...
|
...
|
@@ -23,6 +23,7 @@ try:
|
23
|
23
|
except ImportError:
|
24
|
24
|
import http.client as httplib
|
25
|
25
|
import locale
|
|
26
|
+import configparser
|
26
|
27
|
|
27
|
28
|
try:
|
28
|
29
|
unicode
|
...
|
...
|
@@ -211,8 +212,8 @@ class Config(object):
|
211
|
211
|
try:
|
212
|
212
|
self.read_config_file(configfile)
|
213
|
213
|
except IOError:
|
214
|
|
- if 'AWS_CREDENTIAL_FILE' in os.environ:
|
215
|
|
- self.env_config()
|
|
214
|
+ if 'AWS_CREDENTIAL_FILE' in os.environ or 'AWS_PROFILE' in os.environ:
|
|
215
|
+ self.aws_credential_file()
|
216
|
216
|
|
217
|
217
|
# override these if passed on the command-line
|
218
|
218
|
if access_key and secret_key:
|
...
|
...
|
@@ -275,38 +276,35 @@ class Config(object):
|
275
|
275
|
except:
|
276
|
276
|
warning("Could not refresh role")
|
277
|
277
|
|
278
|
|
- def env_config(self):
|
279
|
|
- cred_content = ""
|
|
278
|
+ def aws_credential_file(self):
|
280
|
279
|
try:
|
281
|
|
- cred_file = open(os.environ['AWS_CREDENTIAL_FILE'],'r')
|
282
|
|
- cred_content = cred_file.read()
|
|
280
|
+ config = configparser.ConfigParser()
|
|
281
|
+
|
|
282
|
+ aws_credential_file = os.path.expanduser('~/.aws/credentials')
|
|
283
|
+ if 'AWS_CREDENTIAL_FILE' in os.environ and os.path.isfile(os.environ['AWS_CREDENTIAL_FILE']):
|
|
284
|
+ aws_credential_file = os.environ['AWS_CREDENTIAL_FILE']
|
|
285
|
+
|
|
286
|
+ debug("Reading AWS credentials from", aws_credential_file)
|
|
287
|
+ config.read(aws_credential_file)
|
|
288
|
+ profile = "default"
|
|
289
|
+ if 'AWS_PROFILE' in os.environ:
|
|
290
|
+ profile = os.environ['AWS_PROFILE']
|
|
291
|
+
|
|
292
|
+ profile_access_key = config.get(profile, 'aws_access_key_id')
|
|
293
|
+ profile_secret_key = config.get(profile, 'aws_secret_access_key')
|
|
294
|
+ self.access_key = config_unicodise(profile_access_key)
|
|
295
|
+ self.secret_key = config_unicodise(profile_secret_key)
|
|
296
|
+
|
|
297
|
+ try:
|
|
298
|
+ profile_access_token = config.get(profile, 'aws_session_token')
|
|
299
|
+ Config().access_token = config_unicodise(profile_access_token)
|
|
300
|
+ except configparser.NoOptionError:
|
|
301
|
+ pass
|
|
302
|
+
|
283
|
303
|
except IOError as e:
|
284
|
|
- debug("Error %d accessing credentials file %s" % (e.errno,os.environ['AWS_CREDENTIAL_FILE']))
|
285
|
|
- r_data = re.compile("^\s*(?P<orig_key>\w+)\s*=\s*(?P<value>.*)")
|
286
|
|
- r_quotes = re.compile("^\"(.*)\"\s*$")
|
287
|
|
- if len(cred_content)>0:
|
288
|
|
- for line in cred_content.splitlines():
|
289
|
|
- is_data = r_data.match(line)
|
290
|
|
- if is_data:
|
291
|
|
- data = is_data.groupdict()
|
292
|
|
- if r_quotes.match(data["value"]):
|
293
|
|
- data["value"] = data["value"][1:-1]
|
294
|
|
- if data["orig_key"] == "AWSAccessKeyId" \
|
295
|
|
- or data["orig_key"] == "aws_access_key_id":
|
296
|
|
- data["key"] = "access_key"
|
297
|
|
- elif data["orig_key"]=="AWSSecretKey" \
|
298
|
|
- or data["orig_key"]=="aws_secret_access_key":
|
299
|
|
- data["key"] = "secret_key"
|
300
|
|
- else:
|
301
|
|
- debug("env_config: key = %r will be ignored", data["orig_key"])
|
302
|
|
-
|
303
|
|
- if "key" in data:
|
304
|
|
- Config().update_option(data["key"], data["value"])
|
305
|
|
- if data["key"] in ("access_key", "secret_key", "gpg_passphrase"):
|
306
|
|
- print_value = ("%s...%d_chars...%s") % (data["value"][:2], len(data["value"]) - 3, data["value"][-1:])
|
307
|
|
- else:
|
308
|
|
- print_value = data["value"]
|
309
|
|
- debug("env_Config: %s->%s" % (data["key"], print_value))
|
|
304
|
+ error("%d accessing credentials file %s" % (e.errno,os.environ['AWS_CREDENTIAL_FILE']))
|
|
305
|
+ except (configparser.NoOptionError, configparser.NoSectionError) as e:
|
|
306
|
+ error(e)
|
310
|
307
|
|
311
|
308
|
def option_list(self):
|
312
|
309
|
retval = []
|