provider/azurerm: support non public clouds (#11026)
* vendor: update jen20/riviera to pull in endpoints change * provider/auzrerm: support non public clouds Ran tests below with ARM_ENVIRONMENT=german and changes the location to Germany Central in the test config. The virtual network tests cover both Riviera (resource groups) and the official SDK client. TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMVirtualNetwork_ -timeout 120m === RUN TestAccAzureRMVirtualNetwork_importBasic --- PASS: TestAccAzureRMVirtualNetwork_importBasic (81.84s) === RUN TestAccAzureRMVirtualNetwork_basic --- PASS: TestAccAzureRMVirtualNetwork_basic (78.14s) === RUN TestAccAzureRMVirtualNetwork_disappears --- PASS: TestAccAzureRMVirtualNetwork_disappears (78.45s) === RUN TestAccAzureRMVirtualNetwork_withTags --- PASS: TestAccAzureRMVirtualNetwork_withTags (81.78s) PASS ok github.com/hashicorp/terraform/builtin/providers/azurerm 320.310s
This commit is contained in:
parent
4dcbbb82bd
commit
0284138440
|
@ -138,18 +138,31 @@ func (c *Config) getArmClient() (*ArmClient, error) {
|
|||
subscriptionId: c.SubscriptionID,
|
||||
}
|
||||
|
||||
// detect cloud from environment
|
||||
env, envErr := azure.EnvironmentFromName(c.Environment)
|
||||
if envErr != nil {
|
||||
// try again with wrapped value to support readable values like german instead of AZUREGERMANCLOUD
|
||||
wrapped := fmt.Sprintf("AZURE%sCLOUD", c.Environment)
|
||||
var innerErr error
|
||||
if env, innerErr = azure.EnvironmentFromName(wrapped); innerErr != nil {
|
||||
return nil, envErr
|
||||
}
|
||||
}
|
||||
|
||||
rivieraClient, err := riviera.NewClient(&riviera.AzureResourceManagerCredentials{
|
||||
ClientID: c.ClientID,
|
||||
ClientSecret: c.ClientSecret,
|
||||
TenantID: c.TenantID,
|
||||
SubscriptionID: c.SubscriptionID,
|
||||
ClientID: c.ClientID,
|
||||
ClientSecret: c.ClientSecret,
|
||||
TenantID: c.TenantID,
|
||||
SubscriptionID: c.SubscriptionID,
|
||||
ResourceManagerEndpoint: env.ResourceManagerEndpoint,
|
||||
ActiveDirectoryEndpoint: env.ActiveDirectoryEndpoint,
|
||||
})
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("Error creating Riviera client: %s", err)
|
||||
}
|
||||
client.rivieraClient = rivieraClient
|
||||
|
||||
oauthConfig, err := azure.PublicCloud.OAuthConfigForTenant(c.TenantID)
|
||||
oauthConfig, err := env.OAuthConfigForTenant(c.TenantID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
@ -159,267 +172,268 @@ func (c *Config) getArmClient() (*ArmClient, error) {
|
|||
return nil, fmt.Errorf("Unable to configure OAuthConfig for tenant %s", c.TenantID)
|
||||
}
|
||||
|
||||
spt, err := azure.NewServicePrincipalToken(*oauthConfig, c.ClientID, c.ClientSecret,
|
||||
azure.PublicCloud.ResourceManagerEndpoint)
|
||||
spt, err := azure.NewServicePrincipalToken(*oauthConfig, c.ClientID, c.ClientSecret, env.ResourceManagerEndpoint)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
endpoint := env.ResourceManagerEndpoint
|
||||
|
||||
// NOTE: these declarations should be left separate for clarity should the
|
||||
// clients be wished to be configured with custom Responders/PollingModess etc...
