Merge branch 'master' into master

.editorconfig

@@ -0,0 +1,24 @@
+; https://editorconfig.org/
+root = true
+
+[*]
+insert_final_newline = true
+charset = utf-8
+trim_trailing_whitespace = true
+indent_style = space
+indent_size = 2
+
+[{Makefile,go.mod,go.sum,*.go,.gitmodules}]
+indent_style = tab
+indent_size = 4
+
+[*.md]
+indent_size = 4
+trim_trailing_whitespace = false
+eclint_indent_style = unset
+
+[*.html]
+insert_final_newline = false
+
+[Dockerfile]
+indent_size = 4

.github/workflows/go.yml

@@ -10,7 +10,10 @@ jobs:
 
   build:
     name: Build
-    runs-on: ubuntu-latest
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macOS-latest]
     steps:
 
     - name: Set up Go 1.x
@@ -22,4 +25,10 @@ jobs:
       uses: actions/checkout@v2
 
     - name: Test
-      run: make ci
+      run: go test -v ./...
+
+    - name: golangci-lint
+      uses: golangci/golangci-lint-action@v2
+      with:
+        # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version.
+        version: v1.32

.github/workflows/release.yml

@@ -0,0 +1,28 @@
+name: release
+
+on:
+  push:
+    tags:
+      - '*'
+
+jobs:
+  release:
+    name: release
+    runs-on: macOS-latest
+    steps:
+
+    - name: Set up Go 1.x
+      uses: actions/setup-go@v2
+      with:
+        go-version: 1.15.x
+
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v2
+
+    - name: GoReleaser
+      uses: goreleaser/goreleaser-action@v2
+      with:
+        version: latest
+        args: release --rm-dist
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -1,6 +1,6 @@
 .DS_Store
 .credentials
-/dist
+/dist*
 /build
 /packages
 /release

.golangci.yaml

@@ -0,0 +1,14 @@
+linters:
+  disable-all: true
+  enable:
+    - goimports
+    - deadcode
+    - errcheck
+    - gosimple
+    - govet
+    - ineffassign
+    - staticcheck
+    - structcheck
+    - typecheck
+    - unused
+    - varcheck

.goreleaser.yml

@@ -0,0 +1,29 @@
+---
+project_name: saml2aws
+
+builds:
+- main: ./cmd/saml2aws/main.go
+  binary: saml2aws
+  flags:
+    - -trimpath
+    - -v
+  ldflags:
+    - -s -w -X main.Version={{.Version}}
+  goos:
+    - windows
+    - darwin
+    - linux
+  goarch:
+    - amd64
+    - arm64
+    - arm
+archives:
+  - format: tar.gz
+    wrap_in_directory: false
+    format_overrides:
+      - goos: windows
+        format: zip
+    # remove README and LICENSE
+    files:
+      - LICENSE.md
+      - README.md

Makefile

@@ -3,6 +3,8 @@ ARCH=$(shell uname -m)
 VERSION=2.28.0
 ITERATION := 1
 
+GOLANGCI_VERSION = 1.32.0
+
 SOURCE_FILES?=$$(go list ./... | grep -v /vendor/)
 TEST_PATTERN?=.
 TEST_OPTIONS?=
@@ -11,72 +13,43 @@ BIN_DIR := $(CURDIR)/bin
 
 ci: prepare test
 
-prepare: prepare.metalinter
-	GOBIN=$(BIN_DIR) go install github.com/buildkite/github-release
-	GOBIN=$(BIN_DIR) go install github.com/mitchellh/gox
-	GOBIN=$(BIN_DIR) go install github.com/axw/gocov/gocov
-	GOBIN=$(BIN_DIR) go install golang.org/x/tools/cmd/cover
+$(BIN_DIR)/golangci-lint: $(BIN_DIR)/golangci-lint-${GOLANGCI_VERSION}
+	@ln -sf golangci-lint-${GOLANGCI_VERSION} $(BIN_DIR)/golangci-lint
+$(BIN_DIR)/golangci-lint-${GOLANGCI_VERSION}:
+	@curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | BINARY=golangci-lint bash -s -- v${GOLANGCI_VERSION}
+	@mv $(BIN_DIR)/golangci-lint $@
 
