Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add assume_aws_role_arn that uses EC2 instance profile #168

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,11 @@ version numbers.
* `aws_role_arn`: *Optional.* The AWS role ARN to be assumed by the user
identified by `access_key_id` and `secret_access_key`.

* `assume_aws_role_arn`: *Optional.* The AWS role ARN to be assumed using the
Concourse workers EC2 instance credentials. The workers instance role must
have permissions to assume the role. **This is different from the
`aws_role_arn` and takes precedence over it**

* `region_name`: *Optional.* The region the bucket is in. Defaults to
`us-east-1`.

Expand Down
3 changes: 1 addition & 2 deletions check/check_suite_test.go
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
package check_test

import (
"io/ioutil"
"os"
"path/filepath"
"testing"
Expand Down Expand Up @@ -37,7 +36,7 @@ func TestCheck(t *testing.T) {

func Fixture(filename string) string {
path := filepath.Join("fixtures", filename)
contents, err := ioutil.ReadFile(path)
contents, err := os.ReadFile(path)
if err != nil {
panic(err)
}
Expand Down
3 changes: 1 addition & 2 deletions check/command_test.go
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
package check_test

import (
"io/ioutil"
"os"

. "github.com/onsi/ginkgo"
Expand All @@ -25,7 +24,7 @@ var _ = Describe("Check Command", func() {

BeforeEach(func() {
var err error
tmpPath, err = ioutil.TempDir("", "check_command")
tmpPath, err = os.MkdirTemp("", "check_command")
Ω(err).ShouldNot(HaveOccurred())

request = Request{
Expand Down
8 changes: 6 additions & 2 deletions cmd/check/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import (
"encoding/json"
"os"

"github.com/concourse/s3-resource"
s3resource "github.com/concourse/s3-resource"
"github.com/concourse/s3-resource/check"
)

Expand All @@ -16,18 +16,22 @@ func main() {
request.Source.AccessKeyID,
request.Source.SecretAccessKey,
request.Source.SessionToken,
request.Source.AssumeAwsRoleARN,
request.Source.RegionName,
request.Source.Endpoint,
request.Source.DisableSSL,
request.Source.SkipSSLVerification,
)

client := s3resource.NewS3Client(
client, err := s3resource.NewS3Client(
os.Stderr,
awsConfig,
request.Source.UseV2Signing,
request.Source.AwsRoleARN,
)
if err != nil {
s3resource.Fatal("failed to create new S3 client", err)
}

command := check.NewCommand(client)
response, err := command.Run(request)
Expand Down
8 changes: 6 additions & 2 deletions cmd/in/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import (
"strings"

"github.com/aws/aws-sdk-go/aws"
"github.com/concourse/s3-resource"
s3resource "github.com/concourse/s3-resource"
"github.com/concourse/s3-resource/in"
)

Expand All @@ -28,6 +28,7 @@ func main() {
request.Source.AccessKeyID,
request.Source.SecretAccessKey,
request.Source.SessionToken,
request.Source.AssumeAwsRoleARN,
request.Source.RegionName,
request.Source.Endpoint,
request.Source.DisableSSL,
Expand All @@ -50,12 +51,15 @@ func main() {
awsConfig.Endpoint = aws.String(fmt.Sprintf("%s://%s", cloudfrontUrl.Scheme, fqdn))
}

client := s3resource.NewS3Client(
client, err := s3resource.NewS3Client(
os.Stderr,
awsConfig,
request.Source.UseV2Signing,
request.Source.AwsRoleARN,
)
if err != nil {
s3resource.Fatal("failed to create new S3 client", err)
}

command := in.NewCommand(client)

Expand Down
8 changes: 6 additions & 2 deletions cmd/out/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import (
"encoding/json"
"os"

"github.com/concourse/s3-resource"
s3resource "github.com/concourse/s3-resource"
"github.com/concourse/s3-resource/out"
)