|
||||
asc := compute.NewAvailabilitySetsClient(c.SubscriptionID)
|
||||
asc := compute.NewAvailabilitySetsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&asc.Client)
|
||||
asc.Authorizer = spt
|
||||
asc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.availSetClient = asc
|
||||
|
||||
uoc := compute.NewUsageOperationsClient(c.SubscriptionID)
|
||||
uoc := compute.NewUsageOperationsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&uoc.Client)
|
||||
uoc.Authorizer = spt
|
||||
uoc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.usageOpsClient = uoc
|
||||
|
||||
vmeic := compute.NewVirtualMachineExtensionImagesClient(c.SubscriptionID)
|
||||
vmeic := compute.NewVirtualMachineExtensionImagesClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&vmeic.Client)
|
||||
vmeic.Authorizer = spt
|
||||
vmeic.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.vmExtensionImageClient = vmeic
|
||||
|
||||
vmec := compute.NewVirtualMachineExtensionsClient(c.SubscriptionID)
|
||||
vmec := compute.NewVirtualMachineExtensionsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&vmec.Client)
|
||||
vmec.Authorizer = spt
|
||||
vmec.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.vmExtensionClient = vmec
|
||||
|
||||
vmic := compute.NewVirtualMachineImagesClient(c.SubscriptionID)
|
||||
vmic := compute.NewVirtualMachineImagesClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&vmic.Client)
|
||||
vmic.Authorizer = spt
|
||||
vmic.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.vmImageClient = vmic
|
||||
|
||||
vmssc := compute.NewVirtualMachineScaleSetsClient(c.SubscriptionID)
|
||||
vmssc := compute.NewVirtualMachineScaleSetsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&vmssc.Client)
|
||||
vmssc.Authorizer = spt
|
||||
vmssc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.vmScaleSetClient = vmssc
|
||||
|
||||
vmc := compute.NewVirtualMachinesClient(c.SubscriptionID)
|
||||
vmc := compute.NewVirtualMachinesClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&vmc.Client)
|
||||
vmc.Authorizer = spt
|
||||
vmc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.vmClient = vmc
|
||||
|
||||
agc := network.NewApplicationGatewaysClient(c.SubscriptionID)
|
||||
agc := network.NewApplicationGatewaysClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&agc.Client)
|
||||
agc.Authorizer = spt
|
||||
agc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.appGatewayClient = agc
|
||||
|
||||
crc := containerregistry.NewRegistriesClient(c.SubscriptionID)
|
||||
crc := containerregistry.NewRegistriesClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&crc.Client)
|
||||
crc.Authorizer = spt
|
||||
crc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.containerRegistryClient = crc
|
||||
|
||||
ehc := eventhub.NewEventHubsClient(c.SubscriptionID)
|
||||
ehc := eventhub.NewEventHubsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&ehc.Client)
|
||||
ehc.Authorizer = spt
|
||||
ehc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.eventHubClient = ehc
|
||||
|
||||
chcgc := eventhub.NewConsumerGroupsClient(c.SubscriptionID)
|
||||
chcgc := eventhub.NewConsumerGroupsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&chcgc.Client)
|
||||
chcgc.Authorizer = spt
|
||||
chcgc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.eventHubConsumerGroupClient = chcgc
|
||||
|
||||
ehnc := eventhub.NewNamespacesClient(c.SubscriptionID)
|
||||
ehnc := eventhub.NewNamespacesClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&ehnc.Client)
|
||||
ehnc.Authorizer = spt
|
||||
ehnc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.eventHubNamespacesClient = ehnc
|
||||
|
||||
ifc := network.NewInterfacesClient(c.SubscriptionID)