-# Gometalinter is deprecated and broken dependency so let's use with GO111MODULE=off
-prepare.metalinter:
-	GO111MODULE=off go get -u github.com/alecthomas/gometalinter
-	GO111MODULE=off gometalinter --fast --install
+$(BIN_DIR)/goreleaser:
+	@go get -u github.com/goreleaser/goreleaser
+	@env GOBIN=$(BIN_DIR) GO111MODULE=on go install github.com/goreleaser/goreleaser
 
 mod:
 	@go mod download
 	@go mod tidy
 
-compile: mod
-	@rm -rf build/
-	@$(BIN_DIR)/gox -ldflags "-X main.Version=$(VERSION)" \
-	-osarch="darwin/amd64" \
-	-osarch="linux/i386" \
-	-osarch="linux/amd64" \
-	-osarch="windows/amd64" \
-	-osarch="windows/i386" \
-	-output "build/{{.Dir}}_$(VERSION)_{{.OS}}_{{.Arch}}/$(NAME)" \
-	${SOURCE_FILES}
+lint: $(BIN_DIR)/golangci-lint
+	@echo "--- lint all the things"
+	@$(BIN_DIR)/golangci-lint run ./...
+.PHONY: lint
 
-# Run all the linters
-lint:
-	@gometalinter --vendor ./...
+lint-fix: $(BIN_DIR)/golangci-lint
+	@echo "--- lint all the things"
+	@$(BIN_DIR)/golangci-lint run --fix ./...
+.PHONY: lint-fix
 
-# gofmt and goimports all go files
-fmt:
-	find . -name '*.go' -not -wholename './vendor/*' | while read -r file; do gofmt -w -s "$$file"; goimports -w "$$file"; done
+fmt: lint-fix
 
 install:
 	go install ./cmd/saml2aws
 
-dist:
-	$(eval FILES := $(shell ls build))
-	@rm -rf dist && mkdir dist
-	@for f in $(FILES); do \
-		(cd $(shell pwd)/build/$$f && tar -cvzf ../../dist/$$f.tar.gz *); \
-		(cd $(shell pwd)/dist && shasum -a 512 $$f.tar.gz > $$f.sha512); \
-		echo $$f; \
-	done
-
-release:
-	@$(BIN_DIR)/github-release "v$(VERSION)" dist/* --commit "$(git rev-parse HEAD)" --github-repository versent/$(NAME)
-
-test:
-	@$(BIN_DIR)/gocov test $(SOURCE_FILES) | $(BIN_DIR)/gocov report
+release-snapshot: $(BIN_DIR)/goreleaser
+	$(BIN_DIR)/goreleaser --snapshot --rm-dist
 
 clean:
 	@rm -fr ./build
 
-packages:
-	rm -rf package && mkdir package
-	rm -rf stage && mkdir -p stage/usr/bin
-	cp build/saml2aws_*_linux_amd64/saml2aws stage/usr/bin
-	fpm --name $(NAME) -a x86_64 -t rpm -s dir --version $(VERSION) --iteration $(ITERATION) -C stage -p package/$(NAME)-$(VERSION)_$(ITERATION).rpm usr
-	fpm --name $(NAME) -a x86_64 -t deb -s dir --version $(VERSION) --iteration $(ITERATION) -C stage -p package/$(NAME)-$(VERSION)_$(ITERATION).deb usr
-	shasum -a 512 package/$(NAME)-$(VERSION)_$(ITERATION).rpm > package/$(NAME)-$(VERSION)_$(ITERATION).rpm.sha512
-	shasum -a 512 package/$(NAME)-$(VERSION)_$(ITERATION).deb > package/$(NAME)-$(VERSION)_$(ITERATION).deb.sha512
-
 generate-mocks:
 	mockery -dir pkg/prompter --all
 	mockery -dir pkg/provider/okta -name U2FDevice
 
-.PHONY: default prepare.metalinter prepare mod compile lint fmt dist release test clean generate-mocks
+.PHONY: default prepare mod compile fmt dist release test clean generate-mocks

