func main() {
flag.Parse()
if *region == "" {
*region = aws.InstanceRegion()
}
auth, err := aws.GetAuth("", "", "", time.Now())
if err != nil {
log.Panic(err)
}
s3service := s3.New(auth, aws.GetRegion(*region))
bucket := s3service.Bucket(flag.Arg(0))
for {
var entries []RoutingEntry
data, err := bucket.Get("/routing-table.json")
if err == nil {
err = json.Unmarshal(data, &entries)
if err == nil {
updateProxies(entries)
}
} else {
log.Print("no get routing table", err)
}
time.Sleep(time.Second * 10)
}
}
func getSqsQueueSize(region, awsAccessKeyID, awsSecretAccessKey, queueName string) (int, error) {
// Auth
auth, err := aws.GetAuth(awsAccessKeyID, awsSecretAccessKey, "", time.Now())
if err != nil {
return -1, err
}
// SQS
sqsClient := sqs.New(auth, aws.GetRegion(region))
queue, err := sqsClient.GetQueue(queueName)
if err != nil {
return -1, err
}
// Get queue attribute
attr, err := queue.GetQueueAttributes(sqsAttributeOfQueueSize)
if err != nil {
return -1, err
}
// Queue size
size, err := strconv.Atoi(attr.Attributes[0].Value)
if err != nil {
return -1, err
}
return size, nil
}
func (e EC2Tags) Get() (map[string]string, error) {
tags := make(map[string]string)
// Passing blank values here instructs the AWS library to look at the
// current instances meta data for the security credentials.
auth, err := aws.GetAuth("", "", "", time.Time{})
if err != nil {
return tags, errors.New(fmt.Sprintf("Error creating AWS authentication: %s", err.Error()))
}
// Find the current region and create a new EC2 connection
region := aws.GetRegion(aws.InstanceRegion())
ec2Client := ec2.New(auth, region)
// Filter by the current machines instance-id
filter := ec2.NewFilter()
filter.Add("resource-id", aws.InstanceId())
// Describe the tags for the current instance
resp, err := ec2Client.DescribeTags(filter)
if err != nil {
return tags, errors.New(fmt.Sprintf("Error downloading tags: %s", err.Error()))
}
// Collect the tags
for _, tag := range resp.Tags {
tags[tag.Key] = tag.Value
}
return tags, nil
}
// GetBucket builds a s3 connection retrieving the bucket
func GetBucket(bucket string) *s3.Bucket {
auth, err := awswrapper.GetAwsAuth()
if err != nil {
log.Fatalln(err)
}
b := s3.New(auth, aws.USEast).Bucket(bucket)
loc, err := b.Location()
if err != nil {
log.Fatalln(err)
}
if aws.GetRegion(loc) != aws.USEast {
b = s3.New(auth, aws.GetRegion(loc)).Bucket(bucket)
}
return b
}
func initAwsBucket() {
expiration := time.Now().Add(time.Hour * 1)
auth, err := aws.GetAuth(config.AccessKey, config.SecretKey, "", expiration) //"" = token which isn't needed
if err != nil {
panic(err)
}
aws_bucket = s3.New(auth, aws.GetRegion(config.Region)).Bucket(config.Bucket)
}
func InitBucket(name string) error {
auth, err := aws.EnvAuth()
if err != nil {
return err
}
s3 := s3.New(auth, aws.GetRegion("ap-southeast-1"))
Bucket = s3.Bucket(name)
return nil
}
func initAwsBucket() {
fmt.Println("Initializing aws buccket bear!", config.Port)
expiration := time.Now().Add(time.Hour * 1)
auth, err := aws.GetAuth(config.AccessKey, config.SecretKey, "", expiration) //"" = token which isn't needed
if err != nil {
panic(err)
}
aws_bucket = s3.New(auth, aws.GetRegion(config.Region)).Bucket(config.Bucket)
}
func New(service string, region string, tableName string) *Discovery {
pk, err := tableDescription.BuildPrimaryKey()
if err != nil {
log.Fatal(err)
}