|
||||
ifc := network.NewInterfacesClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&ifc.Client)
|
||||
ifc.Authorizer = spt
|
||||
ifc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.ifaceClient = ifc
|
||||
|
||||
lbc := network.NewLoadBalancersClient(c.SubscriptionID)
|
||||
lbc := network.NewLoadBalancersClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&lbc.Client)
|
||||
lbc.Authorizer = spt
|
||||
lbc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.loadBalancerClient = lbc
|
||||
|
||||
lgc := network.NewLocalNetworkGatewaysClient(c.SubscriptionID)
|
||||
lgc := network.NewLocalNetworkGatewaysClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&lgc.Client)
|
||||
lgc.Authorizer = spt
|
||||
lgc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.localNetConnClient = lgc
|
||||
|
||||
pipc := network.NewPublicIPAddressesClient(c.SubscriptionID)
|
||||
pipc := network.NewPublicIPAddressesClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&pipc.Client)
|
||||
pipc.Authorizer = spt
|
||||
pipc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.publicIPClient = pipc
|
||||
|
||||
sgc := network.NewSecurityGroupsClient(c.SubscriptionID)
|
||||
sgc := network.NewSecurityGroupsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&sgc.Client)
|
||||
sgc.Authorizer = spt
|
||||
sgc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.secGroupClient = sgc
|
||||
|
||||
src := network.NewSecurityRulesClient(c.SubscriptionID)
|
||||
src := network.NewSecurityRulesClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&src.Client)
|
||||
src.Authorizer = spt
|
||||
src.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.secRuleClient = src
|
||||
|
||||
snc := network.NewSubnetsClient(c.SubscriptionID)
|
||||
snc := network.NewSubnetsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&snc.Client)
|
||||
snc.Authorizer = spt
|
||||
snc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.subnetClient = snc
|
||||
|
||||
vgcc := network.NewVirtualNetworkGatewayConnectionsClient(c.SubscriptionID)
|
||||
vgcc := network.NewVirtualNetworkGatewayConnectionsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&vgcc.Client)
|
||||
vgcc.Authorizer = spt
|
||||
vgcc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.vnetGatewayConnectionsClient = vgcc
|
||||
|
||||
vgc := network.NewVirtualNetworkGatewaysClient(c.SubscriptionID)
|
||||
vgc := network.NewVirtualNetworkGatewaysClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&vgc.Client)
|
||||
vgc.Authorizer = spt
|
||||
vgc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.vnetGatewayClient = vgc
|
||||
|
||||
vnc := network.NewVirtualNetworksClient(c.SubscriptionID)
|
||||
vnc := network.NewVirtualNetworksClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&vnc.Client)
|
||||
vnc.Authorizer = spt
|
||||
vnc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.vnetClient = vnc
|
||||
|
||||
vnpc := network.NewVirtualNetworkPeeringsClient(c.SubscriptionID)
|
||||
vnpc := network.NewVirtualNetworkPeeringsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&vnpc.Client)
|
||||
vnpc.Authorizer = spt
|
||||
vnpc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.vnetPeeringsClient = vnpc
|
||||
|
||||
rtc := network.NewRouteTablesClient(c.SubscriptionID)
|
||||
rtc := network.NewRouteTablesClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&rtc.Client)
|
||||
rtc.Authorizer = spt
|
||||
rtc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.routeTablesClient = rtc
|
||||
|
||||
rc := network.NewRoutesClient(c.SubscriptionID)
|
||||
rc := network.NewRoutesClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&rc.Client)
|
||||
rc.Authorizer = spt
