Merge branch 'main' into config-profile-sso-name

.github/dependabot.yml

@@ -9,7 +9,7 @@ updates:
     directory: "/"
     schedule:
       interval: "daily"
-    target-branch: "v2"
+    target-branch: "main"
 
   - package-ecosystem: "docker"
     directory: "/"

.github/workflows/codeql-analysis.yml

@@ -58,18 +58,6 @@ jobs:
       with:
         go-version: '${{ vars.GO_VERSION }}'
 
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-
-        # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
-        # queries: security-extended,security-and-quality
-
 
     # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
     # If this step fails, then you should remove it and run the build manually (see below)
@@ -80,15 +68,30 @@ jobs:
     # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
 
     #   If the Autobuild fails above, remove it and uncomment the following three lines.
-    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+    # Initializes the CodeQL tools for scanning.
+#    - name: Initialize CodeQL
+#      uses: github/codeql-action/init@v3
+#      with:
+#        languages: ${{ matrix.language }}
+#        # If you wish to specify custom queries, you can do so here or in a config file.
+#        # By default, queries listed here will override any specified in a config file.
+#        # Prefix the list here with "+" to use these queries and those in the config file.
+#
+#        # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+#        # queries: security-extended,security-and-quality
 
-    - name: Build
+    - name: Generate Coverage Report
       run: |
-        make
+        make unittest
     #     echo "Run, Build Application using script"
     #     ./location_of_script_within_repo/buildscript.sh
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: codecov/codecov-action@v4
       with:
-        category: "/language:${{matrix.language}}"
+        env_vars: OS
+        files: ./coverage.out
+        fail_ci_if_error: true
+        flags: unittests
+        token: ${{ secrets.CODECOV_TOKEN }}
+        verbose: false

CHANGELOG.md

@@ -11,10 +11,12 @@
 ### New Features
 
  * Add credentials command #867
+ * Use RFC3339 for AWS_SSO_SESSION_EXPIRATION #837
 
 ### Bugs
 
  * Disable linker warnings on macOS with -race flag
+ * `aws-sso-profile` returns usage when run without args #836
 
 ## [v1.15.1] - 2024-04-30
 

cmd/aws-sso/process_cmd.go

@@ -86,7 +86,7 @@ func NewCredentialsProcessOutput(creds *storage.RoleCredentials) *CredentialProc
 		AccessKeyId:     x.AccessKeyId,
 		SecretAccessKey: x.SecretAccessKey,
 		SessionToken:    x.SessionToken,
-		Expiration:      x.ExpireISO8601(),
+		Expiration:      x.ExpireString(),
 	}
 	return &c
 }

docs/commands.md

@@ -409,7 +409,7 @@ The following environment variables are specific to `aws-sso`:
  * `AWS_SSO_ROLE_NAME` -- The name of the IAM role
  * `AWS_SSO_ROLE_ARN` -- The full ARN of the IAM role
  * `AWS_SSO_SESSION_EXPIRATION`  -- The date and time when the IAM role
-    credentials will expire
+    credentials will expire in RFC3339 format
  * `AWS_SSO_DEFAULT_REGION` -- Tracking variable for `AWS_DEFAULT_REGION`
  * `AWS_SSO_PROFILE` -- User customizable varible using the
     [ProfileFormat](config.md#profileformat) template

docs/config.md

@@ -569,7 +569,7 @@ advanced debugging.
 
  * `file` - Encrypted local files (OS agnostic and default on Linux)
  * `keychain` - macOS [Keychain](https://support.apple.com/guide/mac-help/use-keychains-to-store-passwords-mchlf375f392/mac) (default on macOS)
- * `kwallet` - [KDE Wallet](https://utils.kde.org/projects/kwalletmanager/)
+ * `kwallet` - [KDE Wallet](https://github.com/KDE/kwalletmanager)
  * `pass` - [pass](https://www.passwordstore.org) (uses GPG on backend)
  * `secret-service` - Freedesktop.org [Secret Service](https://specifications.freedesktop.org/secret-service/latest/re01.html)
  * `wincred` - Windows [Credential Manager](https://support.microsoft.com/en-us/windows/accessing-credential-manager-1b5c916a-6a16-889f-8581-fc16e8165ac0) (default on Windows)

