Merge pull request #195 from stvnksslr/bugfix/issue-177

bugfix(AWS SSO Format):
tellerops · Jan 24, 2024 · 41558e9 · 41558e9
2 parents 4121ef9 + c8da39a
commit 41558e9
Show file tree

Hide file tree

Showing 509 changed files with 57,589 additions and 14,481 deletions.
diff --git a/go.mod b/go.mod
@@ -11,10 +11,10 @@ require (
 	github.com/DopplerHQ/cli v0.0.0-20210309042056-414bede8a50e
 	github.com/alecthomas/assert v0.0.0-20170929043011-405dbfeb8e38
 	github.com/alecthomas/kong v0.2.15
-	github.com/aws/aws-sdk-go-v2 v1.2.0
-	github.com/aws/aws-sdk-go-v2/config v1.1.1
-	github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.1.1
-	github.com/aws/aws-sdk-go-v2/service/ssm v1.1.1
+	github.com/aws/aws-sdk-go-v2 v1.24.1
+	github.com/aws/aws-sdk-go-v2/config v1.26.5
+	github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.26.2
+	github.com/aws/aws-sdk-go-v2/service/ssm v1.44.7
 	github.com/cloudflare/cloudflare-go v0.25.0
 	github.com/cyberark/conjur-api-go v0.7.1
 	github.com/dghubble/sling v1.3.0
@@ -33,6 +33,7 @@ require (
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/samber/lo v1.11.0
 	github.com/sirupsen/logrus v1.7.0
+	github.com/sosedoff/ansible-vault-go v0.2.0
 	github.com/stretchr/testify v1.8.1
 	github.com/testcontainers/testcontainers-go v0.10.1-0.20210331130832-54854fb15ccb
 	github.com/tobischo/gokeepasslib/v3 v3.2.5
@@ -47,6 +48,8 @@ require (
 	gopkg.in/yaml.v3 v3.0.1
 )
 
+require github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 // indirect
+
 require (
 	filippo.io/age v1.1.1 // indirect
 	filippo.io/edwards25519 v1.0.0 // indirect
@@ -69,12 +72,16 @@ require (
 	github.com/alessio/shellescape v1.4.1 // indirect
 	github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da // indirect
 	github.com/atotto/clipboard v0.1.4 // indirect
-	github.com/aws/aws-sdk-go-v2/credentials v1.1.1 // indirect
-	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.0.2 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.0.2 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sso v1.1.1 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sts v1.1.1 // indirect
-	github.com/aws/smithy-go v1.1.0 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.16.16 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.18.7 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 // indirect
+	github.com/aws/smithy-go v1.19.0 // indirect
 	github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect
 	github.com/blang/semver/v4 v4.0.0 // indirect
 	github.com/caspr-io/yamlpath v0.0.0-20200722075116-502e8d113a9b // indirect
@@ -141,7 +148,6 @@ require (
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/ryanuber/go-glob v1.0.0 // indirect
 	github.com/sergi/go-diff v1.1.0 // indirect
-	github.com/sosedoff/ansible-vault-go v0.2.0
 	github.com/spf13/cobra v0.0.5 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/twpayne/go-pinentry v0.2.0 // indirect

