localstack
diff --git a/‎cmd/root.go‎
Lines changed: 2 additions & 2 deletions b/‎cmd/root.go‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎go.mod‎
Lines changed: 1 addition & 0 deletions b/‎go.mod‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎go.sum‎
Lines changed: 10 additions & 0 deletions b/‎go.sum‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎internal/awsconfig/awsconfig.go‎
Lines changed: 246 additions & 0 deletions b/‎internal/awsconfig/awsconfig.go‎
Lines changed: 246 additions & 0 deletions
@@ -81,9 +81,9 @@ func runStart(ctx context.Context, rt runtime.Runtime, cfg *env.Env, tel *teleme
 
 	platformClient := api.NewPlatformClient(cfg.APIEndpoint)
 	if ui.IsInteractive() {
-		return ui.Run(ctx, rt, version.Version(), platformClient, cfg.AuthToken, cfg.ForceFileKeyring, cfg.WebAppURL)
+		return ui.Run(ctx, rt, version.Version(), platformClient, cfg.AuthToken, cfg.ForceFileKeyring, cfg.WebAppURL, cfg.LocalStackHost)
 	}
-	return container.Start(ctx, rt, output.NewPlainSink(os.Stdout), platformClient, cfg.AuthToken, cfg.ForceFileKeyring, cfg.WebAppURL, false)
+	return container.Start(ctx, rt, output.NewPlainSink(os.Stdout), platformClient, cfg.AuthToken, cfg.ForceFileKeyring, cfg.WebAppURL, false, cfg.LocalStackHost)
 }
 
 func initConfig(cmd *cobra.Command, _ []string) error {
 
@@ -19,6 +19,7 @@ require (
 	github.com/stretchr/testify v1.11.1
 	go.uber.org/mock v0.6.0
 	golang.org/x/term v0.40.0
+	gopkg.in/ini.v1 v1.67.1
 	gotest.tools/v3 v3.5.2
 )
 
 
@@ -47,6 +47,7 @@ github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3
 github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g=
 github.com/danieljoos/wincred v1.2.3 h1:v7dZC2x32Ut3nEfRH+vhoZGvN72+dQ/snVXo/vMFLdQ=
 github.com/danieljoos/wincred v1.2.3/go.mod h1:6qqX0WNrS4RzPZ1tnroDzq9kY3fu1KwE7MRLQK4X0bs=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
@@ -151,8 +152,14 @@ github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk=
 github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/spf13/viper v1.21.0 h1:x5S+0EU27Lbphp4UKm1C+1oQO+rKx36vfCoaVebLFSU=
 github.com/spf13/viper v1.21.0/go.mod h1:P0lhsswPGWD/1lZJ9ny3fYnVqxiegrlNrEmgLjbTCAY=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
 github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
 github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
 github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
 github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
@@ -210,6 +217,9 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8
 gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
+gopkg.in/ini.v1 v1.67.1 h1:tVBILHy0R6e4wkYOn3XmiITt/hEVH4TFMYvAX2Ytz6k=
+gopkg.in/ini.v1 v1.67.1/go.mod h1:x/cyOwCgZqOkJoDIJ3c1KNHMo10+nLGAhh+kn3Zizss=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gotest.tools/v3 v3.5.2 h1:7koQfIKdy+I8UTetycgUqXWSDwpgv193Ka+qRsmBY8Q=
 
