/codecommit-sign

Generate a signed AWS V4 CodeCommit URL directly from an IAM role. No dedicated CodeCommit credentials are needed

Primary LanguageGoMIT LicenseMIT

codecommit-sign

Build status License MIT Go Report Card Go Version codecov

Generate a signed AWS V4 CodeCommit URL without the need for dedicated IAM user credentials.

Install

Binary downloads can be found on the Releases page. Unpack the codecommit-sign binary and add it to your PATH.

Homebrew

To use Homebrew:

brew tap gembaadvantage/tap
brew install codecommit-sign

Scoop

To use Scoop:

scoop install codecommit-sign

Yum

To install using the yum package manager:

echo '[codecommit-sign]
name=uplift
baseurl=https://yum.fury.io/ga-paul-t/
enabled=1
gpgcheck=0' | sudo tee /etc/yum.repos.d/codecommit-sign.repo
sudo yum install -y codecommit-sign

Apt

echo 'deb [trusted=yes] https://apt.fury.io/ga-paul-t/ /' | sudo tee /etc/apt/sources.list.d/codecommit-sign.list
sudo apt update
sudo apt install -y codecommit-sign

Aur

To install from the aur using yay:

yay -S codecommit-sign-bin

Linux Packages

Download and manually install one of the .deb, .rpm or .apk packages from the Releases page.

sudo apt install codecommit-sign_*.deb
sudo yum localinstall codecommit-sign-*.rpm
sudo apk add --no-cache --allow-untrusted codecommit-sign_*.apk

Script

To install using a shell script:

curl https://raw.githubusercontent.com/gembaadvantage/codecommit-sign/main/scripts/install > install
chmod 700 install
./install

Quick Start

Retrieve (or construct) the clone URL to your chosen CodeCommit repository and then sign it. Depending on your chosen authentication mechanism, you may need to provide an AWS named profile through the optional --profile flag.

HTTPS

codecommit-sign https://git-codecommit.eu-west-1.amazonaws.com/v1/repos/repository

GRC

codecommit-sign codecommit::eu-west-1://repository

All GRC variants are supported:

  • codecommit://repository
  • codecommit://profile@repository
  • codecommit::region://profile@repository