diff --git a/go.sum b/go.sum
@@ -141,26 +141,36 @@ github.com/atotto/clipboard v0.1.2/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn
 github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z4=
 github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI=
 github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0=
-github.com/aws/aws-sdk-go-v2 v1.2.0 h1:BS+UYpbsElC82gB+2E2jiCBg36i8HlubTB/dO/moQ9c=
-github.com/aws/aws-sdk-go-v2 v1.2.0/go.mod h1:zEQs02YRBw1DjK0PoJv3ygDYOFTre1ejlJWl8FwAuQo=
-github.com/aws/aws-sdk-go-v2/config v1.1.1 h1:ZAoq32boMzcaTW9bcUacBswAmHTbvlvDJICgHFZuECo=
-github.com/aws/aws-sdk-go-v2/config v1.1.1/go.mod h1:0XsVy9lBI/BCXm+2Tuvt39YmdHwS5unDQmxZOYe8F5Y=
-github.com/aws/aws-sdk-go-v2/credentials v1.1.1 h1:NbvWIM1Mx6sNPTxowHgS2ewXCRp+NGTzUYb/96FZJbY=
-github.com/aws/aws-sdk-go-v2/credentials v1.1.1/go.mod h1:mM2iIjwl7LULWtS6JCACyInboHirisUUdkBPoTHMOUo=
-github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.0.2 h1:EtEU7WRaWliitZh2nmuxEXrN0Cb8EgPUFGIoTMeqbzI=
-github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.0.2/go.mod h1:3hGg3PpiEjHnrkrlasTfxFqUsZ2GCk/fMUn4CbKgSkM=
-github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.0.2 h1:4AH9fFjUlVktQMznF+YN33aWNXaR4VgDXyP28qokJC0=
-github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.0.2/go.mod h1:45MfaXZ0cNbeuT0KQ1XJylq8A6+OpVV2E5kvY/Kq+u8=
-github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.1.1 h1:tOZVE/wpwnCH6zMCvDi8WsuXLV1p5PG/WOhHu8LWphE=
-github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.1.1/go.mod h1:ytf+Mop8BTUFmWJSCI/U33FawS9A8UWwybOdNOXU6zE=
-github.com/aws/aws-sdk-go-v2/service/ssm v1.1.1 h1:7KkZoTdApfXlU7boQG3/DpdfsbYJiJKIpglGitlGL0o=
-github.com/aws/aws-sdk-go-v2/service/ssm v1.1.1/go.mod h1:351FC4X3HnrPJ8/RwHuFRr6uLq1LrXFfh8V5vBhT6/Q=
-github.com/aws/aws-sdk-go-v2/service/sso v1.1.1 h1:37QubsarExl5ZuCBlnRP+7l1tNwZPBSTqpTBrPH98RU=
-github.com/aws/aws-sdk-go-v2/service/sso v1.1.1/go.mod h1:SuZJxklHxLAXgLTc1iFXbEWkXs7QRTQpCLGaKIprQW0=
-github.com/aws/aws-sdk-go-v2/service/sts v1.1.1 h1:TJoIfnIFubCX0ACVeJ0w46HEH5MwjwYN4iFhuYIhfIY=
-github.com/aws/aws-sdk-go-v2/service/sts v1.1.1/go.mod h1:Wi0EBZwiz/K44YliU0EKxqTCJGUfYTWXrrBwkq736bM=
-github.com/aws/smithy-go v1.1.0 h1:D6CSsM3gdxaGaqXnPgOBCeL6Mophqzu7KJOu7zW78sU=
-github.com/aws/smithy-go v1.1.0/go.mod h1:EzMw8dbp/YJL4A5/sbhGddag+NPT7q084agLbB9LgIw=
+github.com/aws/aws-sdk-go-v2 v1.24.1 h1:xAojnj+ktS95YZlDf0zxWBkbFtymPeDP+rvUQIH3uAU=
+github.com/aws/aws-sdk-go-v2 v1.24.1/go.mod h1:LNh45Br1YAkEKaAqvmE1m8FUx6a5b/V0oAKV7of29b4=
+github.com/aws/aws-sdk-go-v2/config v1.26.5 h1:lodGSevz7d+kkFJodfauThRxK9mdJbyutUxGq1NNhvw=
+github.com/aws/aws-sdk-go-v2/config v1.26.5/go.mod h1:DxHrz6diQJOc9EwDslVRh84VjjrE17g+pVZXUeSxaDU=
+github.com/aws/aws-sdk-go-v2/credentials v1.16.16 h1:8q6Rliyv0aUFAVtzaldUEcS+T5gbadPbWdV1WcAddK8=
+github.com/aws/aws-sdk-go-v2/credentials v1.16.16/go.mod h1:UHVZrdUsv63hPXFo1H7c5fEneoVo9UXiz36QG1GEPi0=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 h1:c5I5iH+DZcH3xOIMlz3/tCKJDaHFwYEmxvlh2fAcFo8=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11/go.mod h1:cRrYDYAMUohBJUtUnOhydaMHtiK/1NZ0Otc9lIb6O0Y=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 h1:vF+Zgd9s+H4vOXd5BMaPWykta2a6Ih0AKLq/X6NYKn4=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10/go.mod h1:6BkRjejp/GR4411UGqkX8+wFMbFbqsUIimfK4XjOKR4=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 h1:nYPe006ktcqUji8S2mqXf9c/7NdiKriOwMvWQHgYztw=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10/go.mod h1:6UV4SZkVvmODfXKql4LCbaZUpF7HO2BX38FgBf9ZOLw=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2 h1:GrSw8s0Gs/5zZ0SX+gX4zQjRnRsMJDJ2sLur1gRBhEM=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2/go.mod h1:6fQQgfuGmw8Al/3M2IgIllycxV7ZW7WCdVSqfBeUiCY=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 h1:/b31bi3YVNlkzkBrm9LfpaKoaYZUxIAj4sHfOTmLfqw=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4/go.mod h1:2aGXHFmbInwgP9ZfpmdIfOELL79zhdNYNmReK8qDfdQ=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 h1:DBYTXwIGQSGs9w4jKm60F5dmCQ3EEruxdc0MFh+3EY4=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10/go.mod h1:wohMUQiFdzo0NtxbBg0mSRGZ4vL3n0dKjLTINdcIino=
+github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.26.2 h1:A5sGOT/mukuU+4At1vkSIWAN8tPwPCoYZBp7aruR540=
+github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.26.2/go.mod h1:qutL00aW8GSo2D0I6UEOqMvRS3ZyuBrOC1BLe5D2jPc=
+github.com/aws/aws-sdk-go-v2/service/ssm v1.44.7 h1:a8HvP/+ew3tKwSXqL3BCSjiuicr+XTU2eFYeogV9GJE=
+github.com/aws/aws-sdk-go-v2/service/ssm v1.44.7/go.mod h1:Q7XIWsMo0JcMpI/6TGD6XXcXcV1DbTj6e9BKNntIMIM=
+github.com/aws/aws-sdk-go-v2/service/sso v1.18.7 h1:eajuO3nykDPdYicLlP3AGgOyVN3MOlFmZv7WGTuJPow=
+github.com/aws/aws-sdk-go-v2/service/sso v1.18.7/go.mod h1:+mJNDdF+qiUlNKNC3fxn74WWNN+sOiGOEImje+3ScPM=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 h1:QPMJf+Jw8E1l7zqhZmMlFw6w1NmfkfiSK8mS4zOx3BA=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7/go.mod h1:ykf3COxYI0UJmxcfcxcVuz7b6uADi1FkiUz6Eb7AgM8=
+github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 h1:NzO4Vrau795RkUdSHKEwiR01FaGzGOH1EETJ+5QHnm0=
+github.com/aws/aws-sdk-go-v2/service/sts v1.26.7/go.mod h1:6h2YuIoxaMSCFf5fi1EgZAwdfkGMgDY+DVfa61uLe4U=
+github.com/aws/smithy-go v1.19.0 h1:KWFKQV80DpP3vJrrA9sVAHQ5gc2z8i4EzrLhLlWXcBM=
+github.com/aws/smithy-go v1.19.0/go.mod h1:NukqUGpCZIILqqiV0NIjeFh24kd/FAa4beRb6nbIUPE=
 github.com/axw/gocov v1.0.0/go.mod h1:LvQpEYiwwIb2nYkXY2fDWhg9/AsYqkhmrCshjlUJECE=
 github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=