@@ -0,0 +1,246 @@
+package awsconfig
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"gopkg.in/ini.v1"
+
+	"github.com/localstack/lstk/internal/endpoint"
+	"github.com/localstack/lstk/internal/output"
+)
+
+const (
+	profileName       = "localstack"
+	configSectionName = "profile localstack" // ~/.aws/config uses "profile <name>" as section header
+	credsSectionName  = "localstack"         // ~/.aws/credentials uses just the profile name
+	// TODO: make region configurable (e.g. from container env or lstk config)
+	defaultRegion = "us-east-1"
+)
+
+var credentialsKeys = map[string]string{
+	"aws_access_key_id":     "test",
+	"aws_secret_access_key": "test",
+}
+
+// isValidLocalStackEndpoint returns true if the URL points to a known LocalStack host with a port.
+func isValidLocalStackEndpoint(url string) bool {
+	for _, prefix := range []string{
+		"http://" + endpoint.Hostname + ":",
+		"https://" + endpoint.Hostname + ":",
+		"http://127.0.0.1:",
+		"https://127.0.0.1:",
+		"http://localhost:",
+		"https://localhost:",
+	} {
+		if strings.HasPrefix(url, prefix) {
+			return true
+		}
+	}
+	return false
+}
+
+func awsPaths() (configPath, credentialsPath string, err error) {
+	home, err := os.UserHomeDir()
+	if err != nil {
+		return "", "", err
+	}
+	return filepath.Join(home, ".aws", "config"), filepath.Join(home, ".aws", "credentials"), nil
+}
+
+// profileStatus holds which AWS profile files need to be written or updated.
+type profileStatus struct {
+	configNeeded bool
+	credsNeeded  bool
+}
+
+func (s profileStatus) anyNeeded() bool {
+	return s.configNeeded || s.credsNeeded
+}
+
+func (s profileStatus) filesToModify() []string {
+	var files []string
+	if s.configNeeded {
+		files = append(files, "~/.aws/config")
+	}
+	if s.credsNeeded {
+		files = append(files, "~/.aws/credentials")
+	}
+	return files
+}
+
+// checkProfileStatus determines which AWS profile files need to be written or updated.
+func checkProfileStatus(configPath, credsPath string) (profileStatus, error) {
+	configNeeded, err := configNeedsWrite(configPath)
+	if err != nil {
+		return profileStatus{}, err
+	}
+	credsNeeded, err := credsNeedWrite(credsPath)
+	if err != nil {
+		return profileStatus{}, err
+	}
+	return profileStatus{configNeeded: configNeeded, credsNeeded: credsNeeded}, nil
+}
+
+func configNeedsWrite(path string) (bool, error) {
+	f, err := ini.Load(path)
+	if errors.Is(err, os.ErrNotExist) {
+		return true, nil
+	}
+	if err != nil {
+		return false, err
+	}
+	section, err := f.GetSection(configSectionName)
+	if err != nil {
+		return true, nil // section doesn't exist
+	}
+	endpointKey, err := section.GetKey("endpoint_url")
+	if err != nil || !isValidLocalStackEndpoint(endpointKey.Value()) {
+		return true, nil
+	}
+	if !section.HasKey("region") {
+		return true, nil
+	}
+	return false, nil
+}
+
+func credsNeedWrite(path string) (bool, error) {
+	f, err := ini.Load(path)
+	if errors.Is(err, os.ErrNotExist) {
+		return true, nil
+	}
+	if err != nil {
+		return false, err
+	}
+	section, err := f.GetSection(credsSectionName)
+	if err != nil {
+		return true, nil // section doesn't exist
+	}
+	for k, expected := range credentialsKeys {
+		key, err := section.GetKey(k)
+		if err != nil || key.Value() != expected {
+			return true, nil
+		}
+	}
+	return false, nil
+}
+
+// profileExists reports whether the localstack profile section is present in both
+// ~/.aws/config and ~/.aws/credentials.
+func profileExists() (bool, error) {
+	configPath, credsPath, err := awsPaths()
+	if err != nil {
+		return false, err
+	}
+	configOK, err := sectionExists(configPath, configSectionName)
+	if err != nil {
+		return false, err
+	}
+	credsOK, err := sectionExists(credsPath, credsSectionName)
+	if err != nil {
+		return false, err
+	}
+	return configOK && credsOK, nil
+}
+
+// writeProfile writes the localstack profile to ~/.aws/config and ~/.aws/credentials,
+// creating or updating sections as needed.
+func writeProfile(host string) error {
+	configPath, credsPath, err := awsPaths()
+	if err != nil {
+		return err
+	}
+	configKeys := map[string]string{
+		"region":       defaultRegion,
+		"output":       "json",
+		"endpoint_url": "http://" + host,
+	}
