From c93086848fc00ea97690b6f8e5850fbe24cd11fa Mon Sep 17 00:00:00 2001
From: Florian Klink <flokli@flokli.de>
Date: Sun, 12 Nov 2023 18:58:31 +0200
Subject: feat(users/flokli/archeology): add AWS config to shell

This allows using awscli inside a shell.

Clickhouse AWS SSO integration still seems broken unfortunately, even
with https://github.com/ClickHouse/ClickHouse/pull/54347 included in
our bump - it seems it's coming up with another token file path than the
AWS SDK:

> SSOCredentialsProvider: Unable to open token file on path: /home/flokli/.aws/sso/cache/da39a3ee5e6b4b0d3255bfef95601890afd80709.json

This is the sha1sum of the sso_start_url, not the sha1sum of the
session-name (nixos / f2f059b8b7298f1ad52636d67cef8b719aa83bf5).

Change-Id: Ia1bdec03c4f269a7415c42c90c1f4fd3d928f770
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10012
Reviewed-by: edef <edef@edef.eu>
Tested-by: BuildkiteCI
---
 users/flokli/archeology/default.nix | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

(limited to 'users')

diff --git a/users/flokli/archeology/default.nix b/users/flokli/archeology/default.nix
index 0c875ce3a8..d642399cbe 100644
--- a/users/flokli/archeology/default.nix
+++ b/users/flokli/archeology/default.nix
@@ -33,6 +33,19 @@ depot.nix.readTree.drvTargets {
 
   shell = pkgs.mkShell {
     name = "archeology-shell";
-    packages = with pkgs; [ clickhouse rust-analyzer rustc rustfmt ];
+    packages = with pkgs; [ awscli2 clickhoseLocalFixedAWS rust-analyzer rustc rustfmt ];
+
+    AWS_PROFILE = "sso";
+    AWS_CONFIG_FILE = pkgs.writeText "aws-config" ''
+      [sso-session nixos]
+      sso_region = eu-north-1
+      sso_start_url = https://nixos.awsapps.com/start
+      sso_registration_scopes = sso:account:access
+
+      [profile "sso"]
+      sso_session = nixos
+      sso_account_id = 080433136561
+      sso_role_name = archeologist
+    '';
   };
 }
-- 
cgit 1.4.1