firespring_dev_commands 1.5.0.pre.alpha.1 → 1.5.0.pre.alpha.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/firespring_dev_commands/aws/account.rb +12 -4
- data/lib/firespring_dev_commands/aws/credentials.rb +10 -0
- data/lib/firespring_dev_commands/aws/login.rb +22 -11
- data/lib/firespring_dev_commands/aws/profile.rb +3 -1
- data/lib/firespring_dev_commands/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7ab48cd629fcaed00fe12f7510cc46ccc82940ec0b635d5f4023e7b9d1f861a7
|
4
|
+
data.tar.gz: 8cfc0a4dab1a338f13017dba85fee7050bc986fc7c44ed0e5c8b72ff8531bf4a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a217867d07089b746be82d69a754288ccadd0bc363e04a62e533820849d06a3f586a0e94d242d00118c218f5d2e56a1d9ea6aa51dd26e05a6801767a2437d594
|
7
|
+
data.tar.gz: 7784f48a51cdaed6e328b4fd91ee16de0cb9f9ee40483a3915ded2c9e2345b245cfd8826993981d9a3ead0a54b7573694b42bb74a0fca09eb07fd89c06be7500
|
@@ -3,7 +3,8 @@ module Dev
|
|
3
3
|
# Class containing useful methods for interacting with the Aws account
|
4
4
|
class Account
|
5
5
|
# Config object for setting top level Aws account config options
|
6
|
-
|
6
|
+
# TODO: registry is deprecated and should be removed on the next major release
|
7
|
+
Config = Struct.new(:root, :children, :default, :registry, :ecr_registry_ids, :login_to_account_ecr_registry, :default_login_role_name)
|
7
8
|
|
8
9
|
# Instantiates a new top level config object if one hasn't already been created
|
9
10
|
# Yields that config object to any given block
|
@@ -22,7 +23,8 @@ module Dev
|
|
22
23
|
# The name of the file containing the Aws settings
|
23
24
|
CONFIG_FILE = "#{Dev::Aws::CONFIG_DIR}/config".freeze
|
24
25
|
|
25
|
-
|
26
|
+
# TODO: registry is deprecated and should be removed on the next major release
|
27
|
+
attr_accessor :root, :children, :default, :registry, :ecr_registry_ids
|
26
28
|
|
27
29
|
# Instantiate an account object
|
28
30
|
# Requires that root account and at least one child account have been configured
|
@@ -35,7 +37,13 @@ module Dev
|
|
35
37
|
@root = self.class.config.root
|
36
38
|
@children = self.class.config.children
|
37
39
|
@default = self.class.config.default
|
38
|
-
|
40
|
+
|
41
|
+
# Create the ecr registry list based off several possible configuration values
|
42
|
+
@ecr_registry_ids = [self.class.config.registry]
|
43
|
+
@ecr_registry_ids << Dev::Aws::Profile.new.current if self.class.config.login_to_account_ecr_registry
|
44
|
+
@ecr_registry_ids.concat(Array(self.class.config.ecr_registry_ids))
|
45
|
+
@ecr_registry_ids = @ecr_registry_ids.flatten.compact.reject(&:empty?).uniq
|
46
|
+
@registry = @ecr_registry_ids.first
|
39
47
|
end
|
40
48
|
|
41
49
|
# Returns all configured account information objects
|
@@ -55,7 +63,7 @@ module Dev
|
|
55
63
|
|
56
64
|
# Look up the account name for the given account id
|
57
65
|
def name_by_account(account)
|
58
|
-
all.find { |it| it.id == account }
|
66
|
+
all.find { |it| it.id == account }&.name
|
59
67
|
end
|
60
68
|
|
61
69
|
# Setup base Aws settings
|
@@ -16,6 +16,16 @@ module Dev
|
|
16
16
|
::Aws::STS::Client.new.get_caller_identity.account
|
17
17
|
end
|
18
18
|
|
19
|
+
# The arn of the currently logged in identity
|
20
|
+
def logged_in_arn
|
21
|
+
::Aws::STS::Client.new.get_caller_identity.arn
|
22
|
+
end
|
23
|
+
|
24
|
+
# The role the current identity is using
|
25
|
+
def logged_in_role
|
26
|
+
logged_in_arn.split(%r{/})[1]
|
27
|
+
end
|
28
|
+
|
19
29
|
# The region associated with the current login
|
20
30
|
def logged_in_region
|
21
31
|
::Aws::STS::Client.new.send(:config).region
|
@@ -8,7 +8,7 @@ module Dev
|
|
8
8
|
class Login
|
9
9
|
# Main interface for logging in to an AWS account
|
10
10
|
# If an account is not specified the user is given an account selection menu
|
11
|
-
# If
|
11
|
+
# If account registries have been configured, the user is also logged in to the docker registries
|
12
12
|
def login!(account = nil)
|
13
13
|
# If more than one child account has been configured, have the user select the account they want to log in to
|
14
14
|
account ||= Dev::Aws::Account.new.select
|
@@ -22,8 +22,8 @@ module Dev
|
|
22
22
|
# Load credentials into the ENV for subprocesses
|
23
23
|
Dev::Aws::Credentials.new.export!