Expand All @@ -23,18 +23,22 @@ func main() {
request.Source.AccessKeyID,
request.Source.SecretAccessKey,
request.Source.SessionToken,
request.Source.AssumeAwsRoleARN,
request.Source.RegionName,
request.Source.Endpoint,
request.Source.DisableSSL,
request.Source.SkipSSLVerification,
)

client := s3resource.NewS3Client(
client, err := s3resource.NewS3Client(
os.Stderr,
awsConfig,
request.Source.UseV2Signing,
request.Source.AwsRoleARN,
)
if err != nil {
s3resource.Fatal("failed to create new S3 client", err)
}

command := out.NewCommand(os.Stderr, client)
response, err := command.Run(sourceDir, request)
Expand Down
11 changes: 5 additions & 6 deletions in/command.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,12 @@ import (
"encoding/base64"
"errors"
"fmt"
"io/ioutil"
"os"
"path"
"path/filepath"
"strconv"

"github.com/concourse/s3-resource"
s3resource "github.com/concourse/s3-resource"
"github.com/concourse/s3-resource/versions"
)

Expand Down Expand Up @@ -179,11 +178,11 @@ func (command *Command) Run(destinationDir string, request Request) (Response, e
}

func (command *Command) writeURLFile(destDir string, url string) error {
return ioutil.WriteFile(filepath.Join(destDir, "url"), []byte(url), 0644)
return os.WriteFile(filepath.Join(destDir, "url"), []byte(url), 0644)
}

func (command *Command) writeVersionFile(versionNumber string, destDir string) error {
return ioutil.WriteFile(filepath.Join(destDir, "version"), []byte(versionNumber), 0644)
return os.WriteFile(filepath.Join(destDir, "version"), []byte(versionNumber), 0644)
}

func (command *Command) downloadFile(bucketName string, remotePath string, versionID string, destinationDir string, destinationFile string) error {
Expand All @@ -209,7 +208,7 @@ func (command *Command) downloadTags(bucketName string, remotePath string, versi
}

func (command *Command) createInitialFile(destDir string, destFile string, data []byte) error {
return ioutil.WriteFile(filepath.Join(destDir, destFile), []byte(data), 0644)
return os.WriteFile(filepath.Join(destDir, destFile), []byte(data), 0644)
}

func (command *Command) metadata(remotePath string, private bool, url string) []s3resource.MetadataPair {
Expand Down Expand Up @@ -241,7 +240,7 @@ func extractArchive(mime, filename string) error {
}

if mime == "application/gzip" || mime == "application/x-gzip" {
fileInfos, err := ioutil.ReadDir(destDir)
fileInfos, err := os.ReadDir(destDir)
if err != nil {
return fmt.Errorf("failed to read dir: %s", err)
}
Expand Down
45 changes: 22 additions & 23 deletions in/command_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ import (
"archive/zip"
"compress/gzip"
"io"
"io/ioutil"
"log"
"os"
"path"
Expand All @@ -15,7 +14,7 @@ import (
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"

"github.com/concourse/s3-resource"
s3resource "github.com/concourse/s3-resource"
. "github.com/concourse/s3-resource/in"

"github.com/concourse/s3-resource/fakes"
Expand All @@ -34,7 +33,7 @@ var _ = Describe("In Command", func() {

BeforeEach(func() {
var err error
tmpPath, err = ioutil.TempDir("", "in_command")
tmpPath, err = os.MkdirTemp("", "in_command")
Ω(err).ShouldNot(HaveOccurred())

destDir = filepath.Join(tmpPath, "destination")
Expand Down Expand Up @@ -154,7 +153,7 @@ var _ = Describe("In Command", func() {
Ω(err).ShouldNot(HaveOccurred())

Ω(urlPath).Should(ExistOnFilesystem())
contents, err := ioutil.ReadFile(urlPath)
contents, err := os.ReadFile(urlPath)
Ω(err).ShouldNot(HaveOccurred())
Ω(string(contents)).Should(Equal("http://google.com"))

Expand All @@ -178,7 +177,7 @@ var _ = Describe("In Command", func() {
Ω(err).ShouldNot(HaveOccurred())

