From 17213d13f735adf4abaccf112f3cc667b9a61dde Mon Sep 17 00:00:00 2001 From: Lee Briggs Date: Mon, 5 Feb 2024 06:56:32 -0800 Subject: [PATCH] update to aws SDK for Go v2 --- cmd/aws-sso-creds/get/cli.go | 4 +-- cmd/aws-sso-creds/helper/cli.go | 2 +- cmd/aws-sso-creds/list/accounts/cli.go | 41 ++++++++++++++----------- cmd/aws-sso-creds/list/roles/cli.go | 42 +++++++++++++++----------- cmd/aws-sso-creds/set/cli.go | 2 +- go.mod | 15 ++++++++- go.sum | 30 ++++++++++++++++-- pkg/credentials/creds.go | 35 ++++++++++++--------- 8 files changed, 114 insertions(+), 57 deletions(-) diff --git a/cmd/aws-sso-creds/get/cli.go b/cmd/aws-sso-creds/get/cli.go index db0b68e..4226e89 100644 --- a/cmd/aws-sso-creds/get/cli.go +++ b/cmd/aws-sso-creds/get/cli.go @@ -45,7 +45,7 @@ func Command() *cobra.Command { AwsAccessKeyID: *creds.RoleCredentials.AccessKeyId, AwsSecretAccessKey: *creds.RoleCredentials.SecretAccessKey, SessionToken: *creds.RoleCredentials.SessionToken, - ExpireAt: time.UnixMilli(*creds.RoleCredentials.Expiration), + ExpireAt: time.UnixMilli(creds.RoleCredentials.Expiration), } output, err := json.Marshal(credJSON) if err != nil { @@ -63,7 +63,7 @@ func Command() *cobra.Command { fmt.Println("") - fmt.Println("These credentials will expire at:", aurora.Red(time.UnixMilli(*creds.RoleCredentials.Expiration))) + fmt.Println("These credentials will expire at:", aurora.Red(time.UnixMilli(creds.RoleCredentials.Expiration))) } return nil diff --git a/cmd/aws-sso-creds/helper/cli.go b/cmd/aws-sso-creds/helper/cli.go index 848a746..5efd4e9 100644 --- a/cmd/aws-sso-creds/helper/cli.go +++ b/cmd/aws-sso-creds/helper/cli.go @@ -41,7 +41,7 @@ func Command() *cobra.Command { AccessKeyID: *creds.RoleCredentials.AccessKeyId, SecretAccessKey: *creds.RoleCredentials.SecretAccessKey, SessionToken: *creds.RoleCredentials.SessionToken, - Expiration: time.Unix(*creds.RoleCredentials.Expiration/1000, 0).Format(time.RFC3339), + Expiration: time.Unix(creds.RoleCredentials.Expiration/1000, 0).Format(time.RFC3339), } output, err := json.Marshal(rawCreds) diff --git a/cmd/aws-sso-creds/list/accounts/cli.go b/cmd/aws-sso-creds/list/accounts/cli.go index a727875..b570c31 100644 --- a/cmd/aws-sso-creds/list/accounts/cli.go +++ b/cmd/aws-sso-creds/list/accounts/cli.go @@ -1,15 +1,15 @@ package accounts import ( + "context" "fmt" "os" "path/filepath" + "text/tabwriter" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/session" - "github.com/aws/aws-sdk-go/service/sso" - "github.com/jaxxstorm/aws-sso-creds/pkg/config" - "github.com/liggitt/tabwriter" + "github.com/aws/aws-sdk-go-v2/config" + "github.com/aws/aws-sdk-go-v2/service/sso" + cfg "github.com/jaxxstorm/aws-sso-creds/pkg/config" "github.com/spf13/cobra" "github.com/spf13/viper" ) @@ -19,11 +19,10 @@ const ( tabwriterWidth = 4 tabwriterPadding = 3 tabwriterPadChar = ' ' - tabwriterFlags = tabwriter.RememberWidths ) var ( - results int64 + results int32 // Adjusted to int32 as per v2 requirements ) func Command() *cobra.Command { @@ -38,7 +37,7 @@ func Command() *cobra.Command { profile := viper.GetString("profile") homeDir := viper.GetString("home-directory") - ssoConfig, err := config.GetSSOConfig(profile, homeDir) + ssoConfig, err := cfg.GetSSOConfig(profile, homeDir) if err != nil { return fmt.Errorf("error retrieving SSO config: %w", err) } @@ -48,27 +47,35 @@ func Command() *cobra.Command { return fmt.Errorf("error retrieving cache files - perhaps you need to login?: %w", err) } - token, err := config.GetSSOToken(cacheFiles, *ssoConfig, homeDir) + token, err := cfg.GetSSOToken(cacheFiles, *ssoConfig, homeDir) if err != nil { return fmt.Errorf("error retrieving SSO token from cache files: %v", err) } - sess := session.Must(session.NewSession()) - svc := sso.New(sess, aws.NewConfig().WithRegion(ssoConfig.Region)) + // Load default AWS config + cfg, err := config.LoadDefaultConfig(context.TODO(), + config.WithRegion(ssoConfig.Region), + config.WithSharedConfigProfile(profile), + ) + if err != nil { + return fmt.Errorf("error loading AWS config: %v", err) + } + + svc := sso.NewFromConfig(cfg) - accounts, err := svc.ListAccounts(&sso.ListAccountsInput{ + accounts, err := svc.ListAccounts(context.TODO(), &sso.ListAccountsInput{ AccessToken: &token, - MaxResults: &results, + MaxResults: &results, // Note: MaxResults might need type adjustment }) if err != nil { return fmt.Errorf("error listing accounts: %v", err) } - writer := tabwriter.NewWriter(os.Stdout, tabwriterMinWidth, tabwriterWidth, tabwriterPadding, tabwriterPadChar, tabwriterFlags) + writer := tabwriter.NewWriter(os.Stdout, tabwriterMinWidth, tabwriterWidth, tabwriterPadding, tabwriterPadChar, 0) fmt.Fprintln(writer, "ID\tNAME\tEMAIL ADDRESS") - for _, results := range accounts.AccountList { - fmt.Fprintf(writer, "%s\t%s\t%s\n", *results.AccountId, *results.AccountName, *results.EmailAddress) + for _, account := range accounts.AccountList { + fmt.Fprintf(writer, "%s\t%s\t%s\n", *account.AccountId, *account.AccountName, *account.EmailAddress) } writer.Flush() @@ -77,7 +84,7 @@ func Command() *cobra.Command { }, } - command.Flags().Int64VarP(&results, "results", "r", 10, "Maximum number of accounts to return") + command.Flags().Int32VarP(&results, "results", "r", 10, "Maximum number of accounts to return") return command } diff --git a/cmd/aws-sso-creds/list/roles/cli.go b/cmd/aws-sso-creds/list/roles/cli.go index 34bc008..9a0f6e3 100644 --- a/cmd/aws-sso-creds/list/roles/cli.go +++ b/cmd/aws-sso-creds/list/roles/cli.go @@ -1,15 +1,15 @@ package roles import ( + "context" "fmt" "os" "path/filepath" + "text/tabwriter" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/session" - "github.com/aws/aws-sdk-go/service/sso" - "github.com/jaxxstorm/aws-sso-creds/pkg/config" - "github.com/liggitt/tabwriter" + "github.com/aws/aws-sdk-go-v2/config" + "github.com/aws/aws-sdk-go-v2/service/sso" + cfg "github.com/jaxxstorm/aws-sso-creds/pkg/config" "github.com/spf13/cobra" "github.com/spf13/viper" ) @@ -19,11 +19,10 @@ const ( tabwriterWidth = 4 tabwriterPadding = 3 tabwriterPadChar = ' ' - tabwriterFlags = tabwriter.RememberWidths ) var ( - results int64 + results int32 // Adjusted to int32 as per v2 requirements accountID string ) @@ -40,7 +39,7 @@ func Command() *cobra.Command { profile := viper.GetString("profile") homeDir := viper.GetString("home-directory") - ssoConfig, err := config.GetSSOConfig(profile, homeDir) + ssoConfig, err := cfg.GetSSOConfig(profile, homeDir) if err != nil { return fmt.Errorf("error retrieving SSO config: %w", err) } @@ -50,30 +49,37 @@ func Command() *cobra.Command { return fmt.Errorf("error retrieving cache files - perhaps you need to login?: %w", err) } - token, err := config.GetSSOToken(cacheFiles, *ssoConfig, homeDir) + token, err := cfg.GetSSOToken(cacheFiles, *ssoConfig, homeDir) if err != nil { return fmt.Errorf("error retrieving SSO token from cache files: %v", err) } - sess := session.Must(session.NewSession()) - svc := sso.New(sess, aws.NewConfig().WithRegion(ssoConfig.Region)) + cfg, err := config.LoadDefaultConfig(context.TODO(), + config.WithRegion(ssoConfig.Region), + config.WithSharedConfigProfile(profile), + ) + if err != nil { + return fmt.Errorf("error loading AWS config: %v", err) + } + + svc := sso.NewFromConfig(cfg) accountID = args[0] - roles, err := svc.ListAccountRoles(&sso.ListAccountRolesInput{ + roles, err := svc.ListAccountRoles(context.TODO(), &sso.ListAccountRolesInput{ AccessToken: &token, - MaxResults: &results, + MaxResults: &results, // Note: MaxResults might need type adjustment AccountId: &accountID, }) if err != nil { return fmt.Errorf("error listing roles: %v", err) } - writer := tabwriter.NewWriter(os.Stdout, tabwriterMinWidth, tabwriterWidth, tabwriterPadding, tabwriterPadChar, tabwriterFlags) - fmt.Fprintln(writer, "ID\tROLE NAME") + writer := tabwriter.NewWriter(os.Stdout, tabwriterMinWidth, tabwriterWidth, tabwriterPadding, tabwriterPadChar, 0) + fmt.Fprintln(writer, "ROLE NAME") - for _, results := range roles.RoleList { - fmt.Fprintf(writer, "%s\t%s\n", *results.AccountId, *results.RoleName) + for _, role := range roles.RoleList { + fmt.Fprintf(writer, "%s\t%s\n", *role.RoleName, *role.RoleName) } writer.Flush() @@ -82,7 +88,7 @@ func Command() *cobra.Command { }, } - command.Flags().Int64VarP(&results, "results", "r", 10, "Maximum number of accounts to return") + command.Flags().Int32VarP(&results, "results", "r", 10, "Maximum number of roles to return") // Adjusted to Int32VarP return command } diff --git a/cmd/aws-sso-creds/set/cli.go b/cmd/aws-sso-creds/set/cli.go index eee95e3..e44cbaf 100644 --- a/cmd/aws-sso-creds/set/cli.go +++ b/cmd/aws-sso-creds/set/cli.go @@ -87,7 +87,7 @@ func Command() *cobra.Command { } fmt.Printf("credentials saved to profile: %s\n", args[0]) - fmt.Printf("these credentials will expire: %s\n", time.Unix(*creds.RoleCredentials.Expiration, 0).Format(time.UnixDate)) + fmt.Printf("these credentials will expire: %s\n", time.Unix(creds.RoleCredentials.Expiration, 0).Format(time.UnixDate)) return nil }, diff --git a/go.mod b/go.mod index 6b1a01d..8397012 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,10 @@ module github.com/jaxxstorm/aws-sso-creds go 1.21 require ( - github.com/aws/aws-sdk-go v1.50.5 + github.com/aws/aws-sdk-go v1.50.10 + github.com/aws/aws-sdk-go-v2 v1.24.1 + github.com/aws/aws-sdk-go-v2/config v1.26.6 + github.com/aws/aws-sdk-go-v2/service/sso