macOS Support (#40) (#41)

## New features

- Automatic HTTPS prefix on Okta Domain during Okta Setup
- Automatic copy RDS pwd to clipboard (#36)
- MacOS Support  (#35)
- New Open Logs Command (#39)

## Bug Fixes

- Error: Unable to assume AWS role bug (#29)
- Error message for incorrect configuration is not a user-friendly bug
(#38)
- Unable to retrieve OKTA apps automatically bug (#37)
- Improves Push MFA, challenge message

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,45 +1,49 @@
 ---
 name: Bug report
 about: Create a report to help us improve
-title: "[BUG]"
+title: "Brief description"
 labels: bug
-assignees: vgmello-ellosoft
+assignees: vgmello
 
 ---
 
-**Describe the Bug**
+## Describe the Bug
 
-A clear and concise description of what the bug is.
+Description of the bug is.
 
-**Expected Behavior**
+## Expected Behavior
 
-A clear and concise description of what you expected to happen.
+Add the expected behavior.
 
-**Screenshots**
+## Screenshots
 
 If applicable, add screenshots to help explain your problem.
 
-**Environment (please complete the following information):**
+## Environment (please complete the following information):
 
--   OS: [e.g. Windows, macOS, Linux]
--   aws-cred-mgr Version: [e.g. 1.0.0] (use `aws-cred-mgr --version`)
+```
+OS: [e.g. Windows, macOS, Linux]
+aws-cred-mgr Version: [e.g. 1.0.0] (use `aws-cred-mgr --version`)
+
+etc...
+```
 
-**To Reproduce**
+## To Reproduce
 
 ```sh
 # Provide the exact command(s) run when the issue occurred
 # (please exclude any sensitive information).
 ```
 
-**Configuration File**
+## Configuration File
 
-Please include the configuration file (WITHOUT any sensitive data) that relates to the issue.
+Include the configuration file (WITHOUT any sensitive data) that relates to the issue, if applicable.
 
 ```yaml
 # Your configuration here
 ```
 
-**Log**
+## Log
 
 Include the exception from the `~\.aws_cred_mgr\aws-cred-mgr.log` if applicable (please make sure there is no sensitive data in the exception).
 

.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,17 +1,17 @@
 ---
 name: Feature request
 about: Suggest an idea for this project
-title: "[FEATURE]"
+title: "Feature name"
 labels: enhancement
-assignees: vgmello-ellosoft
+assignees: vgmello
 
 ---
 
-**Is your feature request related to a problem? Please describe.**
-A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+## Is your feature request related to a problem? Please describe.
+Describe the problem.
 
-**Describe the solution you'd like**
-A clear and concise description of what you want to happen.
+## Describe the solution you'd like
+Describe the solution, how you'd like to see it implemented.
 
-**Additional context**
+## Additional context
 Add any other context or screenshots about the feature request here.

.github/workflows/build.yml

@@ -1,12 +1,13 @@
-name: .NET
+name: .NET Build & Test Workflow
 on:
   push:
     branches: ["main", "develop"]
   pull_request:
     branches: ["main", "develop"]
 jobs:
   build:
-    runs-on: ubuntu-latest
+    name: MacOS Build
+    runs-on: macos-latest
     steps:
       - uses: actions/checkout@v4
       - name: Setup .NET

