mirror of
https://github.com/opentffoundation/opentf.git
synced 2025-12-19 17:59:05 -05:00
main: stub of using OCI credentials from the cliconfig package
In a future commit we'll introduce a new provider source that can use an OCI registry as a new kind of provider mirror, but this commit is just to illustrate how we'd get the needed credentials settings to that point using our typical dependency inversion style, ending in a TODO comment that we'll resolve later. Signed-off-by: Martin Atkins <mart@degeneration.co.uk>
This commit is contained in:
Martin Atkins
@@ -185,7 +185,7 @@ func realMain() int {
|
||||
}
|
||||
services.SetUserAgent(httpclient.OpenTofuUserAgent(version.String()))
|
||||
|
||||
providerSrc, diags := providerSource(config.ProviderInstallation, services)
|
||||
providerSrc, diags := providerSource(config.ProviderInstallation, services, config.OCICredentialsPolicy)
|
||||
if len(diags) > 0 {
|
||||
Ui.Error("There are some problems with the provider_installation configuration:")
|
||||
for _, diag := range diags {
|
||||
|
||||
@@ -6,6 +6,7 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"log"
|
||||
"net/url"
|
||||
@@ -17,15 +18,25 @@ import (
|
||||
|
||||
"github.com/opentofu/opentofu/internal/addrs"
|
||||
"github.com/opentofu/opentofu/internal/command/cliconfig"
|
||||
"github.com/opentofu/opentofu/internal/command/cliconfig/ociauthconfig"
|
||||
"github.com/opentofu/opentofu/internal/getproviders"
|
||||
"github.com/opentofu/opentofu/internal/tfdiags"
|
||||
)
|
||||
|
||||
// ociCredsPolicyBuilder is the type of a callback function that the [providerSource]
|
||||
// functions will use if any of the configured provider installation methods
|
||||
// need to interact with OCI Distribution registries.
|
||||
//
|
||||
// We represent this indirectly as a callback function so that we can skip doing
|
||||
// this work in the common case where we won't need to interact with OCI registries
|
||||
// at all.
|
||||
type ociCredsPolicyBuilder func(context.Context) (ociauthconfig.CredentialsConfigs, error)
|
||||
|
||||
// providerSource constructs a provider source based on a combination of the
|
||||
// CLI configuration and some default search locations. This will be the
|
||||
// provider source used for provider installation in the "tofu init"
|
||||
// command, unless overridden by the special -plugin-dir option.
|
||||
func providerSource(configs []*cliconfig.ProviderInstallation, services *disco.Disco) (getproviders.Source, tfdiags.Diagnostics) {
|
||||
func providerSource(configs []*cliconfig.ProviderInstallation, services *disco.Disco, getOCICredsPolicy ociCredsPolicyBuilder) (getproviders.Source, tfdiags.Diagnostics) {
|
||||
if len(configs) == 0 {
|
||||
// If there's no explicit installation configuration then we'll build
|
||||
// up an implicit one with direct registry installation along with
|
||||
@@ -37,16 +48,16 @@ func providerSource(configs []*cliconfig.ProviderInstallation, services *disco.D
|
||||
// the validation logic in the cliconfig package. Therefore we'll just
|
||||
// ignore any additional configurations in here.
|
||||
config := configs[0]
|
||||
return explicitProviderSource(config, services)
|
||||
return explicitProviderSource(config, services, getOCICredsPolicy)
|
||||
}
|
||||
|
||||
func explicitProviderSource(config *cliconfig.ProviderInstallation, services *disco.Disco) (getproviders.Source, tfdiags.Diagnostics) {
|
||||
func explicitProviderSource(config *cliconfig.ProviderInstallation, services *disco.Disco, getOCICredsPolicy ociCredsPolicyBuilder) (getproviders.Source, tfdiags.Diagnostics) {
|
||||
var diags tfdiags.Diagnostics
|
||||
var searchRules []getproviders.MultiSourceSelector
|
||||
|
||||
log.Printf("[DEBUG] Explicit provider installation configuration is set")
|
||||
for _, methodConfig := range config.Methods {
|
||||
source, moreDiags := providerSourceForCLIConfigLocation(methodConfig.Location, services)
|
||||
source, moreDiags := providerSourceForCLIConfigLocation(methodConfig.Location, services, getOCICredsPolicy)
|
||||
diags = diags.Append(moreDiags)
|
||||
if moreDiags.HasErrors() {
|
||||
continue
|
||||
@@ -192,7 +203,7 @@ func implicitProviderSource(services *disco.Disco) getproviders.Source {
|
||||
return getproviders.MultiSource(searchRules)
|
||||
}
|
||||
|
||||
func providerSourceForCLIConfigLocation(loc cliconfig.ProviderInstallationLocation, services *disco.Disco) (getproviders.Source, tfdiags.Diagnostics) {
|
||||
func providerSourceForCLIConfigLocation(loc cliconfig.ProviderInstallationLocation, services *disco.Disco, _ ociCredsPolicyBuilder) (getproviders.Source, tfdiags.Diagnostics) {
|
||||
if loc == cliconfig.ProviderInstallationDirect {
|
||||
return getproviders.NewMemoizeSource(
|
||||
getproviders.NewRegistrySource(services),
|
||||
@@ -226,6 +237,12 @@ func providerSourceForCLIConfigLocation(loc cliconfig.ProviderInstallationLocati
|
||||
}
|
||||
return getproviders.NewHTTPMirrorSource(url, services.CredentialsSource()), nil
|
||||
|
||||
// TODO: Once we implement an OCI-Distribution-based mirror source in a
|
||||
// future commit, we'll use the ociCredsPolicyBuilder callback as part of
|
||||
// initializing it so that it can find any credentials it needs to do its work.
|
||||
// For now this is just a stub to illustrate where future work should
|
||||
// continue, to help split this OCI integration work across multiple changes.
|
||||
|
||||
default:
|
||||
// We should not get here because the set of cases above should
|
||||
// be comprehensive for all of the
|
||||
|
||||
Reference in New Issue
Block a user