Ω(urlPath).Should(ExistOnFilesystem())
contents, err := ioutil.ReadFile(urlPath)
contents, err := os.ReadFile(urlPath)
Ω(err).ShouldNot(HaveOccurred())
Ω(string(contents)).Should(Equal("http://google.com"))

Expand All @@ -199,7 +198,7 @@ var _ = Describe("In Command", func() {
Ω(err).ShouldNot(HaveOccurred())

Ω(versionFile).Should(ExistOnFilesystem())
contents, err := ioutil.ReadFile(versionFile)
contents, err := os.ReadFile(versionFile)
Ω(err).ShouldNot(HaveOccurred())
Ω(string(contents)).Should(Equal("1.3"))
})
Expand Down Expand Up @@ -262,7 +261,7 @@ var _ = Describe("In Command", func() {
s3client.DownloadFileStub = func(bucketName string, remotePath string, versionID string, localPath string) error {
src := filepath.Join(tmpPath, "some-file")

err := ioutil.WriteFile(src, []byte("some-contents"), os.ModePerm)
err := os.WriteFile(src, []byte("some-contents"), os.ModePerm)
Expect(err).NotTo(HaveOccurred())

err = createTarball([]string{src}, tmpPath, localPath)
Expand All @@ -279,7 +278,7 @@ var _ = Describe("In Command", func() {
_, err := command.Run(destDir, request)
Expect(err).NotTo(HaveOccurred())

bs, err := ioutil.ReadFile(filepath.Join(destDir, "some-file"))
bs, err := os.ReadFile(filepath.Join(destDir, "some-file"))
Expect(err).NotTo(HaveOccurred())

Expect(bs).To(Equal([]byte("some-contents")))
Expand All @@ -289,10 +288,10 @@ var _ = Describe("In Command", func() {
Context("when the file is a zip", func() {
BeforeEach(func() {
s3client.DownloadFileStub = func(bucketName string, remotePath string, versionID string, localPath string) error {
inDir, err := ioutil.TempDir(tmpPath, "zip-dir")
inDir, err := os.MkdirTemp(tmpPath, "zip-dir")
Expect(err).NotTo(HaveOccurred())

err = ioutil.WriteFile(path.Join(inDir, "some-file"), []byte("some-contents"), os.ModePerm)
err = os.WriteFile(path.Join(inDir, "some-file"), []byte("some-contents"), os.ModePerm)
Expect(err).NotTo(HaveOccurred())

err = zipit(path.Join(inDir, "/"), localPath, "")
Expand All @@ -306,7 +305,7 @@ var _ = Describe("In Command", func() {
_, err := command.Run(destDir, request)
Expect(err).NotTo(HaveOccurred())

bs, err := ioutil.ReadFile(filepath.Join(destDir, "some-file"))
bs, err := os.ReadFile(filepath.Join(destDir, "some-file"))
Expect(err).NotTo(HaveOccurred())

Expect(bs).To(Equal([]byte("some-contents")))
Expand Down Expand Up @@ -338,7 +337,7 @@ var _ = Describe("In Command", func() {
_, err := command.Run(destDir, request)
Expect(err).NotTo(HaveOccurred())

bs, err := ioutil.ReadFile(filepath.Join(destDir, "a-file-1.3"))
bs, err := os.ReadFile(filepath.Join(destDir, "a-file-1.3"))
Expect(err).NotTo(HaveOccurred())

Expect(string(bs)).To(Equal("some-contents"))
Expand All @@ -356,12 +355,12 @@ var _ = Describe("In Command", func() {

someFile1 := filepath.Join(tmpPath, "some-dir", "some-file")

err = ioutil.WriteFile(someFile1, []byte("some-contents"), os.ModePerm)
err = os.WriteFile(someFile1, []byte("some-contents"), os.ModePerm)
Expect(err).NotTo(HaveOccurred())

someFile2 := filepath.Join(tmpPath, "some-file")

err = ioutil.WriteFile(someFile2, []byte("some-other-contents"), os.ModePerm)
err = os.WriteFile(someFile2, []byte("some-other-contents"), os.ModePerm)
Expect(err).NotTo(HaveOccurred())

tarPath := filepath.Join(tmpPath, "some-tar")
Expand Down Expand Up @@ -395,11 +394,11 @@ var _ = Describe("In Command", func() {

