Fork me on GitHub
#babashka
<
2021-01-06
>
borkdude12:01:11

We (@jeroenvandijk, @rahul080327, @valtteri and myself) are happy to announce the babashka aws pod! Access AWS directly from babashka scripts with virtually no startup time, accessing all the services that the Cognitect aws-api lib provides access to. https://github.com/babashka/pod-babashka-aws

babashka 18
🎉 33
nha13:01:18

Is there a way to launch a babashka .CLJ file like a normal bash file? ./my-clj-script.sh I'm asking because I would like to run a BB script in our TeamCity and you can enter some bash in the UI so that would make it easy to use there.

borkdude13:01:50

@nha yes, use a shebang: #!/usr/bin/env bb

nha13:01:11

Nice! That should work simple_smile thanks

lukasz15:01:54

@borkdude I assume aws pod doesn't support custom credential providers, right?

jeroenvandijk15:01:05

@lukaszkorecki If you have specific examples please leave a comment with your usecase

lukasz15:01:45

@jeroenvandijk We have 2 custom providers which I'm planning to open source at some point - AWS SSO profile and Fargate+ECS, neither are supported out of the box in aws-api, the implementation is fairly straightforward but since both reify CredentialsProvider, I'd assume it's not possible to pull off in BB (it might, I don't know)

borkdude15:01:26

@lukaszkorecki Jeroen is adding a credentials_process provider, which lets you hook into a process which grabs the credentials for you, returned as json

borkdude15:01:30

That might also help

borkdude15:01:42

which can be another bb script, possibly ;)

lukasz15:01:54

it totally can - both providers are pretty simple (couple of HTTP requests and parsing JSON files)

jeroenvandijk15:01:43

Do you happen to use Okta @lukaszkorecki?

jeroenvandijk15:01:31

I started implementing support for reify CredentialsProvider but it’s a bit tricky so maybe not worth it if there are other options

lukasz15:01:29

We delegate to G-Suite as the iDP, but it should be the same - credentials obtained via aws sso login are not dependent on the idp I think

jeroenvandijk15:01:47

Cool 🙂 I didn’t try aws sso yet. Was using Okta before sso came out, but I guess similar indeed

lukasz15:01:37

When I set it up it was "just" SAML, so you can definitely use Okta

lukasz15:01:07

it's pretty neat, as we have effectively stopped using aws credentials locally, don't have to use creds to login to the console

lukasz15:01:20

and with some hackery even works with Terraform

lukasz15:01:32

BUT, most (if not all) AWS SDKs do not work with sso as the credential source

lukasz15:01:41

(yet, I'm sure they will catch up)

jeroenvandijk15:01:06

even when wrapped in a credential_process?

lukasz15:01:28

if that provides credentials via standard env vars, then it should work as expected

lukasz15:01:40

but, these expire within 15m to an hour (I think it's configurable)

lukasz15:01:46

so you need something to constantly refresh them

jeroenvandijk15:01:39

aws-cli and aws-sdk seem to work properly with credential_process is my experience. I do have a custom wrapper to manage expirations

jeroenvandijk15:01:34

awesome thanks!

lukasz15:01:34

assumes that aws cli v2 is configured, you can do aws sso login --profile=whatever and call the AWS APIs

borkdude15:01:32

Does it make sense to make a thread for this discussion?

borkdude15:01:39

(I personally don't mind)

lukasz15:01:57

Sorry, yes! Also I thought this is #aws channel facepalm

borkdude15:01:28

No worries. Let's continue here :)

borkdude16:01:02

Added you to our "babashka-aws" group discussion

jeroenvandijk16:01:14

What’s the recommended way to parse a date in Babashka e.g. “2021-01-06T17:27:27Z” in order to get #inst “2021-01-06T17:27:27Z”

borkdude16:01:47

the java.time API

jeroenvandijk16:01:56

ah yeah, good one. was struggling with java.util.date 😅

borkdude16:01:05

This also works:

user=> #inst "2021-01-06T17:27:27Z"
#inst "2021-01-06T17:27:27.000-00:00"
but only for literal strings

borkdude16:01:46

Ah I see:

user=> (java.time.ZonedDateTime/parse "2021-01-06T17:27:27Z")
#object[java.time.ZonedDateTime 0x42c2631c "2021-01-06T17:27:27Z"]

jkrasnay17:01:07

You might want java.time.Instant instead of java.time.ZonedDateTime. The latter carries around a timezone with it.

borkdude17:01:13

$ bb -e '(java.time.Instant/parse "2021-01-06T17:27:27Z")'
#object[java.time.Instant 0x608e84f "2021-01-06T17:27:27Z"]

borkdude17:01:30

yeah, works

borkdude17:01:05

I made a dev channel for pod-babashka-aws-dev which is by invite, let me know if you're interested and I'll add you. This is only for dev discussions. Normal usage questions can go here.