Skip to content

Commit

Permalink
Make IAM role configurable via flags
Browse files Browse the repository at this point in the history
  • Loading branch information
Tom Withers committed Jun 19, 2020
1 parent 22a1886 commit e607f1d
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 12 deletions.
6 changes: 6 additions & 0 deletions .idea/vcs.xml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

34 changes: 22 additions & 12 deletions main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,42 +16,52 @@ import (

func main() {
flag.Usage = func() {
fmt.Println("Usage: tf-workspace-cleanup -put <workspace>")
fmt.Println("Usage: tf-workspace-cleanup -expired-workspaces true")
fmt.Println("Usage: tf-workspace-cleanup -put=<workspace>")
fmt.Println("Usage: tf-workspace-cleanup -expired-workspaces=true")
fmt.Println("Usage: tf-workspace-cleanup -put=<workspace> -aws-account-id=12345678 -aws-iam-role=sirius-ci")
flag.PrintDefaults()
}
var workspaceName string
var expiredWorkspaces bool
var awsAccountId string
var awsIAMRoleName string

flag.StringVar(&workspaceName, "put", "", "workspace to register for deletion at later time")
flag.StringVar(&awsAccountId, "aws-account-id", "", "Account ID for IAM Role")
flag.StringVar(&awsIAMRoleName, "aws-iam-role", "", "AWS IAM Role Name ")
flag.BoolVar(&expiredWorkspaces, "expired-workspaces", false, "get list of expired workspaces for deletion")
flag.Parse()

if awsAccountId == "" {
fmt.Println("Error: You have not provided an AWS Account ID")
flag.Usage()
}

if awsIAMRoleName == "" {
fmt.Println("Error: You have not provided an AWS IAM Role Name")
flag.Usage()
}

if workspaceName == "" {
fmt.Println("Error: Workspace not passed")
flag.Usage()
} else {
PutWorkspace(&workspaceName)
PutWorkspace(&workspaceName, &awsAccountId, &awsIAMRoleName)
}

if expiredWorkspaces {
GetExpiredWorkspaces()
}
}

func PutWorkspace(w *string) {
func PutWorkspace(workspace *string, accountId *string, iamRoleName *string) {

sess, err := session.NewSession()
if err != nil {
log.Fatalln(err)
}
RoleArn := ""
// TODO - Allow AWS Account ID and Role name to be passed in via cli flag
if len(os.Getenv("CI")) > 0 {
RoleArn = "arn:aws:iam::288342028542:role/sirius-ci"
} else {
RoleArn = "arn:aws:iam::288342028542:role/operator"
}

RoleArn := "arn:aws:iam::" + *accountId + ":role/" + *iamRoleName

creds := stscreds.NewCredentials(sess, RoleArn)
awsConfig := aws.Config{Credentials: creds, Region: aws.String("eu-west-1")}
Expand All @@ -64,7 +74,7 @@ func PutWorkspace(w *string) {
}

item := Workspace{
WorkspaceName: *w,
WorkspaceName: *workspace,
ExpiresTTL: time.Now().AddDate(0, 0, 1).Unix(),
}

Expand Down

0 comments on commit e607f1d

Please sign in to comment.