list-undoc']
|
60
60
|
end
|
61
61
|
|
data/i18n/en.yml
CHANGED
@@ -17,7 +17,7 @@ en:
|
|
17
17
|
remove_role_desc: Removes a ROLE from the keyring
|
18
18
|
remove_token_desc: Removes a token for ACCOUNT from the keyring
|
19
19
|
rotate_desc: Rotate access keys for an ACCOUNT
|
20
|
-
token_desc: Create an STS Token from a ROLE or an
|
20
|
+
token_desc: Create an STS Token from a ROLE or an mfa CODE
|
21
21
|
update_desc: Updates an ACCOUNT in the keyring
|
22
22
|
method_option:
|
23
23
|
arn: 'AWS role arn.'
|
@@ -33,7 +33,6 @@ en:
|
|
33
33
|
noremote: 'Do not validate with remote api.'
|
34
34
|
path: 'The service PATH to open.'
|
35
35
|
browser: 'Specify an alternative browser.'
|
36
|
-
role: 'The ROLE to assume.'
|
37
36
|
secret: 'AWS account secret.'
|
38
37
|
unset: 'Unset environment variables.'
|
39
38
|
message:
|
data/lib/awskeyring/awsapi.rb
CHANGED
@@ -209,7 +209,7 @@ module Awskeyring
|
|
209
209
|
# Get the signin token param
|
210
210
|
private_class_method def self.token_param(session_json:)
|
211
211
|
get_signin_token_url = AWS_SIGNIN_URL + '?Action=getSigninToken' \
|
212
|
-
|
212
|
+
'&Session=' + CGI.escape(session_json)
|
213
213
|
|
214
214
|
uri = URI(get_signin_token_url)
|
215
215
|
request = Net::HTTP.new(uri.host, uri.port)
|
data/lib/awskeyring/version.rb
CHANGED
data/lib/awskeyring.rb
CHANGED
@@ -97,6 +97,17 @@ module Awskeyring # rubocop:disable Metrics/ModuleLength
|
|
97
97
|
all_items.where(account: account).first
|
98
98
|
end
|
99
99
|
|
100
|
+
# return item that matches a prefix if only one.
|
101
|
+
def self.solo_select(list, prefix)
|
102
|
+
return prefix if list.include?(prefix)
|
103
|
+
|
104
|
+
list.select! { |elem| elem.start_with?(prefix) }
|
105
|
+
|
106
|
+
return list.first if list.length == 1
|
107
|
+
|
108
|
+
nil
|
109
|
+
end
|
110
|
+
|
100
111
|
# Add an account item
|
101
112
|
#
|
102
113
|
# @param [String] account The account name to create
|
@@ -317,7 +328,7 @@ module Awskeyring # rubocop:disable Metrics/ModuleLength
|
|
317
328
|
# @param [String] account_name the associated account name.
|
318
329
|
def self.account_exists(account_name)
|
319
330
|
Awskeyring::Validate.account_name(account_name)
|
320
|
-
raise 'Account does not exist' unless
|
331
|
+
raise 'Account does not exist' unless (account_name = solo_select(list_account_names, account_name))
|
321
332
|
|
322
333
|
account_name
|
323
334
|
end
|
@@ -347,7 +358,7 @@ module Awskeyring # rubocop:disable Metrics/ModuleLength
|
|
347
358
|
# @param [String] role_name the associated role name.
|
348
359
|
def self.role_exists(role_name)
|
349
360
|
Awskeyring::Validate.role_name(role_name)
|
350
|
-
raise 'Role does not exist' unless
|
361
|
+
raise 'Role does not exist' unless (role_name = solo_select(list_role_names, role_name))
