Skip to content

Commit

Permalink
Merge pull request #71 from rgooch/upgrade-repowatch-go-sdk
Browse files Browse the repository at this point in the history
Upgrade repowatch Go sdk and fix subsequent pulls from repository.
  • Loading branch information
rgooch authored Oct 10, 2022
2 parents 8e692d4 + 90b07f6 commit b434599
Show file tree
Hide file tree
Showing 8 changed files with 124 additions and 115 deletions.
8 changes: 7 additions & 1 deletion cmd/userinfo/lib.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import (
"time"

"github.com/Cloud-Foundations/golib/pkg/auth/userinfo/gitdb"
"github.com/Cloud-Foundations/golib/pkg/git/repowatch"
"github.com/Cloud-Foundations/golib/pkg/log"
)

Expand All @@ -24,5 +25,10 @@ func getDB(source string, logger log.DebugLogger) (*gitdb.UserInfo, error) {
}
defer os.RemoveAll(tmpdir)
}
return gitdb.New(source, "", tmpdir, time.Hour, logger)
return gitdb.NewWithConfig(gitdb.Config{Config: repowatch.Config{
AwsSecretId: *awsSecretId,
CheckInterval: time.Hour,
LocalRepositoryDirectory: tmpdir,
RepositoryURL: source,
}}, logger)
}
2 changes: 2 additions & 0 deletions cmd/userinfo/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ import (
)

var (
awsSecretId = flag.String("awsSecretId", "",
"If specified, fetch the SSH key from the AWS secret object")
ignoreErrors = flag.Bool("ignoreErrors", false,
"If true, ignore errors in the DB")
)
Expand Down
7 changes: 4 additions & 3 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,8 @@ require (
github.com/aws/aws-sdk-go v1.44.112
github.com/aws/aws-sdk-go-v2 v1.16.16
github.com/aws/aws-sdk-go-v2/config v1.13.1
github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.16.2
github.com/aws/aws-sdk-go-v2/service/sts v1.14.0
github.com/go-git/go-billy/v5 v5.3.1
github.com/go-git/go-git/v5 v5.4.2
github.com/prometheus/client_golang v1.12.1
github.com/stretchr/testify v1.8.0
Expand All @@ -27,8 +27,8 @@ require (
github.com/acomagu/bufpipe v1.0.3 // indirect
github.com/aws/aws-sdk-go-v2/credentials v1.8.0 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.10.0 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.4 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.2.0 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.23 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.17 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.5 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.7.0 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.9.0 // indirect
Expand All @@ -39,6 +39,7 @@ require (
github.com/emirpasic/gods v1.12.0 // indirect
github.com/fsnotify/fsnotify v1.5.1 // indirect
github.com/go-git/gcfg v1.5.0 // indirect
github.com/go-git/go-billy/v5 v5.3.1 // indirect
github.com/golang/protobuf v1.5.2 // indirect
github.com/imdario/mergo v0.3.12 // indirect
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
Expand Down
8 changes: 6 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -66,14 +66,18 @@ github.com/aws/aws-sdk-go-v2/credentials v1.8.0 h1:8Ow0WcyDesGNL0No11jcgb1JAtE+W
github.com/aws/aws-sdk-go-v2/credentials v1.8.0/go.mod h1:gnMo58Vwx3Mu7hj1wpcG8DI0s57c9o42UQ6wgTQT5to=
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.10.0 h1:NITDuUZO34mqtOwFWZiXo7yAHj7kf+XPE+EiKuCBNUI=
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.10.0/go.mod h1:I6/fHT/fH460v09eg2gVrd8B/IqskhNdpcLH0WNO3QI=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.4 h1:CRiQJ4E2RhfDdqbie1ZYDo8QtIo75Mk7oTdJSfwJTMQ=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.4/go.mod h1:XHgQ7Hz2WY2GAn//UXHofLfPXWh+s62MbMOijrg12Lw=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.2.0 h1:3ADoioDMOtF4uiK59vCpplpCwugEU+v4ZFD29jDL3RQ=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.23 h1:s4g/wnzMf+qepSNgTvaQQHNxyMLKSawNhKCPNy++2xY=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.23/go.mod h1:2DFxAQ9pfIRy0imBCJv+vZ2X6RKxves6fbnEuSry6b4=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.2.0/go.mod h1:BsCSJHx5DnDXIrOcqB8KN1/B+hXLG/bi4Y6Vjcx/x9E=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.17 h1:/K482T5A3623WJgWT8w1yRAFK4RzGzEl7y39yhtn9eA=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.17/go.mod h1:pRwaTYCJemADaqCbUAxltMoHKata7hmB5PjEXeu0kfg=
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.5 h1:ixotxbfTCFpqbuwFv/RcZwyzhkxPSYDYEMcj4niB5Uk=
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.5/go.mod h1:R3sWUqPcfXSiF/LSFJhjyJmpg9uV6yP2yv3YZZjldVI=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.7.0 h1:4QAOB3KrvI1ApJK14sliGr3Ie2pjyvNypn/lfzDHfUw=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.7.0/go.mod h1:K/qPe6AP2TGYv4l6n7c88zh9jWBDf6nHhvg1fx/EWfU=
github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.16.2 h1:3x1Qilin49XQ1rK6pDNAfG+DmCFPfB7Rrpl+FUDAR/0=
github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.16.2/go.mod h1:HEBBc70BYi5eUvxBqC3xXjU/04NO96X/XNUe5qhC7Bc=
github.com/aws/aws-sdk-go-v2/service/sso v1.9.0 h1:1qLJeQGBmNQW3mBNzK2CFmrQNmoXWrscPqsrAaU1aTA=
github.com/aws/aws-sdk-go-v2/service/sso v1.9.0/go.mod h1:vCV4glupK3tR7pw7ks7Y4jYRL86VvxS+g5qk04YeWrU=
github.com/aws/aws-sdk-go-v2/service/sts v1.14.0 h1:ksiDXhvNYg0D2/UFkLejsaz3LqpW5yjNQ8Nx9Sn2c0E=
Expand Down
5 changes: 5 additions & 0 deletions pkg/git/repowatch/api.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@ import (
"time"

