Merge pull request #31 from DevLabFoundry/fix/missing-config-sections

fix: adds parent config sections if not existing

Author: ElvenSpellmaker

.github/workflows/release.yml

@@ -5,18 +5,18 @@ on:
     workflows: ['CI']
     types:
       - completed
-    branches: 
+    branches:
       - master
 
 permissions:
   contents: write
-  
+
 jobs:
   set-version:
     runs-on: ubuntu-latest
     if: ${{ github.event.workflow_run.head_branch == 'master' }}
     container:
-      image: mcr.microsoft.com/dotnet/sdk:6.0 
+      image: mcr.microsoft.com/dotnet/sdk:6.0
     outputs:
       semVer: ${{ steps.gitversion.outputs.semVer }}
     steps:
@@ -36,7 +36,7 @@ jobs:
         id: gitversion
 
       - name: echo VERSIONS
-        run: | 
+        run: |
           echo "REVISION  -> $GITHUB_SHA"
           echo "VERSION -> $GITVERSION_SEMVER"
 
@@ -51,7 +51,7 @@ jobs:
           fetch-depth: 1
 
       - uses: ensono/actions/eirctl-setup@v0.3.1
-        with: 
+        with:
           version: latest
           isPrerelease: false
 
@@ -66,7 +66,7 @@ jobs:
 
       - name: Build binary
         run: |
-          eirctl run pipeline bin:release --set Version=${SEMVER} --set Revision=$GITHUB_SHA 
+          eirctl run pipeline bin:release --set Version=${SEMVER} --set Revision=$GITHUB_SHA
 
       - name: Release
         uses: softprops/action-gh-release@v2.2.1

README.md

@@ -39,6 +39,8 @@ By default the tool creates the session name - which can be audited including th
 
 ## [Usage](./docs/usage.md)
 
+### [Using Custom Debug Browser](./docs/using-custom-debug-browser.md)
+
 ## Known Issues
 
 - Even though a datadir is created to store the chromium session data it is advised to still open settings and save the username/password manually the first time you are presented with the login screen.
@@ -51,7 +53,7 @@ By default the tool creates the session name - which can be audited including th
 
 ## Contribute
 
-Contributions to the aws-auth-cli package are most welcome from engineers of all backgrounds and skill levels. 
+Contributions to the aws-auth-cli package are most welcome from engineers of all backgrounds and skill levels.
 
 In particular the addition of extra test coverage, code enhacements.
 
@@ -68,5 +70,5 @@ To make a contribution:
 
 Inspired by/Borrowed the design for secretStore from these 2 packages:
 
-- [Hiroyuki Wada](https://github.com/wadahiro) [package](https://github.com/openstandia/aws-cli-oidc) 
+- [Hiroyuki Wada](https://github.com/wadahiro) [package](https://github.com/openstandia/aws-cli-oidc)
 - [Mark Wolfe](https://github.com/wolfeidau) [package](https://github.com/Versent/saml2aws)

cmd/saml.go

@@ -167,11 +167,11 @@ You should find it in the IAM portal e.g.: arn:aws:iam::1234567891012:saml-provi
 	sc.cmd.PersistentFlags().StringVarP(&flags.SsoRegion, "sso-region", "", "eu-west-1", "If using SSO, you must set the region")
 	sc.cmd.PersistentFlags().StringVarP(&flags.CustomExecutablePath, "executable-path", "", "", `Custom path to an executable
 
-This needs to be a chromium like executable - e.g. Chrome, Chromium, Brave, Edge. 
+This needs to be a chromium like executable - e.g. Chrome, Chromium, Brave, Edge.
 
 You can find out the path by opening your browser and typing in chrome|brave|edge://version
 `)
-	sc.cmd.PersistentFlags().BoolVarP(&flags.IsSso, "is-sso", "", false, `Enables the new AWS User portal login. 
+	sc.cmd.PersistentFlags().BoolVarP(&flags.IsSso, "is-sso", "", false, `Enables the new AWS User portal login.
 If this flag is specified the --sso-role must also be specified.`)
 	sc.cmd.PersistentFlags().IntVarP(&flags.ReloadBeforeTime, "reload-before", "", 0, "Triggers a credentials refresh before the specified max-duration. Value provided in seconds. Should be less than the max-duration of the session")
 	//
@@ -189,12 +189,17 @@ func samlInitConfig(customPath string) (*ini.File, error) {
 	configPath := credentialexchange.ConfigIniFile(customPath)
 	if _, err := os.Stat(configPath); err != nil {
 		// creating a file
-		rolesInit := []byte(fmt.Sprintf("; aws-cli-auth generated [role] section\n[%s]\n", credentialexchange.INI_CONF_SECTION))
+		rolesInit := []byte(fmt.Sprintf("; aws-cli-auth generated [role] section\n[%s]\n", credentialexchange.INI_ROLE_SECTION))
 		if err := os.WriteFile(configPath, rolesInit, 0644); err != nil {
 			return nil, err
 		}
 	}
-	return ini.Load(configPath)
+	cfg, err := ini.Load(configPath)
+	if err != nil {
+		return nil, err
+	}
+	credentialexchange.EnsureParentSections(cfg)
+	return cfg, nil
 }
 