|
351
362
|
|
352
363
|
role_name
|
353
364
|
end
|
@@ -367,7 +378,7 @@ module Awskeyring # rubocop:disable Metrics/ModuleLength
|
|
367
378
|
# @param [String] token_name the associated account name.
|
368
379
|
def self.token_exists(token_name)
|
369
380
|
Awskeyring::Validate.account_name(token_name)
|
370
|
-
raise 'Token does not exist' unless
|
381
|
+
raise 'Token does not exist' unless (token_name = solo_select(list_token_names, token_name))
|
371
382
|
|
372
383
|
token_name
|
373
384
|
end
|
data/lib/awskeyring_command.rb
CHANGED
@@ -16,18 +16,13 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
16
16
|
I18n.backend.load_translations
|
17
17
|
|
18
18
|
map %w[--version -v] => :__version
|
19
|
-
map %w[--help -h] => :help
|
20
|
-
map 'init' => :initialise
|
21
19
|
map 'adr' => :add_role
|
22
|
-
map '
|
20
|
+
map 'assume-role' => :token
|
23
21
|
map 'ls' => :list
|
24
22
|
map 'lsr' => :list_role
|
25
23
|
map 'rm' => :remove
|
26
24
|
map 'rmr' => :remove_role
|
27
25
|
map 'rmt' => :remove_token
|
28
|
-
map 'rot' => :rotate
|
29
|
-
map 'tok' => :token
|
30
|
-
map 'up' => :update
|
31
26
|
default_command :default
|
32
27
|
|
33
28
|
# default to returning an error on failure.
|
@@ -91,9 +86,8 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
91
86
|
puts Awskeyring.list_account_names.join("\n")
|
92
87
|
end
|
93
88
|
|
94
|
-
map 'list-role' => :list_role
|
95
89
|
desc 'list-role', I18n.t('list_role_desc')
|
96
|
-
method_option
|
90
|
+
method_option :detail, type: :boolean, aliases: '-d', desc: I18n.t('method_option.detail'), default: false
|
97
91
|
# List roles
|
98
92
|
def list_role
|
99
93
|
if Awskeyring.list_role_names.empty?
|
@@ -109,7 +103,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
109
103
|
|
110
104
|
desc 'env ACCOUNT', I18n.t('env_desc')
|
111
105
|
method_option 'no-token', type: :boolean, aliases: '-n', desc: I18n.t('method_option.notoken'), default: false
|
112
|
-
method_option
|
106
|
+
method_option :unset, type: :boolean, aliases: '-u', desc: I18n.t('method_option.unset'), default: false
|
113
107
|
# Print Env vars
|
114
108
|
def env(account = nil)
|
115
109
|
if options[:unset]
|
@@ -130,7 +124,8 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
130
124
|
# Print JSON for use with credential_process
|
131
125
|
def json(account)
|
132
126
|
account = ask_check(
|
133
|
-
existing: account, message: I18n.t('message.account'), validator: Awskeyring.method(:account_exists)
|
127
|
+
existing: account, message: I18n.t('message.account'), validator: Awskeyring.method(:account_exists),
|
128
|
+
limited_to: Awskeyring.list_account_names
|
134
129
|
)
|
135
130
|
cred = age_check_and_get(account: account, no_token: options['no-token'])
|
136
131
|
expiry = Time.at(cred[:expiry]) unless cred[:expiry].nil?
|
@@ -182,11 +177,15 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
182
177
|
method_option 'no-token', type: :boolean, aliases: '-n', desc: I18n.t('method_option.notoken'), default: false
|
183
178
|
method_option 'no-bundle', type: :boolean, aliases: '-b', desc: I18n.t('method_option.nobundle'), default: false
|
184
179
|
# execute an external command with env set
|
185
|
-
def exec(account, *command)
|
180
|
+
def exec(account, *command) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
|
186
181
|
if command.empty?
|
187
182
|
warn I18n.t('message.exec')
|
188
183
|
exit 1
|
189
184
|
end
|
185
|
+
account = ask_check(
|
186
|
+
existing: account, message: I18n.t('message.account'), validator: Awskeyring.method(:account_exists),
|
187
|
+
limited_to: Awskeyring.list_account_names
|
188
|
+
)
|
190
189
|
cred = age_check_and_get(account: account, no_token: options['no-token'])
|
191
190
|
env_vars = Awskeyring::Awsapi.get_env_array(cred)
|
192
191
|
unbundle if options['no-bundle']
|
@@ -258,7 +257,6 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
258
257
|
puts I18n.t('message.upaccount', account: account)
|
259
258
|
end
|
260
259
|
|
261
|
-
map 'add-role' => :add_role
|
262
260
|
desc 'add-role ROLE', I18n.t('add_role_desc')
|
263
261
|
