-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.js
138 lines (120 loc) · 3.45 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
import puppeteer from 'puppeteer';
import { fromSSO } from '@aws-sdk/credential-provider-sso';
import { writeFileSync } from 'fs';
import { spawn } from 'child_process';
import { CronJob } from 'cron';
import options from './options.js';
import { getCronExpression } from './utils.js';
const { refreshEvery, profileSso, profileCredentials, userDataDir, awsCredentialsFile } = options;
let { headless, timeout } = options;
timeout *= 60000;
headless = headless ? 'new' : false;
const cronTime = getCronExpression(refreshEvery);
async function processData(data) {
const output = data.toString().trim();
const url = output.match(/(https?:\/\/[^\s]+)/g)[1];
if (!url) {
console.info(output);
return;
}
// console.debug('===>Debug:\n', output, '\n<===');
const browser = await puppeteer.launch({
headless,
userDataDir,
});
// Set headless to 'new' after the first run
headless = 'new';
const page = await browser.newPage();
await page.goto(url);
const verifyBtn = '#cli_verification_btn';
await page.waitForSelector(verifyBtn, {
visible: true,
timeout,
});
await page.click(verifyBtn);
const loginBtn = '#cli_login_button';
await page.waitForSelector(loginBtn, {
visible: true,
timeout,
});
await page.click(loginBtn);
await page.close();
const { accessKeyId, secretAccessKey, sessionToken } = await fromSSO({
profile: profileSso,
})();
const config = `[${profileCredentials}]
aws_access_key_id = ${accessKeyId}
aws_secret_access_key = ${secretAccessKey}
aws_session_token = ${sessionToken}
`;
writeFileSync(awsCredentialsFile, config);
await browser.close();
}
function refreshAwsCredentials() {
return new Promise((resolve, reject) => {
const child = spawn('aws', ['sso', 'login', '--no-browser', '--profile', profileSso]);
child.stdout.on('data', async (data) => {
try {
return await processData(data);
// return resolve();
} catch (error) {
return reject(error);
}
});
child.stderr.on('data', (data) => {
console.error(`${data}`);
return reject(data);
});
child.on('close', (code) => {
if (code !== 0) {
console.error(
'AWS credentials were NOT refreshed because SSO login has failed! Exit code:',
code,
);
return reject(code);
}
console.info('AWS credentials were refreshed successfully!');
return resolve();
});
});
}
async function retryFunc(func) {
let retry = 0;
let success = false;
while (retry < 10 && !success) {
try {
// eslint-disable-next-line no-await-in-loop
await func();
success = true;
} catch (error) {
// console.error(error);
console.info(`Retrying to refresh AWS credentials... [retries=${(retry += 1)}/10]`);
// eslint-disable-next-line no-await-in-loop
await new Promise((resolve) => {
setTimeout(resolve, 20000);
});
}
}
}
let taskRunning = false;
let job;
// eslint-disable-next-line prefer-const
job = CronJob.from({
cronTime,
onTick: async () => {
if (taskRunning) {
console.debug('cannot start a new task because the previous one is still running');
return;
}
console.info(
`AWS credentials are being refreshed...${
job ? ` [Next refresh => ${job.nextDate().toHTTP()}]` : ''
}`,
);
taskRunning = true;
await retryFunc(refreshAwsCredentials);
taskRunning = false;
},
start: true,
runOnInit: true,
});