Merge pull request #11 from hypnoglow/aws-profile-support

Aws profile support

README.md

@@ -30,7 +30,12 @@ Two options are available:
 1) The plugin is able to read AWS default environment variables: `$AWS_ACCESS_KEY_ID`,
 `$AWS_SECRET_ACCESS_KEY` and `$AWS_DEFAULT_REGION`.
 2) If you already using `aws-cli`, you may already have files `$HOME/.aws/credentials` and `$HOME/.aws/config`.
-If so, you are good to go - the plugin can read your credentials from those files.
+If so, you are good to go - the plugin can read your credentials from those files. 
+In case of multiple profiles, the plugin also understands `AWS_PROFILE` environment variable.
+Use it to let plugin select specific profile, or leave it to use **default** profile. Example:
+
+        $ export AWS_PROFILE=app-dev
+        $ helm repo add myrepo s3://app-dev-bucket/charts
 
 To minimize security issues, remember to configure your IAM user policies properly - the plugin requires only S3 Read access
 on specific bucket.

pkg/awsutil/config.go

@@ -13,7 +13,9 @@ import (
 const (
 	envAwsAccessKeyID     = "AWS_ACCESS_KEY_ID"
 	envAwsSecretAccessKey = "AWS_SECRET_ACCESS_KEY"
-	envAWsDefaultRegion   = "AWS_DEFAULT_REGION"
+	envAwsDefaultRegion   = "AWS_DEFAULT_REGION"
+
+	envAwsProfile = "AWS_PROFILE"
 )
 
 var (
@@ -27,14 +29,16 @@ var (
 // Config returns AWS config with credentials and parameters taken from
 // environment and/or from ~/.aws/* files.
 func Config() (*aws.Config, error) {
+	profile := os.Getenv(envAwsProfile)
+
 	if os.Getenv(envAwsAccessKeyID) == "" && os.Getenv(envAwsSecretAccessKey) == "" {
-		if err := dotaws.ParseCredentials(); err != nil {
+		if err := dotaws.ParseCredentials(profile); err != nil {
 			return nil, errors.Wrap(err, "failed to parse aws credentials file")
 		}
 	}
 
-	if os.Getenv(envAWsDefaultRegion) == "" {
-		if err := dotaws.ParseConfig(); err != nil {
+	if os.Getenv(envAwsDefaultRegion) == "" {
+		if err := dotaws.ParseConfig(profile); err != nil {
 			return nil, errors.Wrap(err, "failed to parse aws config file")
 		}
 	}
@@ -47,7 +51,7 @@ func Config() (*aws.Config, error) {
 		),
 		DisableSSL:       aws.Bool(awsDisableSSL == "true"),
 		Endpoint:         aws.String(awsEndpoint),
-		Region:           aws.String(os.Getenv(envAWsDefaultRegion)),
+		Region:           aws.String(os.Getenv(envAwsDefaultRegion)),
 		S3ForcePathStyle: aws.Bool(true),
 	}, nil
 }

pkg/dotaws/config.go

@@ -1,6 +1,7 @@
 package dotaws
 
 import (
+	"fmt"
 	"os"
 
 	"github.com/go-ini/ini"
@@ -13,7 +14,7 @@ const (
 	envAWsDefaultRegion = "AWS_DEFAULT_REGION"
 )
 
-func ParseConfig() error {
+func ParseConfig(profile string) error {
 	f, err := os.Open(os.ExpandEnv(configFile))
 	if err != nil {
 		if err == os.ErrNotExist {
@@ -27,7 +28,12 @@ func ParseConfig() error {
 		return errors.Wrapf(err, "failed to load file %s as ini", configFile)
 	}
 
-	sec, err := il.GetSection("default")
+	sectionName := "default"
+	if profile != "" {
+		sectionName = fmt.Sprintf("profile %s", profile)
+	}
+
+	sec, err := il.GetSection(sectionName)
 	if err != nil {
 		return errors.Wrap(err, `aws config file has no "default" section`)
 	}

pkg/dotaws/credentials.go

@@ -14,7 +14,7 @@ const (
 	envAwsSecretAccessKey = "AWS_SECRET_ACCESS_KEY"
 )
 
-func ParseCredentials() error {
+func ParseCredentials(profile string) error {
 	f, err := os.Open(os.ExpandEnv(credentialsFile))
 	if err != nil {
 		if err == os.ErrNotExist {
@@ -28,7 +28,12 @@ func ParseCredentials() error {
 		return errors.Wrapf(err, "failed to load file %s as ini", credentialsFile)
 	}
 
-	sec, err := il.GetSection("default")
+	sectionName := "default"
+	if profile != "" {
+		sectionName = profile
+	}
+
+	sec, err := il.GetSection(sectionName)
 	if err != nil {
 		return errors.Wrap(err, `aws credentials file has no "default" section`)
 	}

plugin.yaml

@@ -1,5 +1,5 @@
 name: "s3"
-version: "0.4.0"
+version: "0.4.1"
 usage: "The plugin allows to use s3 protocol to upload, fetch charts and to work with repositories."
 description: |-
   Provides AWS S3 protocol support.