This PR introduces a major shift of gsts as a credential_process provider - so much, in fact, that its internal structure has been completely adapted to behave like one by default. Thank you for the fantastic feedback over the last months!
As part of this refactor, there are a number of breaking changes too.
Breaking Changes
gsts is now a credential_process provider and should not called manually anymore.
Credentials are no longer stored under ~/.aws/config but instead under gsts own cache directory (~/Library/Caches/gsts on macOS, %LOCALAPPDATA%\gsts\Cache on Windows and ~/.cache/gsts on Linux) .
All command line parameters are now overridable by corresponding environment variables with the GSTS_ prefix.
Remove --google-* aliases.
Remove support for node < 18.
Daemon support has been removed in favor of the credential_process setup.
Playwright-specific parameters (--engine-executable-path, --engine) have had --playwright added to them to make it more explicit on what they achieve (--playwright-engine-executable-path and --playwright-engine).
New Features
Add support for cacheless operation mode with --no-credentials-cache.
Add support for processing the following AWS CLI variables:
AWS_REGION
AWS_DEFAULT_REGION
AWS_PROFILE
Add support for configuring gsts under ~/.aws/config (or any other directory configured via $AWS_CONFIG_FILE).
Add support for setting the playwright engine channel via --playwright-engine-channel.
Store SAML assertion in cache for further automation power.
Improvements
Migrated to AWS SDK v3.
Fix headless hang when Google forces interactive login mode.
Logging has been reworked to make gsts a lot less verbose and respect non-TTY sessions more accurately.
Set permissions for credentials file for read-write to the owner only (600).
This PR introduces a major shift of
gstsas acredential_processprovider - so much, in fact, that its internal structure has been completely adapted to behave like one by default. Thank you for the fantastic feedback over the last months!As part of this refactor, there are a number of breaking changes too.
Breaking Changes
gstsis now acredential_processprovider and should not called manually anymore.The
~/.aws/configshould similar to the below:~/.aws/configbut instead undergstsown cache directory (~/Library/Caches/gstson macOS,%LOCALAPPDATA%\gsts\Cacheon Windows and~/.cache/gstson Linux) .GSTS_prefix.--google-*aliases.credential_processsetup.--engine-executable-path,--engine) have had--playwrightadded to them to make it more explicit on what they achieve (--playwright-engine-executable-pathand--playwright-engine).New Features
--no-credentials-cache.AWS_REGIONAWS_DEFAULT_REGIONAWS_PROFILEgstsunder~/.aws/config(or any other directory configured via$AWS_CONFIG_FILE).--playwright-engine-channel.Improvements
gstsa lot less verbose and respect non-TTY sessions more accurately.Notable Updates
playwright@1.32.2.