method_option :arn, type: :string, aliases: '-a', desc: I18n.t('method_option.arn')
|
264
262
|
# Add a role
|
@@ -291,15 +289,14 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
291
289
|
|
292
290
|
desc 'remove-token ACCOUNT', I18n.t('remove_token_desc')
|
293
291
|
# remove a session token
|
294
|
-
def remove_token(
|
295
|
-
|
296
|
-
existing:
|
292
|
+
def remove_token(token = nil)
|
293
|
+
token = ask_check(
|
294
|
+
existing: token, message: I18n.t('message.account'), validator: Awskeyring.method(:token_exists),
|
297
295
|
limited_to: Awskeyring.list_token_names
|
298
296
|
)
|
299
|
-
Awskeyring.delete_token(account:
|
297
|
+
Awskeyring.delete_token(account: token, message: I18n.t('message.deltoken', account: token))
|
300
298
|
end
|
301
299
|
|
302
|
-
map 'remove-role' => :remove_role
|
303
300
|
desc 'remove-role ROLE', I18n.t('remove_role_desc')
|
304
301
|
# remove a role
|
305
302
|
def remove_role(role = nil)
|
@@ -342,8 +339,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
342
339
|
puts I18n.t('message.upaccount', account: account)
|
343
340
|
end
|
344
341
|
|
345
|
-
desc 'token ACCOUNT [ROLE] [
|
346
|
-
method_option :role, type: :string, aliases: '-r', desc: I18n.t('method_option.role')
|
342
|
+
desc 'token ACCOUNT [ROLE] [CODE]', I18n.t('token_desc')
|
347
343
|
method_option :code, type: :string, aliases: '-c', desc: I18n.t('method_option.code')
|
348
344
|
method_option :duration, type: :string, aliases: '-d', desc: I18n.t('method_option.duration')
|
349
345
|
# generate a sessiopn token
|
@@ -354,7 +350,6 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
354
350
|
validator: Awskeyring.method(:account_exists),
|
355
351
|
limited_to: Awskeyring.list_account_names
|
356
352
|
)
|
357
|
-
role ||= options[:role]
|
358
353
|
if role
|
359
354
|
role = ask_check(
|
360
355
|
existing: role, message: I18n.t('message.role'), validator: Awskeyring.method(:role_exists),
|
@@ -439,108 +434,137 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
439
434
|
desc "#{File.basename($PROGRAM_NAME)} CURR PREV", I18n.t('awskeyring_desc'), hide: true
|
440
435
|
map File.basename($PROGRAM_NAME) => :autocomplete
|
441
436
|
# autocomplete
|
442
|
-
def autocomplete(curr, prev)
|
437
|
+
def autocomplete(curr, prev = nil)
|
438
|
+
curr, prev = fix_args(curr, prev)
|
443
439
|
comp_line = ENV['COMP_LINE']
|
444
|
-
|
440
|
+
comp_point_str = ENV['COMP_POINT']
|
441
|
+
unless comp_line && comp_point_str
|
445
442
|
exec_name = File.basename($PROGRAM_NAME)
|
446
443
|
warn I18n.t('message.awskeyring', path: $PROGRAM_NAME, bin: exec_name)
|
447
444
|
exit 1
|
448
445
|
end
|
449
446
|
|
450
|
-
|
451
|
-
|
447
|
+
comp_lines = comp_line[0..(comp_point_str.to_i)].split
|
448
|
+
|
449
|
+
comp_type, sub_cmd = comp_type(comp_lines: comp_lines, prev: prev)
|
450
|
+
list = fetch_auto_resp(comp_type, sub_cmd)
|
451
|
+
puts list.select { |elem| elem.start_with?(curr) }.sort!.join("\n")
|
452
452
|
end
|
453
453
|
|
454
454
|
private
|
455
455
|
|
456
|
-
|
457
|
-
|
458
|
-
|
459
|
-
|
460
|
-
|
461
|
-
|
462
|
-
|
463
|
-
cred
|
456
|
+
# when a double dash is parsed it is dropped from the args but we need it
|
457
|
+
def fix_args(curr, prev)
|
458
|
+
if prev.nil?
|
459
|
+
[ARGV[1], ARGV[2]]
|
460
|
+
else
|
461
|
+
[curr, prev]
|
462
|
+
end
|
464
463
|
end
|
465
464
|
|
466
|
-
|
467
|
-
|
468
|
-
sub_cmd = sub_command(
|
469
|
-
|
470
|
-
comp_len = 3 if curr.start_with?('-')
|
465
|
+
# determine the type of completion needed
|
466
|
+
def comp_type(comp_lines:, prev:)
|
467
|
+
sub_cmd = sub_command(comp_lines)
|
468
|
+
comp_idx = comp_lines.rindex(prev)
|
471
469
|
|
472
470
|
case prev
|
473
|
-
when 'help', File.basename($PROGRAM_NAME)
|
474
|
-
comp_len = 0
|
475
|
-
when 'remove-role', '-r', 'rmr'
|
476
|
-
comp_len = 2
|
477
471
|
when '--path', '-p'
|
478
|
-
|
479
|
-
when 'remove-token', 'rmt'
|
480
|
-
comp_len = 50
|
472
|
+
comp_type = :path_type
|
481
473
|
when '--browser', '-b'
|
482
|
-
|
474
|
+
comp_type = :browser_type
|
475
|
+
else
|
476
|
+
comp_type = :command
|
477
|
+
comp_type = param_type(comp_idx, sub_cmd) unless sub_cmd.empty?