auth, err := aws.GetAuth("", "", "", time.Now())
dbServer := dynamodb.New(auth, aws.GetRegion(region))
table := dbServer.NewTable(tableName, pk)
return &Discovery{table: table, Service: service}
}
func (f *Factory) New(uri *url.URL) bridge.RegistryAdapter {
pk, err := tableDescription.BuildPrimaryKey()
if err != nil {
log.Fatal(err)
}
auth, err := aws.GetAuth("", "", "", time.Now())
dbServer := dynamodb.New(auth, aws.GetRegion(uri.Host))
table := dbServer.NewTable(strings.TrimPrefix(uri.Path, "/"), pk)
return &MikroAdapter{table: table}
}
func loadAWSConfigFile(fileName string, profileName string) (aws.Auth, aws.Region, error) {
var auth aws.Auth
var region aws.Region
conf, err := ini.LoadFile(fileName)
if err != nil {
return auth, region, err
}
log.Printf("Loading file %s [%s]", fileName, profileName)
for key, value := range conf[profileName] {
switch key {
case "aws_access_key_id":
auth.AccessKey = value
case "aws_secret_access_key":
auth.SecretKey = value
case "region":
region = aws.GetRegion(value)
}
}
return auth, region, nil
}
// FromParameters constructs a new Driver with a given parameters map
// Required parameters:
// - accesskey
// - secretkey
// - region
// - bucket
// - encrypt
func FromParameters(parameters map[string]interface{}) (*Driver, error) {
// Providing no values for these is valid in case the user is authenticating
// with an IAM on an ec2 instance (in which case the instance credentials will
// be summoned when GetAuth is called)
accessKey, ok := parameters["accesskey"]
if !ok {
accessKey = ""
}
secretKey, ok := parameters["secretkey"]
if !ok {
secretKey = ""
}
regionName, ok := parameters["region"]
if !ok || fmt.Sprint(regionName) == "" {
return nil, fmt.Errorf("No region parameter provided")
}
region := aws.GetRegion(fmt.Sprint(regionName))
if region.Name == "" {
return nil, fmt.Errorf("Invalid region provided: %v", region)
}
bucket, ok := parameters["bucket"]
if !ok || fmt.Sprint(bucket) == "" {
return nil, fmt.Errorf("No bucket parameter provided")
}
encryptBool := false
encrypt, ok := parameters["encrypt"]
if ok {
encryptBool, ok = encrypt.(bool)
if !ok {
return nil, fmt.Errorf("The encrypt parameter should be a boolean")
}
}
secureBool := true
secure, ok := parameters["secure"]
if ok {
secureBool, ok = secure.(bool)
if !ok {
return nil, fmt.Errorf("The secure parameter should be a boolean")
}
}
v4AuthBool := false
v4Auth, ok := parameters["v4auth"]
if ok {
v4AuthBool, ok = v4Auth.(bool)
if !ok {
return nil, fmt.Errorf("The v4auth parameter should be a boolean")
}
}
chunkSize := int64(defaultChunkSize)
chunkSizeParam, ok := parameters["chunksize"]
if ok {
switch v := chunkSizeParam.(type) {
case string:
vv, err := strconv.ParseInt(v, 0, 64)
if err != nil {
return nil, fmt.Errorf("chunksize parameter must be an integer, %v invalid", chunkSizeParam)
}
chunkSize = vv
case int64:
chunkSize = v
case int, uint, int32, uint32, uint64:
chunkSize = reflect.ValueOf(v).Convert(reflect.TypeOf(chunkSize)).Int()
default:
return nil, fmt.Errorf("invalid valud for chunksize: %#v", chunkSizeParam)
}
if chunkSize < minChunkSize {
return nil, fmt.Errorf("The chunksize %#v parameter should be a number that is larger than or equal to %d", chunkSize, minChunkSize)
}
}
rootDirectory, ok := parameters["rootdirectory"]
if !ok {
rootDirectory = ""
}
params := DriverParameters{
fmt.Sprint(accessKey),
fmt.Sprint(secretKey),
