From 6dac9303720b7b6c7ab3d894801eb36f52a097e5 Mon Sep 17 00:00:00 2001 From: Pascal Frenz <5677521+PascalFrenz@users.noreply.github.com> Date: Wed, 8 May 2024 12:28:35 +0200 Subject: [PATCH 1/5] adjust read comment when running in zsh --- aws_login.sh | 33 +++++++++++++++++++++++++++++---- 1 file changed, 29 insertions(+), 4 deletions(-) diff --git a/aws_login.sh b/aws_login.sh index 7f74635..254da9c 100644 --- a/aws_login.sh +++ b/aws_login.sh @@ -10,7 +10,7 @@ # aws_login [aws_account_id] # function aws_login() { - aws_account_no="$1"; shift; + aws_account_no="$1"; local config_dir="$HOME/.config/rackspace-aws-login" if [ ! -d "$config_dir" ]; then mkdir -p "$config_dir" @@ -21,6 +21,31 @@ function aws_login() { local rackspace_username local rackspace_api_key + function read_input() { + if [ "${3:-}" == "hide_input" ]; then + sensitive_value_flag="-s" + else + sensitive_value_flag="" + fi + + # Git Bash does not have pgrep installed + # shellcheck disable=SC2009 + if ps -p $$ | grep bash >/dev/null 2>&1; then + # We reference the var to set via indirect reference. + # shellcheck disable=SC2229 + read -r "$sensitive_value_flag" -p "$1" "$2" + elif ps -p $$ | grep zsh >/dev/null 2>&1; then + # We reference the var to set via indirect reference. + # shellcheck disable=SC2229 + read -r "$sensitive_value_flag" "?$1" "$2" + else + echo "Please use bash or zsh." + return 1 + fi + + return 0; + } + function get_aws_accounts_from_rackspace() { if [ -z "$temporary_rackspace_token" ]; then get_rackspace_token_and_tenant @@ -41,15 +66,15 @@ function aws_login() { # no Keepass in place --> ask the user echo "Did not found your Keepass file or KPScript executable. Please enter your Rackspace credentials." - read -r -p 'Rackspace username: ' rackspace_username - read -r -sp 'Rackspace API key: ' rackspace_api_key + read_input 'Rackspace username: ' rackspace_username + read_input 'Rackspace API key: ' rackspace_api_key hide_input echo "" else # get credentials from Keepass echo "Reading credentials from Keepass: $KEEPASS_FILE. Entry Rackspace (username + api-key field)." - read -r -sp 'Keepass Password: ' keepass_password + read_input 'Keepass Password: ' keepass_password hide_input echo "" rackspace_username=$($kpscript_executable -c:GetEntryString "${KEEPASS_FILE}" -Field:UserName -ref-Title:"Rackspace" -FailIfNoEntry -pw:"$keepass_password" | head -n1) From 0735e884049888a3cc7fc58058308944bde1beaa Mon Sep 17 00:00:00 2001 From: Pascal Frenz <5677521+PascalFrenz@users.noreply.github.com> Date: Wed, 8 May 2024 12:39:44 +0200 Subject: [PATCH 2/5] fix errors --- aws_login.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/aws_login.sh b/aws_login.sh index 254da9c..2c2ae46 100644 --- a/aws_login.sh +++ b/aws_login.sh @@ -22,7 +22,7 @@ function aws_login() { local rackspace_api_key function read_input() { - if [ "${3:-}" == "hide_input" ]; then + if [ "${3:-}" = "hide_input" ]; then sensitive_value_flag="-s" else sensitive_value_flag="" @@ -31,13 +31,13 @@ function aws_login() { # Git Bash does not have pgrep installed # shellcheck disable=SC2009 if ps -p $$ | grep bash >/dev/null 2>&1; then - # We reference the var to set via indirect reference. - # shellcheck disable=SC2229 - read -r "$sensitive_value_flag" -p "$1" "$2" + # We reference the var to set via indirect reference + we explicitly want the flag to be interpreted by shell + # shellcheck disable=SC2229,SC2086 + read -r $sensitive_value_flag -p "$1" "$2" elif ps -p $$ | grep zsh >/dev/null 2>&1; then - # We reference the var to set via indirect reference. - # shellcheck disable=SC2229 - read -r "$sensitive_value_flag" "?$1" "$2" + # We reference the var to set via indirect reference + we explicitly want the flag to be interpreted by shell + # shellcheck disable=SC2229,SC2086 + read -r $sensitive_value_flag "?