fix: upgrade to new cobra implementation

Author: dnitsch

.gitignore

@@ -27,3 +27,5 @@ vendor/
 
 .ignore*
 local/
+.deps/
+.cache/

aws-cli-auth.go

@@ -2,10 +2,20 @@ package main
 
 import (
 	"context"
+	"log"
+	"os"
+	"os/signal"
+	"syscall"
 
 	"github.com/DevLabFoundry/aws-cli-auth/cmd"
 )
 
 func main() {
-	cmd.Execute(context.Background())
+	ctx, stop := signal.NotifyContext(context.Background(), []os.Signal{os.Interrupt, syscall.SIGTERM, os.Kill}...)
+	defer stop()
+	c := cmd.New()
+	c.WithSubCommands(cmd.SubCommands()...)
+	if err := c.Execute(ctx); err != nil {
+		log.Fatalf("\x1b[31maws-cli-auth err:\n%s\x1b[0m", err)
+	}
 }

cmd/awscliauth.go

@@ -0,0 +1,94 @@
+package cmd
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"path"
+
+	"github.com/DevLabFoundry/aws-cli-auth/internal/credentialexchange"
+	"github.com/spf13/cobra"
+)
+
+var (
+	Version  string = "0.0.1"
+	Revision string = "1111aaaa"
+)
+
+type Root struct {
+	ctx context.Context
+	Cmd *cobra.Command
+	// ChannelOut io.Writer
+	// ChannelErr io.Writer
+	// viperConf  *viper.Viper
+	rootFlags *rootCmdFlags
+	Datadir   string
+}
+
+type rootCmdFlags struct {
+	cfgSectionName     string
+	storeInProfile     bool
+	killHangingProcess bool
+	roleChain          []string
+	verbose            bool
+	duration           int
+}
+
+func New() *Root {
+	rf := &rootCmdFlags{}
+	r := &Root{
+		rootFlags: rf,
+		Cmd: &cobra.Command{
+			Use:   "aws-cli-auth",
+			Short: "CLI tool for retrieving AWS temporary credentials",
+			Long: `CLI tool for retrieving AWS temporary credentials using SAML providers, or specified method of retrieval - i.e. force AWS_WEB_IDENTITY.
+Useful in situations like CI jobs or containers where multiple env vars might be present.
+Stores them under the $HOME/.aws/credentials file under a specified path or returns the crednetial_process payload for use in config`,
+			Version:       fmt.Sprintf("%s-%s", Version, Revision),
+			SilenceUsage:  true,
+			SilenceErrors: true,
+		},
+	}
+
+	r.Cmd.PersistentFlags().StringSliceVarP(&rf.roleChain, "role-chain", "", []string{}, "If specified it will assume the roles from the base credentials, in order they are specified in")
+	r.Cmd.PersistentFlags().BoolVarP(&rf.storeInProfile, "store-profile", "s", false, `By default the credentials are returned to stdout to be used by the credential_process. 
+	Set this flag to instead store the credentials under a named profile section. You can then reference that profile name via the CLI or for use in an SDK`)
+	r.Cmd.PersistentFlags().StringVarP(&rf.cfgSectionName, "cfg-section", "", "", "Config section name in the default AWS credentials file. To enable priofi")
+	// When specifying store in profile the config section name must be provided
+	r.Cmd.MarkFlagsRequiredTogether("store-profile", "cfg-section")
+	r.Cmd.PersistentFlags().IntVarP(&rf.duration, "max-duration", "d", 900, `Override default max session duration, in seconds, of the role session [900-43200]. 
+NB: This cannot be higher than the 3600 as the API does not allow for AssumeRole for sessions longer than an hour`)
+	r.Cmd.PersistentFlags().BoolVarP(&rf.verbose, "verbose", "v", false, "Verbose output")
+	r.dataDirInit()
+	return r
+}
+
+// SubCommands is a standalone Builder helper
+//
+// IF you are making your sub commands public, you can just pass them directly `WithSubCommands`
+func SubCommands() []func(*Root) {
+	return []func(*Root){
+		newSamlCmd,
+		newClearCmd,
+		newSpecificIdentityCmd,
+	}
+}
+
+func (r *Root) WithSubCommands(iocFuncs ...func(rootCmd *Root)) {
+	for _, fn := range iocFuncs {
+		fn(r)
+	}
+}
+
+func (r *Root) Execute(ctx context.Context) error {
+	return r.Cmd.ExecuteContext(ctx)
+}
+
+func (r *Root) dataDirInit() error {
+	datadir := path.Join(credentialexchange.HomeDir(), fmt.Sprintf(".%s-data", credentialexchange.SELF_NAME))
+	if _, err := os.Stat(datadir); err != nil {
+		return os.MkdirAll(datadir, 0755)
+	}
+	r.Datadir = datadir
+	return nil
+}

