External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-18 05:35:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add loadConfig S3 based on AWS_PROFILE ~/.aws/credentials

Browse Source
This commit is contained in:
alban.stourbe stourbe 2024-10-01 11:45:10 +02:00
parent 04a6c82730
commit e35c6049bb
3 changed files with 35 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
internal/runner/options.go
View File

@ -235,15 +235,21 @@ func validateMissingS3Options(options *types.Options) []string {
if options.AwsBucketName == "" { if options.AwsBucketName == "" {
missing = append(missing, "AWS_TEMPLATE_BUCKET") missing = append(missing, "AWS_TEMPLATE_BUCKET")
} }
if options.AwsAccessKey == "" { if options.AwsProfile == "" {
missing = append(missing, "AWS_ACCESS_KEY") if options.AwsAccessKey == "" {
missing = append(missing, "AWS_ACCESS_KEY")
}
if options.AwsSecretKey == "" {
missing = append(missing, "AWS_SECRET_KEY")
}
if options.AwsRegion == "" {
missing = append(missing, "AWS_REGION")
}
} }
if options.AwsSecretKey == "" { if (options.AwsAccessKey == "" || options.AwsSecretKey == "" || options.AwsRegion == "") && options.AwsProfile == "" {
missing = append(missing, "AWS_SECRET_KEY") missing = append(missing, "AWS_PROFILE")
}
if options.AwsRegion == "" {
missing = append(missing, "AWS_REGION")
} }
return missing return missing
} }
@ -449,6 +455,7 @@ func readEnvInputVars(options *types.Options) {
options.AwsSecretKey = os.Getenv("AWS_SECRET_KEY") options.AwsSecretKey = os.Getenv("AWS_SECRET_KEY")
options.AwsBucketName = os.Getenv("AWS_TEMPLATE_BUCKET") options.AwsBucketName = os.Getenv("AWS_TEMPLATE_BUCKET")
options.AwsRegion = os.Getenv("AWS_REGION") options.AwsRegion = os.Getenv("AWS_REGION")
options.AwsProfile = os.Getenv("AWS_PROFILE")
// Azure options for downloading templates from an Azure Blob Storage container // Azure options for downloading templates from an Azure Blob Storage container
options.AzureContainerName = os.Getenv("AZURE_CONTAINER_NAME") options.AzureContainerName = os.Getenv("AZURE_CONTAINER_NAME")

24
pkg/external/customtemplates/s3.go vendored
View File

@ -62,7 +62,7 @@ func (bk *customTemplateS3Bucket) Update(ctx context.Context) {
func NewS3Providers(options *types.Options) ([]*customTemplateS3Bucket, error) { func NewS3Providers(options *types.Options) ([]*customTemplateS3Bucket, error) {
providers := []*customTemplateS3Bucket{} providers := []*customTemplateS3Bucket{}
if options.AwsBucketName != "" && !options.AwsTemplateDisableDownload { if options.AwsBucketName != "" && !options.AwsTemplateDisableDownload {
s3c, err := getS3Client(context.TODO(), options.AwsAccessKey, options.AwsSecretKey, options.AwsRegion) s3c, err := getS3Client(context.TODO(), options.AwsAccessKey, options.AwsSecretKey, options.AwsRegion, options.AwsProfile)
if err != nil { if err != nil {
return nil, errorutil.NewWithErr(err).Msgf("error downloading s3 bucket %s", options.AwsBucketName) return nil, errorutil.NewWithErr(err).Msgf("error downloading s3 bucket %s", options.AwsBucketName)
} }
@ -104,10 +104,24 @@ func downloadToFile(downloader *manager.Downloader, targetDirectory, bucket, key
return err return err
} }
func getS3Client(ctx context.Context, accessKey string, secretKey string, region string) (*s3.Client, error) { func getS3Client(ctx context.Context, accessKey string, secretKey string, region string, profile string) (*s3.Client, error) {
cfg, err := config.LoadDefaultConfig(ctx, config.WithCredentialsProvider(credentials.NewStaticCredentialsProvider(accessKey, secretKey, "")), config.WithRegion(region)) var cfg aws.Config
if err != nil { var err error
return nil, err if profile != "" {
cfg, err = config.LoadDefaultConfig(ctx, config.WithSharedConfigProfile(profile))
if err != nil {
return nil, err
}
} else if accessKey != "" && secretKey != "" {
cfg, err = config.LoadDefaultConfig(ctx, config.WithCredentialsProvider(credentials.NewStaticCredentialsProvider(accessKey, secretKey, "")), config.WithRegion(region))
if err != nil {
return nil, err
}
} else {
cfg, err = config.LoadDefaultConfig(ctx)
if err != nil {
return nil, err
}
} }
return s3.NewFromConfig(cfg), nil return s3.NewFromConfig(cfg), nil
} }

2
pkg/types/types.go
View File

@ -345,6 +345,8 @@ type Options struct {
GitLabTemplateRepositoryIDs []int GitLabTemplateRepositoryIDs []int
// GitLabTemplateDisableDownload disables downloading templates from custom GitLab repositories // GitLabTemplateDisableDownload disables downloading templates from custom GitLab repositories
GitLabTemplateDisableDownload bool GitLabTemplateDisableDownload bool
// AWS access profile from ~/.aws/credentials file for downloading templates from S3 bucket
AwsProfile string
// AWS access key for downloading templates from S3 bucket // AWS access key for downloading templates from S3 bucket
AwsAccessKey string AwsAccessKey string
// AWS secret key for downloading templates from S3 bucket // AWS secret key for downloading templates from S3 bucket