go.mod

@@ -23,9 +23,9 @@ require (
 )
 
 require (
-	github.com/aws/aws-sdk-go-v2 v1.21.2
+	github.com/aws/aws-sdk-go-v2 v1.27.1
 	github.com/riywo/loginshell v0.0.0-20200815045211-7d26008be1ab
-	golang.org/x/term v0.18.0
+	golang.org/x/term v0.21.0
 	gopkg.in/ini.v1 v1.67.0
 )
 
@@ -58,7 +58,7 @@ require (
 	github.com/spf13/cast v1.3.1 // indirect
 
 	// see: https://github.com/sirupsen/logrus/issues/1275
-	golang.org/x/sys v0.18.0 // indirect
+	golang.org/x/sys v0.21.0 // indirect
 	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
 
 	// see: https://github.com/go-yaml/yaml/issues/666
@@ -72,7 +72,7 @@ require (
 	github.com/aws/aws-sdk-go-v2/config v1.19.1
 	github.com/aws/aws-sdk-go-v2/credentials v1.13.43
 	github.com/aws/aws-sdk-go-v2/service/iam v1.24.0
-	github.com/aws/aws-sdk-go-v2/service/sso v1.15.2
+	github.com/aws/aws-sdk-go-v2/service/sso v1.20.10
 	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.17.3
 	github.com/aws/aws-sdk-go-v2/service/sts v1.23.2
 	golang.org/x/net v0.23.0
@@ -81,9 +81,9 @@ require (
 require (
 	github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4 // indirect
 	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.13 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.43 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.37 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.8 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.8 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/ini v1.3.45 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.37 // indirect
-	github.com/aws/smithy-go v1.15.0 // indirect
+	github.com/aws/smithy-go v1.20.2 // indirect
 )