cmd/cmd_test.go cmd/awscliauth_test.gocmd/cmd_test.go renamed to cmd/awscliauth_test.go

@@ -2,13 +2,30 @@ package cmd_test
 
 import (
 	"bytes"
+	"context"
+	"errors"
 	"io"
 	"testing"
 
 	"github.com/DevLabFoundry/aws-cli-auth/cmd"
+	"github.com/DevLabFoundry/aws-cli-auth/internal/web"
 )
 
+func cmdHelperExecutor(t *testing.T, args []string) (stdOut *bytes.Buffer, errOut *bytes.Buffer, err error) {
+	t.Helper()
+	errOut = new(bytes.Buffer)
+	stdOut = new(bytes.Buffer)
+	c := cmd.New()
+	c.WithSubCommands(cmd.SubCommands()...)
+	c.Cmd.SetArgs(args)
+	c.Cmd.SetErr(errOut)
+	c.Cmd.SetOut(stdOut)
+	err = c.Execute(context.Background())
+	return stdOut, errOut, err
+}
+
 func Test_helpers_for_command(t *testing.T) {
+
 	ttests := map[string]struct{}{
 		"clear-cache": {},
 		"saml":        {},
@@ -17,27 +34,23 @@ func Test_helpers_for_command(t *testing.T) {
 	for name := range ttests {
 		t.Run(name, func(t *testing.T) {
 			cmdArgs := []string{name, "--help"}
-			b := new(bytes.Buffer)
-			o := new(bytes.Buffer)
-			cmd := cmd.RootCmd
-			cmd.SetArgs(cmdArgs)
-			cmd.SetErr(b)
-			cmd.SetOut(o)
-			cmd.Execute()
-			err, _ := io.ReadAll(b)
-			if len(err) > 0 {
+			stdOut, errOut, err := cmdHelperExecutor(t, cmdArgs)
+			if err != nil {
+				t.Fatal(err)
+			}
+			errCheck, _ := io.ReadAll(errOut)
+			if len(errCheck) > 0 {
 				t.Fatal("got err, wanted nil")
 			}
-			out, _ := io.ReadAll(o)
-			if len(out) <= 0 {
+			outCheck, _ := io.ReadAll(stdOut)
+			if len(outCheck) <= 0 {
 				t.Fatalf("got empty, wanted a help message")
 			}
 		})
 	}
 }
 
