mirror of
https://github.com/opentffoundation/opentf.git
synced 2025-12-19 17:59:05 -05:00
94 lines
2.7 KiB
Go
94 lines
2.7 KiB
Go
// Copyright (c) The OpenTofu Authors
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
// Copyright (c) 2023 HashiCorp, Inc.
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
package encryption
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
|
|
"github.com/hashicorp/hcl/v2"
|
|
"github.com/hashicorp/hcl/v2/gohcl"
|
|
"github.com/opentofu/opentofu/internal/encryption/config"
|
|
"github.com/opentofu/opentofu/internal/encryption/method"
|
|
"github.com/opentofu/opentofu/internal/encryption/registry"
|
|
"github.com/zclconf/go-cty/cty"
|
|
)
|
|
|
|
func (e *targetBuilder) setupMethods() hcl.Diagnostics {
|
|
var diags hcl.Diagnostics
|
|
|
|
e.methodValues = make(map[string]map[string]cty.Value)
|
|
e.methods = make(map[method.Addr]method.Method)
|
|
|
|
for _, m := range e.cfg.MethodConfigs {
|
|
diags = append(diags, e.setupMethod(m)...)
|
|
}
|
|
|
|
// Regenerate the context now that the method is loaded
|
|
mMap := make(map[string]cty.Value)
|
|
for name, ms := range e.methodValues {
|
|
mMap[name] = cty.ObjectVal(ms)
|
|
}
|
|
e.ctx.Variables["method"] = cty.ObjectVal(mMap)
|
|
|
|
return diags
|
|
}
|
|
|
|
// setupMethod sets up a single method for encryption. It returns a list of diagnostics if the method is invalid.
|
|
func (e *targetBuilder) setupMethod(cfg config.MethodConfig) hcl.Diagnostics {
|
|
addr, diags := cfg.Addr()
|
|
if diags.HasErrors() {
|
|
return diags
|
|
}
|
|
|
|
// Ensure cfg.Type is in methodValues
|
|
if _, ok := e.methodValues[cfg.Type]; !ok {
|
|
e.methodValues[cfg.Type] = make(map[string]cty.Value)
|
|
}
|
|
|
|
// Lookup the definition of the encryption method from the registry
|
|
encryptionMethod, err := e.reg.GetMethodDescriptor(method.ID(cfg.Type))
|
|
if err != nil {
|
|
|
|
// Handle if the method was not found
|
|
var notFoundError *registry.MethodNotFoundError
|
|
if errors.Is(err, notFoundError) {
|
|
return hcl.Diagnostics{&hcl.Diagnostic{
|
|
Severity: hcl.DiagError,
|
|
Summary: "Unknown encryption method type",
|
|
Detail: fmt.Sprintf("Can not find %q", cfg.Type),
|
|
}}
|
|
}
|
|
|
|
// Or, we don't know the error type, so we'll just return it as a generic error
|
|
return hcl.Diagnostics{&hcl.Diagnostic{
|
|
Severity: hcl.DiagError,
|
|
Summary: fmt.Sprintf("Error fetching encryption method %q", cfg.Type),
|
|
Detail: err.Error(),
|
|
}}
|
|
}
|
|
|
|
// TODO: we could use varhcl here to provider better error messages
|
|
methodConfig := encryptionMethod.ConfigStruct()
|
|
diags = gohcl.DecodeBody(cfg.Body, e.ctx, methodConfig)
|
|
if diags.HasErrors() {
|
|
return diags
|
|
}
|
|
|
|
e.methodValues[cfg.Type][cfg.Name] = cty.StringVal(string(addr))
|
|
m, err := methodConfig.Build()
|
|
if err != nil {
|
|
// TODO this error handling could use some work
|
|
return hcl.Diagnostics{&hcl.Diagnostic{
|
|
Severity: hcl.DiagError,
|
|
Summary: "Encryption method configuration failed",
|
|
Detail: err.Error(),
|
|
}}
|
|
}
|
|
e.methods[addr] = m
|
|
return nil
|
|
}
|