@ -2,16 +2,16 @@ package main
import (
import (
"fmt"
"fmt"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/sts"
"github.com/drone/drone-plugin-go/plugin"
"io/ioutil"
"io/ioutil"
"os"
"os"
"os/exec"
"os/exec"
"strings"
"strings"
"time"
"time"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/sts"
"github.com/drone/drone-plugin-go/plugin"
)
)
var (
var (
@ -24,7 +24,8 @@ type terraform struct {
Vars map [ string ] string ` json:"vars" `
Vars map [ string ] string ` json:"vars" `
Cacert string ` json:"ca_cert" `
Cacert string ` json:"ca_cert" `
Sensitive bool ` json:"sensitive" `
Sensitive bool ` json:"sensitive" `
RoleARN string ` json:"role_arn_to_assume" `
RoleARN string ` json:"role_arn_to_assume" `
RootDir string ` json:"root_dir" `
}
}
type remote struct {
type remote struct {
@ -64,6 +65,9 @@ func main() {
for _ , c := range commands {
for _ , c := range commands {
c . Env = os . Environ ( )
c . Env = os . Environ ( )
c . Dir = workspace . Path
c . Dir = workspace . Path
if vargs . RootDir != "" {
c . Dir = c . Dir + "/" + vargs . RootDir
}
c . Stdout = os . Stdout
c . Stdout = os . Stdout
c . Stderr = os . Stderr
c . Stderr = os . Stderr
if ! vargs . Sensitive {
if ! vargs . Sensitive {
@ -135,24 +139,24 @@ func applyCommand() *exec.Cmd {
}
}
func assumeRole ( roleArn string ) {
func assumeRole ( roleArn string ) {
client := sts . New ( session . New ( ) )
client := sts . New ( session . New ( ) )
duration := time . Hour * 1
duration := time . Hour * 1
stsProvider := & stscreds . AssumeRoleProvider {
stsProvider := & stscreds . AssumeRoleProvider {
Client : client ,
Client : client ,
Duration : duration ,
Duration : duration ,
RoleARN : roleArn ,
RoleARN : roleArn ,
RoleSessionName : "drone" ,
RoleSessionName : "drone" ,
}
}
value , err := credentials . NewCredentials ( stsProvider ) . Get ( )
value , err := credentials . NewCredentials ( stsProvider ) . Get ( )
if err != nil {
if err != nil {
fmt . Println ( "Error assuming role!" )
fmt . Println ( "Error assuming role!" )
fmt . Println ( err )
fmt . Println ( err )
os . Exit ( 1 )
os . Exit ( 1 )
}
}
os . Setenv ( "AWS_ACCESS_KEY_ID" , value . AccessKeyID )
os . Setenv ( "AWS_ACCESS_KEY_ID" , value . AccessKeyID )
os . Setenv ( "AWS_SECRET_ACCESS_KEY" , value . SecretAccessKey )
os . Setenv ( "AWS_SECRET_ACCESS_KEY" , value . SecretAccessKey )
os . Setenv ( "AWS_SESSION_TOKEN" , value . SessionToken )
os . Setenv ( "AWS_SESSION_TOKEN" , value . SessionToken )
}
}
func trace ( cmd * exec . Cmd ) {
func trace ( cmd * exec . Cmd ) {