fmt.Sprint(bucket),
region,
encryptBool,
secureBool,
v4AuthBool,
chunkSize,
fmt.Sprint(rootDirectory),
}
return New(params)
}
func init() {
accessKey := os.Getenv("AWS_ACCESS_KEY")
secretKey := os.Getenv("AWS_SECRET_KEY")
bucket := os.Getenv("S3_BUCKET")
encrypt := os.Getenv("S3_ENCRYPT")
secure := os.Getenv("S3_SECURE")
v4auth := os.Getenv("S3_USE_V4_AUTH")
region := os.Getenv("AWS_REGION")
root, err := ioutil.TempDir("", "driver-")
if err != nil {
panic(err)
}
defer os.Remove(root)
s3DriverConstructor := func(rootDirectory string) (*Driver, error) {
encryptBool := false
if encrypt != "" {
encryptBool, err = strconv.ParseBool(encrypt)
if err != nil {
return nil, err
}
}
secureBool := true
if secure != "" {
secureBool, err = strconv.ParseBool(secure)
if err != nil {
return nil, err
}
}
v4AuthBool := false
if v4auth != "" {
v4AuthBool, err = strconv.ParseBool(v4auth)
if err != nil {
return nil, err
}
}
parameters := DriverParameters{
accessKey,
secretKey,
bucket,
aws.GetRegion(region),
encryptBool,
secureBool,
v4AuthBool,
minChunkSize,
rootDirectory,
}
return New(parameters)
}
// Skip S3 storage driver tests if environment variable parameters are not provided
skipCheck := func() string {
if accessKey == "" || secretKey == "" || region == "" || bucket == "" || encrypt == "" {
return "Must set AWS_ACCESS_KEY, AWS_SECRET_KEY, AWS_REGION, S3_BUCKET, and S3_ENCRYPT to run S3 tests"
}
return ""
}
driverConstructor := func() (storagedriver.StorageDriver, error) {
return s3DriverConstructor(root)
}
testsuites.RegisterInProcessSuite(driverConstructor, skipCheck)
// s3Constructor := func() (*Driver, error) {
// return s3DriverConstructor(aws.GetRegion(region))
// }
RegisterS3DriverSuite(s3DriverConstructor, skipCheck)
// testsuites.RegisterIPCSuite(driverName, map[string]string{
// "accesskey": accessKey,
// "secretkey": secretKey,
// "region": region.Name,
// "bucket": bucket,
// "encrypt": encrypt,
// }, skipCheck)
// }
}
func cmdPush(c *cli.Context) {
url := fmt.Sprintf("http://%s/deploy/upload", c.GlobalString("api-endpoint"))
var payload struct {
DeployKey string `json:"deploy_key"`
}
payload.DeployKey = c.String("deploy-key")
var response struct {
AccessKey string `json:"access_key_id"`
SecretKey string `json:"secret_access_key"`
Bucket string `json:"bucket"`
Region string `json:"region"`
Name string `json:"name"`
}
_, err := napping.Post(url, &payload, &response, nil)
if err != nil {
log.Panic("mikro-cli: push: upload-request: ", err)
}
options := s3.DriverParameters{
AccessKey: response.AccessKey,
SecretKey: response.SecretKey,
Bucket: response.Bucket,
Region: aws.GetRegion(fmt.Sprint(response.Region)),
ChunkSize: 5 << 21,
Secure: true,
}
ctx := context.Background()
driver, err := s3.New(options)
registry, err := storage.NewRegistry(ctx, driver)
imageName := c.Args()[0]
repo, tag := parsers.ParseRepositoryTag(imageName)
fmt.Printf("repo: %s tag: %s\n", repo, tag)
bundle, err := NewImageBundle(repo, tag)
if err != nil {
log.Panic("mikro-cli: push: cannot export image: ", err)
}
defer bundle.Close()
privateKey, err := libtrust.GenerateECP256PrivateKey()
dgst, err := pushImageToRegistry(ctx, response.Name,
c.String("commit-sha"),
repo, tag,
bundle,
privateKey,
registry)
fmt.Printf("Pushed image %s as %s@%s\n", imageName, response.Name, dgst)
// FIXME: we want to use the dgst here, but we can't since ECS doesn't
// support it yet.
