removed the use of credentials.yaml file

Author: christiangda

README.md

@@ -1,8 +1,8 @@
 # aws_cloudwatch_exporter
 
-[![Master branch workflow](https://github.com/slashdevops/aws_cloudwatch_exporter/workflows/Master%20branch%20workflow/badge.svg?branch=master)][github]
+![Master branch workflow](https://github.com/slashdevops/aws_cloudwatch_exporter/workflows/Master%20branch%20workflow/badge.svg?branch=master)
 [![Go Report Card](https://goreportcard.com/badge/github.com/slashdevops/aws_cloudwatch_exporter)](https://goreportcard.com/report/github.com/slashdevops/aws_cloudwatch_exporter)
-[![Docker Pulls](https://img.shields.io/docker/pulls/slashdevops/aws_cloudwatch_exporter.svg?maxAge=604800)][hub]
+![Docker Pulls](https://img.shields.io/docker/pulls/slashdevops/aws_cloudwatch_exporter.svg?maxAge=604800)
 
 Prometheus exporter for AWS CloudWatch
 
@@ -13,9 +13,9 @@ This exporter used the AWS CloudWatch GetMetricsData API call, please it is impo
 
 The configuration could be set using 3 ways:
 
-1. Configuration Files   (i.e.: ./server.yaml, ./credentials.yaml, ./metrics.yaml)
+1. Configuration Files   (i.e.: ./server.yaml, ./metrics.yaml)
 2. Environment Variables (i.e.: SERVER_PORT, AWS_REGION, AWS_PROFILE, etc)
-3. Program Flags         (i.e.: --serverPort, --region, --profile)
+3. Program Flags         (i.e.: --serverPort, --region)
 
 The precedence is in the same order of the list, so, if you define values into `server.yaml` and then 
 the same configuration key is defined as a `Env Var` this last will replace the file value.
@@ -40,24 +40,16 @@ docker run --rm \
 #### Binary
 
 ```bash
-make
-
 AWS_SDK_LOAD_CONFIG="true" \
 AWS_PROFILE="slashdevops" \
-./aws_cloudwatch_exporter metrics get --metricsFiles ~/tmp/queries/m1.yaml \
-    --debug
-```
-
-```bash
-./aws_cloudwatch_exporter metrics get --metricsFiles ~/tmp/queries/m1.yaml \
-    --profile slashdevops \
+./aws_cloudwatch_exporter metrics get \
+    --metricsFiles ~/tmp/queries/m1.yaml \
     --debug
 ```
 
 ### Configuration Files
 
 * [server.yaml](docs/server.md)
-* [credentials.yaml](docs/credentials.md)
 * [metrics.yaml](docs/metrics.md)
 
 

cmd/metrics.go

@@ -119,7 +119,7 @@ func getCmd(cmd *cobra.Command, args []string) {
 
 	log.Debugf("Metrics queries: %s", mdi.String())
 
-	sess := awshelper.NewSession(&conf.AWS)
+	sess := awshelper.NewSession()
 	svc := cloudwatch.New(sess)
 	mdo, err := svc.GetMetricData(mdi)
 	if err != nil {
@@ -179,7 +179,7 @@ func collectCmd(cmd *cobra.Command, args []string) {
 	log.Debugf("Available Env Vars: %s", os.Environ())
 
 	m := metrics.New(&conf)
-	sess := awshelper.NewSession(&conf.AWS)
+	sess := awshelper.NewSession()
 	cwc := cloudwatch.New(sess)
 
 	c := collector.New(&conf, m, cwc)

