def test_format_aws_credentials_with_prefix(self):
credentials = {"AWS_ACCESS_KEY_ID": "testAccessKey"}
self.assertEqual(cli.format_aws_credentials(credentials),
"AWS_ACCESS_KEY_ID='testAccessKey'")
self.assertEqual(cli.format_aws_credentials(credentials, prefix='export '),
"export AWS_ACCESS_KEY_ID='testAccessKey'")
self.assertEqual(cli.format_aws_credentials(credentials, prefix='set '),
"set AWS_ACCESS_KEY_ID='testAccessKey'")
def main():
"""Main function for script execution"""
arguments = docopt(__doc__)
if arguments['--debug']:
global DEBUG
DEBUG = True
debug(arguments)
try:
config = load_config()
except Exception as exc:
error("Failed to load configuration: %s" % exc)
api_url = arguments['--api-url'] or config.get('api_url') or \
'https://{fqdn}/afp-api/latest'.format(fqdn=get_default_afp_server())
username = arguments['--user'] or config.get("user") or getpass.getuser()
password = '******' if arguments['--no-ask-pw'] else get_password(username)
federation_client = AWSFederationClientCmd(api_url=api_url,
username=username,
password=password)
if arguments['<accountname>']:
account = arguments['<accountname>']
role = arguments['<rolename>'] or get_first_role(federation_client, account)
aws_credentials = get_aws_credentials(federation_client, account, role)
if arguments['--show']:
print(cli.format_aws_credentials(aws_credentials))
elif arguments['--export']:
if os.name == "nt":
print(cli.format_aws_credentials(aws_credentials, prefix='set '))
else:
print(cli.format_aws_credentials(aws_credentials, prefix='export '))
elif arguments['--write']:
aws_credentials_file.write(aws_credentials)
else:
print("Entering AFP subshell for account {0}, role {1}.".format(
account, role))
try:
if os.name == "nt":
start_subcmd(aws_credentials=aws_credentials, role=role, account=account)
else:
start_subshell(aws_credentials=aws_credentials, role=role, account=account)
except Exception as exc:
error("Failed to start subshell: %s" % exc)
else:
try:
print(cli.format_account_and_role_list(federation_client.get_account_and_role_list()))
except Exception as exc:
error("Failed to get account list from AWS: %s" % exc)
def start_subcmd(aws_credentials, role, account):
batch_file = tempfile.NamedTemporaryFile(suffix=".bat", delete=False)
batch_file.write(BATCH_FILE_TEMPLATE.format(role=role, account=account))
batch_file.write(cli.format_aws_credentials(aws_credentials, prefix='set '))
batch_file.flush()
batch_file.close()
subprocess.call(
["cmd", "/K", batch_file.name])
print("Left AFP subcmd.")
os.unlink(batch_file.name)
def start_subshell(aws_credentials, role, account):
print("Press CTRL+D to exit.")
rc_script = tempfile.NamedTemporaryFile(mode='w')
rc_script.write(RC_SCRIPT_TEMPLATE.format(role=role, account=account,
valid_seconds=aws_credentials['AWS_VALID_SECONDS']))
rc_script.write(cli.format_aws_credentials(aws_credentials, prefix='export '))
rc_script.flush()
subprocess.call(
["bash", "--rcfile", rc_script.name],
stdout=sys.stdout, stderr=sys.stderr, stdin=sys.stdin)
print("Left AFP subshell.")
def test_format_aws_credentials_multline(self):
input_ = {"AWS_ACCESS_KEY_ID": "testAccessKey",
"AWS_SECRET_ACCESS_KEY": "not so secret"}
self.assertEqual(cli.format_aws_credentials(input_),
"AWS_ACCESS_KEY_ID='testAccessKey'\nAWS_SECRET_ACCESS_KEY='not so secret'")
