From e3f5688ee4e084022e4f8aac1fbb58f6d98563bb Mon Sep 17 00:00:00 2001
From: conor <conor.mcmanus@gfk.com>
Date: Wed, 12 Jun 2019 15:55:01 +0200
Subject: [PATCH 1/5] Flip the order of where tf commands happen. This appears
 to be more stable behaviour

---
 atmos.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/atmos.py b/atmos.py
index dc75837..3f0aa58 100755
--- a/atmos.py
+++ b/atmos.py
@@ -8,6 +8,7 @@ def main(argv):
     g.add_argument("command", help="Send commands to terraform with workspace variable context", nargs='?', default=False)
     parser.add_argument("-e", help="Gather shared-creds from environment variables (Dont use this flag if you dont want your ~/.aws/credentials replaced. This is for CI/CD", action='store_true', default=False)
     parser.add_argument("-m", help="Prevents workspace from changing with git branches automatically", action='store_true', default=False)
+    parser.add_argument("-p", help="Prevents workspace from changing with git branches automatically", action='store_true', default=False)
     args, params = parser.parse_known_args()
     if args.command:
         determine_actions(args, params)
@@ -20,12 +21,12 @@ def determine_actions(args, params):
     env_actions = ["plan", "apply", "destroy"] # Commands that require env context
     cmd = 'terraform {args}'.format(args=args.command)
 
+    if (args.command in env_actions) and not (args.p): # Append with env context
+        cmd = cmd + ' -var-file=vars/{env}.tfvars -var "workspace={env}"'.format(env=workspace)
+
     for param in params: # Pass terraform params directly through
         cmd = cmd + ' ' + param
 
-    if (args.command in env_actions): # Append with env context
-        cmd = cmd + ' -var-file=vars/{env}.tfvars -var "workspace={env}"'.format(env=workspace)
-
     if (args.e):
         generate_creds()
     

From 6bcd68e410c7a1b913b51d4118eb64a46ba8daef Mon Sep 17 00:00:00 2001
From: conor <conor.mcmanus@gfk.com>
Date: Tue, 16 Jul 2019 13:09:32 +0200
Subject: [PATCH 2/5] Update -p flag description to be accurate

---
 atmos.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/atmos.py b/atmos.py
index 3f0aa58..cb24ea2 100755
--- a/atmos.py
+++ b/atmos.py
@@ -8,7 +8,7 @@ def main(argv):
     g.add_argument("command", help="Send commands to terraform with workspace variable context", nargs='?', default=False)
     parser.add_argument("-e", help="Gather shared-creds from environment variables (Dont use this flag if you dont want your ~/.aws/credentials replaced. This is for CI/CD", action='store_true', default=False)
     parser.add_argument("-m", help="Prevents workspace from changing with git branches automatically", action='store_true', default=False)
-    parser.add_argument("-p", help="Prevents workspace from changing with git branches automatically", action='store_true', default=False)
+    parser.add_argument("-p", help="Atmos will not add -var-file or -var args to terraform", action='store_true', default=False)
     args, params = parser.parse_known_args()
     if args.command:
         determine_actions(args, params)

From dc5ba4899091036c09cdfa198cefc069cb3fd59b Mon Sep 17 00:00:00 2001
From: conor <conor.mcmanus@gfk.com>
Date: Tue, 16 Jul 2019 17:12:34 +0200
Subject: [PATCH 3/5] Atmos will use its own credentials file

---
 README.md | 5 +++--
 atmos.py  | 6 ++++--
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 68e8663..8559cea 100644
--- a/README.md
+++ b/README.md
@@ -36,6 +36,7 @@ To get the most out of Terraform workspaces it is recommended that the AWS provi
 provider "aws" {
     region = "${var.region}"
     profile = "${var.workspace}"
+    shared_credentials_file = ${var.shared_credentials_file}
 }
 ```
 
@@ -51,7 +52,7 @@ This will make Terraform lookup AWS credentials from the `~/.aws/credentials` fi
 
 ## atmos -e
 
-Adding the `-e` flag to atmos will make it generate a new `~/.aws/credentials` file from environment variables. You must first include the `default` access key ID & secret access key like this:
+Adding the `-e` flag to atmos will make it generate a new `~/.aws/credentials-atmos` file from environment variables. You must first include the `default` access key ID & secret access key like this:
 
