rds_ssm_connect 1.2.2 → 1.3.0

package/connect.js

@@ -1,137 +1,126 @@
 #!/usr/bin/env node
 
-// Import necessary modules
-import { spawn } from 'child_process' // For spawning child processes
-import inquirer from 'inquirer' // For prompting the user for input
-import fs from 'fs' // For reading files
-import os from 'os' // For getting the user's home directory
-import path from 'path' // For working with file paths
+import inquirer from 'inquirer'
+import fs from 'fs/promises'
+import os from 'os'
+import path from 'path'
+import { exec } from 'child_process'
+import { promisify } from 'util'
 import { envPortMapping, REGION, TABLE_NAME } from './envPortMapping.js'
 
-// Get the path to the AWS config file
-const awsConfigPath = path.join(os.homedir(), '.aws', 'config')
-
-// Read the contents of the AWS config file
-const awsConfig = fs.readFileSync(awsConfigPath, 'utf-8')
-
-// Extract environments from the AWS config file
-const ENVS = awsConfig
-  .split('\n')
-  .filter(line => line.startsWith('[') && line.endsWith(']'))
-  .map(line => line.slice(1, -1))
-  .map(line => line.replace('profile ', ''))
-
-// Prompt the user to select an environment
-inquirer
-  .prompt([
-    {
-      type: 'list',
-      name: 'ENV',
-      message: 'Please select the environment:',
-      choices: ENVS
+const execAsync = promisify(exec)
+
+async function readAwsConfig () {
+  const awsConfigPath = path.join(os.homedir(), '.aws', 'config')
+  try {
+    const awsConfig = await fs.readFile(awsConfigPath, 'utf-8')
+    return awsConfig
+      .split('\n')
+      .filter(line => line.startsWith('[') && line.endsWith(']'))
+      .map(line => line.slice(1, -1))
+      .map(line => line.replace('profile ', ''))
+  } catch (error) {
+    console.error('Error reading AWS config file:', error)
+    return []
+  }
+}
+
+async function runCommand (command) {
+  try {
+    const { stdout } = await execAsync(command)
+    return stdout.trim()
+  } catch (error) {
+    console.error(`Error executing command: ${command}`)
+    console.error(error)
+    return null
+  }
+}
+
+async function main () {
+  try {
+    const ENVS = await readAwsConfig()
+
+    if (ENVS.length === 0) {
+      console.error('No environments found in AWS config file.')
+      return
     }
-  ])
-  .then((answers) => {
-    const ENV = answers.ENV // Get the selected environment from the user's answers
-    console.log(`You selected: ${ENV}`)
 
-    // Sort all environment suffixes by length, longest first
-    const allEnvSuffixes = Object.keys(envPortMapping).sort((a, b) => b.length - a.length)
+    const answers = await inquirer.prompt([
+      {
+        type: 'list',
+        name: 'ENV',
+        message: 'Please select the environment:',
+        choices: ENVS
+      }
+    ])
 
-    // Find the first matching suffix in your envPortMapping object
+    const ENV = answers.ENV
+    const allEnvSuffixes = Object.keys(envPortMapping).sort((a, b) => b.length - a.length)
     const matchedSuffix = allEnvSuffixes.find(suffix => ENV.endsWith(suffix))
+    const portNumber = envPortMapping[matchedSuffix] || '5432'
 
-    // If no port number is found for the environment, default to 5432
-    let portNumber = envPortMapping[matchedSuffix]
+    const secretsListCommand = `aws-vault exec ${ENV} -- aws secretsmanager list-secrets --region ${REGION} --query "SecretList[?starts_with(Name, 'rds!cluster')].Name | [0]" --output text`
+    const SECRET_NAME = await runCommand(secretsListCommand)
 
-    if (!portNumber) {
-      console.error(`No port number found for environment: ${ENV}. Defaulting to 5432.`)
-      portNumber = '5432'
+    if (!SECRET_NAME) {
+      console.error('No secret found with name starting with rds!cluster.')
+      return
     }
 