v1.18.7 github.com/bigkevmcd/go-configparser v0.0.0-20230427073640-c6b631f70126 github.com/go-git/go-git/v5 v5.11.0 github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de @@ -18,6 +21,16 @@ require ( dario.cat/mergo v1.0.0 // indirect github.com/Microsoft/go-winio v0.6.1 // indirect github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 // indirect + github.com/aws/aws-sdk-go-v2/credentials v1.16.16 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.7.3 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 // indirect + github.com/aws/smithy-go v1.19.0 // indirect github.com/blang/semver v1.1.1-0.20190414182527-1a9109f8c4a1 // indirect github.com/cloudflare/circl v1.3.3 // indirect github.com/cyphar/filepath-securejoin v0.2.4 // indirect diff --git a/go.sum b/go.sum index f4b5804..ccfb315 100644 --- a/go.sum +++ b/go.sum @@ -18,8 +18,34 @@ github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuW github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/aws/aws-sdk-go v1.50.5 h1:H2Aadcgwr7a2aqS6ZwcE+l1mA6ZrTseYCvjw2QLmxIA= -github.com/aws/aws-sdk-go v1.50.5/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go v1.50.10 h1:H3NQvqRUKG+9oysCKTIyylpkqfPA7MiBtzTnu/cIGqE= +github.com/aws/aws-sdk-go v1.50.10/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go-v2 v1.24.1 h1:xAojnj+ktS95YZlDf0zxWBkbFtymPeDP+rvUQIH3uAU= +github.com/aws/aws-sdk-go-v2 v1.24.1/go.mod h1:LNh45Br1YAkEKaAqvmE1m8FUx6a5b/V0oAKV7of29b4= +github.com/aws/aws-sdk-go-v2/config v1.26.6 h1:Z/7w9bUqlRI0FFQpetVuFYEsjzE3h7fpU6HuGmfPL/o= +github.com/aws/aws-sdk-go-v2/config v1.26.6/go.mod h1:uKU6cnDmYCvJ+pxO9S4cWDb2yWWIH5hra+32hVh1MI4= +github.com/aws/aws-sdk-go-v2/credentials v1.16.16 h1:8q6Rliyv0aUFAVtzaldUEcS+T5gbadPbWdV1WcAddK8= +github.com/aws/aws-sdk-go-v2/credentials v1.16.16/go.mod h1:UHVZrdUsv63hPXFo1H7c5fEneoVo9UXiz36QG1GEPi0= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 h1:c5I5iH+DZcH3xOIMlz3/tCKJDaHFwYEmxvlh2fAcFo8= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11/go.mod h1:cRrYDYAMUohBJUtUnOhydaMHtiK/1NZ0Otc9lIb6O0Y= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 h1:vF+Zgd9s+H4vOXd5BMaPWykta2a6Ih0AKLq/X6NYKn4= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10/go.mod h1:6BkRjejp/GR4411UGqkX8+wFMbFbqsUIimfK4XjOKR4= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 h1:nYPe006ktcqUji8S2mqXf9c/7NdiKriOwMvWQHgYztw= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10/go.mod h1:6UV4SZkVvmODfXKql4LCbaZUpF7HO2BX38FgBf9ZOLw= +github.com/aws/aws-sdk-go-v2/internal/ini v1.7.3 h1:n3GDfwqF2tzEkXlv5cuy4iy7LpKDtqDMcNLfZDu9rls= +github.com/aws/aws-sdk-go-v2/internal/ini v1.7.3/go.mod h1:6fQQgfuGmw8Al/3M2IgIllycxV7ZW7WCdVSqfBeUiCY= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 h1:/b31bi3YVNlkzkBrm9LfpaKoaYZUxIAj4sHfOTmLfqw= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4/go.mod h1:2aGXHFmbInwgP9ZfpmdIfOELL79zhdNYNmReK8qDfdQ= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 h1:DBYTXwIGQSGs9w4jKm60F5dmCQ3EEruxdc0MFh+3EY4= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10/go.mod h1:wohMUQiFdzo0NtxbBg0mSRGZ4vL3n0dKjLTINdcIino= +github.com/aws/aws-sdk-go-v2/service/sso