public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-07-09 03:28:29 +00:00
Code Issues Projects Releases Wiki Activity

provider/google: read credentials as contents instead of path

Browse Source 
Building on the work in #3846, shifting the Google provider's
configuration option from `account_file` to `credentials`.
This commit is contained in:
Paul Hinze 2015-11-12 16:13:07 -06:00
parent 217772ca27
commit 04daa35b6e
4 changed files with 54 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
config.go
View File

@ -3,13 +3,12 @@ package google
import ( import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"io/ioutil"
"log" "log"
"net/http" "net/http"
"os"
"runtime" "runtime"
"strings" "strings"
"github.com/hashicorp/terraform/helper/pathorcontents"
"github.com/hashicorp/terraform/terraform" "github.com/hashicorp/terraform/terraform"
"golang.org/x/oauth2" "golang.org/x/oauth2"
"golang.org/x/oauth2/google" "golang.org/x/oauth2/google"
@ -24,7 +23,7 @@ import (
// Config is the configuration structure used to instantiate the Google // Config is the configuration structure used to instantiate the Google
// provider. // provider.
type Config struct { type Config struct {
AccountFile string Credentials string
Project string Project string
Region string Region string
@ -44,46 +43,17 @@ func (c *Config) loadAndValidate() error {
"https://www.googleapis.com/auth/devstorage.full_control", "https://www.googleapis.com/auth/devstorage.full_control",
} }
if c.AccountFile == "" {
c.AccountFile = os.Getenv("GOOGLE_ACCOUNT_FILE")
}
if c.Project == "" {
c.Project = os.Getenv("GOOGLE_PROJECT")
}
if c.Region == "" {
c.Region = os.Getenv("GOOGLE_REGION")
}
var client *http.Client var client *http.Client
if c.AccountFile != "" { if c.Credentials != "" {
contents := c.AccountFile contents, _, err := pathorcontents.Read(c.Credentials)
if err != nil {
return fmt.Errorf("Error loading credentials: %s", err)
}
// Assume account_file is a JSON string // Assume account_file is a JSON string
if err := parseJSON(&account, contents); err != nil { if err := parseJSON(&account, contents); err != nil {
// If account_file was not JSON, assume it is a file path instead return fmt.Errorf("Error parsing credentials '%s': %s", contents, err)
if _, err := os.Stat(c.AccountFile); os.IsNotExist(err) {
return fmt.Errorf(
"account_file path does not exist: %s",
c.AccountFile)
}
b, err := ioutil.ReadFile(c.AccountFile)
if err != nil {
return fmt.Errorf(
"Error reading account_file from path '%s': %s",
c.AccountFile,
err)
}
contents = string(b)
if err := parseJSON(&account, contents); err != nil {
return fmt.Errorf(
"Error parsing account file '%s': %s",
contents,
err)
}
} }
// Get the token for use in our requests // Get the token for use in our requests

10
config_test.go
View File

@ -5,11 +5,11 @@ import (
"testing" "testing"
) )
const testFakeAccountFilePath = "./test-fixtures/fake_account.json" const testFakeCredentialsPath = "./test-fixtures/fake_account.json"
func TestConfigLoadAndValidate_accountFilePath(t *testing.T) { func TestConfigLoadAndValidate_accountFilePath(t *testing.T) {
config := Config{ config := Config{
AccountFile: testFakeAccountFilePath, Credentials: testFakeCredentialsPath,
Project: "my-gce-project", Project: "my-gce-project",
Region: "us-central1", Region: "us-central1",
} }
@ -21,12 +21,12 @@ func TestConfigLoadAndValidate_accountFilePath(t *testing.T) {
} }
func TestConfigLoadAndValidate_accountFileJSON(t *testing.T) { func TestConfigLoadAndValidate_accountFileJSON(t *testing.T) {
contents, err := ioutil.ReadFile(testFakeAccountFilePath) contents, err := ioutil.ReadFile(testFakeCredentialsPath)
if err != nil { if err != nil {
t.Fatalf("error: %v", err) t.Fatalf("error: %v", err)
} }
config := Config{ config := Config{
AccountFile: string(contents), Credentials: string(contents),
Project: "my-gce-project", Project: "my-gce-project",
Region: "us-central1", Region: "us-central1",
} }
@ -39,7 +39,7 @@ func TestConfigLoadAndValidate_accountFileJSON(t *testing.T) {
func TestConfigLoadAndValidate_accountFileJSONInvalid(t *testing.T) { func TestConfigLoadAndValidate_accountFileJSONInvalid(t *testing.T) {
config := Config{ config := Config{
AccountFile: "{this is not json}", Credentials: "{this is not json}",
Project: "my-gce-project", Project: "my-gce-project",
Region: "us-central1", Region: "us-central1",
} }