-    // Set up the commands to run inside the aws-vault environment
-    const awsVaultExecCommand = ['aws-vault', 'exec', ENV, '--']
-    const secretsDescribeCommand = `aws secretsmanager list-secrets --region ${REGION} --query 'SecretList[?starts_with(Name, \`rds!cluster\`)].Name' --output text | head -n 1`
+    const secretsGetCommand = `aws-vault exec ${ENV} -- aws secretsmanager get-secret-value --region ${REGION} --secret-id "${SECRET_NAME}" --query SecretString --output text`
+    const secretString = await runCommand(secretsGetCommand)
+    const CREDENTIALS = JSON.parse(secretString)
+    const USERNAME = CREDENTIALS.username
+    const PASSWORD = CREDENTIALS.password
 
-    // Run the commands inside aws-vault environment
-    const secretsDescribeProcess = spawn('sh', ['-c', `${awsVaultExecCommand.join(' ')} ${secretsDescribeCommand}`])
+    console.log(`Your connection string is: psql -h localhost -p ${portNumber} -U ${USERNAME} -d ${TABLE_NAME}`)
+    console.log(`Use the password: ${PASSWORD}`)
 
-    // Get the name of the secret containing the RDS credentials
-    secretsDescribeProcess.stdout.on('data', (data) => {
-      const SECRET_NAME = data.toString().trim()
+    const instanceIdCommand = `aws-vault exec ${ENV} -- aws ec2 describe-instances --region ${REGION} --filters "Name=tag:Name,Values='*bastion*'" "Name=instance-state-name,Values=running" --query "Reservations[].Instances[].[InstanceId] | [0][0]" --output text`
+    const INSTANCE_ID = await runCommand(instanceIdCommand)
 
-      if (!SECRET_NAME) {
-        console.error('No secret found with name starting with rds!cluster.')
-        return
-      }
+    if (!INSTANCE_ID) {
+      console.error('Failed to find a running instance with tag Name=*bastion*.')
+      return
+    }
+
+    const rdsEndpointCommand = `aws-vault exec ${ENV} -- aws rds describe-db-clusters --region ${REGION} --query "DBClusters[?Status=='available' && ends_with(DBClusterIdentifier, '-rds-aurora')].Endpoint | [0]" --output text`
+    const RDS_ENDPOINT = await runCommand(rdsEndpointCommand)
 
