From 9025d782a5a5b414d5271924dac52e29264660b7 Mon Sep 17 00:00:00 2001 From: Mike Mondragon Date: Tue, 14 Mar 2023 21:32:04 -0700 Subject: [PATCH] Preparing v0.3.0 release --- CHANGELOG.md | 43 +++++++++++++++++++++++++++++++- README.md | 52 +++++++++++++++++++++++++++++++++++---- internal/config/config.go | 2 +- 3 files changed, 90 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 86b0fa2..968a464 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,46 @@ # Changelog +## 0.3.0 (March 15, 2023) + +### ENHANCEMENTS + +* Remove an extra colon in usage text [#76](https://github.com/okta/okta-aws-cli/pull/76), thanks [@ZhongRuoyu](https://github.com/ZhongRuoyu)! +* Deal with deprecated/obsolete/unsupported `aws_security_token` variable [#79](https://github.com/okta/okta-aws-cli/pull/79), thanks [@monde](https://github.com/monde)! +* added proxy support to http client [#80](https://github.com/okta/okta-aws-cli/pull/80), thanks [@SaltyPeaches](https://github.com/SaltyPeaches)! +* Try to help the operator if they are using a URL format value for org [#82](https://github.com/okta/okta-aws-cli/pull/82), thanks [@monde](https://github.com/monde)! +* Pre-flight check if org is Classic or OIE [#84](https://github.com/okta/okta-aws-cli/pull/84), thanks [@monde](https://github.com/monde)! +* Promote AWS_REGION from .env if it exists for proper AWS API behavior [#85](https://github.com/okta/okta-aws-cli/pull/85), thanks [@monde](https://github.com/monde)! +* Emit tar.gz and zip archives upon release [#87](https://github.com/okta/okta-aws-cli/pull/87), thanks [@monde](https://github.com/monde)! + +### BUG FIXES + +* Fix "SETX commands emitted on Windows have incorrect syntax" [#78](https://github.com/okta/okta-aws-cli/pull/78), thanks [@laura-rodriguez](https://github.com/laura-rodriguez)! +* Correctly set session duration from AWS_SESSION_DURATION env var [#81](https://github.com/okta/okta-aws-cli/pull/81), thanks [@monde](https://github.com/monde)! + +### MAINTENANCE + +* Update golang/text dependency [#71](https://github.com/okta/okta-aws-cli/pull/71), thanks [@laura-rodriquez](https://github.com/laura-rodriquez)! +* update dependencies [#73](https://github.com/okta/okta-aws-cli/pull/73), thanks [@duytiennguyen-okta](https://github.com/duytiennguyen-okta)! + +### NOTICES + +In the v1.0.0 release ENV VARs specific to okta-aws-cli will be prefixed with +`OKTA_` in 12factor format. + +| old value | new value | +|-----------|-----------| +|`AWS_IAM_IDP` |`OKTA_AWS_IAM_IDP` | +|`AWS_IAM_ROLE` |`OKTA_AWS_IAM_ROLE` | +|`AWS_SESSION_DURATION` |`OKTA_AWS_SESSION_DURATION` | +|`FORMAT` |`OKTA_FORMAT` | +|`PROFILE` |`OKTA_PROFILE` | +|`QR_CODE` |`OKTA_QR_CODE` | +|`OPEN_BROWSER` |`OKTA_OPEN_BROWSER` | +|`AWS_CREDENTIALS` |`OKTA_AWS_CREDENTIALS` | +|`WRITE_AWS_CREDENTIALS` |`OKTA_WRITE_AWS_CREDENTIALS` | +|`LEGACY_AWS_VARIABLES` |`OKTA_LEGACY_AWS_VARIABLES` | +|`DEBUG_API_CALLS` |`OKTA_DEBUG_API_CALLS` | + ## 0.2.1 (January 24, 2023) ### BUG FIXES @@ -12,7 +53,7 @@ * `setx` output when in Windows environment [#49](https://github.com/okta/okta-aws-cli/pull/49), thanks [@monde](https://github.com/monde)! * `--write-aws-credentials` implies output format `aws-credentials` [#40](https://github.com/okta/okta-aws-cli/pull/40), thanks [@monde](https://github.com/monde)! -* Verbose HTTP API call/resonse logging with `--debug-api-calls` flag [#43](https://github.com/okta/okta-aws-cli/pull/43), thanks [@monde](https://github.com/monde)! +* Verbose HTTP API call/response logging with `--debug-api-calls` flag [#43](https://github.com/okta/okta-aws-cli/pull/43), thanks [@monde](https://github.com/monde)! * Return underlying Error if present in fetchWebSSO() [#47](https://github.com/okta/okta-aws-cli/pull/47), thanks [@emanor-okta](https://github.com/emanor-okta)! ### BUG FIXES diff --git a/README.md b/README.md index be5fcdb..c6910e3 100644 --- a/README.md +++ b/README.md @@ -43,6 +43,7 @@ SETX AWS_SESSION_TOKEN AQoEXAMPLEH4aoAH0gNCAPyJxz4BlCFFxWNE1OPTgk5T... * [Requirements](#requirements) * [Recommendations](#recommendations) +* [Installation](#installation) * [Configuration](#configuration) * [Operation](#operation) * Comparison @@ -121,6 +122,37 @@ have equivalent policies if not share the same policy. If the AWS Federation app has more stringent assurance requirements than the OIDC app a `400 Bad Request` API error is likely to occur. +## Installation + +### Binaries + +Binary releases for combinations of operating systems and architectures are +posted to the [okta-aws-cli +releases](https://github.com/okta/okta-aws-cli/releases) section in Github. Each +release includes CHANGELOG notes for that release. + +### OSX/Homebrew + +okta-aws-cli is distributed to OSX via [homebrew](https://brew.sh/) + +``` +$ brew install okta-aws-cli +``` + +### Local build/install + +See [Development](#development) section. + +TL;DR run directly from source +``` +$ go run cmd/okta-aws-cli/main.go --help +``` + +TL;DR build from source, installed into golang bin directory +``` +$ make build +``` + ## Configuration **Note**: If your AWS IAM IdP is in a non-commercial region, such as GovCloud, @@ -168,6 +200,7 @@ Also see the CLI's online help `$ okta-aws-cli --help` | (Over)write the given profile to the AWS credentials file (optional). WARNING: When enabled, overwriting can inadvertently remove dangling comments and extraneous formatting from the creds file. | `WRITE_AWS_CREDENTIALS=true` | `--write-aws-credentials` | `true` if flag is present | | Emit deprecated AWS variable `aws_security_token` with duplicated value from `aws_session_token` | `LEGACY_AWS_VARIABLES=true` | `--legacy-aws-variables` | `true` if flag is present | | Verbosely print all API calls/responses to the screen | `DEBUG_API_CALLS=true` | `--debug-api-calls` | `true` if flag is present | +| HTTP/HTTPS Proxy support | `HTTP_PROXY` or `HTTPS_PROXY` | n/a | HTTP/HTTPS URL of proxy service (based on golang [net/http/httpproxy](https://pkg.go.dev/golang.org/x/net/http/httpproxy) package) | NOTE: If [`AWS_REGION`](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html) @@ -240,10 +273,14 @@ This allows for the command's results to be `eval`'d into the current shell as ### Plain usage -Note: example assumes other Okta AWS CLI configuration values have already been +**NOTE**: example assumes other Okta AWS CLI configuration values have already been set by ENV variables or `.env` file. -Note: output will be in `setx` statements if the runtime is Windows. +**NOTE**: output will be in `setx` statements if the runtime is Windows. + +**NOTE**: okta-aws-cli only needs to be called the first time to gather AWS +creds. Then called again once those creds have expired. It does not need to be +called every time before each actual AWS CLI invocation. ```shell $ okta-aws-cli @@ -268,7 +305,7 @@ $ aws s3 ls ### Scripted orientated usages -Note: example assumes other Okta AWS CLI configuration values have already been +**NOTE**: example assumes other Okta AWS CLI configuration values have already been set by ENV variables or `.env` file. ```shell @@ -277,6 +314,11 @@ $ eval `okta-aws-cli` && aws s3 ls 2021-06-10 12:47:11 mah-bucket $ eval `okta-aws-cli` + +$ aws s3 ls +2018-04-04 11:56:00 test-bucket +2021-06-10 12:47:11 mah-bucket + $ aws s3 ls 2018-04-04 11:56:00 test-bucket 2021-06-10 12:47:11 mah-bucket @@ -284,7 +326,7 @@ $ aws s3 ls ### AWS credentials file orientated usage -Note: example assumes other Okta AWS CLI configuration values have already been +**NOTE**: example assumes other Okta AWS CLI configuration values have already been set by ENV variables or `.env` file. ```shell @@ -303,7 +345,7 @@ Wrote profile "test" to /Users/mikemondragon/.aws/credentials 2021-06-10 12:47:11 mah-bucket ``` -Note: the Okta AWS CLI will only append to the AWS credentials file. Be sure to +**NOTE**: the Okta AWS CLI will only append to the AWS credentials file. Be sure to comment out or remove previous named profiles from the credentials file. Otherwise an `Unable to parse config file` error like the following may occur. diff --git a/internal/config/config.go b/internal/config/config.go index a653aba..bacb1d6 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -28,7 +28,7 @@ import ( const ( // Version app version - Version = "0.2.1" + Version = "0.3.0" // AWSCredentialsFormat format const AWSCredentialsFormat = "aws-credentials"