Skip to content

Commit

Permalink
Add AWS SSO support (#170)
Browse files Browse the repository at this point in the history
* Add AWS SSO support

* Update docs for SSO

* Update main readme

* Remove unused method
  • Loading branch information
emgarten authored Apr 2, 2023
1 parent 0a18745 commit 70a8252
Show file tree
Hide file tree
Showing 7 changed files with 45 additions and 5 deletions.
23 changes: 20 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

| AppVeyor | Travis | Azure Pipelines |
| --- | --- | --- |
| [![AppVeyor](https://ci.appveyor.com/api/projects/status/cuhdeq60c3ogy7pa?svg=true)](https://ci.appveyor.com/project/emgarten/sleet) | [![Travis](https://travis-ci.com/emgarten/Sleet.svg?branch=main)](https://travis-ci.com/emgarten/Sleet) | [![VSO](https://hackamore.visualstudio.com/_apis/public/build/definitions/abbff132-0981-4267-a80d-a6e7682a75a9/2/badge)](https://github.com/emgarten/sleet) |
| [![AppVeyor](https://ci.appveyor.com/api/projects/status/cuhdeq60c3ogy7pa?svg=true)](https://ci.appveyor.com/project/emgarten/sleet) | [![VSO](https://hackamore.visualstudio.com/_apis/public/build/definitions/abbff132-0981-4267-a80d-a6e7682a75a9/2/badge)](https://github.com/emgarten/sleet) |

# What is Sleet?

Expand All @@ -11,9 +11,15 @@ Sleet is a static NuGet package feed generator.
* **Serverless**. Create static feeds directly on *Azure Storage*, *Amazon S3* or another S3 compatible storage. No compute required.
* **Cross platform**. Sleet is built in .NET, it can run on *.NET Framework*, *Mono*, or [dotnet CLI](https://github.com/dotnet/cli)
* **Fast.** Static feeds are created using the [NuGet v3 feed format](https://docs.microsoft.com/en-us/nuget/api/overview).
* **Symbol server.** Assemblies and pdb files from packages are automatically indexed and provided as a [symbol server](doc/symbol-server.md).
* **Simple.** Sleet is a simple command line tool that can add, remove, and update packages.
* **Flexible.** Feeds can be written to disk and hosted with a web server to support authentication. Use the command line tool or a library to run Sleet programmatically.
* **Flexible.** Configuration and credentials can be set using files, env vars, command line args, or AWS specific patterns to support a variety of workflows and CI builds.

## Why use static feeds?

* Package binaries are typically kept outside of git repos, static feeds provide a long term storage solution that can be paired with checked in code.
* NuGet feeds are typically read for restore far more than they are updated.
* Cloud storage accounts are a cheap and secure way to share nupkgs for public feeds.
* You keep full control of your packages.

## Getting Sleet

Expand Down Expand Up @@ -48,13 +54,24 @@ CI builds are located on the following NuGet feed:

The list of packages on this feed is [here](https://nuget.blob.core.windows.net/packages/sleet.packageindex.json).

## Contributing

We welcome contributions. If you are interested in contributing to Sleet report an issue or open a pull request to propose a change.

## Sleet is..

Cold static packages from the cloud. ☁️ + 📦 = ❄️

## History

Sleet was created to achieve the original goals of the NuGet v3 feed format: Provide maximum availability and performance for NuGet restore by using only static files.

The v3 feed format was designed to do all compute when pushing a new package since updates are infrequent compared to the number of times a package is read for restore. Static files also remove the need to run a specific server to host the feed, allowing a simple file service to handle it.

## Related projects

* [Sleet.Azure](https://github.com/kzu/Sleet.Azure) provides MSBuild props/targets for running Sleet.
* [Sleet.Search](https://github.com/emgarten/Sleet.Search) provides a search service for Sleet feeds.

## License

Expand Down
1 change: 1 addition & 0 deletions ReleaseNotes.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
## 5.1.0
* Added net7.0 support
* Update AWS SDK
* Added AWS SSO profile support

## 5.0.6
* Updated NuGet.* packages to 6.2.1
Expand Down
2 changes: 2 additions & 0 deletions build/config.props
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@
<PortablePdbVersion>1.5.0</PortablePdbVersion>
<AWSSDKVersion>3.7.103.40</AWSSDKVersion>
<AWSSDKTokenVersion>3.7.101.38</AWSSDKTokenVersion>
<AWSSDKSSOVersion>3.7.100.103</AWSSDKSSOVersion>
<AWSSDKSSOOIDCVersion>$(AWSSDKSSOVersion)</AWSSDKSSOOIDCVersion>
<DotNetConfigVersion>1.0.6</DotNetConfigVersion>
</PropertyGroup>

Expand Down
11 changes: 11 additions & 0 deletions doc/feed-type-s3.md
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,17 @@ For `.netconfig`, just create or edit the file directly in the [desired location

For details on creating a credentials file go [here](https://docs.aws.amazon.com/sdk-for-net/v2/developer-guide/net-dg-config-creds.html#creds-file)

#### Using SSO profiles

If you are using an SSO profile, you must first log in using the AWS CLI before running sleet to allow SSO profiles to be used.

Sleet will not prompt for SSO login.

```
aws sso login --profile my-sso-profile
```


### Using accessKeyId and secretAccessKey in sleet.json

`sleet.json`:
Expand Down
9 changes: 9 additions & 0 deletions src/SleetLib/FileSystem/FileSystemFactory.cs
Original file line number Diff line number Diff line change
Expand Up @@ -172,10 +172,19 @@ public static async Task<ISleetFileSystem> CreateFileSystemAsync(LocalSettings s
if (!string.IsNullOrWhiteSpace(profileName))
{
var credFile = new SharedCredentialsFile();
var chain = new CredentialProfileStoreChain();

if (credFile.TryGetProfile(profileName, out var profile))
{
// Successfully created the credentials using the profile
amazonS3Client = new AmazonS3Client(profile.GetAWSCredentials(profileSource: null), config);
}
else if (chain.TryGetAWSCredentials(profileName, out var credentials))
{
// Successfully created the credentials using a profile with SSO
// This works for identities outside of AWS such as Azure AD and Okta
amazonS3Client = new AmazonS3Client(credentials, config);
}
else
{
throw new ArgumentException($"The specified AWS profileName {profileName} could not be found. The feed must specify a valid profileName for an AWS credentials file. For help on credential files see: https://docs.aws.amazon.com/sdk-for-net/v2/developer-guide/net-dg-config-creds.html#creds-file");
Expand Down
2 changes: 2 additions & 0 deletions src/SleetLib/SleetLib.csproj
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@
<ItemGroup>
<PackageReference Include="AWSSDK.S3" Version="$(AWSSDKVersion)" />
<PackageReference Include="AWSSDK.SecurityToken" Version="$(AWSSDKTokenVersion)" />
<PackageReference Include="AWSSDK.SSO" Version="$(AWSSDKSSOVersion)" />
<PackageReference Include="AWSSDK.SSOOIDC" Version="$(AWSSDKSSOOIDCVersion)" />
<PackageReference Include="NuGet.Packaging" Version="$(NuGetPackageVersion)" />
<PackageReference Include="Microsoft.Azure.Storage.Blob" Version="$(MicrosoftAzureStorageBlobVersion)" />
<PackageReference Include="Newtonsoft.Json" Version="$(JsonVersion)" />
Expand Down
2 changes: 0 additions & 2 deletions src/SleetLib/Utility/AmazonS3Utility.cs
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
using System;

namespace Sleet
{
public static class AmazonS3Utility
Expand Down

0 comments on commit 70a8252

Please sign in to comment.