-      // Get the RDS credentials from Secrets Manager
-      const secretsGetCommand = `aws secretsmanager get-secret-value --region ${REGION} --secret-id '${SECRET_NAME}' --query SecretString --output text`
-      const secretsGetProcess = spawn('sh', ['-c', `${awsVaultExecCommand.join(' ')} ${secretsGetCommand}`])
-
-      // Parse the JSON output of the secretsmanager get-secret-value command to get the RDS credentials
-      secretsGetProcess.stdout.on('data', (data) => {
-        const CREDENTIALS = JSON.parse(data.toString())
-        const USERNAME = CREDENTIALS.username // Get the RDS username from the credentials
-        const PASSWORD = CREDENTIALS.password // Get the RDS password from the credentials
-
-        // Display connection credentials and connection string
-        console.log(`Your connection string is: psql -h localhost -p ${portNumber} -U ${USERNAME} -d ${TABLE_NAME}`)
-        console.log(`Use the password: ${PASSWORD}`)
-
-        // Get the ID of the bastion instance in running state
-        const instanceIdCommand = `aws ec2 describe-instances --region ${REGION} --filters "Name=tag:Name,Values='*bastion*'" "Name=instance-state-name,Values=running" --query "Reservations[].Instances[].[InstanceId]" --output text`
-        const instanceIdProcess = spawn('sh', ['-c', `${awsVaultExecCommand.join(' ')} ${instanceIdCommand}`])
-
-        instanceIdProcess.stdout.on('data', (data) => {
-          const INSTANCE_ID = data.toString().trim()
-
-          if (!INSTANCE_ID) {
-            console.error('Failed to find a running instance with tag Name=*bastion*.')
-            return
-          }
-
-          // Get the endpoint of the RDS cluster
-          const rdsEndpointCommand = `aws rds describe-db-clusters --region ${REGION} --query "DBClusters[?Status=='available' && ends_with(DBClusterIdentifier, '-rds-aurora')].Endpoint" --output text`
-          const rdsEndpointProcess = spawn('sh', ['-c', `${awsVaultExecCommand.join(' ')} ${rdsEndpointCommand}`])
-
-          rdsEndpointProcess.stdout.on('data', (data) => {
-            const RDS_ENDPOINT = data.toString().trim()
-
-            if (!RDS_ENDPOINT) {
-              console.error('Failed to find the RDS endpoint.')
-              return
-            }
-
-            // Start a port forwarding session to the RDS cluster
-            const portForwardingCommand = `aws ssm start-session --target ${INSTANCE_ID} --document-name AWS-StartPortForwardingSessionToRemoteHost --parameters "host=${RDS_ENDPOINT},portNumber='5432',localPortNumber='${portNumber}'" --cli-connect-timeout 0`
-            const portForwardingProcess = spawn('sh', ['-c', `${awsVaultExecCommand.join(' ')} ${portForwardingCommand}`])
-
-            portForwardingProcess.stdout.on('data', (data) => {
-              console.log(data.toString().trim())
-            })
-
-            portForwardingProcess.stderr.on('data', (data) => {
-              console.error(`Command execution error: ${data.toString()}`)
-            })
-          })
-
-          rdsEndpointProcess.stderr.on('data', (data) => {
-            console.error(`Command execution error: ${data.toString()}`)
-          })
-        })
-
-        instanceIdProcess.stderr.on('data', (data) => {
-          console.error(`Command execution error: ${data.toString()}`)
-        })
-      })
-
-      secretsGetProcess.stderr.on('data', (data) => {
-        console.error(`Command execution error: ${data.toString()}`)
-      })
+    if (!RDS_ENDPOINT) {
+      console.error('Failed to find the RDS endpoint.')
+      return
+    }
+
+    const portForwardingCommand = `aws-vault exec ${ENV} -- aws ssm start-session --target ${INSTANCE_ID} --document-name AWS-StartPortForwardingSessionToRemoteHost --parameters "host=${RDS_ENDPOINT},portNumber='5432',localPortNumber='${portNumber}'" --cli-connect-timeout 0`
+
+    console.log('Starting port forwarding session...')
+    const child = exec(portForwardingCommand)
+
+    child.stdout.on('data', (data) => {
+      console.log(data.toString())
     })
 
-    secretsDescribeProcess.stderr.on('data', (data) => {
-      console.error(`Command execution error: ${data.toString()}`)
+    child.stderr.on('data', (data) => {
+      console.error(data.toString())
     })
+
+    child.on('close', (code) => {
+      console.log(`Port forwarding session ended with code ${code}`)
+    })
+
+    console.log('Port forwarding session established. You can now connect to the database using the provided connection string.')
+    console.log('Press Ctrl+C to end the session.')
+  } catch (error) {
+    console.error(`Error: ${error.message}`)
+    throw error // Re-throw the error to be caught by the outer catch block
+  }
+}
+
+main().catch(error => {
+  console.error('Unhandled error in main function:', error)
+  console.error('Exiting due to unhandled error')
+  setImmediate(() => {
+    throw new Error('Forcing exit due to unhandled error')
   })
+})

package/package.json

@@ -1,12 +1,15 @@
 {
   "name": "rds_ssm_connect",
-  "version": "1.2.2",
+  "version": "1.3.0",
   "type": "module",
   "dependencies": {
-    "@aws-sdk/client-ec2": "^3.495.0",
-    "@aws-sdk/client-rds": "^3.495.0",
-    "@aws-sdk/client-ssm": "^3.495.0",
-    "inquirer": "^8.2.6"
+    "@aws-sdk/client-ec2": "^3.632.0",
+    "@aws-sdk/client-rds": "^3.632.0",
+    "@aws-sdk/client-ssm": "^3.632.0",
+    "glob": "^11.0.0",
+    "inquirer": "^8.2.6",
+    "process": "^0.11.10",
+    "rimraf": "^6.0.1"
   },
   "bin": {
     "rds_ssm_connect": "./connect.js"
@@ -16,7 +19,7 @@
     "lint:fix": "eslint . --fix"
   },
   "devDependencies": {
-    "eslint": "^8.56.0",
+    "eslint": "^8.57.0",
     "eslint-config-standard": "^17.1.0",
     "eslint-plugin-import": "^2.29.1",
     "eslint-plugin-n": "^16.6.2",