-func Test_Saml(t *testing.T) {
-	t.Skip()
+func Test_Saml_timeout(t *testing.T) {
 	t.Run("standard non sso should fail with incorrect saml URLs", func(t *testing.T) {
 		cmdArgs := []string{"saml", "-p",
 			"https://httpbin.org/anything/app123",
@@ -52,13 +65,8 @@ func Test_Saml(t *testing.T) {
 			"14400",
 			"--reload-before",
 			"120"}
-		b := new(bytes.Buffer)
-		o := new(bytes.Buffer)
-		cmd := cmd.RootCmd
-		cmd.SetArgs(cmdArgs)
-		cmd.SetErr(b)
-		cmd.SetOut(o)
-		if err := cmd.Execute(); err == nil {
+		_, _, err := cmdHelperExecutor(t, cmdArgs)
+		if err == nil && !errors.Is(err, web.ErrTimedOut) {
 			t.Error("got nil, wanted an error")
 		}
 		// err, _ := io.ReadAll(b)

cmd/clear.go

@@ -10,18 +10,53 @@ import (
 	"github.com/spf13/cobra"
 )
 
-var (
-	force    bool
-	ClearCmd = &cobra.Command{
+type clearFlags struct {
+	force bool
+}
+
+func newClearCmd(r *Root) {
+	flags := &clearFlags{}
+
+	cmd := &cobra.Command{
 		Use:   "clear-cache <flags>",
 		Short: "Clears any stored credentials in the OS secret store",
-		RunE:  clear,
+		RunE: func(cmd *cobra.Command, args []string) error {
+			user, err := user.Current()
+			if err != nil {
+				return err
+			}
+			if err := samlInitConfig(); err != nil {
+				return err
+			}
+			secretStore, err := credentialexchange.NewSecretStore("",
+				fmt.Sprintf("%s-%s", credentialexchange.SELF_NAME, credentialexchange.RoleKeyConverter("")),
+				os.TempDir(), user.Username)
+
+			if err != nil {
+				return err
+			}
+
+			if flags.force {
+				w := &web.Web{}
+				if err := w.ForceKill(r.Datadir); err != nil {
+					return err
+				}
+				fmt.Fprint(os.Stderr, "Chromium Cache cleared")
+			}
+
+			if err := secretStore.ClearAll(); err != nil {
+				fmt.Fprint(os.Stderr, err.Error())
+			}
+
+			if err := os.Remove(credentialexchange.ConfigIniFile("")); err != nil {
+				return err
+			}
+
+			return nil
+		},
 	}
-)
 
-func init() {
-	cobra.OnInitialize(samlInitConfig)
-	ClearCmd.PersistentFlags().BoolVarP(&force, "force", "f", false, `If aws-cli-auth exited improprely in a previous run there is a chance that there could be hanging processes left over.
+	cmd.PersistentFlags().BoolVarP(&flags.force, "force", "f", false, `If aws-cli-auth exited improprely in a previous run there is a chance that there could be hanging processes left over.
 
 This will forcefully all chromium processes.
 
@@ -32,37 +67,6 @@ Use with caution.
 If for any reason the local ini file and the secret store on your OS (keyring on GNU, keychain MacOS, windows secret store) are out of sync and the secrets cannot be retrieved by name but still exists,
 you might want to use CLI or GUI interface to the secret backing store on your OS and search for a secret prefixed with aws-cli-* and delete manually
 `)
-	RootCmd.AddCommand(ClearCmd)
-}
-
-func clear(cmd *cobra.Command, args []string) error {
-	user, err := user.Current()
-	if err != nil {
-		return err
-	}
-	secretStore, err := credentialexchange.NewSecretStore("",
-		fmt.Sprintf("%s-%s", credentialexchange.SELF_NAME, credentialexchange.RoleKeyConverter("")),
-		os.TempDir(), user.Username)
-
-	if err != nil {
-		return err
-	}
-
-	if force {
-		w := &web.Web{}
-		if err := w.ForceKill(datadir); err != nil {
-			return err
-		}
-		fmt.Fprint(os.Stderr, "Chromium Cache cleared")
-	}
-
-	if err := secretStore.ClearAll(); err != nil {
-		fmt.Fprint(os.Stderr, err.Error())
-	}
-
-	if err := os.Remove(credentialexchange.ConfigIniFile("")); err != nil {
-		return err
-	}
 
-	return nil
+	r.Cmd.AddCommand(cmd)
 }