|
24
24
|
|
25
|
-
# Login in to
|
26
|
-
|
25
|
+
# Login in to all configured docker registries
|
26
|
+
registry_logins!
|
27
27
|
end
|
28
28
|
|
29
29
|
# Authorize your local credentials
|
@@ -31,7 +31,7 @@ module Dev
|
|
31
31
|
# Temporary credentials are written back to the credentials file
|
32
32
|
def authorize!(account)
|
33
33
|
# Make sure the account has been set up
|
34
|
-
cfgini = setup_cfgini
|
34
|
+
cfgini = setup_cfgini(account)
|
35
35
|
|
36
36
|
defaultini = cfgini['default']
|
37
37
|
profileini = cfgini["profile #{account}"]
|
@@ -39,7 +39,7 @@ module Dev
|
|
39
39
|
region = profileini['region'] || defaultini['region'] || Dev::Aws::DEFAULT_REGION
|
40
40
|
|
41
41
|
serial = profileini['mfa_serial_name'] || defaultini['mfa_serial_name']
|
42
|
-
serial = "arn:aws:iam::#{Dev::Aws::Account.new.
|
42
|
+
serial = "arn:aws:iam::#{Dev::Aws::Account.new.root.id}:mfa/#{serial}" if serial
|
43
43
|
serial ||= profileini['mfa_serial'] || defaultini['mfa_serial']
|
44
44
|
|
45
45
|
role = profileini['role_name'] || defaultini['role_name']
|
@@ -71,7 +71,7 @@ module Dev
|
|
71
71
|
|
72
72
|
# Returns the config ini file
|
73
73
|
# Runs the setup for our current account if it's not already setup
|
74
|
-
def setup_cfgini
|
74
|
+
def setup_cfgini(account)
|
75
75
|
cfgini = IniFile.new(filename: "#{Dev::Aws::CONFIG_DIR}/config", default: 'default')
|
76
76
|
unless cfgini.has_section?("profile #{account}")
|
77
77
|
Dev::Aws::Account.new.write!(account)
|
@@ -82,7 +82,18 @@ module Dev
|
|
82
82
|
|
83
83
|
# Authroizes the docker cli to pull/push images from the Aws container registry (e.g. if docker compose needs to pull an image)
|
84
84
|
# Authroizes the docker ruby library to pull/push images from the Aws container registry
|
85
|
-
def
|
85
|
+
def registry_logins!(registry_ids: Dev::Aws::Account.new.ecr_registry_ids, region: nil)
|
86
|
+
region ||= Dev::Aws::Credentials.new.logged_in_region || Dev::Aws::DEFAULT_REGION
|
87
|
+
return if registry_ids.empty?