.github/workflows/release.yml

@@ -1,31 +1,121 @@
-name: .NET Release
+name: .NET Release Workflow
 on:
   push:
     tags:
       - "*"
+permissions:
+  id-token: write
+  contents: write
+  attestations: write
 jobs:
-  build:
-    runs-on: ubuntu-latest
+  release:
+    name: Build & Release
+    runs-on: macos-latest
     steps:
       - uses: actions/checkout@v4
       - name: Setup .NET
         uses: actions/setup-dotnet@v4
         with:
           dotnet-version: 8.0.x
+
       - name: Restore dependencies
         run: dotnet restore
-      - name: Build & Publish
-        run: dotnet publish src/Ellosoft.AwsCredentialsManager/Ellosoft.AwsCredentialsManager.csproj -c Release -p:Version=${{ github.ref_name }} -r win-x64 -o win-output
-      - name: Zip Output
-        uses: thedoctor0/zip-release@0.7.6
+
+      - name: Build & Publish Windows
+        run: |
+          dotnet publish src/Ellosoft.AwsCredentialsManager/Ellosoft.AwsCredentialsManager.csproj -c Release -p:Version=${{ github.ref_name }} \
+          -r win-x64 -o output-win
+
+      - name: Build & Publish MacOS x64
+        run: |
+          dotnet publish src/Ellosoft.AwsCredentialsManager/Ellosoft.AwsCredentialsManager.csproj -c Release -p:Version=${{ github.ref_name }} \
+          -r osx-x64 -o output-osx
+
+      - name: Build & Publish MacOS ARM
+        run: |
+          dotnet publish src/Ellosoft.AwsCredentialsManager/Ellosoft.AwsCredentialsManager.csproj -c Release -p:Version=${{ github.ref_name }} \
+          -r osx-arm64 -o output-osxarm
+
+      # Start - Temporary steps to enable the migration of zip to binary
+
+      - name: Zip Windows Output
+        run: |
+          cd output-win
+          zip aws-cred-mgr-win-x64.zip aws-cred-mgr.exe
+
+      # End - Temporary steps to enable the migration of zip to binary
+
+      - name: Rename Executables
+        run: |
+          mv output-win/aws-cred-mgr.exe output-win/aws-cred-mgr-win-x64.exe
+          mv output-osx/aws-cred-mgr output-osx/aws-cred-mgr-osx-x64
+          mv output-osxarm/aws-cred-mgr output-osxarm/aws-cred-mgr-osx-arm64
+
+      - name: Import Apple Certificate and Key
+        env:
+          BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
+          P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
+          KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
+        run: |
+          # create variables
+          CERTIFICATE_PATH=$RUNNER_TEMP/certificate.p12
+          KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
+
+          # import certificate and provisioning profile from secrets
+          echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
+
+          # create temporary keychain
+          security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
+          security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
+          security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
+
+          # import certificate to keychain
+          security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
+          security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
+          security list-keychain -d user -s $KEYCHAIN_PATH
+
+      - name: Sign MacOS Binaries
+        env:
+          APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
+        run: |
+          codesign --force -v --timestamp --options runtime --no-strict --prefix com.ellosoft. --sign "Developer ID Application: Ellosoft Limited ($APPLE_TEAM_ID)" --entitlements ./Ellosoft.AwsCredentialsManager.entitlements ./output-osxarm/aws-cred-mgr-osx-arm64
+          codesign --force -v --timestamp --options runtime --no-strict --prefix com.ellosoft. --sign "Developer ID Application: Ellosoft Limited ($APPLE_TEAM_ID)" --entitlements ./Ellosoft.AwsCredentialsManager.entitlements ./output-osx/aws-cred-mgr-osx-x64
+
+      - name: Notarize MacOS ARM Binaries
+        env:
+          APPLE_DEV_ID: ${{ secrets.APPLE_DEV_ID }}
+          APPLE_DEV_PASSWORD: ${{ secrets.APPLE_DEV_PASSWORD }}
+          APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
+        run: |
+          cd output-osxarm
+          zip aws-cred-mgr-osx-arm64.zip aws-cred-mgr-osx-arm64
+          xcrun notarytool submit aws-cred-mgr-osx-arm64.zip --apple-id $APPLE_DEV_ID --password $APPLE_DEV_PASSWORD --team-id $APPLE_TEAM_ID --wait
+
+      - name: Notarize MacOS x64 Binaries
+        env:
+          APPLE_DEV_ID: ${{ secrets.APPLE_DEV_ID }}
+          APPLE_DEV_PASSWORD: ${{ secrets.APPLE_DEV_PASSWORD }}
+          APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
+        run: |
+          cd output-osx
+          zip aws-cred-mgr-osx-x64.zip aws-cred-mgr-osx-x64
+          xcrun notarytool submit aws-cred-mgr-osx-x64.zip --apple-id $APPLE_DEV_ID --password $APPLE_DEV_PASSWORD --team-id $APPLE_TEAM_ID --wait
+
+      - name: Generate artifact attestation
+        uses: actions/attest-build-provenance@v1
         with:
-          type: "zip"
-          directory: win-output/
-          path: aws-cred-mgr.exe
-          filename: aws-cred-mgr-${{ github.ref_name }}-win-x64.zip
+          subject-path: |
+            output-win/aws-cred-mgr-win-x64.exe
+            output-osx/aws-cred-mgr-osx-x64
+            output-osxarm/aws-cred-mgr-osx-arm64
+
       - name: Create Release
         uses: softprops/action-gh-release@v2
         with:
           generate_release_notes: true
           prerelease: ${{ contains(github.ref_name, 'beta') }}
-          files: win-output/aws-cred-mgr-${{ github.ref_name }}-win-x64.zip
+          files: |
+            output-win/aws-cred-mgr-win-x64.zip
+            output-win/aws-cred-mgr-win-x64.exe
+            output-osxarm/aws-cred-mgr-osx-arm64
+            output-osx/aws-cred-mgr-osx-x64

