Initial version

grepplabs · May 8, 2020 · ba6de0c · ba6de0c
1 parent 71bfdad
commit ba6de0c
Show file tree

Hide file tree

Showing 562 changed files with 278,263 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,64 @@
+/aws-sso
+/bin
+/dist
+/target
+
+/*.tar
+/*.tgz
+
+# Intellij
+.idea/
+out/
+
+# Binaries for programs and plugins
+*.exe
+*.dll
+*.so
+*.dylib
+
+# Test binary, build with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Compiled Object files, Static and Dynamic libs (Shared Objects)
+*.o
+*.a
+
+# Folders
+_obj
+_test
+
+# Architecture specific extensions/prefixes
+*.[568vq]
+[568vq].out
+
+*.cgo1.go
+*.cgo2.c
+_cgo_defun.c
+_cgo_gotypes.go
+_cgo_export.*
+
+_testmain.go
+
+*.prof
+
+# coverage
+.coverprofile
+gover.coverprofile
+
+# Swap
+[._]*.s[a-v][a-z]
+[._]*.sw[a-p]
+[._]s[a-v][a-z]
+[._]sw[a-p]
+
+# Session
+Session.vim
+
+# Temporary
+.netrwhist
+*~
+# Auto-generated tag files
+tags
diff --git a/.goreleaser.yml b/.goreleaser.yml
@@ -0,0 +1,26 @@
+dist: dist
+builds:
+  - main: ./main.go
+    env:
+      - CGO_ENABLED=0
+    goos:
+      - linux
+      - darwin
+      - windows
+    goarch:
+      - amd64
+    ldflags:
+      - -w -s
+archives:
+  - name_template: "{{ .ProjectName }}-{{ .Tag }}-{{ .Os }}-{{ .Arch }}"
+    wrap_in_directory: false
+    files:
+      - LICENSE
+checksum:
+  name_template: 'CHECKSUM'
+release:
+  github:
+    owner: grepplabs
+    name: aws-sso
+  draft: false
+  prerelease: auto
diff --git a/Makefile b/Makefile
@@ -0,0 +1,64 @@
+.DEFAULT_GOAL := build
+
+.PHONY: clean build fmt test
+
+TAG           ?= "v0.0.1"
+
+BUILD_FLAGS   ?=
+BINARY        ?= aws-sso
+VERSION       ?= $(shell git describe --tags --always --dirty)
+LDFLAGS       ?= -w -s
+
+CLOUD_IMAGE   ?= grepplabs/aws-sso:$(TAG)
+
+ROOT_DIR      := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+
+default: build
+
+check:
+	go vet ./...
+	golint $$(go list ./...) 2>&1
+	gosec ./... 2>&1
+
+test:
+	GO111MODULE=on go test -mod=vendor -v ./...
+
+build:
+	CGO_ENABLED=0 GO111MODULE=on go build -mod=vendor -o $(BINARY) $(BUILD_FLAGS) -ldflags "$(LDFLAGS)" .
+
+fmt:
+	go fmt ./...
+
+clean:
+	@rm -rf $(BINARY)
+	@rm -rf $(BINARY)*
+
+.PHONY: deps
+deps:
+	GO111MODULE=on go get ./...
+
+.PHONY: vendor
+vendor:
+	GO111MODULE=on go mod vendor
+
+.PHONY: tidy
+tidy:
+	GO111MODULE=on go mod tidy
+
+.PHONY: tag
+tag:
+	git tag $(TAG)
+
+.PHONY: release-setup
+release-setup:
+	curl -sfL https://install.goreleaser.com/github.com/goreleaser/goreleaser.sh | sh
+
+.PHONY: release-skip-publish
+release-skip-publish: release-setup
+	$(ROOT_DIR)/bin/goreleaser release --rm-dist --skip-publish --snapshot
+
+.PHONY: release.publish
+release-publish: release-setup
+	@[ "${GITHUB_TOKEN}" ] && echo "releasing $(TAG)" || ( echo "GITHUB_TOKEN is not set"; exit 1 )
+	git push origin $(TAG)
+	$(ROOT_DIR)/bin/goreleaser release --rm-dist
diff --git a/README.md b/README.md
@@ -1,2 +1,83 @@
 # aws-sso
 AWS Single Sign-On utilities
+
+### Prerequisites
+- [aws cli version 2](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html)
+
+## Install binary release
+
+1. Download the latest release
+
+   Linux
+
+        curl -Ls https://github.com/grepplabs/aws-sso/releases/download/v0.0.1/aws-sso-v0.0.1-linux-amd64.tar.gz | tar xz
+
+   macOS
+
+        curl -Ls https://github.com/grepplabs/aws-sso/releases/download/v0.0.1/aws-sso-v0.0.1-darwin-amd64.tar.gz | tar xz
+
+   windows
+
+        curl -Ls https://github.com/grepplabs/aws-sso/releases/download/v0.0.1/aws-sso-v0.0.1-windows-amd64.tar.gz | tar xz
+
+2. Move the binary in to your PATH.
+
+    ```
+    sudo mv ./aws-sso /usr/local/bin/aws-sso
+    ```
+
+## Build binary
+
+    make clean build
+
+
+### Usage
+#### Initial setup
+
+1. AWS config example
+
+    ~/.aws/config
+
+   ```
+    [profile development]
+    sso_start_url = https://d-4711.awsapps.com/start
+    sso_region = eu-central-1
+    sso_account_id = 000000000000
+    sso_role_name = aws-developer
+    region = eu-central-1
+    output = json
+    cli_pager=
+    ```
+
+2. SSO login
+
+   ```
+    $ aws sso login --profile development