+	if err := upsertSection(configPath, configSectionName, configKeys); err != nil {
+		return fmt.Errorf("failed to write %s: %w", configPath, err)
+	}
+	if err := upsertSection(credsPath, credsSectionName, credentialsKeys); err != nil {
+		return fmt.Errorf("failed to write %s: %w", credsPath, err)
+	}
+	return nil
+}
+
+func writeConfigProfile(configPath, host string) error {
+	keys := map[string]string{
+		"region":       defaultRegion,
+		"output":       "json",
+		"endpoint_url": "http://" + host,
+	}
+	return upsertSection(configPath, configSectionName, keys)
+}
+
+func writeCredsProfile(credsPath string) error {
+	return upsertSection(credsPath, credsSectionName, credentialsKeys)
+}
+
+// Setup checks for the localstack AWS profile and prompts to create or update it if needed.
+// In non-interactive mode, emits a note instead of prompting.
+func Setup(ctx context.Context, sink output.Sink, interactive bool, port string, localStackHost string) error {
+	configPath, credsPath, err := awsPaths()
+	if err != nil {
+		output.EmitWarning(sink, fmt.Sprintf("could not determine AWS config paths: %v", err))
+		return nil
+	}
+
+	var dnsOK bool
+	localStackHost, dnsOK = endpoint.ResolveHost(port, localStackHost)
+	if !dnsOK {
+		output.EmitNote(sink, `Could not resolve "localhost.localstack.cloud" — your system may have DNS rebind protection enabled. Using 127.0.0.1 as the endpoint.`)
+	}
+
+	status, err := checkProfileStatus(configPath, credsPath)
+	if err != nil {
+		output.EmitWarning(sink, fmt.Sprintf("could not check AWS profile: %v", err))
+		return nil
+	}
+	if !status.anyNeeded() {
+		return nil
+	}
+
+	if !interactive {
+		output.EmitNote(sink, fmt.Sprintf("No complete LocalStack AWS profile found. Run lstk interactively to configure one, or add a [profile %s] section to ~/.aws/config manually.", profileName))
+		return nil
+	}
+
+	files := strings.Join(status.filesToModify(), " and ")
+	responseCh := make(chan output.InputResponse, 1)
+	output.EmitUserInputRequest(sink, output.UserInputRequestEvent{
+		Prompt:     fmt.Sprintf("Set up LocalStack AWS profile in %s?", files),
+		Options:    []output.InputOption{{Key: "y", Label: "Y"}, {Key: "n", Label: "n"}},
+		ResponseCh: responseCh,
+	})
+
+	select {
+	case resp := <-responseCh:
+		if resp.Cancelled || resp.SelectedKey == "n" {
+			return nil
+		}
+		if status.configNeeded {
+			if err := writeConfigProfile(configPath, localStackHost); err != nil {
+				output.EmitWarning(sink, fmt.Sprintf("could not update ~/.aws/config: %v", err))
+				return nil
+			}
+		}
+		if status.credsNeeded {
+			if err := writeCredsProfile(credsPath); err != nil {
+				output.EmitWarning(sink, fmt.Sprintf("could not update ~/.aws/credentials: %v", err))
+				return nil
+			}
+		}
+		output.EmitSuccess(sink, fmt.Sprintf("LocalStack AWS profile written to %s", files))
+		output.EmitNote(sink, fmt.Sprintf("Try: aws s3 mb s3://test --profile %s", profileName))
+	case <-ctx.Done():
+		return ctx.Err()
+	}
+
+	return nil
+}
+
Original file line number	Diff line number	Diff line change
`@@ -81,9 +81,9 @@ func runStart(ctx context.Context, rt runtime.Runtime, cfg env.Env, tel teleme`
`81`	`81`
`82`	`82`	`platformClient := api.NewPlatformClient(cfg.APIEndpoint)`
`83`	`83`	`if ui.IsInteractive() {`
`84`		`- return ui.Run(ctx, rt, version.Version(), platformClient, cfg.AuthToken, cfg.ForceFileKeyring, cfg.WebAppURL)`
	`84`	`+ return ui.Run(ctx, rt, version.Version(), platformClient, cfg.AuthToken, cfg.ForceFileKeyring, cfg.WebAppURL, cfg.LocalStackHost)`
`85`	`85`	`}`
`86`		`- return container.Start(ctx, rt, output.NewPlainSink(os.Stdout), platformClient, cfg.AuthToken, cfg.ForceFileKeyring, cfg.WebAppURL, false)`
	`86`	`+ return container.Start(ctx, rt, output.NewPlainSink(os.Stdout), platformClient, cfg.AuthToken, cfg.ForceFileKeyring, cfg.WebAppURL, false, cfg.LocalStackHost)`
`87`	`87`	`}`
`88`	`88`
`89`	`89`	`func initConfig(cmd *cobra.Command, _ []string) error {`
Original file line number	Diff line number	Diff line change
`@@ -19,6 +19,7 @@ require (`
`19`	`19`	`github.com/stretchr/testify v1.11.1`
`20`	`20`	`go.uber.org/mock v0.6.0`
`21`	`21`	`golang.org/x/term v0.40.0`
	`22`	`+ gopkg.in/ini.v1 v1.67.1`
`22`	`23`	`gotest.tools/v3 v3.5.2`
`23`	`24`	`)`
`24`	`25`