 ```
 DEFAULT_ACCESS_KEY_ID=id
@@ -68,7 +69,7 @@ QA_ACCESS_KEY_ID=id
 QA_SECRET_ACCESS_KEY=key
 ```
 
-Note: Atmos will override your default credentials file as this functionality is for use in a docker container or in situations where you would rather use variables.
+This requires a `shared_credentials_file` variable on the top level. To support standard Terraform workflows its recommened to default this to the default shared credentials file location `$HOME/.aws/credentials`. Atmos will then handle the overriding safely in the background
 
 # atmos -m
 
diff --git a/atmos.py b/atmos.py
index cb24ea2..37359d7 100755
--- a/atmos.py
+++ b/atmos.py
@@ -14,7 +14,9 @@ def main(argv):
         determine_actions(args, params)
 
 def determine_actions(args, params):
+    aws_creds_file = "$HOME/.aws/credentials"
     if (is_git_directory()) and not (args.m):
+        aws_creds_file = aws_creds_file + "-atmos"
         workspace_manager()
 
     workspace = get_env()
@@ -22,7 +24,7 @@ def determine_actions(args, params):
     cmd = 'terraform {args}'.format(args=args.command)
 
     if (args.command in env_actions) and not (args.p): # Append with env context
-        cmd = cmd + ' -var-file=vars/{env}.tfvars -var "workspace={env}"'.format(env=workspace)
+        cmd = cmd + ' -var-file=vars/{env}.tfvars -var "workspace={env}" -var "shared_credentials_file={aws_creds_file}"'.format(env=workspace, aws_creds_file=aws_creds_file)
 
     for param in params: # Pass terraform params directly through
         cmd = cmd + ' ' + param
@@ -62,7 +64,7 @@ def generate_creds():
         contents = contents + "[{workspace}]\n".format(workspace=workspace)
         contents = contents + "aws_access_key_id=" + os.environ.get(workspace.upper() + '_ACCESS_KEY_ID') + "\n"
         contents = contents + "aws_secret_access_key=" + os.environ.get(workspace.upper() + '_SECRET_ACCESS_KEY') + "\n"
-    with open(os.path.expanduser('~/.aws/credentials'), 'w+') as f:
+    with open(os.path.expanduser('~/.aws/credentials-atmos'), 'w+') as f:
         f.write(contents)
 
 def get_valid_envs():

From 8bff7443d5b43660d08a0e1149b6ea577f26aae0 Mon Sep 17 00:00:00 2001
From: conor <conor.mcmanus@gfk.com>
Date: Wed, 17 Jul 2019 09:34:14 +0200
Subject: [PATCH 4/5] Changed -p flag to be -n for neutralize for stoppping
 atmos from doing var appending

---
 atmos.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/atmos.py b/atmos.py
index 37359d7..b63ad82 100755
--- a/atmos.py
+++ b/atmos.py
@@ -8,7 +8,7 @@ def main(argv):
     g.add_argument("command", help="Send commands to terraform with workspace variable context", nargs='?', default=False)
     parser.add_argument("-e", help="Gather shared-creds from environment variables (Dont use this flag if you dont want your ~/.aws/credentials replaced. This is for CI/CD", action='store_true', default=False)
     parser.add_argument("-m", help="Prevents workspace from changing with git branches automatically", action='store_true', default=False)
-    parser.add_argument("-p", help="Atmos will not add -var-file or -var args to terraform", action='store_true', default=False)
+    parser.add_argument("-n", help="Atmos will not add -var-file or -var args to terraform", action='store_true', default=False)
     args, params = parser.parse_known_args()
     if args.command:
         determine_actions(args, params)
@@ -23,7 +23,7 @@ def determine_actions(args, params):
     env_actions = ["plan", "apply", "destroy"] # Commands that require env context
     cmd = 'terraform {args}'.format(args=args.command)
 
-    if (args.command in env_actions) and not (args.p): # Append with env context
+    if (args.command in env_actions) and not (args.n): # Append with env context
         cmd = cmd + ' -var-file=vars/{env}.tfvars -var "workspace={env}" -var "shared_credentials_file={aws_creds_file}"'.format(env=workspace, aws_creds_file=aws_creds_file)
 
     for param in params: # Pass terraform params directly through

From b6d8d623df4292076ffe7ea1dc7d204bbf94b8f9 Mon Sep 17 00:00:00 2001
From: conor <conor.mcmanus@gfk.com>
Date: Wed, 17 Jul 2019 10:15:21 +0200
