func main() { flag.Parse() machineFile := flag.Arg(0) if machineFile == "" { fmt.Printf("You need to pass a machine definition file, type: %s <machine.yml>\n", os.Args[0]) return } machineContent, err := ioutil.ReadFile(machineFile) if err != nil { panic(err.Error()) } var myMachine machine.Machine err = yaml.Unmarshal(machineContent, &myMachine) if err != nil { panic(err.Error()) } auth, err := aws.EnvAuth() if err != nil { panic(err.Error()) } err = machine.Get(&myMachine, auth) if err != nil { panic(err.Error()) } }
func (s *AmazonServer) SetUp(c *C) { auth, err := aws.EnvAuth() if err != nil { c.Fatal(err.Error()) } s.auth = auth }
func main() { flag.Parse() if flag.Arg(0) == "" { errorf("no command") os.Exit(2) } auth, err := aws.EnvAuth() if err != nil { fatalf("envauth: %v", err) } region, ok := aws.Regions[*regionName] if !ok { fatalf("no such region") } signer := aws.SignV4Factory(region.Name, "ec2") conn := ec2.New(auth, region, signer) if flag.Arg(0) == "help" { for _, c := range cmds { c.printUsage() } return } for _, c := range cmds { if flag.Arg(0) == c.name { c.run(conn, flag.Args()[1:]) return } } errorf("unknown command %q", flag.Arg(0)) os.Exit(2) }
func (s *S) TestEnvAuthAws(c *C) { os.Clearenv() os.Setenv("AWS_SECRET_KEY", "secret") os.Setenv("AWS_ACCESS_KEY", "access") auth, err := aws.EnvAuth() c.Assert(err, IsNil) c.Assert(auth, Equals, aws.Auth{SecretKey: "secret", AccessKey: "access"}) }
func validateConfig(cfg, old *config.Config) (*environConfig, error) { // Check for valid changes for the base config values. if err := config.Validate(cfg, old); err != nil { return nil, err } validated, err := cfg.ValidateUnknownAttrs(configFields, configDefaults) if err != nil { return nil, err } // Add EC2 specific defaults. providerDefaults := make(map[string]interface{}) // Storage. if _, ok := cfg.StorageDefaultBlockSource(); !ok { providerDefaults[config.StorageDefaultBlockSourceKey] = EBS_ProviderType } if len(providerDefaults) > 0 { if cfg, err = cfg.Apply(providerDefaults); err != nil { return nil, err } } ecfg := &environConfig{cfg, validated} if ecfg.accessKey() == "" || ecfg.secretKey() == "" { auth, err := aws.EnvAuth() if err != nil || ecfg.accessKey() != "" || ecfg.secretKey() != "" { return nil, fmt.Errorf("environment has no access-key or secret-key") } ecfg.attrs["access-key"] = auth.AccessKey ecfg.attrs["secret-key"] = auth.SecretKey } if _, ok := aws.Regions[ecfg.region()]; !ok { return nil, fmt.Errorf("invalid region name %q", ecfg.region()) } if old != nil { attrs := old.UnknownAttrs() if region, _ := attrs["region"].(string); ecfg.region() != region { return nil, fmt.Errorf("cannot change region from %q to %q", region, ecfg.region()) } if bucket, _ := attrs["control-bucket"].(string); ecfg.controlBucket() != bucket { return nil, fmt.Errorf("cannot change control-bucket from %q to %q", bucket, ecfg.controlBucket()) } } // ssl-hostname-verification cannot be disabled if !ecfg.SSLHostnameVerification() { return nil, fmt.Errorf("disabling ssh-hostname-verification is not supported") } return ecfg, nil }
// Open opens the S3 backend at bucket and region. func Open(regionname, bucketname string) (backend.Backend, error) { auth, err := aws.EnvAuth() if err != nil { return nil, err } client := s3.New(auth, aws.Regions[regionname]) s3bucket, s3err := client.Bucket(bucketname) if s3err != nil { return nil, s3err } return OpenS3Bucket(s3bucket, bucketname), nil }
// AwsAuth ... func AwsAuth() (auth aws.Auth, err error) { auth.AccessKey = *accessKey auth.SecretKey = *secretKey if auth.AccessKey != "" && auth.SecretKey != "" { return } else if auth.AccessKey == "" && auth.SecretKey != "" { err = errors.New("-access-key not found in your command line") return } else if auth.AccessKey != "" && auth.SecretKey == "" { err = errors.New("-secret-key not found in your command line") return } auth, err = aws.EnvAuth() if err == nil { return } else if auth.AccessKey == "" && auth.SecretKey != "" { err = errors.New("AWS_ACCESS_KEY not found in environment") return } else if auth.AccessKey != "" && auth.SecretKey == "" { err = errors.New("AWS_SECRET_KEY not found in environment") return } file, err := ini.LoadFile("~/.aws/credentials") if err != nil { if err == os.ErrNotExist { err = errors.New("You need inform your AWS credentials using a) AWS_ACCESS_KEY and AWS_SECRET_KEY; b) -access-key and -secret-key; c) aws configure.") } return } auth.AccessKey, _ = file.Get("default", "aws_access_key_id") auth.SecretKey, _ = file.Get("default", "aws_secret_access_key") if auth.AccessKey == "" || auth.SecretKey == "" { err = errors.New("Your credentials ~/.aws/credentials is not valid") return } return }