|
||||
rc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.routesClient = rc
|
||||
|
||||
rgc := resources.NewGroupsClient(c.SubscriptionID)
|
||||
rgc := resources.NewGroupsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&rgc.Client)
|
||||
rgc.Authorizer = spt
|
||||
rgc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.resourceGroupClient = rgc
|
||||
|
||||
pc := resources.NewProvidersClient(c.SubscriptionID)
|
||||
pc := resources.NewProvidersClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&pc.Client)
|
||||
pc.Authorizer = spt
|
||||
pc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.providers = pc
|
||||
|
||||
tc := resources.NewTagsClient(c.SubscriptionID)
|
||||
tc := resources.NewTagsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&tc.Client)
|
||||
tc.Authorizer = spt
|
||||
tc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.tagsClient = tc
|
||||
|
||||
rf := resources.NewClient(c.SubscriptionID)
|
||||
rf := resources.NewClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&rf.Client)
|
||||
rf.Authorizer = spt
|
||||
rf.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.resourceFindClient = rf
|
||||
|
||||
jc := scheduler.NewJobsClient(c.SubscriptionID)
|
||||
jc := scheduler.NewJobsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&jc.Client)
|
||||
jc.Authorizer = spt
|
||||
jc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.jobsClient = jc
|
||||
|
||||
jcc := scheduler.NewJobCollectionsClient(c.SubscriptionID)
|
||||
jcc := scheduler.NewJobCollectionsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&jcc.Client)
|
||||
jcc.Authorizer = spt
|
||||
jcc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.jobsCollectionsClient = jcc
|
||||
|
||||
ssc := storage.NewAccountsClient(c.SubscriptionID)
|
||||
ssc := storage.NewAccountsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&ssc.Client)
|
||||
ssc.Authorizer = spt
|
||||
ssc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.storageServiceClient = ssc
|
||||
|
||||
suc := storage.NewUsageOperationsClient(c.SubscriptionID)
|
||||
suc := storage.NewUsageOperationsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&suc.Client)
|
||||
suc.Authorizer = spt
|
||||
suc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.storageUsageClient = suc
|
||||
|
||||
cpc := cdn.NewProfilesClient(c.SubscriptionID)
|
||||
cpc := cdn.NewProfilesClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&cpc.Client)
|
||||
cpc.Authorizer = spt
|
||||
cpc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.cdnProfilesClient = cpc
|
||||
|
||||
cec := cdn.NewEndpointsClient(c.SubscriptionID)
|
||||
cec := cdn.NewEndpointsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&cec.Client)
|
||||
cec.Authorizer = spt
|
||||
cec.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.cdnEndpointsClient = cec
|
||||
|
||||
dc := resources.NewDeploymentsClient(c.SubscriptionID)
|
||||
dc := resources.NewDeploymentsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&dc.Client)
|
||||
dc.Authorizer = spt
|
||||
dc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.deploymentsClient = dc
|
||||
|
||||
tmpc := trafficmanager.NewProfilesClient(c.SubscriptionID)
|
||||
tmpc := trafficmanager.NewProfilesClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&tmpc.Client)
|
||||
tmpc.Authorizer = spt
|
||||
tmpc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.trafficManagerProfilesClient = tmpc
|
||||
|
||||
tmec := trafficmanager.NewEndpointsClient(c.SubscriptionID)
|
||||
tmec := trafficmanager.NewEndpointsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&tmec.Client)
|
||||
tmec.Authorizer = spt
|
||||