|
483
478
|
end
|
484
479
|
|
485
|
-
[
|
480
|
+
[comp_type, sub_cmd]
|
481
|
+
end
|
482
|
+
|
483
|
+
# check params for named params or fall back to flags
|
484
|
+
def param_type(comp_idx, sub_cmd)
|
485
|
+
types = %i[opt req]
|
486
|
+
param_list = method(sub_cmd).parameters.select { |elem| types.include? elem[0] }
|
487
|
+
if comp_idx.zero?
|
488
|
+
:command
|
489
|
+
elsif comp_idx > param_list.length
|
490
|
+
:flag
|
491
|
+
else
|
492
|
+
param_list[comp_idx - 1][1]
|
493
|
+
end
|
486
494
|
end
|
487
495
|
|
496
|
+
# catch the command from prefixes and aliases
|
488
497
|
def sub_command(comp_lines)
|
489
|
-
return
|
498
|
+
return '' if comp_lines.length < 2
|
490
499
|
|
491
500
|
sub_cmd = comp_lines[1]
|
492
501
|
|
493
|
-
return sub_cmd if self.class.
|
494
|
-
|
495
|
-
|
496
|
-
end
|
497
|
-
|
498
|
-
|
499
|
-
|
500
|
-
case
|
501
|
-
when
|
502
|
-
|
503
|
-
when
|
504
|
-
|
505
|
-
when
|
506
|
-
|
507
|
-
when
|
508
|
-
|
509
|
-
when
|
510
|
-
|
511
|
-
when
|
512
|
-
|
513
|
-
when 60
|
514
|
-
list = Awskeyring.list_browsers
|
502
|
+
return self.class.map[sub_cmd].to_s if self.class.map.key? sub_cmd
|
503
|
+
|
504
|
+
(Awskeyring.solo_select(list_commands, sub_cmd) || '').tr('-', '_')
|
505
|
+
end
|
506
|
+
|
507
|
+
# given a type return the right list for completions
|
508
|
+
def fetch_auto_resp(comp_type, sub_cmd)
|
509
|
+
case comp_type
|
510
|
+
when :command
|
511
|
+
list_commands
|
512
|
+
when :account
|
513
|
+
Awskeyring.list_account_names
|
514
|
+
when :role
|
515
|
+
Awskeyring.list_role_names
|
516
|
+
when :path_type
|
517
|
+
Awskeyring.list_console_path
|
518
|
+
when :token
|
519
|
+
Awskeyring.list_token_names
|
520
|
+
when :browser_type
|
521
|
+
Awskeyring.list_browsers
|
515
522
|
else
|
516
|
-
|
523
|
+
list_arguments(command: sub_cmd)
|
517
524
|
end
|
518
|
-
puts list.select { |elem| elem.start_with?(curr) }.sort!.join("\n")
|
519
525
|
end
|
520
526
|
|
527
|
+
# list command names
|
521
528
|
def list_commands
|
522
529
|
commands = self.class.all_commands.keys.map { |elem| elem.tr('_', '-') }
|
523
530
|
commands.reject! { |elem| %w[autocomplete default].include?(elem) }
|
524
531
|
end
|
525
532
|
|
533
|
+
# list flags for a command
|
526
534
|
def list_arguments(command:)
|
527
|
-
|
528
|
-
|
529
|
-
|
535
|
+
options = self.class.all_commands[command].options.values
|
536
|
+
exit 1 if options.empty?
