From 22f9a710f1bceb4fddd893a4776c433b8700d199 Mon Sep 17 00:00:00 2001 From: Neemias Junior Date: Mon, 25 Nov 2019 16:28:33 +0100 Subject: [PATCH] Loading credentials from env_file parameter --- main.go | 11 ++++------- plugin.go | 17 ++++++++++++++++- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/main.go b/main.go index 7f230b0..373ac13 100644 --- a/main.go +++ b/main.go @@ -5,7 +5,6 @@ import ( "os" "github.com/Sirupsen/logrus" - "github.com/joho/godotenv" "github.com/urfave/cli" ) @@ -35,8 +34,9 @@ func main() { EnvVar: "PLUGIN_CA_CERT", }, cli.StringFlag{ - Name: "env-file", - Usage: "source env file", + Name: "env_file", + Usage: "pass filename to source it and load variables into current shell", + EnvVar: "PLUGIN_ENV_FILE", }, cli.StringFlag{ Name: "init_options", @@ -125,10 +125,6 @@ func run(c *cli.Context) error { "Revision": revision, }).Info("Drone Terraform Plugin Version") - if c.String("env-file") != "" { - _ = godotenv.Load(c.String("env-file")) - } - var vars map[string]string if c.String("vars") != "" { if err := json.Unmarshal([]byte(c.String("vars")), &vars); err != nil { @@ -161,6 +157,7 @@ func run(c *cli.Context) error { Parallelism: c.Int("parallelism"), Targets: c.StringSlice("targets"), VarFiles: c.StringSlice("var_files"), + EnvFile: c.String("env_file"), TerraformDataDir: c.String("tf_data_dir"), }, Netrc: Netrc{ diff --git a/plugin.go b/plugin.go index 4afe66d..19554e9 100644 --- a/plugin.go +++ b/plugin.go @@ -16,6 +16,7 @@ import ( "github.com/aws/aws-sdk-go/aws/credentials/stscreds" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/sts" + "github.com/joho/godotenv" ) type ( @@ -33,6 +34,7 @@ type ( Parallelism int Targets []string VarFiles []string + EnvFile string TerraformDataDir string } @@ -77,6 +79,10 @@ func (p Plugin) Exec() error { } } + if p.Config.EnvFile != "" { + _ = godotenv.Load(p.Config.EnvFile) + } + if p.Config.RoleARN != "" { assumeRole(p.Config.RoleARN) } @@ -169,7 +175,14 @@ func CopyTfEnv() { } } -func assumeRole(roleArn string) { +func assumeRole(roleArn string) bool { + awsTokens := []string{"AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY", "AWS_SESSION_TOKEN"} + for _, token := range awsTokens { + if os.Getenv(token) != "" { + return true + } + } + client := sts.New(session.New()) duration := time.Hour * 1 stsProvider := &stscreds.AssumeRoleProvider{ @@ -188,6 +201,8 @@ func assumeRole(roleArn string) { os.Setenv("AWS_ACCESS_KEY_ID", value.AccessKeyID) os.Setenv("AWS_SECRET_ACCESS_KEY", value.SecretAccessKey) os.Setenv("AWS_SESSION_TOKEN", value.SessionToken) + + return true } func deleteCache(terraformDataDir string) *exec.Cmd {