From 95f233771ad0fca8963ceaa8dfccb78913a01295 Mon Sep 17 00:00:00 2001
From: Jason Swank <632526+jswank@users.noreply.github.com>
Date: Tue, 28 Oct 2025 18:02:51 +0000
Subject: [PATCH] update tofu and aws-login

---
 zsh/.local/share/zsh/functions/aws-login    | 17 +++++++++++++++--
 zsh/.local/share/zsh/functions/git-branches |  4 ++++
 zsh/.local/share/zsh/functions/tf-vars      |  1 +
 3 files changed, 20 insertions(+), 2 deletions(-)
 create mode 100644 zsh/.local/share/zsh/functions/git-branches

diff --git a/zsh/.local/share/zsh/functions/aws-login b/zsh/.local/share/zsh/functions/aws-login
index 3e1145d..0cdf76b 100644
--- a/zsh/.local/share/zsh/functions/aws-login
+++ b/zsh/.local/share/zsh/functions/aws-login
@@ -1,4 +1,17 @@
 aws-login() {
-#  eval $(okta-aws-cli web) && export AWS_ENVIRONMENT="$(aws iam list-account-aliases | jq -r '.AccountAliases[0]')"
-  export AWS_ENVIRONMENT=$(aws iam list-account-aliases | jq -r '.AccountAliases[0]')
+  # In zsh, array indices start at 1. `local -a` declares an array.
+  local -a okta_opts
+  okta_opts+=(--cache-access-token)
+
+  if [[ -n "$AWS_ACCOUNT_ID" ]]; then
+    okta_opts+=(--aws-iam-idp "arn:aws:iam::${AWS_ACCOUNT_ID}:saml-provider/CFA-OKTA-PROD")
+    if [[ -n "$AWS_ROLE" ]]; then
+      okta_opts+=(-r "arn:aws:iam::${AWS_ACCOUNT_ID}:role/${AWS_ROLE}")
+    fi
+  fi
+
+  # The "${okta_opts[@]}" syntax expands the array into separate, quoted arguments.
+  echo "okta-aws-cli ${okta_opts[@]}"
+  eval "$(okta-aws-cli "${okta_opts[@]}")" && export AWS_ENVIRONMENT="$(aws iam list-account-aliases | jq -r '.AccountAliases[0]')"
+#  export AWS_ENVIRONMENT=$(aws iam list-account-aliases | jq -r '.AccountAliases[0]')
 }
diff --git a/zsh/.local/share/zsh/functions/git-branches b/zsh/.local/share/zsh/functions/git-branches
new file mode 100644
index 0000000..da291d1
--- /dev/null
+++ b/zsh/.local/share/zsh/functions/git-branches
@@ -0,0 +1,4 @@
+# list all local Git branches sorted by their last commit date
+git-branches() {
+  git for-each-ref --sort=-committerdate --format='%(committerdate:iso8601) %(refname:short)' refs/heads/ 
+}
diff --git a/zsh/.local/share/zsh/functions/tf-vars b/zsh/.local/share/zsh/functions/tf-vars
index d1e3a7f..72db318 100644
--- a/zsh/.local/share/zsh/functions/tf-vars
+++ b/zsh/.local/share/zsh/functions/tf-vars
@@ -10,6 +10,7 @@ tf-vars() {
   export TF_CLI_ARGS_apply="-var-file=config/${env_name}.tfvars"
   export TF_CLI_ARGS_import="-var-file=config/${env_name}.tfvars"
   export TF_CLI_ARGS_destroy="-var-file=config/${env_name}.tfvars"
+  export TF_CLI_ARGS_console="-var-file=config/${env_name}.tfvars"
 
   echo "Terraform environment variables set for '${env_name}'."
 }