|
537
|
+
|
538
|
+
options.map(&:aliases).flatten! +
|
539
|
+
options.map(&:switch_name)
|
540
|
+
end
|
541
|
+
|
542
|
+
# add warning about old keys
|
543
|
+
def age_check_and_get(account:, no_token:)
|
544
|
+
cred = Awskeyring.get_valid_creds(account: account, no_token: no_token)
|
545
|
+
|
546
|
+
maxage = Awskeyring.key_age
|
547
|
+
age = (Time.new - cred[:updated]).div Awskeyring::Awsapi::ONE_DAY
|
548
|
+
warn I18n.t('message.age_check', account: account, age: age) unless age < maxage
|
549
|
+
|
550
|
+
cred
|
530
551
|
end
|
531
552
|
|
553
|
+
# print exports from map
|
532
554
|
def put_env_string(cred)
|
533
555
|
env_var = Awskeyring::Awsapi.get_env_array(cred)
|
534
556
|
env_var.each { |var, value| puts "export #{var}=\"#{value}\"" }
|
535
557
|
Awskeyring::Awsapi::AWS_ENV_VARS.each { |key| puts "unset #{key}" unless env_var.key?(key) }
|
536
558
|
end
|
537
559
|
|
560
|
+
# select duration for sts token types
|
538
561
|
def default_duration(duration, role, code)
|
539
562
|
duration ||= Awskeyring::Awsapi::ONE_HOUR.to_s if role
|
540
563
|
duration ||= Awskeyring::Awsapi::TWELVE_HOUR.to_s if code
|
541
564
|
duration || Awskeyring::Awsapi::ONE_HOUR.to_s
|
542
565
|
end
|
543
566
|
|
567
|
+
# ask and validate input values.
|
544
568
|
def ask_check(existing:, message:, flags: nil, validator: nil, limited_to: nil) # rubocop:disable Metrics/MethodLength
|
545
569
|
retries ||= 3
|
546
570
|
begin
|
@@ -561,10 +585,12 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
561
585
|
value
|
562
586
|
end
|
563
587
|
|
588
|
+
# ask for somthinng if its missing.
|
564
589
|
def ask_missing(existing:, message:, secure: false, optional: false, limited_to: nil)
|
565
590
|
existing || ask(message: message, secure: secure, optional: optional, limited_to: limited_to).strip
|
566
591
|
end
|
567
592
|
|
593
|
+
# ask in different ways
|
568
594
|
def ask(message:, secure: false, optional: false, limited_to: nil)
|
569
595
|
if secure
|
570
596
|
Awskeyring::Input.read_secret("#{message.rjust(20)}: ")
|
@@ -577,6 +603,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
577
603
|
end
|
578
604
|
end
|
579
605
|
|
606
|
+
# undo Bundler env vars
|
580
607
|
def unbundle
|
581
608
|
to_delete = ENV.keys.select { |elem| elem.start_with?('BUNDLER_ORIG_') }
|
582
609
|
bundled_env = to_delete.map { |elem| elem[('BUNDLER_ORIG_'.length)..] }
|
data/man/awskeyring.5
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "AWSKEYRING" "5" "
|
4
|
+
.TH "AWSKEYRING" "5" "September 2021" "" ""
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBAwskeyring\fR \- is a small tool to manage AWS account keys in the macOS Keychain
|
@@ -189,17 +189,14 @@ rotate ACCOUNT:
|
|
189
189
|
Rotate access keys for an ACCOUNT
|
190
190
|
.
|
191
191
|
.TP
|
192
|
-
token ACCOUNT [ROLE] [
|
192
|
+
token ACCOUNT [ROLE] [CODE]:
|
193
193
|
.
|
194
194
|
.IP
|
195
|
-
Create an STS Token from a ROLE or an
|
195
|
+
Create an STS Token from a ROLE or an mfa CODE
|
196
196
|
.
|
197
197
|
.br
|
198
198
|
.
|
199
199
|
.IP
|
200
|
-
\-r, \-\-role=ROLE: The ROLE to assume\.
|
201
|
-
.
|
202
|
-
.br
|
203
200
|
\-c, \-\-code=CODE: Virtual mfa CODE\.
|
204
201
|
.
|
205
202
|
.br
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: awskeyring
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.9.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tristan Morgan
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-09-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-iam
|
@@ -93,8 +93,8 @@ licenses:
|
|
93
93
|
metadata:
|
94
94
|
bug_tracker_uri: https://github.com/servian/awskeyring/issues
|
95
95
|
changelog_uri: https://github.com/servian/awskeyring/blob/main/CHANGELOG.md
|
96
|
-
documentation_uri: https://rubydoc.info/gems/awskeyring/1.
|
97
|
-
source_code_uri: https://github.com/servian/awskeyring/tree/v1.
|
96
|
+
documentation_uri: https://rubydoc.info/gems/awskeyring/1.9.1
|
97
|
+
source_code_uri: https://github.com/servian/awskeyring/tree/v1.9.1
|
98
98
|
wiki_uri: https://github.com/servian/awskeyring/wiki
|
99
99
|
post_install_message:
|
100
100
|
rdoc_options: []
|