go.sum

@@ -33,8 +33,9 @@ github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgI
 github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z4=
 github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI=
 github.com/aws/aws-sdk-go-v2 v1.9.2/go.mod h1:cK/D0BBs0b/oWPIcX/Z/obahJK1TT7IPVjy53i/mX/4=
-github.com/aws/aws-sdk-go-v2 v1.21.2 h1:+LXZ0sgo8quN9UOKXXzAWRT3FWd4NxeXWOZom9pE7GA=
 github.com/aws/aws-sdk-go-v2 v1.21.2/go.mod h1:ErQhvNuEMhJjweavOYhxVkn2RUx7kQXVATHrjKtxIpM=
+github.com/aws/aws-sdk-go-v2 v1.27.1 h1:xypCL2owhog46iFxBKKpBcw+bPTX/RJzwNj8uSilENw=
+github.com/aws/aws-sdk-go-v2 v1.27.1/go.mod h1:ffIFB97e2yNsv4aTSGkqtHnppsIJzw7G7BReUZ3jCXM=
 github.com/aws/aws-sdk-go-v2/config v1.8.3/go.mod h1:4AEiLtAb8kLs7vgw2ZV3p2VZ1+hBavOc84hqxVNpCyw=
 github.com/aws/aws-sdk-go-v2/config v1.19.1 h1:oe3vqcGftyk40icfLymhhhNysAwk0NfiwkDi2GTPMXs=
 github.com/aws/aws-sdk-go-v2/config v1.19.1/go.mod h1:ZwDUgFnQgsazQTnWfeLWk5GjeqTQTL8lMkoE1UXzxdE=
@@ -44,10 +45,12 @@ github.com/aws/aws-sdk-go-v2/credentials v1.13.43/go.mod h1:zWJBz1Yf1ZtX5NGax9Zd
 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.6.0/go.mod h1:gqlclDEZp4aqJOancXK6TN24aKhT0W0Ae9MHk3wzTMM=
 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.13 h1:PIktER+hwIG286DqXyvVENjgLTAwGgoeriLDD5C+YlQ=
 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.13/go.mod h1:f/Ib/qYjhV2/qdsf79H3QP/eRE4AkVyEf6sk7XfZ1tg=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.43 h1:nFBQlGtkbPzp/NjZLuFxRqmT91rLJkgvsEQs68h962Y=
 github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.43/go.mod h1:auo+PiyLl0n1l8A0e8RIeR8tOzYPfZZH/JNlrJ8igTQ=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.37 h1:JRVhO25+r3ar2mKGP7E0LDl8K9/G36gjlqca5iQbaqc=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.8 h1:RnLB7p6aaFMRfyQkD6ckxR7myCC9SABIqSz4czYUUbU=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.8/go.mod h1:XH7dQJd+56wEbP1I4e4Duo+QhSMxNArE8VP7NuUOTeM=
 github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.37/go.mod h1:Qe+2KtKml+FEsQF/DHmDV+xjtche/hwoF75EG4UlHW8=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.8 h1:jzApk2f58L9yW9q1GEab3BMMFWUkkiZhyrRUtbwUbKU=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.8/go.mod h1:WqO+FftfO3tGePUtQxPXM6iODVfqMwsVMgTbG/ZXIdQ=
 github.com/aws/aws-sdk-go-v2/internal/ini v1.2.4/go.mod h1:ZcBrrI3zBKlhGFNYWvju0I3TR93I7YIgAfy82Fh4lcQ=
 github.com/aws/aws-sdk-go-v2/internal/ini v1.3.45 h1:hze8YsjSh8Wl1rYa1CJpRmXP21BvOBuc76YhW0HsuQ4=
 github.com/aws/aws-sdk-go-v2/internal/ini v1.3.45/go.mod h1:lD5M20o09/LCuQ2mE62Mb/iSdSlCNuj6H5ci7tW7OsE=
@@ -58,16 +61,18 @@ github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.3.2/go.mod h1:72H
 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.37 h1:WWZA/I2K4ptBS1kg0kV1JbBtG/umed0vwHRrmcr9z7k=
 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.37/go.mod h1:vBmDnwWXWxNPFRMmG2m/3MKOe+xEcMDo1tanpaWCcck=
 github.com/aws/aws-sdk-go-v2/service/sso v1.4.2/go.mod h1:NBvT9R1MEF+Ud6ApJKM0G+IkPchKS7p7c2YPKwHmBOk=
-github.com/aws/aws-sdk-go-v2/service/sso v1.15.2 h1:JuPGc7IkOP4AaqcZSIcyqLpFSqBWK32rM9+a1g6u73k=
 github.com/aws/aws-sdk-go-v2/service/sso v1.15.2/go.mod h1:gsL4keucRCgW+xA85ALBpRFfdSLH4kHOVSnLMSuBECo=
+github.com/aws/aws-sdk-go-v2/service/sso v1.20.10 h1:ItKVmFwbyb/ZnCWf+nu3XBVmUirpO9eGEQd7urnBA0s=
+github.com/aws/aws-sdk-go-v2/service/sso v1.20.10/go.mod h1:5XKooCTi9VB/xZmJDvh7uZ+v3uQ7QdX6diOyhvPA+/w=
 github.com/aws/aws-sdk-go-v2/service/ssooidc v1.17.3 h1:HFiiRkf1SdaAmV3/BHOFZ9DjFynPHj8G/UIO1lQS+fk=
 github.com/aws/aws-sdk-go-v2/service/ssooidc v1.17.3/go.mod h1:a7bHA82fyUXOm+ZSWKU6PIoBxrjSprdLoM8xPYvzYVg=
 github.com/aws/aws-sdk-go-v2/service/sts v1.7.2/go.mod h1:8EzeIqfWt2wWT4rJVu3f21TfrhJ8AEMzVybRNSb/b4g=
 github.com/aws/aws-sdk-go-v2/service/sts v1.23.2 h1:0BkLfgeDjfZnZ+MhB3ONb01u9pwFYTCZVhlsSSBvlbU=
 github.com/aws/aws-sdk-go-v2/service/sts v1.23.2/go.mod h1:Eows6e1uQEsc4ZaHANmsPRzAKcVDrcmjjWiih2+HUUQ=
 github.com/aws/smithy-go v1.8.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E=
-github.com/aws/smithy-go v1.15.0 h1:PS/durmlzvAFpQHDs4wi4sNNP9ExsqZh6IlfdHXgKK8=
 github.com/aws/smithy-go v1.15.0/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
+github.com/aws/smithy-go v1.20.2 h1:tbp628ireGtzcHDDmLT/6ADHidqnwgF57XOXZe6tp4Q=
+github.com/aws/smithy-go v1.20.2/go.mod h1:krry+ya/rV9RDcV/Q16kpu6ypI4K2czasz0NC3qS14E=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
 github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
@@ -455,13 +460,13 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
-golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=
+golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
-golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8=
-golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58=
+golang.org/x/term v0.21.0 h1:WVXCp+/EBEHOj53Rvu+7KiT/iElMrO8ACK16SMZ3jaA=
+golang.org/x/term v0.21.0/go.mod h1:ooXLefLobQVslOqselCNF4SxFAaoS6KujMbsGzSDmX0=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20181227161524-e6919f6577db/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=

