feat(aws): Adding the AWS SSO CLI env variable to profile list (#5640)

Adding the AWS SSO CLI env variable to profile list

Adding support for the profile env variable used by https://github.com/synfinatic/aws-sso-cli
This commit is contained in:
Stefan Richter 2023-12-16 23:20:58 -08:00 committed by GitHub
parent a910e094f7
commit 6d96df3c68
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 28 additions and 2 deletions

View File

@ -1847,7 +1847,7 @@
"definitions": {
"AwsConfig": {
"title": "AWS",
"description": "The `aws` module shows the current AWS region and profile and an expiration timer when using temporary credentials. The output of the module uses the `AWS_REGION`, `AWS_DEFAULT_REGION`, and `AWS_PROFILE` env vars and the `~/.aws/config` and `~/.aws/credentials` files as required.\n\nThe module will display a profile only if its credentials are present in `~/.aws/credentials` or if a `credential_process` or `sso_start_url` are defined in `~/.aws/config`. Alternatively, having any of the `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, or `AWS_SESSION_TOKEN` env vars defined will also suffice. If the option `force_display` is set to `true`, all available information will be displayed even if no credentials per the conditions above are detected.\n\nWhen using [aws-vault](https://github.com/99designs/aws-vault) the profile is read from the `AWS_VAULT` env var and the credentials expiration date is read from the `AWS_SESSION_EXPIRATION` or `AWS_CREDENTIAL_EXPIRATION` var.\n\nWhen using [awsu](https://github.com/kreuzwerker/awsu) the profile is read from the `AWSU_PROFILE` env var.\n\nWhen using [`AWSume`](https://awsu.me) the profile is read from the `AWSUME_PROFILE` env var and the credentials expiration date is read from the `AWSUME_EXPIRATION` env var.",
"description": "The `aws` module shows the current AWS region and profile and an expiration timer when using temporary credentials. The output of the module uses the `AWS_REGION`, `AWS_DEFAULT_REGION`, and `AWS_PROFILE` env vars and the `~/.aws/config` and `~/.aws/credentials` files as required.\n\nThe module will display a profile only if its credentials are present in `~/.aws/credentials` or if a `credential_process` or `sso_start_url` are defined in `~/.aws/config`. Alternatively, having any of the `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, or `AWS_SESSION_TOKEN` env vars defined will also suffice. If the option `force_display` is set to `true`, all available information will be displayed even if no credentials per the conditions above are detected.\n\nWhen using [aws-vault](https://github.com/99designs/aws-vault) the profile is read from the `AWS_VAULT` env var and the credentials expiration date is read from the `AWS_SESSION_EXPIRATION` or `AWS_CREDENTIAL_EXPIRATION` var.\n\nWhen using [awsu](https://github.com/kreuzwerker/awsu) the profile is read from the `AWSU_PROFILE` env var.\n\nWhen using [`AWSume`](https://awsu.me) the profile is read from the `AWSUME_PROFILE` env var and the credentials expiration date is read from the `AWSUME_EXPIRATION` env var.\n\nWhen using [aws-sso-cli](https://github.com/synfinatic/aws-sso-cli) the profile is read from the `AWS_SSO_PROFILE` env var.",
"type": "object",
"properties": {
"format": {

View File

@ -383,6 +383,9 @@ date is read from the `AWSUME_EXPIRATION` env var.
When using [saml2aws](https://github.com/Versent/saml2aws) the expiration information obtained from `~/.aws/credentials`
falls back to the `x_security_token_expires` key.
When using [aws-sso-cli](https://github.com/synfinatic/aws-sso-cli) the profile
is read from the `AWS_SSO_PROFILE` env var.
### Options
| Option | Default | Description |

View File

@ -27,6 +27,9 @@ use std::collections::HashMap;
/// When using [`AWSume`](https://awsu.me) the profile
/// is read from the `AWSUME_PROFILE` env var and the credentials expiration
/// date is read from the `AWSUME_EXPIRATION` env var.
///
/// When using [aws-sso-cli](https://github.com/synfinatic/aws-sso-cli) the profile
/// is read from the `AWS_SSO_PROFILE` env var.
pub struct AwsConfig<'a> {
/// The format for the module.
pub format: &'a str,

View File

@ -97,7 +97,13 @@ fn get_aws_profile_and_region(
context: &Context,
aws_config: &AwsConfigFile,
) -> (Option<Profile>, Option<Region>) {
let profile_env_vars = ["AWSU_PROFILE", "AWS_VAULT", "AWSUME_PROFILE", "AWS_PROFILE"];
let profile_env_vars = [
"AWSU_PROFILE",
"AWS_VAULT",
"AWSUME_PROFILE",
"AWS_PROFILE",
"AWS_SSO_PROFILE",
];
let region_env_vars = ["AWS_REGION", "AWS_DEFAULT_REGION"];
let profile = profile_env_vars
.iter()
@ -414,6 +420,20 @@ mod tests {
assert_eq!(expected, actual);
}
#[test]
fn profile_set_from_awsssocli() {
let actual = ModuleRenderer::new("aws")
.env("AWS_SSO_PROFILE", "astronauts-awsssocli")
.env("AWS_ACCESS_KEY_ID", "dummy")
.collect();
let expected = Some(format!(
"on {}",
Color::Yellow.bold().paint("☁️ astronauts-awsssocli ")
));
assert_eq!(expected, actual);
}
#[test]
fn profile_and_region_set() {
let actual = ModuleRenderer::new("aws")