func (environProviderCredentials) detectEnvCredentials() (*cloud.CloudCredential, error) { auth, err := aws.EnvAuth() if err != nil { return nil, errors.NewNotFound(err, "credentials not found") } accessKeyCredential := cloud.NewCredential( cloud.AccessKeyAuthType, map[string]string{ "access-key": auth.AccessKey, "secret-key": auth.SecretKey, }, ) user, err := utils.LocalUsername() if err != nil { return nil, errors.Trace(err) } accessKeyCredential.Label = fmt.Sprintf("aws credential %q", user) return &cloud.CloudCredential{ AuthCredentials: map[string]cloud.Credential{ user: accessKeyCredential, }}, nil }
func validateConfig(cfg, old *config.Config) (*environConfig, error) { // Check for valid changes for the base config values. if err := config.Validate(cfg, old); err != nil { return nil, err } validated, err := cfg.ValidateUnknownAttrs(configFields, configDefaults) if err != nil { return nil, err } ecfg := &environConfig{cfg, validated} if ecfg.accessKey() == "" || ecfg.secretKey() == "" { auth, err := aws.EnvAuth() if err != nil || ecfg.accessKey() != "" || ecfg.secretKey() != "" { return nil, fmt.Errorf("model has no access-key or secret-key") } ecfg.attrs["access-key"] = auth.AccessKey ecfg.attrs["secret-key"] = auth.SecretKey } if _, ok := aws.Regions[ecfg.region()]; !ok { return nil, fmt.Errorf("invalid region name %q", ecfg.region()) } if old != nil { attrs := old.UnknownAttrs() if region, _ := attrs["region"].(string); ecfg.region() != region { return nil, fmt.Errorf("cannot change region from %q to %q", region, ecfg.region()) } } // ssl-hostname-verification cannot be disabled if !ecfg.SSLHostnameVerification() { return nil, fmt.Errorf("disabling ssh-hostname-verification is not supported") } return ecfg, nil }
func main() { flag.Parse() clusterFile := flag.Arg(0) if clusterFile == "" { fmt.Printf("You need to pass the cluster file, type: %s <cluster-file.yml>\n", os.Args[0]) return } clusterContent, err := ioutil.ReadFile(clusterFile) if err != nil { panic(err.Error()) } var clusters Clusters err = yaml.Unmarshal(clusterContent, &clusters) if err != nil { panic(err.Error()) } // First verify if I can open all machine files machines := make([]Cluster, len(clusters.Clusters)) for key, _ := range clusters.Clusters { myCluster := &clusters.Clusters[key] machineContent, err := ioutil.ReadFile(myCluster.Machine) if err != nil { panic(err.Error()) } var myMachine machine.Machine err = yaml.Unmarshal(machineContent, &myMachine) if err != nil { panic(err.Error()) } // Verify if cloud-config file exists if myMachine.Instance.CloudConfig != "" { _, err := os.Stat(myMachine.Instance.CloudConfig) if err != nil { panic(err.Error()) } } // Set default values of cluster to machine if myMachine.Instance.ImageId == "" { myMachine.Instance.ImageId = clusters.Default.ImageId } if myMachine.Instance.Region == "" { myMachine.Instance.Region = clusters.Default.Region } if myMachine.Instance.KeyName == "" { myMachine.Instance.KeyName = clusters.Default.KeyName } if len(myMachine.Instance.SecurityGroups) == 0 { myMachine.Instance.SecurityGroups = clusters.Default.SecurityGroups } if myMachine.Instance.SubnetId == "" { myMachine.Instance.SubnetId = clusters.Default.SubnetId } if myMachine.Instance.DefaultAvailableZone == "" { myMachine.Instance.DefaultAvailableZone = clusters.Default.DefaultAvailableZone } machines[key] = Cluster{Machine: myMachine, Nodes: myCluster.Nodes} } auth, err := aws.EnvAuth() if err != nil { panic(err.Error()) } machine.SetLogger(ioutil.Discard, "", 0) for key, myCluster := range machines { fmt.Printf("================ Running machines of %d. cluster ================\n", key+1) for i := 1; i <= myCluster.Nodes; i++ { myMachine := myCluster.Machine myMachine.Volumes = make([]volume.Volume, len(myMachine.Volumes)) // append machine number to name of instance myMachine.Instance.Name += fmt.Sprintf("-%d", i) // append machine number to name of volume for key, _ := range myCluster.Machine.Volumes { referenceVolume := &myCluster.Machine.Volumes[key] myVolume := *referenceVolume myVolume.Name += fmt.Sprintf("-%d", i) myMachine.Volumes[key] = myVolume } fmt.Printf("Running machine: %s\n", myMachine.Instance.Name) err = machine.Get(&myMachine, auth) if err != nil { panic(err.Error()) } fmt.Printf("Machine id <%s>, ip address <%s>\n", myMachine.Instance.Id, myMachine.Instance.PrivateIPAddress) if i < myCluster.Nodes { fmt.Println("----------------------------------") } } } fmt.Println("================================================================") }
func (s *S) TestEnvAuthNoAccess(c *C) { os.Clearenv() os.Setenv("AWS_SECRET_ACCESS_KEY", "foo") _, err := aws.EnvAuth() c.Assert(err, ErrorMatches, "AWS_ACCESS_KEY_ID not found in environment") }
func (s *S) TestEnvAuthNoSecret(c *C) { os.Clearenv() _, err := aws.EnvAuth() c.Assert(err, ErrorMatches, "AWS_SECRET_ACCESS_KEY not found in environment") }