Class: AcornsRdsAuth::CLI

Inherits:
Object
  • Object
show all
Defined in:
lib/acorns-rds-auth/cli.rb

Constant Summary collapse

ENDPOINT_URL = 
"https://1mv4djbzee.execute-api.us-east-1.amazonaws.com/production/command".freeze

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeCLI

Returns a new instance of CLI.



10
11
12
13
14
15
16
17
18
 
# File 'lib/acorns-rds-auth/cli.rb', line 10

def initialize
  @command = :auth
  @options = {
    profile: nil,
    database: nil,
    role: nil,
    timeout: 5,
  }
end

Class Method Details

.startObject 



6
7
8
 
# File 'lib/acorns-rds-auth/cli.rb', line 6

def self.start
  CLI.new.start
end

Instance Method Details

#credentialsObject 



112
113
114
115
116
117
118
 
# File 'lib/acorns-rds-auth/cli.rb', line 112

def credentials
  if @options[:profile]
    Aws::SharedCredentials.new(profile_name: @options[:profile]).credentials
  else
    credentials_provider.credentials
  end
end

#credentials_providerObject 



108
109
110
 
# File 'lib/acorns-rds-auth/cli.rb', line 108

def credentials_provider
  @credentials_provider ||= Aws::CredentialProviderChain.new.resolve.credentials
end

#do_auth_request!Object

Raises:

  • (OptionParser::MissingArgument) 


40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
 
# File 'lib/acorns-rds-auth/cli.rb', line 40

def do_auth_request!

  envname = @options[:env] || ARGV.shift
  database = @options[:database] || ARGV.shift
  role = @options[:role] || ARGV.shift

  raise OptionParser::MissingArgument.new("env") if envname.nil?
  raise OptionParser::MissingArgument.new("database") if database.nil?

  payload = {
    command: :auth,
    env: envname,
    database: database,
    role: role,
  }

  STDERR.printf("Requesting credentials for '%s' in '%s'", payload[:database], payload[:env])

  if payload[:role]
    STDERR.printf(" (Using role '%s')", payload[:role])
  end

  STDERR.puts ""

  response = do_request(payload)

  # STDERR.puts JSON.pretty_generate(response)
  STDERR.puts "DATABASE USERNAME: #{response[:role]}"
  STDERR.puts ""
  STDERR.puts "PASSWORD TO USE FOR THIS CONNECTION:"

  print response[:token]

end

#do_request(payload) ⇒ Object 



128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
 
# File 'lib/acorns-rds-auth/cli.rb', line 128

def do_request(payload)

  raw_payload = JSON.generate(payload)

  signer = Aws::Sigv4::Signer.new(
    service: 'execute-api',
    region: "us-east-1",
    credentials: credentials,
  )

  headers = {
    'content-type' => "application/json",
  }

  signature = signer.sign_request({
    http_method: "POST",
    url: endpoint.to_s,
    headers: headers,
    body: raw_payload,
  })

  http = Net::HTTP.new(endpoint.host, endpoint.port)
  http.open_timeout = @options[:timeout]
  http.read_timeout = @options[:timeout]
  http.use_ssl = true

  request = Net::HTTP::Post.new(endpoint.path)
  request.add_field('user-agent', "AcornsRdsAuth-ruby/#{::AcornsRdsAuth::VERSION}")
  headers.each do |k,v|
    request.add_field(k,v)
  end

  signature.headers.each do |k,v|
    request.add_field(k,v)
  end

  request.body = raw_payload

  res = http.request(request)

  result = JSON.parse(res.body, symbolize_names: true)

  if res.code.to_i == 200
    return result
  else

    # STDERR.puts "ERROR:"

    if result[:Message]
      raise StandardError.new(result[:Message])
    end


    raise StandardError.new("#{res.message}: #{res.body}")
    # exit(1)
  end
end

#endpointObject 



124
125
126
 
# File 'lib/acorns-rds-auth/cli.rb', line 124

def endpoint
  @endpoint ||= URI.parse(endpoint_url)
end

#endpoint_urlObject 



120
121
122
 
# File 'lib/acorns-rds-auth/cli.rb', line 120

def endpoint_url
  ENV.fetch("RDS_AUTH_URL", ENDPOINT_URL)
end

#options_parserObject 



75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
 
# File 'lib/acorns-rds-auth/cli.rb', line 75

def options_parser
  @options_parser ||= OptionParser.new do |opts|
    opts.banner = "Usage: acorns-rds-auth [COMMAND] [options] [...]"
  
    opts.on("-p", "--profile PROFILE", "Specify the AWS profile to use") do |v|
      @options[:profile] = v
      # Aws.config[:profile_name] = v
    end

    opts.on("-e", "--env ENV", "Specify the environment to connect") do |v|
      @options[:env] = v
    end

    opts.on("-d", "--database NAME", "Specify the database to connect") do |v|
      @options[:database] = v
    end

    opts.on("-r", "--role NAME", "Specify the role to connect with. Optional") do |v|
      @options[:role] = v
    end

    opts.on("-h", "--help", "Prints this help") do
      puts opts
      exit
    end
  end
end

#parse_options!Object 



103
104
105
106
 
# File 'lib/acorns-rds-auth/cli.rb', line 103

def parse_options!
  options_parser.parse!
  @command = (ARGV.shift || "auth").downcase.to_sym
end

#startObject 



20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
 
# File 'lib/acorns-rds-auth/cli.rb', line 20

def start
  parse_options!

  case @command
  when :auth, :authenticate
    do_auth_request!

  else
    raise StandardError.new("Invalid command '#{@command}'")
  end

rescue => err

  STDERR.puts "ERROR:"
  STDERR.puts err.message
  exit(1)
end