From c6f0182ab10531f861586c5c9ee9b8f363d91f03 Mon Sep 17 00:00:00 2001 From: Lachlan Donald Date: Tue, 1 Sep 2015 22:56:38 +1000 Subject: [PATCH] Add debugging via DEBUG env --- aws-vault.go | 5 +++++ command/list.go | 7 +++++++ command/store.go | 4 ++-- vault/session.go | 18 ++++++++++++++++++ 4 files changed, 32 insertions(+), 2 deletions(-) diff --git a/aws-vault.go b/aws-vault.go index a5b57bab3..3ef7e8531 100644 --- a/aws-vault.go +++ b/aws-vault.go @@ -1,6 +1,7 @@ package main import ( + "io/ioutil" "log" "os" @@ -13,6 +14,10 @@ var ( ) func main() { + if os.Getenv("DEBUG") != "1" { + log.SetOutput(ioutil.Discard) + } + ui := &cli.BasicUi{ Writer: os.Stdout, Reader: os.Stdin, diff --git a/command/list.go b/command/list.go index 1a1dd6f15..6ae4899a9 100644 --- a/command/list.go +++ b/command/list.go @@ -28,9 +28,16 @@ func (c *ListCommand) Run(args []string) int { c.Ui.Error(err.Error()) return 4 } + for _, p := range profileNames { c.Ui.Output(p) } + + if len(profileNames) == 0 { + c.Ui.Error("No profiles found") + return 1 + } + return 0 } diff --git a/command/store.go b/command/store.go index 6facf45ff..458a907f6 100644 --- a/command/store.go +++ b/command/store.go @@ -49,13 +49,13 @@ func (c *StoreCommand) Run(args []string) int { return 1 } - accessKeyId, err := c.Ui.Ask("Enter Access Key ID: ") + accessKeyId, err := c.Ui.Ask("Enter Access Key ID:") if err != nil { c.Ui.Error(err.Error()) return 2 } - secretKey, err := c.Ui.AskSecret("Enter Secret Access Key: ") + secretKey, err := c.Ui.AskSecret("Enter Secret Access Key:") if err != nil { c.Ui.Error(err.Error()) return 2 diff --git a/vault/session.go b/vault/session.go index 791ff16ab..1fedf5b77 100644 --- a/vault/session.go +++ b/vault/session.go @@ -1,6 +1,7 @@ package vault import ( + "log" "time" "github.com/99designs/aws-vault/Godeps/_workspace/src/github.com/aws/aws-sdk-go/aws" @@ -55,8 +56,15 @@ func (sp *SessionProvider) Session(conf SessionConfig) (SessionCredentials, erro TokenCode: aws.String(token), } + if token != "" { + log.Printf("assuming role %s with mfa %s", conf.Profile.RoleARN, serialNumber) + } else { + log.Printf("assuming role %s", conf.Profile.RoleARN) + } + resp, err := svc.AssumeRole(input) if err != nil { + log.Printf("%#v", err) return SessionCredentials{}, err } return SessionCredentials{resp.Credentials}, nil @@ -69,6 +77,12 @@ func (sp *SessionProvider) Session(conf SessionConfig) (SessionCredentials, erro TokenCode: aws.String(token), } + if token != "" { + log.Printf("getting session token with mfa %s", serialNumber) + } else { + log.Printf("getting session token") + } + resp, err := svc.GetSessionToken(input) if err != nil { return SessionCredentials{}, err @@ -92,6 +106,8 @@ func (ksp *KeyringSessionProvider) Session(conf SessionConfig) (SessionCredentia } if sessionCreds == nil || time.Now().After(*sessionCreds.Expiration) { + log.Println("fetching new session") + if ksp.CredsFunc != nil { creds, err := ksp.CredsFunc() if err != nil { @@ -111,6 +127,8 @@ func (ksp *KeyringSessionProvider) Session(conf SessionConfig) (SessionCredentia } sessionCreds = &newCreds + } else { + log.Printf("using cached session (expires in %s)", sessionCreds.Expiration.Sub(time.Now())) } return *sessionCreds, nil