README.md

@@ -66,7 +66,6 @@ Aside from Okta, most of the providers in this project are using screen scraping
 If you're on OSX you can install saml2aws using homebrew!
 
 ```
-brew tap versent/homebrew-taps
 brew install saml2aws
 saml2aws --version
 ```
@@ -550,6 +549,12 @@ Then to test the software just run.
 make test
 ```
 
+Before raising a PR please run the linter.
+
+```
+make lint-fix
+```
+
 ## Environment vars
 
 The exec sub command will export the following environment variables.
@@ -620,7 +625,7 @@ An example of the aws configuration (`~/.aws/config`):
 ```
 [profile mybucket]
 region = us-west-1
-credential_process = saml2aws login --skip-prompt --quiet --credential-process --role <ROLE>
+credential_process = saml2aws login --skip-prompt --quiet --credential-process --role <ROLE> --profile mybucket
 ```
 
 When using the aws cli with the `mybucket` profile, the authentication process will be run and the aws will then be executed based on the returned credentials.

cmd/saml2aws/commands/console.go

@@ -83,7 +83,7 @@ func loadOrLogin(account *cfg.IDPAccount, sharedCreds *awsconfig.CredentialsProv
 		return loginRefreshCredentials(sharedCreds, execFlags.LoginExecFlags)
 	}
 
-	if awsCreds.Expires.Sub(time.Now()) < 0 {
+	if time.Until(awsCreds.Expires) < 0 {
 		log.Println("expired credentials triggering login")
 		return loginRefreshCredentials(sharedCreds, execFlags.LoginExecFlags)
 	}

cmd/saml2aws/commands/exec.go

@@ -47,7 +47,7 @@ func Exec(execFlags *flags.LoginExecFlags, cmdline []string) error {
 		return errors.Wrap(err, "error loading credentials")
 	}
 
-	if awsCreds.Expires.Sub(time.Now()) < 0 {
+	if time.Until(awsCreds.Expires) < 0 {
 		return errors.New("error aws credentials have expired")
 	}
 

cmd/saml2aws/commands/login.go

@@ -46,12 +46,15 @@ func Login(loginFlags *flags.LoginExecFlags) error {
 
 	if !sharedCreds.Expired() && !loginFlags.Force {
 		logger.Debug("credentials are not expired skipping")
-		previous_creds, err := sharedCreds.Load()
+		previousCreds, err := sharedCreds.Load()
 		if err != nil {
 			log.Println("Unable to load cached credentials")
 		}
 		if loginFlags.CredentialProcess {
-			PrintCredentialProcess(previous_creds)
+			err = PrintCredentialProcess(previousCreds)
+			if err != nil {
+				return err
+			}
 		}
 		return nil
 	}
@@ -110,7 +113,10 @@ func Login(loginFlags *flags.LoginExecFlags) error {
 
 	// print credential process if needed
 	if loginFlags.CredentialProcess {
-		PrintCredentialProcess(awsCreds)
+		err = PrintCredentialProcess(awsCreds)
+		if err != nil {
+			return err
+		}
 	}
 	return saveCredentials(awsCreds, sharedCreds)
 }
@@ -348,13 +354,12 @@ func CredentialsToCredentialProcess(awsCreds *awsconfig.AWSCredentials) (string,
 
 }
 
-// PrintCredentialProcess
-// Prints a Json output that is compatible with the AWS credential_process
+// PrintCredentialProcess Prints a Json output that is compatible with the AWS credential_process
 // https://github.com/awslabs/awsprocesscreds
 func PrintCredentialProcess(awsCreds *awsconfig.AWSCredentials) error {
-	json_output, err := CredentialsToCredentialProcess(awsCreds)
+	jsonData, err := CredentialsToCredentialProcess(awsCreds)
 	if err == nil {
-		fmt.Println(json_output)
+		fmt.Println(jsonData)
 	}
 	return err
 }

cmd/saml2aws/commands/script.go

@@ -61,7 +61,7 @@ func Script(execFlags *flags.LoginExecFlags, shell string) error {
 		return errors.Wrap(err, "error loading credentials")
 	}
 
-	if awsCreds.Expires.Sub(time.Now()) < 0 {
+	if time.Until(awsCreds.Expires) < 0 {
 		return errors.New("error aws credentials have expired")
 	}