diff --git a/main.go b/main.go
@@ -100,7 +100,7 @@ var (
 	defaultLogLevel = "error"
 )
 
-// nolint
+//nolint
 func main() {
 	ctx := kong.Parse(&CLI)
 

diff --git a/pkg/porcelain.go b/pkg/porcelain.go
@@ -110,7 +110,7 @@ func (p *Porcelain) PrintEntries(entries []core.EnvEntry) {
 
 	for i := range entries {
 		v := entries[i]
-		ep := ellipsis.Shorten(v.ResolvedPath, 30) // nolint: gomnd
+		ep := ellipsis.Shorten(v.ResolvedPath, 30) //nolint: gomnd
 		if !v.IsFound {
 			fmt.Fprintf(&buf, "[%s %s %s] %s\n", yellow(v.ProviderName), gray(ep), red("missing"), green(v.Key))
 		} else {
@@ -123,7 +123,7 @@ func (p *Porcelain) PrintEntries(entries []core.EnvEntry) {
 	fmt.Fprint(p.Out, out)
 }
 func maskedValue(v string) string {
-	return fmt.Sprintf("%s*****", v[:int(math.Min(float64(len(v)), 2))]) // nolint: gomnd
+	return fmt.Sprintf("%s*****", v[:int(math.Min(float64(len(v)), 2))]) //nolint: gomnd
 }
 
