diff --git a/go.mod b/go.mod index 516bad3..a551d60 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( github.com/franela/goblin v0.0.0-20170111051028-2fa789fd0c6b github.com/go-ini/ini v1.21.1 github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7 - github.com/joho/godotenv v0.0.0-20150907010228-4ed13390c0ac + github.com/joho/godotenv v1.3.0 github.com/urfave/cli v0.0.0-20161006035353-55f715e28c46 golang.org/x/sys v0.0.0-20161006025142-8d1157a43547 ) diff --git a/go.sum b/go.sum index 36769c9..c79449a 100644 --- a/go.sum +++ b/go.sum @@ -10,6 +10,8 @@ github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7 h1:SMvOWPJCES github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/joho/godotenv v0.0.0-20150907010228-4ed13390c0ac h1:wF2VgtpbaLqhBHV9FxVWzgzgv8VcCjZ66Bl/+F6cpT0= github.com/joho/godotenv v0.0.0-20150907010228-4ed13390c0ac/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= +github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc= +github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= github.com/urfave/cli v0.0.0-20161006035353-55f715e28c46 h1:EztUvugq7AA7F3lYLmtFQyvKdcY5pisPt10DqPjRCL8= github.com/urfave/cli v0.0.0-20161006035353-55f715e28c46/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= golang.org/x/sys v0.0.0-20161006025142-8d1157a43547/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= diff --git a/main.go b/main.go index 7f230b0..7778723 100644 --- a/main.go +++ b/main.go @@ -35,8 +35,9 @@ func main() { EnvVar: "PLUGIN_CA_CERT", }, cli.StringFlag{ - Name: "env-file", - Usage: "source env file", + Name: "env_file", + Usage: "pass filename to source it and load variables into current shell", + EnvVar: "PLUGIN_ENV_FILE", }, cli.StringFlag{ Name: "init_options", @@ -125,8 +126,8 @@ func run(c *cli.Context) error { "Revision": revision, }).Info("Drone Terraform Plugin Version") - if c.String("env-file") != "" { - _ = godotenv.Load(c.String("env-file")) + if c.String("env_file") != "" { + _ = godotenv.Load(c.String("env_file")) } var vars map[string]string diff --git a/plugin.go b/plugin.go index 07dfaa0..66a36ca 100644 --- a/plugin.go +++ b/plugin.go @@ -77,7 +77,7 @@ func (p Plugin) Exec() error { } } - if p.Config.RoleARN != "" { + if p.Config.RoleARN != "" && !credsSet() { assumeRole(p.Config.RoleARN) } @@ -169,6 +169,16 @@ func CopyTfEnv() { } } +func credsSet() bool { + awsTokens := []string{"AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY", "AWS_SESSION_TOKEN"} + for _, token := range awsTokens { + if os.Getenv(token) == "" { + return false + } + } + return true +} + func assumeRole(roleArn string) { client := sts.New(session.New()) duration := time.Hour * 1 diff --git a/plugin_test.go b/plugin_test.go index a131f11..23487a9 100644 --- a/plugin_test.go +++ b/plugin_test.go @@ -27,6 +27,44 @@ func TestPlugin(t *testing.T) { }) }) + g.Describe("credsSet", func() { + tests := []struct { + name string + args map[string]string + want bool + }{ + { + "Should return true when all credentials were set", + map[string]string{"AWS_ACCESS_KEY_ID": "x", "AWS_SECRET_ACCESS_KEY": "x", "AWS_SESSION_TOKEN": "x"}, + true, + }, + { + "Should return false when access key id is missing", + map[string]string{"AWS_SECRET_ACCESS_KEY": "x", "AWS_SESSION_TOKEN": "x"}, + false, + }, + { + "Should return false when secret access key is missing", + map[string]string{"AWS_ACCESS_KEY_ID": "x", "AWS_SESSION_TOKEN": "x"}, + false, + }, + { + "Should return false when session token is missing", + map[string]string{"AWS_ACCESS_KEY_ID": "x", "AWS_SECRET_ACCESS_KEY": "x"}, + false, + }, + } + + for _, tt := range tests { + g.It(tt.name, func() { + for k, v := range tt.args { + os.Setenv(k, v) + } + g.Assert(credsSet()).Equal(tt.want) + }) + } + }) + g.Describe("tfApply", func() { g.It("Should return correct apply commands given the arguments", func() { type args struct {