54
provider.go
View File

@ -3,8 +3,8 @@ package google
import ( import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"os"
"github.com/hashicorp/terraform/helper/pathorcontents"
"github.com/hashicorp/terraform/helper/schema" "github.com/hashicorp/terraform/helper/schema"
"github.com/hashicorp/terraform/terraform" "github.com/hashicorp/terraform/terraform"
) )
@ -18,6 +18,14 @@ func Provider() terraform.ResourceProvider {
Optional: true, Optional: true,
DefaultFunc: schema.EnvDefaultFunc("GOOGLE_ACCOUNT_FILE", nil), DefaultFunc: schema.EnvDefaultFunc("GOOGLE_ACCOUNT_FILE", nil),
ValidateFunc: validateAccountFile, ValidateFunc: validateAccountFile,
Deprecated: "Use the credentials field instead",
},
"credentials": &schema.Schema{
Type: schema.TypeString,
Optional: true,
DefaultFunc: schema.EnvDefaultFunc("GOOGLE_CREDENTIALS", nil),
ValidateFunc: validateCredentials,
}, },
"project": &schema.Schema{ "project": &schema.Schema{
@ -73,8 +81,12 @@ func Provider() terraform.ResourceProvider {
} }
func providerConfigure(d *schema.ResourceData) (interface{}, error) { func providerConfigure(d *schema.ResourceData) (interface{}, error) {
credentials := d.Get("credentials").(string)
if credentials == "" {
credentials = d.Get("account_file").(string)
}
config := Config{ config := Config{
AccountFile: d.Get("account_file").(string), Credentials: credentials,
Project: d.Get("project").(string), Project: d.Get("project").(string),
Region: d.Get("region").(string), Region: d.Get("region").(string),
} }
@ -97,22 +109,34 @@ func validateAccountFile(v interface{}, k string) (warnings []string, errors []e
return return
} }
var account accountFile contents, wasPath, err := pathorcontents.Read(value)
if err := json.Unmarshal([]byte(value), &account); err != nil { if err != nil {
warnings = append(warnings, ` errors = append(errors, fmt.Errorf("Error loading Account File: %s", err))
account_file is not valid JSON, so we are assuming it is a file path. This }
support will be removed in the future. Please update your configuration to use if wasPath {
${file("filename.json")} instead.`) warnings = append(warnings, `account_file was provided as a path instead of
} else { as file contents. This support will be removed in the future. Please update
return your configuration to use ${file("filename.json")} instead.`)
} }
if _, err := os.Stat(value); err != nil { var account accountFile
if err := json.Unmarshal([]byte(contents), &account); err != nil {
errors = append(errors, errors = append(errors,
fmt.Errorf( fmt.Errorf("account_file not valid JSON '%s': %s", contents, err))
"account_file path could not be read from '%s': %s", }
value,
err)) return
}
func validateCredentials(v interface{}, k string) (warnings []string, errors []error) {
if v == nil || v.(string) == "" {
return
}
creds := v.(string)
var account accountFile
if err := json.Unmarshal([]byte(creds), &account); err != nil {
errors = append(errors,
fmt.Errorf("credentials are not valid JSON '%s': %s", creds, err))
} }
return return

4
provider_test.go
View File

@ -29,8 +29,8 @@ func TestProvider_impl(t *testing.T) {
} }
func testAccPreCheck(t *testing.T) { func testAccPreCheck(t *testing.T) {
if v := os.Getenv("GOOGLE_ACCOUNT_FILE"); v == "" { if v := os.Getenv("GOOGLE_CREDENTIALS"); v == "" {
t.Fatal("GOOGLE_ACCOUNT_FILE must be set for acceptance tests") t.Fatal("GOOGLE_CREDENTIALS must be set for acceptance tests")
} }
if v := os.Getenv("GOOGLE_PROJECT"); v == "" { if v := os.Getenv("GOOGLE_PROJECT"); v == "" {