registerCommit(c, c.String("deploy-key"), c.String("commit-sha"),
fmt.Sprintf("private:%s:%s", response.Name,
c.String("commit-sha")))
}
func LoadAWSCredentials(profileName string) (aws.Auth, aws.Region, error) {
if profileName == "" {
if p := os.Getenv("AWS_DEFAULT_PROFILE"); p != "" {
profileName = p
} else {
profileName = AWSDefaultProfileName
}
}
var awsAuth aws.Auth
var awsRegion aws.Region
// load from File (~/.aws/config, ~/.aws/credentials)
configFile := os.Getenv("AWS_CONFIG_FILE")
if configFile == "" {
if dir, err := homedir.Dir(); err == nil {
configFile = filepath.Join(dir, ".aws", "config")
}
}
dir, _ := filepath.Split(configFile)
_profile := AWSDefaultProfileName
if profileName != AWSDefaultProfileName {
_profile = "profile " + profileName
}
auth, region, _ := loadAWSConfigFile(configFile, _profile)
if isValidAuth(auth) {
awsAuth = auth
}
if isValidRegion(region) {
awsRegion = region
}
credFile := filepath.Join(dir, "credentials")
auth, region, _ = loadAWSConfigFile(credFile, profileName)
if isValidAuth(auth) {
awsAuth = auth
}
if isValidRegion(region) {
awsRegion = region
}
// Override by environment valiable
if region := os.Getenv("AWS_DEFAULT_REGION"); region != "" {
awsRegion = aws.GetRegion(region)
}
if os.Getenv("AWS_ACCESS_KEY_ID") != "" && os.Getenv("AWS_SECRET_ACCESS_KEY") != "" {
if auth, _ := aws.EnvAuth(); isValidAuth(auth) {
awsAuth = auth
}
}
if isValidAuth(awsAuth) && isValidRegion(awsRegion) {
return awsAuth, awsRegion, nil
}
// Otherwise, use IAM Role
cred, err := aws.GetInstanceCredentials()
if err == nil {
exptdate, err := time.Parse("2006-01-02T15:04:05Z", cred.Expiration)
if err == nil {
auth := aws.NewAuth(cred.AccessKeyId, cred.SecretAccessKey, cred.Token, exptdate)
awsAuth = *auth
}
}
if isValidAuth(awsAuth) && isValidRegion(awsRegion) {
return awsAuth, awsRegion, nil
}
return awsAuth, awsRegion, errors.New("cannot detect valid credentials or region")
}
// FromParameters constructs a new Driver with a given parameters map
// Required parameters:
// - accesskey
// - secretkey
// - region
// - bucket
// - encrypt
func FromParameters(parameters map[string]interface{}) (*Driver, error) {
// Providing no values for these is valid in case the user is authenticating
// with an IAM on an ec2 instance (in which case the instance credentials will
// be summoned when GetAuth is called)
accessKey, ok := parameters["accesskey"]
if !ok {
accessKey = ""
}
secretKey, ok := parameters["secretkey"]
if !ok {
secretKey = ""
}
regionName, ok := parameters["region"]
if !ok || fmt.Sprint(regionName) == "" {
return nil, fmt.Errorf("No region parameter provided")
}
region := aws.GetRegion(fmt.Sprint(regionName))
if region.Name == "" {
return nil, fmt.Errorf("Invalid region provided: %v", region)
}
bucket, ok := parameters["bucket"]
if !ok || fmt.Sprint(bucket) == "" {
return nil, fmt.Errorf("No bucket parameter provided")
}
encryptBool := false
encrypt, ok := parameters["encrypt"]
if ok {
encryptBool, ok = encrypt.(bool)
if !ok {
return nil, fmt.Errorf("The encrypt parameter should be a boolean")
}
}
secureBool := true
secure, ok := parameters["secure"]
if ok {
secureBool, ok = secure.(bool)
if !ok {
return nil, fmt.Errorf("The secure parameter should be a boolean")
}
}
v4AuthBool := false
v4Auth, ok := parameters["v4auth"]
if ok {
v4AuthBool, ok = v4Auth.(bool)
if !ok {
return nil, fmt.Errorf("The v4auth parameter should be a boolean")
}
}
chunkSize := int64(defaultChunkSize)
chunkSizeParam, ok := parameters["chunksize"]
if ok {
chunkSize, ok = chunkSizeParam.(int64)
if !ok || chunkSize < minChunkSize {
return nil, fmt.Errorf("The chunksize parameter should be a number that is larger than 5*1024*1024")
}
}
rootDirectory, ok := parameters["rootdirectory"]
if !ok {
rootDirectory = ""
}
params := DriverParameters{
fmt.Sprint(accessKey),
fmt.Sprint(secretKey),
fmt.Sprint(bucket),
region,
encryptBool,
secureBool,
v4AuthBool,
chunkSize,
fmt.Sprint(rootDirectory),
}
return New(params)
}