tmec.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.trafficManagerEndpointsClient = tmec
|
||||
|
||||
rdc := redis.NewClient(c.SubscriptionID)
|
||||
rdc := redis.NewClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&rdc.Client)
|
||||
rdc.Authorizer = spt
|
||||
rdc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.redisClient = rdc
|
||||
|
||||
sbnc := servicebus.NewNamespacesClient(c.SubscriptionID)
|
||||
sbnc := servicebus.NewNamespacesClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&sbnc.Client)
|
||||
sbnc.Authorizer = spt
|
||||
sbnc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.serviceBusNamespacesClient = sbnc
|
||||
|
||||
sbtc := servicebus.NewTopicsClient(c.SubscriptionID)
|
||||
sbtc := servicebus.NewTopicsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&sbtc.Client)
|
||||
sbtc.Authorizer = spt
|
||||
sbtc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.serviceBusTopicsClient = sbtc
|
||||
|
||||
sbsc := servicebus.NewSubscriptionsClient(c.SubscriptionID)
|
||||
sbsc := servicebus.NewSubscriptionsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&sbsc.Client)
|
||||
sbsc.Authorizer = spt
|
||||
sbsc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
client.serviceBusSubscriptionsClient = sbsc
|
||||
|
||||
kvc := keyvault.NewVaultsClient(c.SubscriptionID)
|
||||
kvc := keyvault.NewVaultsClientWithBaseURI(endpoint, c.SubscriptionID)
|
||||
setUserAgent(&kvc.Client)
|
||||
kvc.Authorizer = spt
|
||||
kvc.Sender = autorest.CreateSender(withRequestLogging())
|
||||
|
|
|
@ -45,6 +45,12 @@ func Provider() terraform.ResourceProvider {
|
|||
DefaultFunc: schema.EnvDefaultFunc("ARM_TENANT_ID", ""),
|
||||
},
|
||||
|
||||
"environment": {
|
||||
Type: schema.TypeString,
|
||||
Required: true,
|
||||
DefaultFunc: schema.EnvDefaultFunc("ARM_ENVIRONMENT", "public"),
|
||||
},
|
||||
|
||||
"skip_provider_registration": {
|
||||
Type: schema.TypeBool,
|
||||
Optional: true,
|
||||
|
@ -134,6 +140,7 @@ type Config struct {
|
|||
ClientID string
|
||||
ClientSecret string
|
||||
TenantID string
|
||||
Environment string
|
||||
SkipProviderRegistration bool
|
||||
|
||||
validateCredentialsOnce sync.Once
|
||||
|
@ -154,6 +161,9 @@ func (c *Config) validate() error {
|
|||
if c.TenantID == "" {
|
||||
err = multierror.Append(err, fmt.Errorf("Tenant ID must be configured for the AzureRM provider"))
|
||||
}
|
||||
if c.Environment == "" {
|
||||
err = multierror.Append(err, fmt.Errorf("Environment must be configured for the AzureRM provider"))
|
||||
}
|
||||
|
||||
return err.ErrorOrNil()
|
||||
}
|
||||
|
@ -165,6 +175,7 @@ func providerConfigure(p *schema.Provider) schema.ConfigureFunc {
|
|||
ClientID: d.Get("client_id").(string),
|
||||
ClientSecret: d.Get("client_secret").(string),
|
||||
TenantID: d.Get("tenant_id").(string),
|
||||
Environment: d.Get("environment").(string),
|
||||
SkipProviderRegistration: d.Get("skip_provider_registration").(bool),
|
||||
}
|
||||
|
||||
|
|
|
@ -12,7 +12,8 @@ import (
|
|||
type Client struct {
|
||||
logger *log.Logger
|
||||
|
||||
subscriptionID string
|
||||
subscriptionID string
|
||||
resourceManagerEndpoint string
|
||||
|
||||
tokenRequester *tokenRequester
|
||||
httpClient *retryablehttp.Client
|
||||
|
@ -24,13 +25,21 @@ func NewClient(creds *AzureResourceManagerCredentials) (*Client, error) {
|
|||
httpClient := retryablehttp.NewClient()
|
||||
httpClient.Logger = defaultLogger
|
||||
|
||||
tr := newTokenRequester(httpClient, creds.ClientID, creds.ClientSecret, creds.TenantID)
|
||||
if creds.ResourceManagerEndpoint == "" {
|
||||
creds.ResourceManagerEndpoint = defaultResourceManagerEndpoint
|
||||
}
|
||||
if creds.ActiveDirectoryEndpoint == "" {
|
||||
