wip

Author: dak1n1

kubernetes/provider.go

@@ -35,8 +35,10 @@ func Provider() *schema.Provider {
 				DefaultFunc:      schema.EnvDefaultFunc("KUBE_HOST", nil),
 				Description:      "The hostname (in form of URI) of Kubernetes master.",
 				ConflictsWith:    []string{"config_path", "config_paths"},
-				//AtLeastOneOf:     []string{"token", "exec", "username", "password", "client_certificate", "client_key"},
 				ValidateDiagFunc: validation.ToDiagFunc(validation.IsURLWithHTTPorHTTPS),
+				// TODO: enable this when AtLeastOneOf works with optional attributes.
+				// Currently, it will require at least one of the following keys to be set, even if 'host' isn't set.
+				//	AtLeastOneOf:     []string{"token", "exec", "username", "password", "client_certificate", "client_key"},
 			},
 			"username": {
 				Type:          schema.TypeString,
@@ -82,6 +84,7 @@ func Provider() *schema.Provider {
 				DefaultFunc:   schema.EnvDefaultFunc("KUBE_CLUSTER_CA_CERT_DATA", nil),
 				Description:   "PEM-encoded root certificates bundle for TLS authentication.",
 				ConflictsWith: []string{"config_path", "config_paths", "insecure"},
+				// TODO: enable this when AtLeastOneOf works with optional attributes.
 				//AtLeastOneOf:  []string{"token", "exec", "client_certificate", "client_key"},
 			},
 			"config_paths": {
@@ -342,135 +345,134 @@ func providerConfigure(ctx context.Context, d *schema.ResourceData, terraformVer
 	return m, diag.Diagnostics{}
 }
 