Expect(filepath.Join(destDir, "some-dir", "some-file")).To(BeARegularFile())

bs, err := ioutil.ReadFile(filepath.Join(destDir, "some-dir", "some-file"))
bs, err := os.ReadFile(filepath.Join(destDir, "some-dir", "some-file"))
Expect(err).NotTo(HaveOccurred())
Expect(bs).To(Equal([]byte("some-contents")))

bs, err = ioutil.ReadFile(filepath.Join(destDir, "some-file"))
bs, err = os.ReadFile(filepath.Join(destDir, "some-file"))
Expect(err).NotTo(HaveOccurred())
Expect(bs).To(Equal([]byte("some-other-contents")))
})
Expand All @@ -408,7 +407,7 @@ var _ = Describe("In Command", func() {
Context("when the file is not an archive", func() {
BeforeEach(func() {
s3client.DownloadFileStub = func(bucketName string, remotePath string, versionID string, localPath string) error {
err := ioutil.WriteFile(localPath, []byte("some-contents"), os.ModePerm)
err := os.WriteFile(localPath, []byte("some-contents"), os.ModePerm)
Expect(err).NotTo(HaveOccurred())

return nil
Expand Down Expand Up @@ -438,7 +437,7 @@ var _ = Describe("In Command", func() {

contentFile := filepath.Join(destDir, initialFilename)
Ω(contentFile).Should(BeARegularFile())
contents, err := ioutil.ReadFile(contentFile)
contents, err := os.ReadFile(contentFile)
Ω(err).ShouldNot(HaveOccurred())
Ω(string(contents)).Should(Equal(request.Source.InitialContentText))
})
Expand All @@ -454,7 +453,7 @@ var _ = Describe("In Command", func() {

contentFile := filepath.Join(destDir, initialFilename)
Ω(contentFile).Should(BeARegularFile())
contents, err := ioutil.ReadFile(contentFile)
contents, err := os.ReadFile(contentFile)
Ω(err).ShouldNot(HaveOccurred())
Ω(string(contents)).Should(Equal("the hard questions are hard 🙈"))
})
Expand Down Expand Up @@ -496,7 +495,7 @@ var _ = Describe("In Command", func() {

contentFile := filepath.Join(destDir, initialFilename)
Ω(contentFile).Should(BeARegularFile())
contents, err := ioutil.ReadFile(contentFile)
contents, err := os.ReadFile(contentFile)
Ω(err).ShouldNot(HaveOccurred())
Ω(string(contents)).Should(Equal(request.Source.InitialContentText))
})
Expand All @@ -519,7 +518,7 @@ var _ = Describe("In Command", func() {

contentFile := filepath.Join(destDir, filename)
Ω(contentFile).Should(BeARegularFile())
contents, err := ioutil.ReadFile(contentFile)
contents, err := os.ReadFile(contentFile)
Ω(err).ShouldNot(HaveOccurred())
Ω(string(contents)).Should(Equal(request.Source.InitialContentText))
})
Expand All @@ -535,7 +534,7 @@ var _ = Describe("In Command", func() {

contentFile := filepath.Join(destDir, filename)
Ω(contentFile).Should(BeARegularFile())
contents, err := ioutil.ReadFile(contentFile)
contents, err := os.ReadFile(contentFile)
Ω(err).ShouldNot(HaveOccurred())
Ω(string(contents)).Should(Equal("the hard questions are hard 🙈"))
})
Expand Down Expand Up @@ -577,7 +576,7 @@ var _ = Describe("In Command", func() {

contentFile := filepath.Join(destDir, filename)
Ω(contentFile).Should(BeARegularFile())
contents, err := ioutil.ReadFile(contentFile)
contents, err := os.ReadFile(contentFile)
Ω(err).ShouldNot(HaveOccurred())
Ω(string(contents)).Should(Equal(request.Source.InitialContentText))
})
Expand Down
Loading