From 7e2ae203dad342dc5ab754a537b58bf3eb84632b Mon Sep 17 00:00:00 2001 From: arnie Date: Thu, 4 Sep 2025 17:03:40 +0200 Subject: [PATCH] veracode gov stage access --- home-manager/veracode/.okta_aws_login_config | 4 ++-- home-manager/veracode/aws-cli.nix | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/home-manager/veracode/.okta_aws_login_config b/home-manager/veracode/.okta_aws_login_config index 0d3bcdd..261b99c 100644 --- a/home-manager/veracode/.okta_aws_login_config +++ b/home-manager/veracode/.okta_aws_login_config @@ -2,8 +2,8 @@ okta_org_url = https://govus-staging-veracode.okta.com gimme_creds_server = appurl aws_rolename = arn:aws-us-gov:iam::403885414333:role/Corp-Engineer -write_aws_creds = False -cred_profile = role +write_aws_creds = True +cred_profile = 403885414333-Corp-Engineer okta_username = lcech@veracode.com app_url = https://govus-staging-veracode.okta.com/home/amazon_aws/0oame0n0rGjDo9BvZ4h6/272 resolve_aws_alias = False diff --git a/home-manager/veracode/aws-cli.nix b/home-manager/veracode/aws-cli.nix index 85ad4c1..c2f10f8 100644 --- a/home-manager/veracode/aws-cli.nix +++ b/home-manager/veracode/aws-cli.nix @@ -560,11 +560,6 @@ in ]; programs.zsh.shellAliases = { - export-aws-govus-stage = ''${pkgs.writeShellScript "export-aws-govus-stage" '' - gimme-aws-creds --profile govus-stage - echo "export AWS_REGION=us-gov-west-1" - ''}''; - veracode-find = ''${pkgs.writeShellScript "veracode-find" '' for profile in $(aws configure list-profiles | grep -E '^(us|eu|old-world|longbow)-'); do echo "=== $profile ===" @@ -607,5 +602,10 @@ in aws sso login --profile old-world-aws-devops & aws sso login --profile longbow-SharedServices & ''}''; + + veracode-login-govus-stage = ''${pkgs.writeShellScript "export-aws-govus-stage" '' + gimme-aws-creds --profile govus-stage + ${pkgs.gnugrep}/bin/grep "^\[403885414333-Corp-Engineer\]" -A1 ${homedir}/.aws/credentials | ${pkgs.coreutils}/bin/tail -n 1 | ${pkgs.gnugrep}/bin/grep -q "region" || ${pkgs.gnused}/bin/sed -i '/^\[403885414333-Corp-Engineer\]$/a region = us-gov-west-1' ${homedir}/.aws/credentials + ''}''; }; }