v1.18.7 h1:eajuO3nykDPdYicLlP3AGgOyVN3MOlFmZv7WGTuJPow= +github.com/aws/aws-sdk-go-v2/service/sso v1.18.7/go.mod h1:+mJNDdF+qiUlNKNC3fxn74WWNN+sOiGOEImje+3ScPM= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 h1:QPMJf+Jw8E1l7zqhZmMlFw6w1NmfkfiSK8mS4zOx3BA= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7/go.mod h1:ykf3COxYI0UJmxcfcxcVuz7b6uADi1FkiUz6Eb7AgM8= +github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 h1:NzO4Vrau795RkUdSHKEwiR01FaGzGOH1EETJ+5QHnm0= +github.com/aws/aws-sdk-go-v2/service/sts v1.26.7/go.mod h1:6h2YuIoxaMSCFf5fi1EgZAwdfkGMgDY+DVfa61uLe4U= +github.com/aws/smithy-go v1.19.0 h1:KWFKQV80DpP3vJrrA9sVAHQ5gc2z8i4EzrLhLlWXcBM= +github.com/aws/smithy-go v1.19.0/go.mod h1:NukqUGpCZIILqqiV0NIjeFh24kd/FAa4beRb6nbIUPE= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/bigkevmcd/go-configparser v0.0.0-20230427073640-c6b631f70126 h1:uru++pUKoS/yYU3Ohq9VItZdK/cT7FFJH/UUjOlxc+s= diff --git a/pkg/credentials/creds.go b/pkg/credentials/creds.go index 96fa854..1845420 100644 --- a/pkg/credentials/creds.go +++ b/pkg/credentials/creds.go @@ -1,19 +1,19 @@ package credentials import ( + "context" "fmt" "os" "path/filepath" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/session" - "github.com/aws/aws-sdk-go/service/sso" - "github.com/jaxxstorm/aws-sso-creds/pkg/config" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/config" + "github.com/aws/aws-sdk-go-v2/service/sso" + cfg "github.com/jaxxstorm/aws-sso-creds/pkg/config" ) func GetSSOCredentials(profile string, homedir string) (*sso.GetRoleCredentialsOutput, string, error) { - - ssoConfig, err := config.GetSSOConfig(profile, homedir) + ssoConfig, err := cfg.GetSSOConfig(profile, homedir) if err != nil { return nil, "", fmt.Errorf("error retrieving SSO config: %w", err) } @@ -23,24 +23,29 @@ func GetSSOCredentials(profile string, homedir string) (*sso.GetRoleCredentialsO return nil, "", fmt.Errorf("error retrieving cache files - perhaps you need to login?: %w", err) } - token, err := config.GetSSOToken(cacheFiles, *ssoConfig, homedir) + token, err := cfg.GetSSOToken(cacheFiles, *ssoConfig, homedir) if err != nil { return nil, "", fmt.Errorf("error retrieving SSO token from cache files: %w", err) } - sess := session.Must(session.NewSession()) - svc := sso.New(sess, aws.NewConfig().WithRegion(ssoConfig.Region)) + cfg, err := config.LoadDefaultConfig(context.TODO(), + config.WithRegion(ssoConfig.Region), + config.WithSharedConfigProfile(profile), + ) + if err != nil { + return nil, "", fmt.Errorf("error loading AWS configuration: %w", err) + } + + svc := sso.NewFromConfig(cfg) - creds, err := svc.GetRoleCredentials(&sso.GetRoleCredentialsInput{ - AccessToken: &token, - AccountId: &ssoConfig.AccountID, - RoleName: &ssoConfig.RoleName, + creds, err := svc.GetRoleCredentials(context.TODO(), &sso.GetRoleCredentialsInput{ + AccessToken: aws.String(token), + AccountId: aws.String(ssoConfig.AccountID), + RoleName: aws.String(ssoConfig.RoleName), }) - if err != nil { return nil, "", fmt.Errorf("error retrieving credentials from AWS: %w", err) } return creds, ssoConfig.AccountID, nil - }