Add possibility to load credentials from env vars

Hustenbonbon commented 1 year ago

What changed?

When using granted credentials import my.profile, check if env vars AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY both exist, and if yes, import them for the profile

Why?

To make it easy to migrate from tools like aws-vault with

aws-vault exec --no-session my.profile -- granted credentials import my.profile

How did you test it?

With above command, worked fine

Potential risks

My solution assumes you know what you are doing and want to add the credentials in the environment to the profile you specify
If there are other credentials in a credential file, they are ignored
I have no experience in Go coding. My coding style might be horrible, sorry for that, feel free to adjust

Is patch release candidate?

I don't know what that means

Link to relevant docs PRs

Don't exist - I created this PR after not seeing an issue or PR addressing it

Hustenbonbon commented 1 year ago

If wished by maintainers, it might be an option to move this functionality to an own command, or use a flag for it. If you have suggestions for restructuring the code, I'm happy to comply

JoshuaWilkes commented 1 year ago

Hi @Hustenbonbon !

Thanks for your PR, I think this would be suited to being its own command.

granted credentials import-from-environement

Would you mind restructuring this into it's own command?

Hustenbonbon commented 1 year ago

Sure, I'd be happy. Might be a couple of days until I get to it, but you should hear from me latest next week.

Eddie023 commented 1 year ago

Thanks for this @Hustenbonbon

I have created this as a separate command here https://github.com/common-fate/granted/pull/475 . Closing this for now

Hustenbonbon commented 1 year ago

Wow, thanks for taking over, never got the time to get back to it!

common-fate / granted