From a63bd55c9f740f4ed32f92d877185694779f4996 Mon Sep 17 00:00:00 2001 From: Fletcher Nichol Date: Fri, 29 Nov 2024 12:37:14 -0700 Subject: [PATCH] feat(toolbox): use AWS_PROFILE/AWS_REGION if set when calling `awsi.sh` This change conditionally propagates the following local environment variables into the `systeminit/toolbox` container: - `AWS_PROFILE` - `AWS_REGION` If either of these variables are not present they do not get added to the `docker run` command. In order to confirm the behavior change, several other updates are included: - Add `set -eu` resulting in the shell script aborting if an expected environment variable is not set. To preserve the error message when you aren't authenticated, the existing `AWS_*` credential variables are still passed in as empty if not set. - Add a `DEBUG` and `TRACE` mode to the script which add `set -v` and `set- xv` respectively when running the shell script. This helps to understand the final `docker run` command that is about to be executed (among other branching logic). Signed-off-by: Fletcher Nichol --- component/toolbox/awsi.sh | 32 ++++++++++++++++++++++++-------- 1 file changed, 24 insertions(+), 8 deletions(-) diff --git a/component/toolbox/awsi.sh b/component/toolbox/awsi.sh index 9fa76c6611..833fde6c96 100755 --- a/component/toolbox/awsi.sh +++ b/component/toolbox/awsi.sh @@ -1,17 +1,33 @@ #!/usr/bin/env bash +set -eu + +if [[ -n "${DEBUG:-}" ]]; then set -v; fi +if [[ -n "${TRACE:-}" ]]; then set -xv; fi # If running in Github, we don't have an interactive # terminal so the commands can't request user input -if [ "$GITHUB_ACTIONS" = "true" ]; then +if [[ "${GITHUB_ACTIONS:-}" = "true" ]]; then terminal="-t" else terminal="-it" fi -docker run --rm "${terminal}" \ - -v ~/.aws:/root/.aws \ - -v "$(pwd)":/aws \ - -e AWS_ACCESS_KEY_ID="${AWS_ACCESS_KEY_ID}" \ - -e AWS_SECRET_ACCESS_KEY="${AWS_SECRET_ACCESS_KEY}" \ - -e AWS_SESSION_TOKEN="${AWS_SESSION_TOKEN}" \ - systeminit/toolbox:stable "$*" +args=( + --rm + "${terminal}" + -v ~/.aws:/root/.aws + -v "$(pwd)":/aws + -e AWS_ACCESS_KEY_ID="${AWS_ACCESS_KEY_ID:-}" + -e AWS_SECRET_ACCESS_KEY="${AWS_SECRET_ACCESS_KEY:-}" + -e AWS_SESSION_TOKEN="${AWS_SESSION_TOKEN:-}" +) + +if [[ -n "${AWS_PROFILE:-}" ]]; then + args+=(-e AWS_PROFILE="${AWS_PROFILE}") +fi + +if [[ -n "${AWS_REGION:-}" ]]; then + args+=(-e AWS_REGION="${AWS_REGION}") +fi + +docker run "${args[@]}" systeminit/toolbox:stable "$*"