Subject: [PATCH 5/5] Add verbose mode and flag for project prefix in env vars

---
 atmos.py | 37 +++++++++++++++++++++++++++++--------
 1 file changed, 29 insertions(+), 8 deletions(-)

diff --git a/atmos.py b/atmos.py
index b63ad82..765fc30 100755
--- a/atmos.py
+++ b/atmos.py
@@ -9,6 +9,8 @@ def main(argv):
     parser.add_argument("-e", help="Gather shared-creds from environment variables (Dont use this flag if you dont want your ~/.aws/credentials replaced. This is for CI/CD", action='store_true', default=False)
     parser.add_argument("-m", help="Prevents workspace from changing with git branches automatically", action='store_true', default=False)
     parser.add_argument("-n", help="Atmos will not add -var-file or -var args to terraform", action='store_true', default=False)
+    parser.add_argument("-p", "--project", help="Add a project prefix for env vars", nargs='?', default="")
+    parser.add_argument("-v", "--verbose", help="Debug mode", action="store_true", default=False)
     args, params = parser.parse_known_args()
     if args.command:
         determine_actions(args, params)
@@ -16,22 +18,30 @@ def main(argv):
 def determine_actions(args, params):
     aws_creds_file = "$HOME/.aws/credentials"
     if (is_git_directory()) and not (args.m):
-        aws_creds_file = aws_creds_file + "-atmos"
+        if (args.e):
+            aws_creds_file = aws_creds_file + "-atmos"
         workspace_manager()
 
+    if (args.project) and (args.verbose):
+        print("Project: " + args.project)
+
     workspace = get_env()
     env_actions = ["plan", "apply", "destroy"] # Commands that require env context
     cmd = 'terraform {args}'.format(args=args.command)
 
     if (args.command in env_actions) and not (args.n): # Append with env context
-        cmd = cmd + ' -var-file=vars/{env}.tfvars -var "workspace={env}" -var "shared_credentials_file={aws_creds_file}"'.format(env=workspace, aws_creds_file=aws_creds_file)
+        cmd = cmd + ' -var-file=vars/{env}.tfvars -var "workspace={env}"'.format(env=workspace)
+        cmd = cmd + ' -var "shared_credentials_file={aws_creds_file}"'.format(aws_creds_file=aws_creds_file)
 
     for param in params: # Pass terraform params directly through
         cmd = cmd + ' ' + param
 
     if (args.e):
-        generate_creds()
-    
+        generate_creds(args)
+
+    if (args.verbose):
+        print("Atmos will run: " + cmd)
+
     print('Terraform {args} using env vars in {env}'.format(args=args.command, env=workspace))
     with subprocess.Popen(shlex.split(cmd)) as proc:
         exit # Start process but kill py program
@@ -52,18 +62,29 @@ def workspace_manager():
         subprocess.call(["terraform", "workspace", "new", branch], stderr=subprocess.STDOUT, stdout=open(os.devnull, 'w'))
         subprocess.call(["terraform", "workspace", "select", branch], stderr=subprocess.STDOUT, stdout=open(os.devnull, 'w'))
 
-def generate_creds():
+def generate_creds(args):
     current_workspace = get_env()
     workspaces = ['default']
 
     if current_workspace != 'default':
         workspaces.append(current_workspace)
-    
+
+    project_name = ""
+    if (args.project):
+        project_name = args.project.upper() + "_"
+
     contents = ""
     for workspace in workspaces:
+        access_key_name = project_name + workspace.upper() + '_ACCESS_KEY_ID'
+        secret_key_name = project_name + workspace.upper() + '_SECRET_ACCESS_KEY'
+
+        if (args.verbose):
+            print(access_key_name)
+            print(secret_key_name)
+
         contents = contents + "[{workspace}]\n".format(workspace=workspace)
-        contents = contents + "aws_access_key_id=" + os.environ.get(workspace.upper() + '_ACCESS_KEY_ID') + "\n"
-        contents = contents + "aws_secret_access_key=" + os.environ.get(workspace.upper() + '_SECRET_ACCESS_KEY') + "\n"
+        contents = contents + "aws_access_key_id=" + os.environ.get(access_key_name) + "\n"
+        contents = contents + "aws_secret_access_key=" + os.environ.get(secret_key_name) + "\n"
     with open(os.path.expanduser('~/.aws/credentials-atmos'), 'w+') as f:
         f.write(contents)