+func initializeConfiguration(d *schema.ResourceData) (*restclient.Config, error) {
+	overrides := &clientcmd.ConfigOverrides{}
+	loader := &clientcmd.ClientConfigLoadingRules{
+		WarnIfAllMissing: true,
+	}
+
+	configPaths := []string{}
+
+	if v, ok := d.Get("config_path").(string); ok && v != "" {
+		configPaths = []string{v}
+	} else if v, ok := d.Get("config_paths").([]interface{}); ok && len(v) > 0 {
+		for _, p := range v {
+			configPaths = append(configPaths, p.(string))
+		}
+	} else if v := os.Getenv("KUBE_CONFIG_PATHS"); v != "" {
+		// NOTE we have to do this here because the schema
+		// does not yet allow you to set a default for a TypeList
+		configPaths = filepath.SplitList(v)
+	}
+
+	if len(configPaths) > 0 {
+		expandedPaths := []string{}
+		for _, p := range configPaths {
+			path, err := homedir.Expand(p)
+			if err != nil {
+				return nil, err
+			}
+			if _, err := os.Stat(path); err != nil {
+				return nil, fmt.Errorf("could not open kubeconfig %q: %v", p, err)
+			}
+
+			log.Printf("[DEBUG] Using kubeconfig: %s", path)
+			expandedPaths = append(expandedPaths, path)
+		}
+
+		if len(expandedPaths) == 1 {
+			loader.ExplicitPath = expandedPaths[0]
+		} else {
+			loader.Precedence = expandedPaths
+		}
+
+		ctxSuffix := "; default context"
+
+		kubectx, ctxOk := d.GetOk("config_context")
+		authInfo, authInfoOk := d.GetOk("config_context_auth_info")
+		cluster, clusterOk := d.GetOk("config_context_cluster")
+		if ctxOk || authInfoOk || clusterOk {
+			ctxSuffix = "; overridden context"
+			if ctxOk {
+				overrides.CurrentContext = kubectx.(string)
+				ctxSuffix += fmt.Sprintf("; config ctx: %s", overrides.CurrentContext)
+				log.Printf("[DEBUG] Using custom current context: %q", overrides.CurrentContext)
+			}
+
+			overrides.Context = clientcmdapi.Context{}
+			if authInfoOk {
+				overrides.Context.AuthInfo = authInfo.(string)
+				ctxSuffix += fmt.Sprintf("; auth_info: %s", overrides.Context.AuthInfo)
+			}
+			if clusterOk {
+				overrides.Context.Cluster = cluster.(string)
+				ctxSuffix += fmt.Sprintf("; cluster: %s", overrides.Context.Cluster)
+			}
+			log.Printf("[DEBUG] Using overidden context: %#v", overrides.Context)
+		}
+	}
+
+	// Overriding with static configuration
+	if v, ok := d.GetOk("insecure"); ok && v != "" {
+		overrides.ClusterInfo.InsecureSkipTLSVerify = v.(bool)
+	}
+	if v, ok := d.GetOk("cluster_ca_certificate"); ok && v != "" {
+		overrides.ClusterInfo.CertificateAuthorityData = bytes.NewBufferString(v.(string)).Bytes()
+	}
+	if v, ok := d.GetOk("client_certificate"); ok && v != "" {
+		overrides.AuthInfo.ClientCertificateData = bytes.NewBufferString(v.(string)).Bytes()
+	}
+	if v, ok := d.GetOk("host"); ok && v != "" {
+		// Server has to be the complete address of the kubernetes cluster (scheme://hostname:port), not just the hostname,
+		// because `overrides` are processed too late to be taken into account by `defaultServerUrlFor()`.
+		// This basically replicates what defaultServerUrlFor() does with config but for overrides,
+		// see https://github.com/kubernetes/client-go/blob/v12.0.0/rest/url_utils.go#L85-L87
+		hasCA := len(overrides.ClusterInfo.CertificateAuthorityData) != 0
+		hasCert := len(overrides.AuthInfo.ClientCertificateData) != 0
+		defaultTLS := hasCA || hasCert || overrides.ClusterInfo.InsecureSkipTLSVerify
+		host, _, err := restclient.DefaultServerURL(v.(string), "", apimachineryschema.GroupVersion{}, defaultTLS)
+		if err != nil {
+			return nil, fmt.Errorf("Failed to parse host: %s", err)
+		}
+
+		overrides.ClusterInfo.Server = host.String()
+	}
+	if v, ok := d.GetOk("username"); ok && v != "" {
+		overrides.AuthInfo.Username = v.(string)
+	}
+	if v, ok := d.GetOk("password"); ok && v != "" {
+		overrides.AuthInfo.Password = v.(string)
+	}
+	if v, ok := d.GetOk("client_key"); ok && v != "" {
+		overrides.AuthInfo.ClientKeyData = bytes.NewBufferString(v.(string)).Bytes()
+	}
+	if v, ok := d.GetOk("token"); ok && v != "" {
+		overrides.AuthInfo.Token = v.(string)
+	}
+
+	if v, ok := d.GetOk("exec"); ok {
+		exec := &clientcmdapi.ExecConfig{}
+		if spec, ok := v.([]interface{})[0].(map[string]interface{}); ok {
+			exec.APIVersion = spec["api_version"].(string)
+			exec.Command = spec["command"].(string)
+			exec.Args = expandStringSlice(spec["args"].([]interface{}))
+			for kk, vv := range spec["env"].(map[string]interface{}) {
+				exec.Env = append(exec.Env, clientcmdapi.ExecEnvVar{Name: kk, Value: vv.(string)})
+			}
+		} else {
+			return nil, fmt.Errorf("Failed to parse exec")
+		}
+		overrides.AuthInfo.Exec = exec
+	}
+
+	cc := clientcmd.NewNonInteractiveDeferredLoadingClientConfig(loader, overrides)
+	cfg, err := cc.ClientConfig()
+	if err != nil {
+		log.Printf("[WARN] Invalid provider configuration was supplied. Provider operations likely to fail: %v", err)
+		return nil, nil
+	}
 