$1" "$2" else echo "Please use bash or zsh." return 1 @@ -111,7 +111,7 @@ function aws_login() { aws_profile_name="" for acc in $aws_accounts; do curr_aws_account_no=$(tr -dc '[:print:]' <<<"$acc" | cut -f 1 -d'_') - if [ "$curr_aws_account_no" == "$aws_account_no" ]; then + if [ "$curr_aws_account_no" = "$aws_account_no" ]; then aws_profile_name=$(tr -dc '[:print:]' <<<"$acc" | cut -f 2- -d'_') break fi From 9a0ea78da17a983954e0acb04f687af7b8778f52 Mon Sep 17 00:00:00 2001 From: Pascal Frenz <5677521+PascalFrenz@users.noreply.github.com> Date: Wed, 8 May 2024 12:57:20 +0200 Subject: [PATCH 3/5] fix workflow errors --- .config/cspell.json | 3 ++- aws_login.sh | 6 ++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.config/cspell.json b/.config/cspell.json index e3cb58b..3cd7e99 100644 --- a/.config/cspell.json +++ b/.config/cspell.json @@ -55,6 +55,7 @@ "stty", "venv", "vuln", - "curr" + "curr", + "pgrep" ] } diff --git a/aws_login.sh b/aws_login.sh index 2c2ae46..3f79fea 100644 --- a/aws_login.sh +++ b/aws_login.sh @@ -67,16 +67,18 @@ function aws_login() { echo "Did not found your Keepass file or KPScript executable. Please enter your Rackspace credentials." read_input 'Rackspace username: ' rackspace_username - read_input 'Rackspace API key: ' rackspace_api_key hide_input + read_input 'Rackspace API key: ' rackspace_api_key "hide_input" echo "" else # get credentials from Keepass echo "Reading credentials from Keepass: $KEEPASS_FILE. Entry Rackspace (username + api-key field)." - read_input 'Keepass Password: ' keepass_password hide_input + read_input 'Keepass Password: ' keepass_password "hide_input" echo "" + # keepass_password is set via read_input, but indirectly + # shellcheck disable=SC2154 rackspace_username=$($kpscript_executable -c:GetEntryString "${KEEPASS_FILE}" -Field:UserName -ref-Title:"Rackspace" -FailIfNoEntry -pw:"$keepass_password" | head -n1) rackspace_api_key=$($kpscript_executable -c:GetEntryString "${KEEPASS_FILE}" -Field:api-key -ref-Title:"Rackspace" -FailIfNoEntry -pw:"$keepass_password" | head -n1) fi From f6797b3699429e3af8d95142d1526defba7c31c3 Mon Sep 17 00:00:00 2001 From: Pascal Frenz <5677521+PascalFrenz@users.noreply.github.com> Date: Wed, 8 May 2024 13:24:23 +0200 Subject: [PATCH 4/5] fix mac errors --- aws_login.sh | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/aws_login.sh b/aws_login.sh index 3f79fea..9f81c67 100644 --- a/aws_login.sh +++ b/aws_login.sh @@ -107,10 +107,21 @@ function aws_login() { get_aws_accounts_from_rackspace fi - aws_accounts=$(cat "$config_dir/aws_accounts.txt") + # Git Bash does not have pgrep installed + # shellcheck disable=SC2009 + if ps -p $$ | grep bash >/dev/null 2>&1; then + aws_accounts=$(cat "$config_dir/aws_accounts.txt") + elif ps -p $$ | grep zsh >/dev/null 2>&1; then + aws_accounts=("${(@f)$(< "$config_dir/aws_accounts.txt")}") + else + echo "Please use bash or zsh." + return 1 + fi if [ -n "$aws_account_no" ]; then aws_profile_name="" + # false positive because of mixed bash and zsh code + # shellcheck disable=SC2128 for acc in $aws_accounts; do curr_aws_account_no=$(tr -dc '[:print:]' <<<"$acc" | cut -f 1 -d'_') if [ "$curr_aws_account_no" = "$aws_account_no" ]; then @@ -125,6 +136,8 @@ function aws_login() { fi else PS3='Select the AWS account to connect to: ' + # false positive because of mixed bash and zsh code + # shellcheck disable=SC2128 select opt in $aws_accounts; do aws_account_no=$(tr -dc '[:print:]' <<<"$opt" | cut -f 1 -d'_') aws_profile_name=$(tr -dc '[:print:]' <<<"$opt" | cut -f 2- -d'_') From d7711ea204715c411a6187c61b4eced97a8f9bc2 Mon Sep 17 00:00:00 2001 From: Matthias Kay Date: Wed, 8 May 2024 13:27:46 +0200 Subject: [PATCH 5/5] ignore shellcheck for ZSH --- aws_login.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/aws_login.sh b/aws_login.sh index 9f81c67..81c10ff 100644 --- a/aws_login.sh +++ b/aws_login.sh @@ -112,6 +112,8 @@ function aws_login() { if ps -p $$ | grep bash >/dev/null 2>&1; then aws_accounts=$(cat "$config_dir/aws_accounts.txt") elif ps -p $$ | grep zsh >/dev/null 2>&1; then + # this is valid ZSH + # shellcheck disable=SC2296 aws_accounts=("${(@f)$(< "$config_dir/aws_accounts.txt")}") else echo "Please use bash or zsh."