"github.com/Cloud-Foundations/golib/pkg/log"

"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/secretsmanager"
)

// Config specifies the configuration.
Expand All @@ -20,7 +23,9 @@ type Params struct {
// Mandatory parameters.
Logger log.DebugLogger
// Optional parameters.
AwsConfig *aws.Config
MetricDirectory string
SecretsClient *secretsmanager.Client
}

func Watch(config Config, params Params) (<-chan string, error) {
Expand Down
60 changes: 7 additions & 53 deletions pkg/git/repowatch/awsSecretsManager.go
Original file line number Diff line number Diff line change
@@ -1,66 +1,20 @@
package repowatch

import (
"context"
"encoding/json"
"errors"
"fmt"
"sync"

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/arn"
"github.com/aws/aws-sdk-go/aws/ec2metadata"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/secretsmanager"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/secretsmanager"
)

var (
awsSecretsManagerLock sync.Mutex
awsSecretsManagerMetadataClient *ec2metadata.EC2Metadata
awsSecretsManagerMetadataClientError error
)

func getMetadataClient() (*ec2metadata.EC2Metadata, error) {
awsSecretsManagerLock.Lock()
defer awsSecretsManagerLock.Unlock()
if awsSecretsManagerMetadataClient != nil {
return awsSecretsManagerMetadataClient, nil
}
if awsSecretsManagerMetadataClientError != nil {
return nil, awsSecretsManagerMetadataClientError
}
metadataClient := ec2metadata.New(session.New())
if !metadataClient.Available() {
awsSecretsManagerMetadataClientError = errors.New(
"not running on AWS or metadata is not available")
return nil, awsSecretsManagerMetadataClientError
}
awsSecretsManagerMetadataClient = metadataClient
return awsSecretsManagerMetadataClient, nil
}

func getAwsSecret(metadataClient *ec2metadata.EC2Metadata,
secretId string) (map[string]string, error) {
var region string
if arn, err := arn.Parse(secretId); err == nil {
region = arn.Region
} else {
region, err = metadataClient.Region()
if err != nil {
return nil, err
}
}
awsSession, err := session.NewSession(&aws.Config{
Region: aws.String(region),
})
if err != nil {
return nil, fmt.Errorf("error creating session: %s", err)
}
if awsSession == nil {
return nil, errors.New("awsSession == nil")
}
awsService := secretsmanager.New(awsSession)
func getAwsSecret(ctx context.Context, secretsClient *secretsmanager.Client,
secretId string) (
map[string]string, error) {
input := secretsmanager.GetSecretValueInput{SecretId: aws.String(secretId)}
output, err := awsService.GetSecretValue(&input)
output, err := secretsClient.GetSecretValue(ctx, &input)
if err != nil {
return nil,
fmt.Errorf("error calling secretsmanager:GetSecretValue: %s", err)
Expand Down
17 changes: 8 additions & 9 deletions pkg/git/repowatch/getKey.go
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package repowatch

import (
"context"
"encoding/base64"
"encoding/pem"
"errors"
Expand All @@ -13,6 +14,7 @@ import (
"github.com/Cloud-Foundations/golib/pkg/log"

"github.com/Cloud-Foundations/Dominator/lib/fsutil"
"github.com/aws/aws-sdk-go-v2/service/secretsmanager"
"github.com/go-git/go-git/v5/plumbing/transport"
"github.com/go-git/go-git/v5/plumbing/transport/ssh"
xssh "golang.org/x/crypto/ssh"
Expand All @@ -22,10 +24,10 @@ import (
// If secretId is specified, the SSH private key will be extracted from the
// specified AWS Secrets Manager secret object, otherwise an SSH agent or local
// keys will be tried.
func getAuth(secretId string, logger log.DebugLogger) (
transport.AuthMethod, error) {
func getAuth(ctx context.Context, secretsClient *secretsmanager.Client,
secretId string, logger log.DebugLogger) (transport.AuthMethod, error) {
if secretId != "" {
return getAuthFromAWS(secretId, logger)
return getAuthFromAWS(ctx, secretsClient, secretId, logger)
}
if os.Getenv("SSH_AUTH_SOCK") != "" {
if pkc, err := ssh.NewSSHAgentAuth(ssh.DefaultUsername); err != nil {
Expand Down Expand Up @@ -66,13 +68,10 @@ func getAuth(secretId string, logger log.DebugLogger) (
return nil, fmt.Errorf("no usable SSH keys found in: %s", dirname)
}

func getAuthFromAWS(secretId string, logger log.DebugLogger) (
func getAuthFromAWS(ctx context.Context, secretsClient *secretsmanager.Client,
secretId string, logger log.DebugLogger) (
transport.AuthMethod, error) {
metadataClient, err := getMetadataClient()
if err != nil {
return nil, err
}
secrets, err := getAwsSecret(metadataClient, secretId)
secrets, err := getAwsSecret(ctx, secretsClient, secretId)
if err != nil {
return nil, err
}
Expand Down
Loading

0 comments on commit b434599

Please sign in to comment.