+   ```
+
+### aws-sso credentials commands
+
+#### export
+
+   ```
+   $ aws-sso credentials export --profile development
+
+   export AWS_ACCESS_KEY_ID="your_access_key_id"
+   export AWS_SECRET_ACCESS_KEY="your_secret_access_key"
+   export AWS_SESSION_TOKEN="your_session_token"
+
+
+   $ eval $(aws-sso credentials export --profile development)
+   ```
+
+#### refresh
+
+   ```
+   $ touch ~/.aws/credentials
+   $ aws-sso credentials refresh --profile development
+   $ cat ~/.aws/credentials
+
+   [development]
+   aws_access_key_id = your_access_key_id
+   aws_secret_access_key = your_secret_access_key
+   aws_session_token = your_session_token
diff --git a/cmd/credentials.go b/cmd/credentials.go
@@ -0,0 +1,16 @@
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+)
+
+var credentialsCmd = &cobra.Command{
+	Use:   "credentials",
+	Short: "AWS credentials utilities",
+}
+
+func init() {
+	rootCmd.AddCommand(credentialsCmd)
+
+	credentialsCmd.PersistentFlags().String("profile", "", "Use a specific profile from your credential file.")
+}
diff --git a/cmd/credentials_export.go b/cmd/credentials_export.go
@@ -0,0 +1,36 @@
+package cmd
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/grepplabs/aws-sso/pkg/credentials"
+	"github.com/spf13/cobra"
+)
+
+var credentialsExportCmd = &cobra.Command{
+	Use:   "export",
+	Short: "Get SSO credentials and print AWS environment variables to set",
+	Run: func(cmd *cobra.Command, args []string) {
+		profile, err := cmd.Flags().GetString("profile")
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		roleCredentials, err := credentials.RetrieveRoleCredentials(profile)
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+
+		// fmt.Println(time.Unix(roleCredentials.Expiration/1000, 0).Format(time.RFC3339))
+
+		fmt.Printf("export AWS_ACCESS_KEY_ID=\"%s\"\n", roleCredentials.AccessKeyId)
+		fmt.Printf("export AWS_SECRET_ACCESS_KEY=\"%s\"\n", roleCredentials.SecretAccessKey)
+		fmt.Printf("export AWS_SESSION_TOKEN=\"%s\"\n", roleCredentials.SessionToken)
+	},
+}
+
+func init() {
+	credentialsCmd.AddCommand(credentialsExportCmd)
+}
diff --git a/cmd/credentials_refresh.go b/cmd/credentials_refresh.go
@@ -0,0 +1,38 @@
+package cmd
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/grepplabs/aws-sso/pkg/credentials"
+	"github.com/spf13/cobra"
+)
+
+var credentialsRefreshCmd = &cobra.Command{
+	Use:   "refresh",
+	Short: "Refresh SSO credentials and add a profile to your AWS credential file ~/.aws/credentials",
+	Run: func(cmd *cobra.Command, args []string) {
+		profile, err := cmd.Flags().GetString("profile")
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		roleCredentials, err := credentials.RetrieveRoleCredentials(profile)
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+
+		// fmt.Println(time.Unix(roleCredentials.Expiration/1000, 0).Format(time.RFC3339))
+
+		err = credentials.RefreshProfileCredentials(profile, roleCredentials)
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+	},
+}
+
+func init() {
+	credentialsCmd.AddCommand(credentialsRefreshCmd)
+}
diff --git a/cmd/root.go b/cmd/root.go
@@ -0,0 +1,52 @@
+package cmd
+
+import (
+	"fmt"
+	"github.com/spf13/cobra"
+	"os"
+
+	"github.com/mitchellh/go-homedir"
+	"github.com/spf13/viper"
+)
+
+var cfgFile string
+
+var rootCmd = &cobra.Command{
+	Use:   "aws-sso",
+	Short: "AWS SSO utilities",
+}
+
+func Execute() {
+	if err := rootCmd.Execute(); err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+}
+
+func init() {
+	cobra.OnInitialize(initConfig)
+
+	rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.aws-sso.yaml)")
+	rootCmd.Flags().BoolP("toggle", "t", false, "Help message for toggle")
+}
+
+func initConfig() {
+	if cfgFile != "" {
+		viper.SetConfigFile(cfgFile)
+	} else {
+		home, err := homedir.Dir()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+
+		viper.AddConfigPath(home)
+		viper.SetConfigName(".aws-sso")
+	}
+
+	viper.AutomaticEnv() // read in environment variables that match
+
+	if err := viper.ReadInConfig(); err == nil {
+		fmt.Println("Using config file:", viper.ConfigFileUsed())
+	}
+}