 func ConfigFromFlags(fileConfig *credentialexchange.CredentialConfig, rf *RootCmdFlags, sf *SamlCmdFlags, user string) error {

docs/using-custom-debug-browser.md

@@ -0,0 +1,44 @@
+# Using Custom Debug Browser
+
+It might be desirable to run your own debug browser for running the tests in
+environments such as WSL which might have no browser installed.
+
+`aws-cli-auth` will look for an environment variable named `ROD_BROWSER_WS_URL`
+and will use this Web Socket URL as the browser to use for communications.
+
+## Example (MSEdge)
+
+For example, to run a debug browser using MSEdge:
+```bash
+msedge \
+	--remote-debugging-port=9222 \
+	--user-data-dir='C:\temp\test'
+```
+
+> NOTE: The `--user-data-dir` parameter isn't strictly necessary, but if MSEdge
+> is open for whatever reason then it'll re-use that window and you won't get a
+> debug instance. Sometimes Windows suspends a closed window and this results in
+> it thinking the window is still open.
+
+### WSL Usage
+
+When exposing debug browsers like MSEdge the `--remote-debugging-address` is
+ignored. This means it binds to 127.0.0.1 explicitly which WSL (by default)
+can't.
+
+To mitiagte this please add to your `~/.wslconfig`:
+```ini
+[wsl2]
+networkingMode=mirrored
+```
+
+This will allow WSL to access ports bound to 127.0.0.1 on the Windows host as if
+they were bound through WSL.
+
+### VSCode Tests
+
+By adding a `ROD_BROWSER_WS_URL` to the `./vscode/settings.json` the tests can
+then use the debug browser added above. E.g.:
+```json
+"ROD_BROWSER_WS_URL": "ws://127.0.0.1:9222/devtools/browser/b28bdd90-8c1d-478b-8294-1e3fd3170f4d",
+```

eirctl.yaml

@@ -1,13 +1,14 @@
 import:
-  - https://raw.githubusercontent.com/Ensono/eirctl/refs/tags/v0.9.7/shared/build/go/eirctl.yaml
+  - https://raw.githubusercontent.com/Ensono/eirctl/refs/tags/v0.11.0/shared/build/go/eirctl.yaml
 
 contexts:
   bash:
     container:
-      name: mirror.gcr.io/bash:5.0.18-alpine3.22
+      name: mirror.gcr.io/bash:5.3.9-alpine3.23
 
   unit:test:
     container:
+      # This container is from './hack/Dockerfile.ci'
       name: ghcr.io/devlabfoundry/aws-cli-auth-ci:0.3.0
       entrypoint: /usr/bin/env
     envfile:
@@ -16,6 +17,10 @@ contexts:
         - GO
 
 pipelines:
+  lints:
+    - task: go:lint
+    - task: go:vuln:check
+
   build:
     - task: build:unix
     - task: build:win
@@ -63,7 +68,6 @@ tasks:
       export GOPATH=$PWD/.deps GOBIN=$PWD/.deps/bin
       CGO_ENABLED=1 go test ./... -v -coverpkg=github.com/DevLabFoundry/... -race -mod=readonly -timeout=1m -shuffle=on -buildvcs=false -coverprofile=.coverage/out -count=1 -run=$GO_TEST_RUN_ARGS | tee .coverage/test.out
       cat .coverage/test.out | .deps/bin/go-junit-report > .coverage/report-junit.xml
-      .deps/bin/gocov convert .coverage/out | .deps/bin/gocov-xml > .coverage/report-cobertura.xml
 
   unit:test:prereqs:
     description: Installs coverage and junit tools
@@ -72,9 +76,7 @@ tasks:
       - |
         mkdir -p .coverage
         export GOPATH="${PWD}/.deps" GOBIN="${PWD}/.deps/bin"
-        go install github.com/jstemmer/go-junit-report@v0.9.1
-        go install github.com/axw/gocov/gocov@v1.0.0
-        go install github.com/AlekSi/gocov-xml@v1.0.0
+        go install github.com/jstemmer/go-junit-report@v1.0.0
 