cmd/root.go

@@ -80,34 +80,10 @@ func init() {
 		log.Error(err)
 	}
 
-	rootCmd.PersistentFlags().StringVar(&conf.Application.CredentialsFile, "credentialsFile", "credentials.yaml", "The file with the AWS Credentials configuration")
-	if err := viper.BindPFlag("application.credentialsFile", rootCmd.PersistentFlags().Lookup("credentialsFile")); err != nil {
-		log.Error(err)
-	}
-
 	rootCmd.PersistentFlags().StringSliceVar(&conf.Application.MetricsFiles, "metricsFiles", []string{"metrics.yaml"}, "Metrics queries files, the file or files with the metrics queries. example: --metricsFiles ~/tmp/queries/m1.yaml --metricsFiles ~/tmp/queries/m2.yml")
 	if err := viper.BindPFlag("application.metricsFiles", rootCmd.PersistentFlags().Lookup("metricsFiles")); err != nil {
 		log.Error(err)
 	}
-
-	// AWS Credentials conf
-	// Region
-	rootCmd.PersistentFlags().StringVar(&conf.AWS.Region, "region", "", "The AWS Region, see: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html")
-	if err := viper.BindPFlag("aws.region", rootCmd.PersistentFlags().Lookup("region")); err != nil {
-		log.Error(err)
-	}
-
-	// Profile
-	rootCmd.PersistentFlags().StringVar(&conf.AWS.Profile, "profile", "", "The AWS profile name defined in .aws/config or .aws/credential")
-	if err := viper.BindPFlag("aws.profile", rootCmd.PersistentFlags().Lookup("profile")); err != nil {
-		log.Error(err)
-	}
-
-	// RoleArn
-	rootCmd.PersistentFlags().StringVar(&conf.AWS.RoleArn, "role_arn", "", "The AWS RoleArn, see: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html")
-	if err := viper.BindPFlag("aws.role_arn", rootCmd.PersistentFlags().Lookup("role_arn")); err != nil {
-		log.Error(err)
-	}
 }
 
 func initConfig() {

cmd/server.go

@@ -115,15 +115,14 @@ func init() {
 func startCmd(cmd *cobra.Command, args []string) {
 
 	loadFromConfigFiles(conf.Application.ServerFile, &conf)
-	loadFromConfigFiles(conf.Application.CredentialsFile, &conf)
 	loadFromMetricsFiles(&conf)
 	validateMetricsQueries(&conf)
 
 	log.Debugf("Available configuration: %s", conf.ToJSON())
 	log.Debugf("Available Env Vars: %s", os.Environ())
 
 	m := metrics.New(&conf)
-	sess := awshelper.NewSession(&conf.AWS)
+	sess := awshelper.NewSession()
 	cwc := cloudwatch.New(sess)
 
 	c := collector.New(&conf, m, cwc)

config/config.go

@@ -25,7 +25,6 @@ import (
 type All struct {
 	ServerConf            `mapstructure:",squash"`
 	ApplicationConf       `mapstructure:",squash"`
-	AWSConf               `mapstructure:",squash"`
 	MetricDataQueriesConf `mapstructure:",squash"`
 }
 
@@ -89,32 +88,13 @@ type Application struct {
 	VersionInfo      string   `json:"versionInfo" yaml:"versionInfo"`
 	BuildInfo        string   `json:"buildInfo" yaml:"buildInfo"`
 	ServerFile       string   `mapstructure:"serverFile" json:"serverFile" yaml:"serverFile"`
-	CredentialsFile  string   `mapstructure:"credentialsFile" json:"sharedCredentialsFile" yaml:"sharedCredentialsFile"`
 	HealthPath       string   `json:"healthPath" yaml:"healthPath"`
 	MetricsPath      string   `json:"metricsPath" yaml:"metricsPath"`
 	MetricsFiles     []string `mapstructure:"metricsFiles" json:"metricsFiles" yaml:"metricsFiles"`
 	MetricStatPeriod string   `mapstructure:"metricStatPeriod" json:"metricStatPeriod" yaml:"metricStatPeriod"`
 	MetricTimeWindow string   `mapstructure:"metricTimeWindow" json:"metricTimeWindow" yaml:"metricTimeWindow"`
 }
 
-// https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html
-// This is a convenient structure to allow config files nested (aws.[keys])
-// credentials.yaml file
-// Nested:
-// aws:
-//   access_key_id: ""
-//   secret_access_key: ""
-//   profile: ""
-type AWSConf struct {
-	AWS `mapstructure:"AWS" json:"AWS" yaml:"AWS"`
-}
-
-type AWS struct {
-	Region  string `mapstructure:"region" json:"region" yaml:"region"`
-	Profile string `mapstructure:"profile" json:"profile" yaml:"profile"`
-	RoleArn string `mapstructure:"role_arn" json:"roleArn" yaml:"roleArn"`
-}
-
 // This is a convenient structure to allow config files nested (MetricDataQueries.[keys])
 // File conf metrics.yaml
 // Will be filled with que Metrics Queries

