Merge pull request #102 from britive/develop

twratl · web-flow · commit d038a4e1a9ce · 2023-10-13T08:57:43.000-04:00
v1.5.0rc3
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,23 @@
 
 * As of v1.4.0 release candidates will be published in an effort to get new features out faster while still allowing time for full QA testing before moving the release candidate to a full release.
 
+## v1.5.0rc3 [2023-10-13]
+#### What's New
+* None
+
+#### Enhancements
+* None
+
+#### Bug Fixes
+* None
+
+#### Dependencies
+* `britive>=2.22.0`
+
+#### Other
+* Updates to the documentation calling out the requirement to properly escape input based on the shell you are using
+* Resolve dependabot issue https://github.com/britive/python-cli/security/dependabot/6
+
 ## v1.5.0rc2 [2023-09-18]
 #### What's New
 * None
diff --git a/docs/index.md b/docs/index.md
@@ -236,7 +236,10 @@ Example:
 * Profile: Admin
 
 As we construct the checkout command it would generally be `AWS/Dev/Test/Admin` but since the environment has a `/`
-in it, we need to escape that to be `AWS/Dev\/Test/Admin` so the CLI can properly parse out the 3 required parts of the string .
+in it, we need to escape that to be `AWS/Dev\/Test/Admin` so the CLI can properly parse out the 3 required parts of the string.
+
+This holds true for names of secrets and any other free form text that may be submitted via the CLI. Ensure you are
+escaping all required characters based on the shell you are using.
 
 ## `api` Command - Use the Britive Python SDK via the CLI
 
diff --git a/requirements.txt b/requirements.txt
@@ -1,5 +1,5 @@
 boto3
-britive>=2.21.0
+britive>=2.22.0
 certifi>=2022.12.7
 charset-normalizer==2.1.0
 click~=8.1.3
@@ -19,4 +19,5 @@ six==1.16.0
 tabulate==0.8.10
 toml==0.10.2
 twine~=4.0.1
-urllib3==1.26.9
+urllib3>=1.26.17; urllib3 == 1
+urllib3>=2.0.6; urllib3 == 2
diff --git a/setup.cfg b/setup.cfg
@@ -1,6 +1,6 @@
 [metadata]
 name = pybritive
-version = 1.5.0rc2
+version = 1.5.0rc3
 author = Britive Inc.
 author_email = support@britive.com
 description = A pure Python CLI for Britive
@@ -17,6 +17,8 @@ package_dir =
     = src
 packages = find:
 python_requires = >=3.7
+
+# urllib3 version logic due to https://github.com/britive/python-cli/security/dependabot/6
 install_requires =
     click
     requests>=2.31.0
@@ -26,7 +28,7 @@ install_requires =
     toml
     cryptography>=41.0.0
     python-dateutil
-    britive>=2.21.0
+    britive>=2.22.0
     jmespath
     pyjwt
 
diff --git a/src/pybritive/helpers/aws_credential_process.py b/src/pybritive/helpers/aws_credential_process.py
@@ -1,12 +1,13 @@
 def get_args():
     from getopt import getopt  # lazy load
     from sys import argv  # lazy load
-    options = getopt(argv[1:], 't:T:p:f:P:hv', [
+    options = getopt(argv[1:], 't:T:p:f:P:F:hv', [
         'tenant=',
         'token=',
         'passphrase=',
         'force-renew=',
         'profile=',
+        'federation-provider='
         'help',
         'version'
     ])[0]
@@ -16,7 +17,8 @@ def get_args():
         'token': None,
         'passphrase': None,
         'force_renew': None,
-        'profile': None
+        'profile': None,
+        'federation_provider': None
     }
 
     for opt, arg in options:
@@ -30,6 +32,8 @@ def get_args():
             args['force_renew'] = int(arg)
         if opt in ('-P', '--profile'):
             args['profile'] = arg
+        if opt in ('-F', '--federation-provider'):
+            args['federation_provider'] = arg
         if opt in ('-h', '--help'):
             usage()
         if opt in ('-v', '--version'):
@@ -46,7 +50,10 @@ def get_args():
 
 def usage():
     from sys import argv  # lazy load
-    print(f'Usage : {argv[0]} --profile <profile> [-t/--tenant, -T/--token, -t/--passphrase, -f/--force-renew]')
+    print(
+        f'Usage : {argv[0]} --profile <profile> [-t/--tenant, -T/--token, -p/--passphrase, -f/--force-renew, '
+        f'-F/--federation-provider]'
+    )
     raise SystemExit()
 
 
@@ -66,7 +73,7 @@ def main():
             now = datetime.utcnow()
             if now > expiration:  # creds have expired so set to none so new one get checked out
                 creds = None
-            else:
+            else:  # not importing json library on purpose to keep imports down for speed
                 json = '{'
                 json += f'"AccessKeyId": "{creds["accessKeyID"]}",'
                 json += f'"SecretAccessKey": "{creds["secretAccessKey"]}",'
@@ -78,7 +85,13 @@ def main():
     if not creds:
         from ..britive_cli import BritiveCli  # lazy load for performance purposes
 
-        b = BritiveCli(tenant_name=args['tenant'], token=args['token'], passphrase=args['passphrase'], silent=True)
+        b = BritiveCli(
+            tenant_name=args['tenant'],
+            token=args['token'],
+            passphrase=args['passphrase'],
+            federation_provider=args['federation_provider'],
+            silent=True
+        )
         b.config.get_tenant()  # have to load the config here as that work is generally done
         b.checkout(
             alias=None,