internal/ecs/http.go

@@ -24,7 +24,7 @@ func WriteCreds(w http.ResponseWriter, creds *storage.RoleCredentials) {
 
 	resp := map[string]string{
 		"AccessKeyId":     creds.AccessKeyId,
-		"Expiration":      creds.ExpireISO8601(),
+		"Expiration":      creds.ExpireString(),
 		"RoleArn":         creds.RoleArn(),
 		"SecretAccessKey": creds.SecretAccessKey,
 		"Token":           creds.SessionToken,

internal/ecs/http_test.go

@@ -48,7 +48,7 @@ func TestWriteCreds(t *testing.T) {
 	err := json.NewDecoder(r.Body).Decode(&outCreds)
 	assert.NoError(t, err)
 	assert.Equal(t, "AccessKeyId", outCreds["AccessKeyId"])
-	assert.Equal(t, creds.ExpireISO8601(), outCreds["Expiration"])
+	assert.Equal(t, creds.ExpireString(), outCreds["Expiration"])
 	assert.Equal(t, "arn:aws:iam::000001111111:role/Rolename", outCreds["RoleArn"])
 	assert.Equal(t, "SecretAccessKey", outCreds["SecretAccessKey"])
 	assert.Equal(t, "Token", outCreds["Token"])

internal/helper/aws-sso.fish

@@ -13,6 +13,12 @@ function aws-sso-profile
       echo "Unable to assume a role while AWS_PROFILE is set"
       return 1
   end
+
+  if [ -z "$argv[1]" ]
+      echo "Usage: aws-sso-profile <profile>"
+      return 1
+  end
+
   eval $({{ .Executable }} $_args eval -p $argv[1])
   if [ "$AWS_SSO_PROFILE" != "$1" ]
       return 1

internal/helper/bash_profile.sh

@@ -15,6 +15,12 @@ aws-sso-profile() {
         echo "Unable to assume a role while AWS_PROFILE is set"
         return 1
     fi
+
+    if [ -z "$1" ]; then
+        echo "Usage: aws-sso-profile <profile>"
+        return 1
+    fi
+
     eval $({{ .Executable }} $_args eval -p "$1")
     if [ "$AWS_SSO_PROFILE" != "$1" ]; then
         return 1

internal/helper/helper.go

@@ -191,7 +191,7 @@ func installConfigFile(path string, contents []byte) error {
 }
 