docs/credentials.md

@@ -18,7 +18,6 @@ server:                               # This is related to the http service conf
 application:                          # This is related to the application behavior
   metricStatPeriod: 5m                # Type: time.Duration, Defined the global period of time .see: https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricStat.html
   metricTimeWindow: 10m               # Type: time.Duration, Defined the time windows between the StartTime and EndTime. see: https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetMetricData.html
-  credentialsFile: credentials.yaml   # Type: string, Define the location/path with the file that could contain the different AWS credentials information  
   metricsFiles:                       # Type: Array, List of files with the definitions of metrics queries 
     - metrics.yaml                    # Type: string, Part of the array list with the location/path of file with the metrics queries in the format defined in metrics.md file
 ```
@@ -36,12 +35,6 @@ for **metricStatPeriod and metricTimeWindow**
 * https://docs.aws.amazon.com/cli/latest/reference/cloudwatch/get-metric-data.html
 * https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetMetricData.html
 
-for **credentialsFile**
-
-* [credentials.md](credentials.md)
-* https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html
-* https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html
-
 for **metricsFiles**
 
 * [metrics.md](metrics.md)

docs/server.md

@@ -20,34 +20,36 @@ import (
 
 	"github.com/aws/aws-sdk-go/aws/session"
 	log "github.com/sirupsen/logrus"
-	"github.com/slashdevops/aws_cloudwatch_exporter/config"
 
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
 )
 
 // https://docs.Credentials.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html
 // https://docs.Credentials.amazon.com/sdk-for-go/api/aws/session/
-func NewSession(c *config.AWS) *session.Session {
+func NewSession() *session.Session {
 
 	awsConf := aws.Config{CredentialsChainVerboseErrors: aws.Bool(true)}
 	awsSessOpts := session.Options{Config: awsConf}
 
 	// in case of assume role with MFA
 	awsSessOpts.AssumeRoleTokenProvider = stscreds.StdinTokenProvider
 
-	if len(os.Getenv("AWS_ACCESS_KEY_ID")) == 0 {
+	if len(os.Getenv("AWS_ACCESS_KEY_ID")) == 0 ||
+		len(os.Getenv("AWS_SDK_LOAD_CONFIG")) > 1 ||
+		len(os.Getenv("AWS_SHARED_CREDENTIALS_FILE")) > 1 ||
+		len(os.Getenv("AWS_CONFIG_FILE")) > 1 {
 		awsSessOpts.SharedConfigState = session.SharedConfigEnable
 	}
 
-	if len(c.Region) > 0 {
-		log.Debugf("Using AWS Region: %s", c.Region)
-		awsConf.Region = aws.String(c.Region)
+	if len(os.Getenv("AWS_REGION")) > 0 {
+		log.Debugf("Using AWS Region: %s", os.Getenv("AWS_REGION"))
+		awsConf.Region = aws.String(os.Getenv("AWS_REGION"))
 	}
 
-	if c.Profile != "" {
-		awsSessOpts.Profile = c.Profile
-		log.Debug("Enabling Session SharedConfigState")
+	if len(os.Getenv("AWS_PROFILE")) > 0 {
+		log.Debugf("Using AWS Profile: %s", os.Getenv("AWS_PROFILE"))
+		awsSessOpts.Profile = os.Getenv("AWS_PROFILE")
 	}
 
 	// Try default credential provider chain
@@ -57,10 +59,10 @@ func NewSession(c *config.AWS) *session.Session {
 		log.Fatalf("Failed to create AWS Session using default chain:%s", err)
 	}
 
-	if len(c.RoleArn) > 0 {
-		log.Debugf("Create new session assuming role: %s", c.RoleArn)
+	if len(os.Getenv("AWS_ROLE_ARN")) > 0 {
+		log.Debugf("Create new session assuming role: %s", os.Getenv("AWS_ROLE_ARN"))
 		// Override session AWS with the new credentials provided after assume the role
-		awsConf.Credentials = stscreds.NewCredentials(awsSession, c.RoleArn)
+		awsConf.Credentials = stscreds.NewCredentials(awsSession, os.Getenv("AWS_ROLE_ARN"))
 		awsSession = session.Must(session.NewSession(&awsConf))
 	}
 

internal/awshelper/session.go

@@ -22,22 +22,19 @@ import (
 	"testing"
 
 	log "github.com/sirupsen/logrus"
-	"github.com/slashdevops/aws_cloudwatch_exporter/config"
