From e394010085d7a1534183361a6fc09ca73bee6a53 Mon Sep 17 00:00:00 2001
From: Juniper Hovey <me@juniper.link>
Date: Thu, 21 Dec 2023 11:49:18 -0600
Subject: [PATCH] Add support for custom AWS profile names

---
 mantle/mantle/.gitignore                        |  3 +++
 .../src/state/aws_credentials_provider.rs       | 17 ++++++++++++++++-
 2 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 mantle/mantle/.gitignore

diff --git a/mantle/mantle/.gitignore b/mantle/mantle/.gitignore
new file mode 100644
index 0000000..9198f42
--- /dev/null
+++ b/mantle/mantle/.gitignore
@@ -0,0 +1,3 @@
+# Testing configurations #
+mantle.yml
+mantle.yaml
\ No newline at end of file
diff --git a/mantle/rbx_mantle/src/state/aws_credentials_provider.rs b/mantle/rbx_mantle/src/state/aws_credentials_provider.rs
index dc95878..ec12cae 100644
--- a/mantle/rbx_mantle/src/state/aws_credentials_provider.rs
+++ b/mantle/rbx_mantle/src/state/aws_credentials_provider.rs
@@ -17,6 +17,15 @@ pub struct AwsCredentialsProvider {
 
 impl AwsCredentialsProvider {
     pub fn new() -> AwsCredentialsProvider {
+        // Set up profile provider using optionally supplied profile name //
+        let mut profile_provider: Option<ProfileProvider> = None;
+        if let Ok(profile_name) = env::var("MANTLE_AWS_PROFILE") {
+            let mut provider = ProfileProvider::new().unwrap();
+            provider.set_profile(profile_name);
+            profile_provider = Some(provider);
+        }
+
+        // Inherit IAM role from instance metadata service or ECS agent role //
         let mut inherit_iam_role = false;
         if let Ok(value) = env::var("MANTLE_AWS_INHERIT_IAM_ROLE") {
             if value == "true" {
@@ -27,7 +36,7 @@ impl AwsCredentialsProvider {
         AwsCredentialsProvider {
             prefixed_environment_provider: EnvironmentProvider::with_prefix("MANTLE_AWS"),
             environment_provider: EnvironmentProvider::default(),
-            profile_provider: ProfileProvider::new().ok(),
+            profile_provider,
             container_provider: if inherit_iam_role {
                 let mut provider = ContainerProvider::new();
                 provider.set_timeout(Duration::from_secs(15));
@@ -56,9 +65,15 @@ async fn chain_provider_credentials(
         return Ok(creds);
     }
     if let Some(ref profile_provider) = provider.profile_provider {
+        // Check standard profile credentials first //
         if let Ok(creds) = profile_provider.credentials().await {
             return Ok(creds);
         }
+
+        // Check SSO profile credentials as fallback //
+        let profile_name = profile_provider.profile();
+        println!("profile name: {}", profile_name);
+        
     }
     if let Some(ref container_provider) = provider.container_provider {
         if let Ok(creds) = container_provider.credentials().await {