0
0
mirror of https://github.com/thegeeklab/wp-opentofu.git synced 2024-11-25 09:40:39 +00:00

Loading credentials from env_file parameter

This commit is contained in:
Neemias Junior 2019-11-25 16:28:33 +01:00 committed by Jacob McCann
parent 5ce27e882f
commit 22f9a710f1
No known key found for this signature in database
GPG Key ID: B5A476DE32B9AE72
2 changed files with 20 additions and 8 deletions

11
main.go
View File

@ -5,7 +5,6 @@ import (
"os" "os"
"github.com/Sirupsen/logrus" "github.com/Sirupsen/logrus"
"github.com/joho/godotenv"
"github.com/urfave/cli" "github.com/urfave/cli"
) )
@ -35,8 +34,9 @@ func main() {
EnvVar: "PLUGIN_CA_CERT", EnvVar: "PLUGIN_CA_CERT",
}, },
cli.StringFlag{ cli.StringFlag{
Name: "env-file", Name: "env_file",
Usage: "source env file", Usage: "pass filename to source it and load variables into current shell",
EnvVar: "PLUGIN_ENV_FILE",
}, },
cli.StringFlag{ cli.StringFlag{
Name: "init_options", Name: "init_options",
@ -125,10 +125,6 @@ func run(c *cli.Context) error {
"Revision": revision, "Revision": revision,
}).Info("Drone Terraform Plugin Version") }).Info("Drone Terraform Plugin Version")
if c.String("env-file") != "" {
_ = godotenv.Load(c.String("env-file"))
}
var vars map[string]string var vars map[string]string
if c.String("vars") != "" { if c.String("vars") != "" {
if err := json.Unmarshal([]byte(c.String("vars")), &vars); err != nil { if err := json.Unmarshal([]byte(c.String("vars")), &vars); err != nil {
@ -161,6 +157,7 @@ func run(c *cli.Context) error {
Parallelism: c.Int("parallelism"), Parallelism: c.Int("parallelism"),
Targets: c.StringSlice("targets"), Targets: c.StringSlice("targets"),
VarFiles: c.StringSlice("var_files"), VarFiles: c.StringSlice("var_files"),
EnvFile: c.String("env_file"),
TerraformDataDir: c.String("tf_data_dir"), TerraformDataDir: c.String("tf_data_dir"),
}, },
Netrc: Netrc{ Netrc: Netrc{

View File

@ -16,6 +16,7 @@ import (
"github.com/aws/aws-sdk-go/aws/credentials/stscreds" "github.com/aws/aws-sdk-go/aws/credentials/stscreds"
"github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/sts" "github.com/aws/aws-sdk-go/service/sts"
"github.com/joho/godotenv"
) )
type ( type (
@ -33,6 +34,7 @@ type (
Parallelism int Parallelism int
Targets []string Targets []string
VarFiles []string VarFiles []string
EnvFile string
TerraformDataDir string TerraformDataDir string
} }
@ -77,6 +79,10 @@ func (p Plugin) Exec() error {
} }
} }
if p.Config.EnvFile != "" {
_ = godotenv.Load(p.Config.EnvFile)
}
if p.Config.RoleARN != "" { if p.Config.RoleARN != "" {
assumeRole(p.Config.RoleARN) assumeRole(p.Config.RoleARN)
} }
@ -169,7 +175,14 @@ func CopyTfEnv() {
} }
} }
func assumeRole(roleArn string) { func assumeRole(roleArn string) bool {
awsTokens := []string{"AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY", "AWS_SESSION_TOKEN"}
for _, token := range awsTokens {
if os.Getenv(token) != "" {
return true
}
}
client := sts.New(session.New()) client := sts.New(session.New())
duration := time.Hour * 1 duration := time.Hour * 1
stsProvider := &stscreds.AssumeRoleProvider{ stsProvider := &stscreds.AssumeRoleProvider{
@ -188,6 +201,8 @@ func assumeRole(roleArn string) {
os.Setenv("AWS_ACCESS_KEY_ID", value.AccessKeyID) os.Setenv("AWS_ACCESS_KEY_ID", value.AccessKeyID)
os.Setenv("AWS_SECRET_ACCESS_KEY", value.SecretAccessKey) os.Setenv("AWS_SECRET_ACCESS_KEY", value.SecretAccessKey)
os.Setenv("AWS_SESSION_TOKEN", value.SessionToken) os.Setenv("AWS_SESSION_TOKEN", value.SessionToken)
return true
} }
func deleteCache(terraformDataDir string) *exec.Cmd { func deleteCache(terraformDataDir string) *exec.Cmd {