- func initializeConfiguration(d *schema.ResourceData) (*restclient.Config, error) {
-       overrides := &clientcmd.ConfigOverrides{}
-       loader := &clientcmd.ClientConfigLoadingRules{
-       	WarnIfAllMissing: true,
-	   }
-
-       configPaths := []string{}
-
-       if v, ok := d.Get("config_path").(string); ok && v != "" {
-               configPaths = []string{v}
-       } else if v, ok := d.Get("config_paths").([]interface{}); ok && len(v) > 0 {
-               for _, p := range v {
-                       configPaths = append(configPaths, p.(string))
-               }
-       } else if v := os.Getenv("KUBE_CONFIG_PATHS"); v != "" {
-               // NOTE we have to do this here because the schema
-               // does not yet allow you to set a default for a TypeList
-               configPaths = filepath.SplitList(v)
-       }
-
-       if len(configPaths) > 0 {
-               expandedPaths := []string{}
-               for _, p := range configPaths {
-                       path, err := homedir.Expand(p)
-                       if err != nil {
-                               return nil, err
-                       }
-                       if _, err := os.Stat(path); err != nil {
-                               return nil, fmt.Errorf("could not open kubeconfig %q: %v", p, err)
-                       }
-
-                       log.Printf("[DEBUG] Using kubeconfig: %s", path)
-                       expandedPaths = append(expandedPaths, path)
-               }
-
-               if len(expandedPaths) == 1 {
-                       loader.ExplicitPath = expandedPaths[0]
-               } else {
-                       loader.Precedence = expandedPaths
-               }
-
-               ctxSuffix := "; default context"
-
-               kubectx, ctxOk := d.GetOk("config_context")
-               authInfo, authInfoOk := d.GetOk("config_context_auth_info")
-               cluster, clusterOk := d.GetOk("config_context_cluster")
-               if ctxOk || authInfoOk || clusterOk {
-                       ctxSuffix = "; overridden context"
-                       if ctxOk {
-                               overrides.CurrentContext = kubectx.(string)
-                               ctxSuffix += fmt.Sprintf("; config ctx: %s", overrides.CurrentContext)
-                               log.Printf("[DEBUG] Using custom current context: %q", overrides.CurrentContext)
-                       }
-
-                       overrides.Context = clientcmdapi.Context{}
-                       if authInfoOk {
-                               overrides.Context.AuthInfo = authInfo.(string)
-                               ctxSuffix += fmt.Sprintf("; auth_info: %s", overrides.Context.AuthInfo)
-                       }
-                       if clusterOk {
-                               overrides.Context.Cluster = cluster.(string)
-                               ctxSuffix += fmt.Sprintf("; cluster: %s", overrides.Context.Cluster)
-                       }
-                       log.Printf("[DEBUG] Using overidden context: %#v", overrides.Context)
-               }
-       }
-
-       // Overriding with static configuration
-       if v, ok := d.GetOk("insecure"); ok && v != "" {
-               overrides.ClusterInfo.InsecureSkipTLSVerify = v.(bool)
-       }
-       if v, ok := d.GetOk("cluster_ca_certificate"); ok && v != "" {
-               overrides.ClusterInfo.CertificateAuthorityData = bytes.NewBufferString(v.(string)).Bytes()
-       }
-       if v, ok := d.GetOk("client_certificate"); ok && v != "" {
-               overrides.AuthInfo.ClientCertificateData = bytes.NewBufferString(v.(string)).Bytes()
-       }
-       if v, ok := d.GetOk("host"); ok && v != "" {
-               // Server has to be the complete address of the kubernetes cluster (scheme://hostname:port), not just the hostname,
-               // because `overrides` are processed too late to be taken into account by `defaultServerUrlFor()`.
-               // This basically replicates what defaultServerUrlFor() does with config but for overrides,
-               // see https://github.com/kubernetes/client-go/blob/v12.0.0/rest/url_utils.go#L85-L87
-               hasCA := len(overrides.ClusterInfo.CertificateAuthorityData) != 0
-               hasCert := len(overrides.AuthInfo.ClientCertificateData) != 0
-               defaultTLS := hasCA || hasCert || overrides.ClusterInfo.InsecureSkipTLSVerify
-               host, _, err := restclient.DefaultServerURL(v.(string), "", apimachineryschema.GroupVersion{}, defaultTLS)
-               if err != nil {
-                       return nil, fmt.Errorf("Failed to parse host: %s", err)
-               }
-
-               overrides.ClusterInfo.Server = host.String()
-       }
-       if v, ok := d.GetOk("username"); ok && v != "" {
-               overrides.AuthInfo.Username = v.(string)
-       }
-       if v, ok := d.GetOk("password"); ok && v != "" {
-               overrides.AuthInfo.Password = v.(string)
-       }
-       if v, ok := d.GetOk("client_key"); ok && v != "" {
-               overrides.AuthInfo.ClientKeyData = bytes.NewBufferString(v.(string)).Bytes()
-       }
-       if v, ok := d.GetOk("token"); ok && v != "" {
-               overrides.AuthInfo.Token = v.(string)
-       }
-
-       if v, ok := d.GetOk("exec"); ok {
-               exec := &clientcmdapi.ExecConfig{}
-               if spec, ok := v.([]interface{})[0].(map[string]interface{}); ok {
-                       exec.APIVersion = spec["api_version"].(string)
-                       exec.Command = spec["command"].(string)
-                       exec.Args = expandStringSlice(spec["args"].([]interface{}))
-                       for kk, vv := range spec["env"].(map[string]interface{}) {
-                               exec.Env = append(exec.Env, clientcmdapi.ExecEnvVar{Name: kk, Value: vv.(string)})
-                       }
-               } else {
-                       return nil, fmt.Errorf("Failed to parse exec")
-               }
-               overrides.AuthInfo.Exec = exec
-       }
-
-       cc := clientcmd.NewNonInteractiveDeferredLoadingClientConfig(loader, overrides)
-       cfg, err := cc.ClientConfig()
-       if err != nil {
-               log.Printf("[WARN] Invalid provider configuration was supplied. Provider operations likely to fail: %v", err)
-               return nil, nil
-       }
-
-       return cfg, nil
+	return cfg, nil
 }
 
 var useadmissionregistrationv1beta1 *bool