|
88
|
+
|
89
|
+
puts
|
90
|
+
registry_ids.each { |id| registry_login!(registry_id: id, region: region) }
|
91
|
+
puts
|
92
|
+
end
|
93
|
+
|
94
|
+
# Authroizes the docker cli to pull/push images from the Aws container registry (e.g. if docker compose needs to pull an image)
|
95
|
+
# Authroizes the docker ruby library to pull/push images from the Aws container registry
|
96
|
+
def registry_login!(registry_id: Dev::Aws::Account.new.ecr_registry_ids.first, region: nil)
|
86
97
|
region ||= Dev::Aws::Credentials.new.logged_in_region || Dev::Aws::DEFAULT_REGION
|
87
98
|
raise 'registry_id is required' if registry_id.to_s.strip.empty?
|
88
99
|
raise 'region is required' if region.to_s.strip.empty?
|
@@ -98,26 +109,26 @@ module Dev
|
|
98
109
|
# Authroizes the docker cli to pull/push images from the Aws container registry
|
99
110
|
# (e.g. if docker compose needs to pull an image)
|
100
111
|
# @deprecated Please use {Dev::Aws::Login#registry_login!} instead
|
101
|
-
def docker_login!(registry_id: Dev::Aws::Account.new.
|
112
|
+
def docker_login!(registry_id: Dev::Aws::Account.new.ecr_registry_ids.first, region: nil)
|
102
113
|
region ||= Dev::Aws::Credentials.new.logged_in_region || Dev::Aws::DEFAULT_REGION
|
103
114
|
warn '[DEPRECATION] `Dev::Aws::Login#docker_login!` is deprecated. Please use `Dev::Aws::Login#registry_login!` instead.'
|
104
115
|
docker_cli_login!(registry: "#{registry_id}.dkr.ecr.#{region}.amazonaws.com", region: region)
|
116
|
+
puts
|
105
117
|
end
|
106
118
|
|
107
119
|
# Authroizes the docker cli to pull/push images from the Aws container registry
|
108
120
|
# (e.g. if docker compose needs to pull an image)
|
109
121
|
private def docker_cli_login!(registry:, region:)
|
110
|
-
print(
|
122
|
+
print(" Logging in to #{registry} in docker... ")
|
111
123
|
login_cmd = "aws --profile=#{Dev::Aws::Profile.new.current} ecr --region=#{region} get-login-password"
|
112
124
|
login_cmd << ' | '
|
113
125
|
login_cmd << "docker login --password-stdin --username AWS #{registry}"
|
114
126
|
Dev::Common.new.run_command([login_cmd])
|
115
|
-
puts
|
116
127
|
end
|
117
128
|
|
118
129
|
# Authroizes the docker ruby library to pull/push images from the Aws container registry
|
119
130
|
# @deprecated Please use {Dev::Aws::Login#registry_login!} instead
|
120
|
-
def ecr_login!(registry_id: Dev::Aws::Account.new.
|
131
|
+
def ecr_login!(registry_id: Dev::Aws::Account.new.ecr_registry_ids.first, region: nil)
|
121
132
|
region ||= Dev::Aws::Credentials.new.logged_in_region || Dev::Aws::DEFAULT_REGION
|
122
133
|
warn '[DEPRECATION] `Dev::Aws::Login#ecr_login!` is deprecated. Please use `Dev::Aws::Login#registry_login!` instead.'
|
123
134
|
docker_lib_login!(registry_id: registry_id, region: region)
|
@@ -33,8 +33,10 @@ module Dev
|
|
33
33
|
# Print the profile info for the current account
|
34
34
|
def info
|
35
35
|
Dev::Aws::Credentials.new.export!
|
36
|
+
current_role = Dev::Aws::Credentials.new.logged_in_role
|
37
|
+
current_account_name = Dev::Aws::Account.new.name_by_account(current)
|
36
38
|
puts
|
37
|
-
puts " Currently logged in
|
39
|
+
puts " Currently logged in as #{current_role} in the #{current_account_name} (#{current}) account".light_yellow
|
38
40
|
puts
|
39
41
|
puts ' To use this profile in your local aws cli, you must either pass the profile as a command line argument ' \
|
40
42
|
'or export the corresponding aws variable:'.light_white
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: firespring_dev_commands
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.5.0.pre.alpha.
|
4
|
+
version: 1.5.0.pre.alpha.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Firespring
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-05-
|
11
|
+
date: 2023-05-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|