 )
 
 func TestNewSessionWithEnvVars(t *testing.T) {
 
 	testCases := []struct {
 		Name        string
 		Description string
-		Args        *config.AWS
 		EnvVars     map[string]string
 		Expected    map[string]string
 	}{
 		{
 			Name:        "UsingEnvVarsBasicAndToken",
 			Description: "Using AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_SESSION_TOKEN Env Vars",
-			Args:        &config.AWS{},
 			EnvVars: map[string]string{
 				"AWS_SHARED_CREDENTIALS_FILE": "/tmp/nothing", // This is very important to avoid the use of your own credentials file ~.aws/credentials
 				"AWS_CONFIG_FILE":             "/tmp/nothing", // This is very important to avoid the use of your own config file ~.aws/config
@@ -67,7 +64,7 @@ func TestNewSessionWithEnvVars(t *testing.T) {
 			}
 
 			// Create the session with the arguments
-			s := NewSession(tc.Args)
+			s := NewSession()
 
 			// Get the result credentials and error
 			c, err := s.Config.Credentials.Get()
@@ -99,33 +96,26 @@ func TestNewSessionWithFiles(t *testing.T) {
 	testCases := []struct {
 		Name        string
 		Description string
-		Args        *config.AWS
 		EnvVars     map[string]string
 		Expected    map[string]string
 	}{
 		{
 			Name:        "UsingProfileAndConfigStateFile",
 			Description: "Using ",
-			Args: &config.AWS{
-				Profile: "default",
-				Region:  "eu-west-1",
-			},
 			EnvVars: map[string]string{
+				"AWS_SDK_LOAD_CONFIG":         "true",
 				"AWS_SHARED_CREDENTIALS_FILE": "testdata/default/credentials", // This is very important to avoid the use of your own credentials file ~.aws/credentials
 			},
 			Expected: map[string]string{
 				"AWS_ACCESS_KEY_ID":           "AKIAIOSFODNN7EXAMPLE",
 				"AWS_SECRET_ACCESS_KEY":       "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
 				"AWS_REGION":                  "eu-west-1",
-				"AWS_SHARED_CREDENTIALS_FILE": "SharedConfigCredentials: testdata/default/credentials",
+				"AWS_SHARED_CREDENTIALS_FILE": "EnvConfigCredentials",
 			},
 		},
 		{
 			Name:        "UsingProfileAndConfigFile",
 			Description: "Using ",
-			Args: &config.AWS{
-				Profile: "case1",
-			},
 			EnvVars: map[string]string{
 				"AWS_SHARED_CREDENTIALS_FILE": "testdata/case1/credentials", // This is very important to avoid the use of your own credentials file ~.aws/credentials
 				"AWS_CONFIG_FILE":             "testdata/case1/config",      // This is very important to avoid the use of your own credentials file ~.aws/credentials
@@ -134,7 +124,7 @@ func TestNewSessionWithFiles(t *testing.T) {
 				"AWS_ACCESS_KEY_ID":           "AKIAIOSFODNN7EXAMPLE",
 				"AWS_SECRET_ACCESS_KEY":       "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
 				"AWS_REGION":                  "eu-west-1",
-				"AWS_SHARED_CREDENTIALS_FILE": "SharedConfigCredentials: testdata/case1/credentials",
+				"AWS_SHARED_CREDENTIALS_FILE": "EnvConfigCredentials",
 			},
 		},
 	}
@@ -151,7 +141,7 @@ func TestNewSessionWithFiles(t *testing.T) {
 			}
 
 			// Create the session with the arguments
-			s := NewSession(tc.Args)
+			s := NewSession()
 
 			// Get the result credentials and error
 			c, err := s.Config.Credentials.Get()
@@ -184,14 +174,12 @@ func TestNewSessionWithConfigAndEnvVars(t *testing.T) {
 	testCases := []struct {
 		Name        string
 		Description string
-		Args        *config.AWS
 		EnvVars     map[string]string
 		Expected    map[string]string
 	}{
 		{
 			Name:        "UsingConfig",
 			Description: "Using ",
-			Args:        &config.AWS{},
 			EnvVars: map[string]string{
 				"AWS_ACCESS_KEY_ID":     "AKIAIOSFODNN7EXAMPLE",
 				"AWS_SECRET_ACCESS_KEY": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
@@ -217,7 +205,7 @@ func TestNewSessionWithConfigAndEnvVars(t *testing.T) {
 			}
 
 			// Create the session with the arguments
-			s := NewSession(tc.Args)
+			s := NewSession()
 
 			// Get the result credentials and error
 			c, err := s.Config.Credentials.Get()