.gitignore

@@ -396,3 +396,6 @@ FodyWeavers.xsd
 
 # JetBrains Rider
 *.sln.iml
+
+#Output folder for release
+output-*/*

.vscode/launch.json

@@ -4,5 +4,26 @@
     // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
     "version": "0.2.0",
     "configurations": [
+        {
+            // Use IntelliSense to find out which attributes exist for C# debugging
+            // Use hover for the description of the existing attributes
+            // For further information visit https://github.com/dotnet/vscode-csharp/blob/main/debugger-launchjson.md
+            "name": ".NET Core Launch (console)",
+            "type": "coreclr",
+            "request": "launch",
+            "preLaunchTask": "build",
+            // If you have changed target frameworks, make sure to update the program path.
+            "program": "${workspaceFolder}/src/Ellosoft.AwsCredentialsManager/bin/Debug/net8.0/osx-arm64/aws-cred-mgr.dll",
+            "args": [],
+            "cwd": "${workspaceFolder}/src/Ellosoft.AwsCredentialsManager",
+            // For more information about the 'console' field, see https://aka.ms/VSCode-CS-LaunchJson-Console
+            "console": "internalConsole",
+            "stopAtEntry": false
+        },
+        {
+            "name": ".NET Core Attach",
+            "type": "coreclr",
+            "request": "attach"
+        }
     ]
 }

.vscode/tasks.json

@@ -10,6 +10,42 @@
 			},
 			"problemMatcher": [],
 			"label": "dotnet: build"
-		}
+        },
+        {
+            "label": "build",
+            "command": "dotnet",
+            "type": "process",
+            "args": [
+                "build",
+                "${workspaceFolder}/Ellosoft.AwsCredentialsManager.sln",
+                "/property:GenerateFullPaths=true",
+                "/consoleloggerparameters:NoSummary;ForceNoAlign"
+            ],
+            "problemMatcher": "$msCompile"
+        },
+        {
+            "label": "publish",
+            "command": "dotnet",
+            "type": "process",
+            "args": [
+                "publish",
+                "${workspaceFolder}/Ellosoft.AwsCredentialsManager.sln",
+                "/property:GenerateFullPaths=true",
+                "/consoleloggerparameters:NoSummary;ForceNoAlign"
+            ],
+            "problemMatcher": "$msCompile"
+        },
+        {
+            "label": "watch",
+            "command": "dotnet",
+            "type": "process",
+            "args": [
+                "watch",
+                "run",
+                "--project",
+                "${workspaceFolder}/Ellosoft.AwsCredentialsManager.sln"
+            ],
+            "problemMatcher": "$msCompile"
+        }
 	]
 }

Directory.Build.props

@@ -1,9 +1,11 @@
 <Project>
     <PropertyGroup>
-        <LangVersion>latest</LangVersion>
         <Nullable>enable</Nullable>
         <ImplicitUsings>enable</ImplicitUsings>
+        <EnableNETAnalyzers>true</EnableNETAnalyzers>
+        <EnforceCodeStyleInBuild>true</EnforceCodeStyleInBuild>
         <CodeAnalysisRuleSet>..\..\ellosoft.ruleset</CodeAnalysisRuleSet>
+        <NoWarn>$(NoWarn);CS1591</NoWarn>
     </PropertyGroup>
 
     <ItemGroup>
@@ -13,4 +15,9 @@
         </PackageReference>
     </ItemGroup>
 
+    <PropertyGroup Condition="'$(MSBuildRuntimeType)' == 'Core'">
+        <DefineConstants Condition="'$([System.OperatingSystem]::IsMacOs())' == 'true'">$(DefineConstants);MACOS</DefineConstants>
+        <DefineConstants Condition="'$([System.OperatingSystem]::IsWindows())' == 'true'">$(DefineConstants);WINDOWS</DefineConstants>
+    </PropertyGroup>
+
 </Project>