creds.ActiveDirectoryEndpoint = defaultActiveDirectoryEndpoint
|
||||
}
|
||||
|
||||
tr := newTokenRequester(httpClient, creds)
|
||||
|
||||
return &Client{
|
||||
subscriptionID: creds.SubscriptionID,
|
||||
httpClient: httpClient,
|
||||
tokenRequester: tr,
|
||||
logger: defaultLogger,
|
||||
subscriptionID: creds.SubscriptionID,
|
||||
resourceManagerEndpoint: creds.ResourceManagerEndpoint,
|
||||
httpClient: httpClient,
|
||||
tokenRequester: tr,
|
||||
logger: defaultLogger,
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
|
|
@ -1,8 +1,17 @@
|
|||
package azure
|
||||
|
||||
const (
|
||||
defaultResourceManagerEndpoint = "https://management.azure.com"
|
||||
defaultActiveDirectoryEndpoint = "https://login.microsoftonline.com"
|
||||
)
|
||||
|
||||
type AzureResourceManagerCredentials struct {
|
||||
ClientID string
|
||||
ClientSecret string
|
||||
TenantID string
|
||||
SubscriptionID string
|
||||
|
||||
// can be overridden for non public clouds
|
||||
ResourceManagerEndpoint string
|
||||
ActiveDirectoryEndpoint string
|
||||
}
|
||||
|
|
|
@ -1,43 +0,0 @@
|
|||
package azure
|
||||
|
||||
import (
|
||||
"reflect"
|
||||
"strings"
|
||||
)
|
||||
|
||||
type Endpoints struct {
|
||||
resourceManagerEndpointUrl string
|
||||
activeDirectoryEndpointUrl string
|
||||
}
|
||||
|
||||
var (
|
||||
ChineseEndpoints = Endpoints{"https://management.chinacloudapi.cn", "https://login.chinacloudapi.cn"}
|
||||
DefaultEndpoints = Endpoints{"https://management.azure.com", "https://login.microsoftonline.com"}
|
||||
GermanEndpoints = Endpoints{"https://management.microsoftazure.de", "https://login.microsoftonline.de"}
|
||||
USGovEndpoints = Endpoints{"https://management.usgovcloudapi.net", "https://login.microsoftonline.com"}
|
||||
)
|
||||
|
||||
func GetEndpointsForLocation(location string) Endpoints {
|
||||
location = strings.Replace(strings.ToLower(location), " ", "", -1)
|
||||
|
||||
switch location {
|
||||
case GermanyCentral, GermanyEast:
|
||||
return GermanEndpoints
|
||||
case ChinaEast, ChinaNorth:
|
||||
return ChineseEndpoints
|
||||
case USGovIowa, USGovVirginia:
|
||||
return USGovEndpoints
|
||||
default:
|
||||
return DefaultEndpoints
|
||||
}
|
||||
}
|
||||
|
||||
func GetEndpointsForCommand(command APICall) Endpoints {
|
||||
locationField := reflect.Indirect(reflect.ValueOf(command)).FieldByName("Location")
|
||||
if locationField.IsValid() {
|
||||
location := locationField.Interface().(string)
|
||||
return GetEndpointsForLocation(location)
|
||||
}
|
||||
|
||||
return DefaultEndpoints
|
||||
}
|
|
@ -0,0 +1,26 @@
|
|||
package azure
|
||||
|
||||
import "fmt"
|
||||
|
||||
type GetResourceProviderResponse struct {
|
||||
ID *string `mapstructure:"id"`
|
||||
Namespace *string `mapstructure:"namespace"`
|
||||
RegistrationState *string `mapstructure:"registrationState"`
|
||||
}
|
||||
|
||||
type GetResourceProvider struct {
|
||||
Namespace string `json:"-"`
|
||||
}
|
||||
|
||||
func (command GetResourceProvider) APIInfo() APIInfo {
|
||||
return APIInfo{
|
||||
APIVersion: resourceGroupAPIVersion,
|
||||
Method: "GET",
|
||||
URLPathFunc: func() string {
|
||||
return fmt.Sprintf("providers/%s", command.Namespace)
|
||||
},
|
||||
ResponseTypeFunc: func() interface{} {
|
||||
return &GetResourceProviderResponse{}
|
||||
},
|
||||
}
|
||||
}
|
|
@ -9,7 +9,6 @@ type RegisterResourceProviderResponse struct {
|
|||
ApplicationID *string `mapstructure:"applicationId"`
|
||||
}
|
||||
|
||||
// TODO: Investigate RegistrationState response polling
|
||||
type RegisterResourceProvider struct {
|
||||
Namespace string `json:"-"`
|
||||
}
|
||||
|
|
|
@ -75,8 +75,7 @@ func (request *Request) pollForAsynchronousResponse(acceptedResponse *http.Respo