   clean:dir:
     command:
@@ -155,9 +157,8 @@ tasks:
   sonar:coverage:prep:
     context: bash
     command:
-      - | 
+      - |
         sed -i 's|github.com/DevLabFoundry/aws-cli-auth/||g' .coverage/out
         echo "Coverage file first 20 lines after conversion:"
         head -20 .coverage/out
-        echo "Coverage file line count:"
-        wc -l .coverage/out
+        echo "Coverage file line count: $(wc -l .coverage/out)"

go.mod

@@ -1,61 +1,61 @@
 module github.com/DevLabFoundry/aws-cli-auth
 
-go 1.25
+go 1.26
 
-toolchain go1.25.7
+toolchain go1.26.3
 
 require (
-	github.com/aws/aws-sdk-go-v2 v1.39.6
-	github.com/aws/aws-sdk-go-v2/config v1.31.20
-	github.com/aws/aws-sdk-go-v2/service/sts v1.40.2
-	github.com/aws/smithy-go v1.23.2
+	github.com/aws/aws-sdk-go-v2 v1.41.6
+	github.com/aws/aws-sdk-go-v2/config v1.32.16
+	github.com/aws/aws-sdk-go-v2/service/sts v1.42.0
+	github.com/aws/smithy-go v1.25.0
 	github.com/go-rod/rod v0.116.2
-	github.com/rezakhademix/govalidator/v2 v2.1.2
+	github.com/rezakhademix/govalidator/v2 v2.2.1
 	github.com/savioxavier/termlink v1.4.3
-	github.com/spf13/cobra v1.10.1
+	github.com/spf13/cobra v1.10.2
 	github.com/werf/lockgate v0.1.1
-	github.com/zalando/go-keyring v0.2.6
-	gopkg.in/ini.v1 v1.67.0
+	github.com/zalando/go-keyring v0.2.8
+	gopkg.in/ini.v1 v1.67.1
 )
 
 require (
+	github.com/aws/aws-sdk-go-v2/internal/v4a v1.4.23 // indirect
+	github.com/aws/aws-sdk-go-v2/service/signin v1.0.10 // indirect
 	github.com/mattn/go-colorable v0.1.14 // indirect
-	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mattn/go-isatty v0.0.21 // indirect
 	github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db // indirect
 	github.com/rivo/uniseg v0.4.7 // indirect
-	github.com/schollz/progressbar/v3 v3.18.0 // indirect
-	golang.org/x/term v0.37.0 // indirect
+	github.com/schollz/progressbar/v3 v3.19.0 // indirect
+	golang.org/x/term v0.42.0 // indirect
 )
 
 require (
-	al.essio.dev/pkg/shellescape v1.6.0 // indirect
 	dario.cat/mergo v1.0.2
-	github.com/Ensono/eirctl v0.9.6
-	github.com/aws/aws-sdk-go-v2/credentials v1.18.24 // indirect
-	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.13 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.13 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.13 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.4 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.3 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.13 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sso v1.30.3 // indirect
-	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.7 // indirect
+	github.com/Ensono/eirctl v0.10.0
+	github.com/aws/aws-sdk-go-v2/credentials v1.19.15 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.22 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.22 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.22 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.8 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.22 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.30.16 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.20 // indirect
 	github.com/danieljoos/wincred v1.2.3 // indirect
 	github.com/go-test/deep v1.1.1
-	github.com/godbus/dbus/v5 v5.1.0 // indirect
+	github.com/godbus/dbus/v5 v5.2.2 // indirect
 	github.com/gofrs/flock v0.13.0 // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
-	github.com/rs/zerolog v1.34.0
+	github.com/rs/zerolog v1.35.1
 	github.com/spaolacci/murmur3 v1.1.0 // indirect
 	github.com/spf13/pflag v1.0.10 // indirect
 	github.com/ysmood/fetchup v0.5.3 // indirect
 	github.com/ysmood/goob v0.4.0 // indirect
-	github.com/ysmood/got v0.42.0 // indirect
+	github.com/ysmood/got v0.42.4 // indirect
 	github.com/ysmood/gson v0.7.3 // indirect
 	github.com/ysmood/leakless v0.9.0 // indirect
-	golang.org/x/crypto v0.44.0 // indirect
-	golang.org/x/sys v0.38.0 // indirect
+	golang.org/x/crypto v0.50.0 // indirect
+	golang.org/x/sys v0.43.0 // indirect
 )
 
 replace github.com/ysmood/fetchup => github.com/ysmood/fetchup v0.3.0