 func (p *Porcelain) PrintMatches(matches []core.Match) {

diff --git a/pkg/providers/aws_secretsmanager.go b/pkg/providers/aws_secretsmanager.go
@@ -34,7 +34,8 @@ type AWSSecretsManager struct {
 	deletionRecoveryWindowInDays              int64
 }
 
-const defaultDeletionRecoveryWindowInDays = 7
+var defaultDeletionRecoveryWindowInDays int64 = 7
+
 const versionSplit = ","
 
 //nolint
@@ -200,8 +201,8 @@ func (a *AWSSecretsManager) DeleteMapping(kp core.KeyPath) error {
 	a.logger.WithField("path", kp.Path).Debug("delete secret")
 	_, err = a.client.DeleteSecret(ctx, &secretsmanager.DeleteSecretInput{
 		SecretId:                   &kp.Path,
-		RecoveryWindowInDays:       a.deletionRecoveryWindowInDays,
-		ForceDeleteWithoutRecovery: a.deletionDisableRecoveryWindow,
+		RecoveryWindowInDays:       &a.deletionRecoveryWindowInDays,
+		ForceDeleteWithoutRecovery: &a.deletionDisableRecoveryWindow,
 	})
 
 	return err

diff --git a/pkg/providers/aws_ssm.go b/pkg/providers/aws_ssm.go
@@ -25,7 +25,7 @@ type AWSSSM struct {
 
 const awsssmName = "aws_ssm"
 
-// nolint
+//nolint
 func init() {
 	metaInfo := core.MetaInfo{
 		Description:    "AWS SSM (aka paramstore)",
@@ -70,10 +70,11 @@ func NewAWSSSM(logger logging.Logger) (core.Provider, error) {
 }
 
 func (a *AWSSSM) Put(kp core.KeyPath, val string) error {
+
 	_, err := a.client.PutParameter(context.TODO(), &ssm.PutParameterInput{
 		Name:      &kp.Path,
 		Value:     &val,
-		Overwrite: true,
+		Overwrite: aws.Bool(true),
 		Type:      types.ParameterTypeString,
 	})
 	if err != nil {
@@ -126,7 +127,7 @@ func (a *AWSSSM) Get(p core.KeyPath) (*core.EnvEntry, error) {
 
 func (a *AWSSSM) getSecret(kp core.KeyPath) (*string, error) {
 	a.logger.WithField("path", kp.Path).Debug("get entry")
-	res, err := a.client.GetParameter(context.TODO(), &ssm.GetParameterInput{Name: &kp.Path, WithDecryption: kp.Decrypt})
+	res, err := a.client.GetParameter(context.TODO(), &ssm.GetParameterInput{Name: &kp.Path, WithDecryption: &kp.Decrypt})
 	if err != nil {
 		return nil, err
 	}

diff --git a/pkg/providers/aws_ssm_test.go b/pkg/providers/aws_ssm_test.go
@@ -4,6 +4,8 @@ import (
 	"errors"
 	"testing"
 
+	"github.com/aws/aws-sdk-go-v2/aws"
+
 	"github.com/alecthomas/assert"
 	"github.com/aws/aws-sdk-go-v2/service/ssm"
 	"github.com/aws/aws-sdk-go-v2/service/ssm/types"
@@ -20,7 +22,8 @@ func TestAWSSSM(t *testing.T) {
 	client := mock_providers.NewMockAWSSSMClient(ctrl)
 	path := "settings/prod/billing-svc"
 	val := "shazam"
-	in := ssm.GetParameterInput{Name: &path, WithDecryption: true}
+
+	in := ssm.GetParameterInput{Name: &path, WithDecryption: aws.Bool(true)}
 	out := ssm.GetParameterOutput{
 		Parameter: &types.Parameter{
 			Value: &val,

diff --git a/pkg/providers/google_secretmanager.go b/pkg/providers/google_secretmanager.go
@@ -30,7 +30,7 @@ type GoogleSecretManager struct {
 
 const GoogleSecretManagerName = "google_secretmanager"
 