|
|||
return nil, err
|
||||
}
|
||||
|
||||
endpoints := GetEndpointsForCommand(request.Command)
|
||||
err = request.client.tokenRequester.addAuthorizationToRequest(req, endpoints)
|
||||
err = request.client.tokenRequester.addAuthorizationToRequest(req)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
@ -116,11 +115,9 @@ func defaultARMRequestSerialize(body interface{}) (io.ReadSeeker, error) {
|
|||
func (request *Request) Execute() (*Response, error) {
|
||||
apiInfo := request.Command.APIInfo()
|
||||
|
||||
endpoints := GetEndpointsForCommand(request.Command)
|
||||
|
||||
var urlString string
|
||||
|
||||
urlObj, _ := url.Parse(endpoints.resourceManagerEndpointUrl)
|
||||
urlObj, _ := url.Parse(request.client.resourceManagerEndpoint)
|
||||
|
||||
// Determine whether to use the URLPathFunc or the URI explicitly set in the request
|
||||
if request.URI == nil {
|
||||
|
@ -166,7 +163,7 @@ func (request *Request) Execute() (*Response, error) {
|
|||
req.Header.Add("Content-Type", "application/json")
|
||||
}
|
||||
|
||||
err = request.client.tokenRequester.addAuthorizationToRequest(req, endpoints)
|
||||
err = request.client.tokenRequester.addAuthorizationToRequest(req)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
@ -19,6 +19,9 @@ func init() {
|
|||
}
|
||||
|
||||
type tokenRequester struct {
|
||||
activeDirectoryEndpoint string
|
||||
resourceManagerEndpoint string
|
||||
|
||||
clientID string
|
||||
clientSecret string
|
||||
tenantID string
|
||||
|
@ -31,21 +34,23 @@ type tokenRequester struct {
|
|||
currentToken *token
|
||||
}
|
||||
|
||||
func newTokenRequester(client *retryablehttp.Client, clientID, clientSecret, tenantID string) *tokenRequester {
|
||||
func newTokenRequester(client *retryablehttp.Client, creds *AzureResourceManagerCredentials) *tokenRequester {
|
||||
return &tokenRequester{
|
||||
clientID: clientID,
|
||||
clientSecret: clientSecret,
|
||||
tenantID: tenantID,
|
||||
refreshWithin: 5 * time.Minute,
|
||||
httpClient: client,
|
||||
activeDirectoryEndpoint: creds.ActiveDirectoryEndpoint,
|
||||
resourceManagerEndpoint: creds.ResourceManagerEndpoint,
|
||||
clientID: creds.ClientID,
|
||||
clientSecret: creds.ClientSecret,
|
||||
tenantID: creds.TenantID,
|
||||
refreshWithin: 5 * time.Minute,
|
||||
httpClient: client,
|
||||
}
|
||||
}
|
||||
|
||||
// addAuthorizationToRequest adds an Authorization header to an http.Request, having ensured
|
||||
// that the token is sufficiently fresh. This may invoke network calls, so should not be
|
||||
// relied on to return quickly.
|
||||
func (tr *tokenRequester) addAuthorizationToRequest(request *retryablehttp.Request, endpoints Endpoints) error {
|
||||
token, err := tr.getUsableToken(endpoints)
|
||||
func (tr *tokenRequester) addAuthorizationToRequest(request *retryablehttp.Request) error {
|
||||
token, err := tr.getUsableToken()
|
||||
if err != nil {
|
||||
return fmt.Errorf("Error obtaining authorization token: %s", err)
|
||||
}
|
||||
|
@ -54,7 +59,7 @@ func (tr *tokenRequester) addAuthorizationToRequest(request *retryablehttp.Reque
|
|||
return nil
|
||||
}
|
||||
|
||||
func (tr *tokenRequester) getUsableToken(endpoints Endpoints) (*token, error) {
|
||||
func (tr *tokenRequester) getUsableToken() (*token, error) {
|
||||
tr.l.Lock()
|
||||
defer tr.l.Unlock()
|
||||
|
||||
|
@ -62,7 +67,7 @@ func (tr *tokenRequester) getUsableToken(endpoints Endpoints) (*token, error) {
|
|||
return tr.currentToken, nil
|
||||
}
|
||||
|
||||
newToken, err := tr.refreshToken(endpoints)
|
||||
newToken, err := tr.refreshToken()
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("Error refreshing token: %s", err)
|
||||
}
|
||||
|
