Merge pull request #879 from docker/acceskey_file

Flag to import access key & secret from file
This commit is contained in:
Nicolas De loof 2020-11-05 14:08:51 +01:00 committed by GitHub
commit c6fc0e116f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 46 additions and 3 deletions

View File

@ -17,16 +17,18 @@
package context package context
import ( import (
"bufio"
"context" "context"
"fmt" "fmt"
"os"
"github.com/pkg/errors" "strings"
"github.com/spf13/cobra"
"github.com/docker/compose-cli/api/client" "github.com/docker/compose-cli/api/client"
"github.com/docker/compose-cli/context/store" "github.com/docker/compose-cli/context/store"
"github.com/docker/compose-cli/ecs" "github.com/docker/compose-cli/ecs"
"github.com/docker/compose-cli/errdefs" "github.com/docker/compose-cli/errdefs"
"github.com/pkg/errors"
"github.com/spf13/cobra"
) )
func init() { func init() {
@ -41,15 +43,29 @@ $ docker context create ecs CONTEXT [flags]
func createEcsCommand() *cobra.Command { func createEcsCommand() *cobra.Command {
var localSimulation bool var localSimulation bool
var opts ecs.ContextParams var opts ecs.ContextParams
var accessKeysFile string
cmd := &cobra.Command{ cmd := &cobra.Command{
Use: "ecs CONTEXT [flags]", Use: "ecs CONTEXT [flags]",
Short: "Create a context for Amazon ECS", Short: "Create a context for Amazon ECS",
Args: cobra.ExactArgs(1), Args: cobra.ExactArgs(1),
RunE: func(cmd *cobra.Command, args []string) error { RunE: func(cmd *cobra.Command, args []string) error {
opts.Name = args[0] opts.Name = args[0]
if accessKeysFile != "" {
err := parseAccessKeysFile(accessKeysFile, &opts)
if err != nil {
return err
}
}
if opts.CredsFromEnv && opts.Profile != "" { if opts.CredsFromEnv && opts.Profile != "" {
return fmt.Errorf("--profile and --from-env flags cannot be set at the same time") return fmt.Errorf("--profile and --from-env flags cannot be set at the same time")
} }
if accessKeysFile != "" && opts.Profile != "" {
return fmt.Errorf("--profile and --access-keys flags cannot be set at the same time")
}
if opts.CredsFromEnv && accessKeysFile != "" {
return fmt.Errorf("--access-keys and --from-env flags cannot be set at the same time")
}
if localSimulation { if localSimulation {
return runCreateLocalSimulation(cmd.Context(), args[0], opts) return runCreateLocalSimulation(cmd.Context(), args[0], opts)
} }
@ -60,10 +76,37 @@ func createEcsCommand() *cobra.Command {
addDescriptionFlag(cmd, &opts.Description) addDescriptionFlag(cmd, &opts.Description)
cmd.Flags().BoolVar(&localSimulation, "local-simulation", false, "Create context for ECS local simulation endpoints") cmd.Flags().BoolVar(&localSimulation, "local-simulation", false, "Create context for ECS local simulation endpoints")
cmd.Flags().StringVar(&opts.Profile, "profile", "", "Use an existing AWS profile") cmd.Flags().StringVar(&opts.Profile, "profile", "", "Use an existing AWS profile")
cmd.Flags().StringVar(&accessKeysFile, "access-keys", "", "Use AWS access keys from file")
cmd.Flags().BoolVar(&opts.CredsFromEnv, "from-env", false, "Use AWS environment variables for profile, or credentials and region") cmd.Flags().BoolVar(&opts.CredsFromEnv, "from-env", false, "Use AWS environment variables for profile, or credentials and region")
return cmd return cmd
} }
func parseAccessKeysFile(file string, opts *ecs.ContextParams) error {
f, err := os.Open(file)
if err != nil {
return err
}
defer f.Close() // nolint:errcheck
scanner := bufio.NewScanner(f)
scanner.Split(bufio.ScanLines)
values := map[string]string{}
for scanner.Scan() {
line := scanner.Text()
parts := strings.SplitN(line, "=", 2)
values[parts[0]] = parts[1]
}
var ok bool
opts.AccessKey, ok = values["AWSAccessKeyId"]
if !ok {
return fmt.Errorf("%s is missing AWSAccessKeyId", file)
}
opts.SecretKey, ok = values["AWSSecretKey"]
if !ok {
return fmt.Errorf("%s is missing AWSSecretKey", file)
}
return nil
}
func runCreateLocalSimulation(ctx context.Context, contextName string, opts ecs.ContextParams) error { func runCreateLocalSimulation(ctx context.Context, contextName string, opts ecs.ContextParams) error {
if contextExists(ctx, contextName) { if contextExists(ctx, contextName) {
return errors.Wrapf(errdefs.ErrAlreadyExists, "context %q", contextName) return errors.Wrapf(errdefs.ErrAlreadyExists, "context %q", contextName)