Ellosoft.AwsCredentialsManager.entitlements

@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+    <dict>
+        <key>com.apple.security.cs.allow-jit</key>
+        <true/>
+        <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
+        <true/>
+        <key>com.apple.security.cs.allow-dyld-environment-variables</key>
+        <true/>
+        <key>com.apple.security.cs.disable-library-validation</key>
+        <true/>
+    </dict>
+</plist>

Ellosoft.AwsCredentialsManager.sln

@@ -18,6 +18,12 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Ellosoft.AwsCredentialsManager.Tests", "test\Ellosoft.AwsCredentialsManager.Tests\Ellosoft.AwsCredentialsManager.Tests.csproj", "{17AC9083-C7C0-4315-82E9-E51913C88702}"
 EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Configs", "Configs", "{BE5D4D7F-D3F1-4A43-A88E-1EB889C697EE}"
+	ProjectSection(SolutionItems) = preProject
+		config\sample-config.toml = config\sample-config.toml
+		config\sample-config.yml = config\sample-config.yml
+	EndProjectSection
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -39,4 +45,7 @@ Global
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {49500883-1CA1-4B19-9746-91C708E418AC}
 	EndGlobalSection
+	GlobalSection(NestedProjects) = preSolution
+		{BE5D4D7F-D3F1-4A43-A88E-1EB889C697EE} = {EF1AF96A-3E6B-41D7-868D-80D55107BF04}
+	EndGlobalSection
 EndGlobal

Ellosoft.AwsCredentialsManager.sln.DotSettings

@@ -2,6 +2,7 @@
 	<s:String x:Key="/Default/CodeInspection/Highlighting/InspectionSeverities/=ClassNeverInstantiated_002EGlobal/@EntryIndexedValue">DO_NOT_SHOW</s:String>
 	<s:String x:Key="/Default/CodeInspection/Highlighting/InspectionSeverities/=RedundantNullableFlowAttribute/@EntryIndexedValue">HINT</s:String>
 	<s:String x:Key="/Default/CodeInspection/Highlighting/InspectionSeverities/=RedundantTypeDeclarationBody/@EntryIndexedValue">DO_NOT_SHOW</s:String>
+	<s:String x:Key="/Default/CodeInspection/Highlighting/InspectionSeverities/=UnusedAutoPropertyAccessor_002EGlobal/@EntryIndexedValue">HINT</s:String>
 	<s:String x:Key="/Default/CodeStyle/Naming/CSharpNaming/UserRules/=236f7aa5_002D7b06_002D43ca_002Dbf2a_002D9b31bfcff09a/@EntryIndexedValue">&lt;Policy&gt;&lt;Descriptor Staticness="Any" AccessRightKinds="Private" Description="Constant fields (private)"&gt;&lt;ElementKinds&gt;&lt;Kind Name="CONSTANT_FIELD" /&gt;&lt;/ElementKinds&gt;&lt;/Descriptor&gt;&lt;Policy Inspect="True" Prefix="" Suffix="" Style="AA_BB" /&gt;&lt;/Policy&gt;</s:String>
 	<s:String x:Key="/Default/CodeStyle/Naming/CSharpNaming/UserRules/=a4f433b8_002Dabcd_002D4e55_002Da08f_002D82e78cef0f0c/@EntryIndexedValue">&lt;Policy&gt;&lt;Descriptor Staticness="Any" AccessRightKinds="Any" Description="Local constants"&gt;&lt;ElementKinds&gt;&lt;Kind Name="LOCAL_CONSTANT" /&gt;&lt;/ElementKinds&gt;&lt;/Descriptor&gt;&lt;Policy Inspect="True" Prefix="" Suffix="" Style="AA_BB" /&gt;&lt;/Policy&gt;</s:String>
 	<s:Boolean x:Key="/Default/Environment/SettingsMigration/IsMigratorApplied/=JetBrains_002EReSharper_002EPsi_002ECSharp_002ECodeStyle_002ESettingsUpgrade_002EPredefinedNamingRulesToUserRulesUpgrade/@EntryIndexedValue">True</s:Boolean>