-// nolint
+//nolint
 func init() {
 	metaInfo := core.MetaInfo{
 		Description:    "Google Secret Manager",

diff --git a/pkg/providers/heroku.go b/pkg/providers/heroku.go
@@ -90,7 +90,7 @@ func (h *Heroku) GetMapping(p core.KeyPath) ([]core.EnvEntry, error) {
 	return entries, nil
 }
 
-func (h *Heroku) Get(p core.KeyPath) (*core.EnvEntry, error) { // nolint:dupl
+func (h *Heroku) Get(p core.KeyPath) (*core.EnvEntry, error) { //nolint:dupl
 	secret, err := h.getSecret(p)
 	if err != nil {
 		return nil, err

diff --git a/pkg/providers/keypass.go b/pkg/providers/keypass.go
@@ -24,7 +24,7 @@ type KeyPass struct {
 
 const KeyPassName = "KeyPass"
 
-// nolint
+//nolint
 func init() {
 	metaInfo := core.MetaInfo{
 		Description:    "Keypass",

diff --git a/pkg/providers/lastpass.go b/pkg/providers/lastpass.go
@@ -148,7 +148,7 @@ func (l *LastPass) notesToMap(notes string) map[string]string {
 	results := map[string]string{}
 	scanner := bufio.NewScanner(strings.NewReader(notes))
 	for scanner.Scan() {
-		findings := strings.SplitN(scanner.Text(), ":", 2) // nolint: gomnd
+		findings := strings.SplitN(scanner.Text(), ":", 2) //nolint: gomnd
 		if len(findings) == findingNoteCount {
 			results[strings.TrimSpace(findings[0])] = strings.TrimSpace(findings[1])
 		}
@@ -161,7 +161,7 @@ func (l *LastPass) getNodeByKeyName(key, notes string) (string, error) {
 
 	scanner := bufio.NewScanner(strings.NewReader(notes))
 	for scanner.Scan() {
-		findings := strings.SplitN(scanner.Text(), ":", 2) // nolint: gomnd
+		findings := strings.SplitN(scanner.Text(), ":", 2) //nolint: gomnd
 		if len(findings) == findingNoteCount && findings[0] == key {
 			return strings.TrimSpace(findings[1]), nil
 		}

diff --git a/pkg/providers/process_env.go b/pkg/providers/process_env.go
@@ -52,7 +52,7 @@ func (a *ProcessEnv) GetMapping(p core.KeyPath) ([]core.EnvEntry, error) {
 
 	kvs := make(map[string]string)
 	for _, envs := range os.Environ() {
-		pair := strings.SplitN(envs, "=", 2) // nolint: gomnd
+		pair := strings.SplitN(envs, "=", 2) //nolint: gomnd
 		kvs[pair[0]] = pair[1]
 	}
 	var entries []core.EnvEntry

diff --git a/pkg/providers/vercel.go b/pkg/providers/vercel.go
@@ -119,7 +119,7 @@ func (ve *Vercel) GetMapping(p core.KeyPath) ([]core.EnvEntry, error) {
 	return entries, nil
 }
 
-func (ve *Vercel) Get(p core.KeyPath) (*core.EnvEntry, error) { // nolint:dupl
+func (ve *Vercel) Get(p core.KeyPath) (*core.EnvEntry, error) { //nolint:dupl
 	secret, err := ve.getSecret(p)
 	if err != nil {
 		return nil, err

diff --git a/pkg/teller_test.go b/pkg/teller_test.go
@@ -75,7 +75,7 @@ func (im *InMemProvider) Meta() core.MetaInfo {
 	return core.MetaInfo{}
 }
 
-// nolint
+//nolint
 func init() {
 	inmemProviderMeta := core.MetaInfo{
 		Name:        "inmem-provider",

diff --git a/vendor/github.com/aws/aws-sdk-go-v2/NOTICE.txt b/vendor/github.com/aws/aws-sdk-go-v2/NOTICE.txt