 // uninstallConfigFile removes our blob from the given file
-func uninstallConfigFile(path string, contents []byte) error {
+func uninstallConfigFile(path string, _ []byte) error {
 	var err error
 	var fe *utils.FileEdit
 

internal/helper/zshrc.sh

@@ -20,6 +20,12 @@ aws-sso-profile() {
         echo "Unable to assume a role while AWS_PROFILE is set"
         return 1
     fi
+
+    if [ -z "$1" ]; then
+        echo "Usage: aws-sso-profile <profile>"
+        return 1
+    fi
+
     eval $({{ .Executable }} ${=_args} eval -p "$1")
     if [ "$AWS_SSO_PROFILE" != "$1" ]; then
         return 1

internal/storage/storage.go

@@ -86,55 +86,50 @@ func (r *RoleCredentials) ExpireEpoch() int64 {
 	return time.UnixMilli(r.Expiration).Unix() // yes, millisec
 }
 
-// ExpireString returns the time the creds expire in the format of "2006-01-02 15:04:05.999999999 -0700 MST"
-func (r *RoleCredentials) ExpireString() string {
-	return time.UnixMilli(r.Expiration).String() // yes, millisec
-}
-
 // Expired returns if these role creds have expired or will expire in the next minute
 func (r *RoleCredentials) Expired() bool {
 	now := time.Now().Add(time.Minute).UnixMilli() // yes, millisec
 	return r.Expiration <= now
 }
 
 // Return expire time in ISO8601 / RFC3339 format
-func (r *RoleCredentials) ExpireISO8601() string {
+func (r *RoleCredentials) ExpireString() string {
 	return time.Unix(r.ExpireEpoch(), 0).Format(time.RFC3339)
 }
 
 // AccountIdStr returns our AccountId as a string
 func (r *RoleCredentials) AccountIdStr() string {
 	s, err := utils.AccountIdToString(r.AccountId)
 	if err != nil {
-		log.WithError(err).Fatalf("Unable to parse accountId from AWS role credentials")
+		log.WithError(err).Fatalf("unable to parse accountId from AWS role credentials")
 	}
 	return s
 }
 
 // Validate ensures we have the necessary fields
 func (r *RoleCredentials) Validate() error {
 	if r.RoleName == "" {
-		return fmt.Errorf("Missing roleName")
+		return fmt.Errorf("%s", "missing roleName")
 	}
 
 	if r.AccessKeyId == "" {
-		return fmt.Errorf("Missing accessKeyId")
+		return fmt.Errorf("%s", "missing accessKeyId")
 	}
 
 	if r.SecretAccessKey == "" {
-		return fmt.Errorf("Missing secretAccessKey")
+		return fmt.Errorf("%s", "missing secretAccessKey")
 	}
 
 	if r.AccountId == 0 {
-		return fmt.Errorf("Missing accountId")
+		return fmt.Errorf("%s", "missing accountId")
 	}
 
 	if r.SessionToken == "" {
-		return fmt.Errorf("Missing sessionToken")
+		return fmt.Errorf("%s", "missing sessionToken")
 	}
 
 	if r.Expiration == 0 {
-		return fmt.Errorf("Missing expiration")
+		return fmt.Errorf("%s", "missing expiration")
 	}
 	return nil
 }

internal/storage/storage_test.go

@@ -99,20 +99,10 @@ func TestExpireString(t *testing.T) {
 	x := RoleCredentials{
 		Expiration: 0,
 	}
-	assert.Equal(t, time.Unix(0, 0).String(), x.ExpireString())
-
-	x.Expiration = time.Now().UnixMilli()
-	assert.Equal(t, time.UnixMilli(x.Expiration).String(), x.ExpireString())
-}
-
-func TestExpireISO8601(t *testing.T) {
-	x := RoleCredentials{
-		Expiration: 0,
-	}
-	assert.Equal(t, time.Unix(0, 0).Format(time.RFC3339), x.ExpireISO8601())
+	assert.Equal(t, time.Unix(0, 0).Format(time.RFC3339), x.ExpireString())
 
 	x.Expiration = time.Now().Unix()
-	assert.Equal(t, time.UnixMilli(x.Expiration).Format(time.RFC3339), x.ExpireISO8601())
+	assert.Equal(t, time.UnixMilli(x.Expiration).Format(time.RFC3339), x.ExpireString())
 }
 
 func TestGetArn(t *testing.T) {