@ -71,14 +76,14 @@ func (tr *tokenRequester) getUsableToken(endpoints Endpoints) (*token, error) {
|
|||
return newToken, nil
|
||||
}
|
||||
|
||||
func (tr *tokenRequester) refreshToken(endpoints Endpoints) (*token, error) {
|
||||
oauthURL := fmt.Sprintf("%s/%s/oauth2/%s?api-version=1.0", endpoints.activeDirectoryEndpointUrl, tr.tenantID, "token")
|
||||
func (tr *tokenRequester) refreshToken() (*token, error) {
|
||||
oauthURL := fmt.Sprintf("%s/%s/oauth2/%s?api-version=1.0", tr.activeDirectoryEndpoint, tr.tenantID, "token")
|
||||
|
||||
v := url.Values{}
|
||||
v.Set("client_id", tr.clientID)
|
||||
v.Set("client_secret", tr.clientSecret)
|
||||
v.Set("grant_type", "client_credentials")
|
||||
v.Set("resource", strings.TrimSuffix(endpoints.resourceManagerEndpointUrl, "/")+"/")
|
||||
v.Set("resource", strings.TrimSuffix(tr.resourceManagerEndpoint, "/")+"/")
|
||||
|
||||
var newToken token
|
||||
response, err := tr.httpClient.PostForm(oauthURL, v)
|
||||
|
|
|
@ -1863,34 +1863,34 @@
|
|||
"revisionTime": "2017-01-03T19:23:32Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "tRK0n/cIjBCYjnumPiP9cCS2CnA=",
|
||||
"checksumSHA1": "hD8LA+lIAv6MB82Db29L71c2Jjc=",
|
||||
"path": "github.com/jen20/riviera/azure",
|
||||
"revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f",
|
||||
"revisionTime": "2016-11-01T10:00:17Z"
|
||||
"revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc",
|
||||
"revisionTime": "2017-01-04T10:03:54Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "ncdT+1PFEF5ly0niXuQc9/pKzT0=",
|
||||
"path": "github.com/jen20/riviera/dns",
|
||||
"revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f",
|
||||
"revisionTime": "2016-11-01T10:00:17Z"
|
||||
"revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc",
|
||||
"revisionTime": "2017-01-04T10:03:54Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "zVXx6ha3bt0N4ukRbRHXjSl91S4=",
|
||||
"path": "github.com/jen20/riviera/search",
|
||||
"revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f",
|
||||
"revisionTime": "2016-11-01T10:00:17Z"
|
||||
"revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc",
|
||||
"revisionTime": "2017-01-04T10:03:54Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "mD+brnqSfkLheYdGzTUqUi6VWgw=",
|
||||
"path": "github.com/jen20/riviera/sql",
|
||||
"revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f",
|
||||
"revisionTime": "2016-11-01T10:00:17Z"
|
||||
"revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc",
|
||||
"revisionTime": "2017-01-04T10:03:54Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "nKUCquNpJ9ifHgkXoT4K3Xar6R8=",
|
||||
"path": "github.com/jen20/riviera/storage",
|
||||
"revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f",
|
||||
"revisionTime": "2016-11-01T10:00:17Z"
|
||||
"revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc",
|
||||
"revisionTime": "2017-01-04T10:03:54Z"
|
||||
},
|
||||
{
|
||||
"comment": "0.2.2-2-gc01cf91",
|
||||
|
|
|
@ -76,6 +76,13 @@ The following arguments are supported:
|
|||
* `tenant_id` - (Optional) The tenant ID to use. It can also be sourced from the
|
||||
`ARM_TENANT_ID` environment variable.
|
||||
|
||||
* `environment` - (Optional) The cloud environment to use. It can also be sourced
|
||||
from the `ARM_ENVIRONMENT` environment variable. Supported values are:
|
||||
* `public` (default)
|
||||
* `usgovernment`
|
||||
* `german`
|
||||
* `china`
|
||||
|
||||
* `skip_provider_registration` - (Optional) Prevents the provier from registering
|
||||
the ARM provider namespaces, this can be used if you don't wish to give the Active
|
||||
Directory Application permission to register resource providers. It can also be
|
||||
|
|
Loading…
Reference in New Issue