From 0284138440b94926edb94c116d45fa6fa13d48f7 Mon Sep 17 00:00:00 2001 From: Peter McAtominey Date: Wed, 4 Jan 2017 12:00:14 +0000 Subject: [PATCH] provider/azurerm: support non public clouds (#11026) * vendor: update jen20/riviera to pull in endpoints change * provider/auzrerm: support non public clouds Ran tests below with ARM_ENVIRONMENT=german and changes the location to Germany Central in the test config. The virtual network tests cover both Riviera (resource groups) and the official SDK client. TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMVirtualNetwork_ -timeout 120m === RUN TestAccAzureRMVirtualNetwork_importBasic --- PASS: TestAccAzureRMVirtualNetwork_importBasic (81.84s) === RUN TestAccAzureRMVirtualNetwork_basic --- PASS: TestAccAzureRMVirtualNetwork_basic (78.14s) === RUN TestAccAzureRMVirtualNetwork_disappears --- PASS: TestAccAzureRMVirtualNetwork_disappears (78.45s) === RUN TestAccAzureRMVirtualNetwork_withTags --- PASS: TestAccAzureRMVirtualNetwork_withTags (81.78s) PASS ok github.com/hashicorp/terraform/builtin/providers/azurerm 320.310s --- builtin/providers/azurerm/config.go | 114 ++++++++++-------- builtin/providers/azurerm/provider.go | 11 ++ .../github.com/jen20/riviera/azure/client.go | 21 +++- .../jen20/riviera/azure/credentials.go | 9 ++ .../jen20/riviera/azure/endpoints.go | 43 ------- .../riviera/azure/get_resource_provider.go | 26 ++++ .../azure/register_resource_provider.go | 1 - .../github.com/jen20/riviera/azure/request.go | 9 +- .../github.com/jen20/riviera/azure/token.go | 31 +++-- vendor/vendor.json | 22 ++-- .../providers/azurerm/index.html.markdown | 7 ++ 11 files changed, 164 insertions(+), 130 deletions(-) delete mode 100644 vendor/github.com/jen20/riviera/azure/endpoints.go create mode 100644 vendor/github.com/jen20/riviera/azure/get_resource_provider.go diff --git a/builtin/providers/azurerm/config.go b/builtin/providers/azurerm/config.go index 6ac129252..983505a7c 100644 --- a/builtin/providers/azurerm/config.go +++ b/builtin/providers/azurerm/config.go @@ -138,18 +138,31 @@ func (c *Config) getArmClient() (*ArmClient, error) { subscriptionId: c.SubscriptionID, } + // detect cloud from environment + env, envErr := azure.EnvironmentFromName(c.Environment) + if envErr != nil { + // try again with wrapped value to support readable values like german instead of AZUREGERMANCLOUD + wrapped := fmt.Sprintf("AZURE%sCLOUD", c.Environment) + var innerErr error + if env, innerErr = azure.EnvironmentFromName(wrapped); innerErr != nil { + return nil, envErr + } + } + rivieraClient, err := riviera.NewClient(&riviera.AzureResourceManagerCredentials{ - ClientID: c.ClientID, - ClientSecret: c.ClientSecret, - TenantID: c.TenantID, - SubscriptionID: c.SubscriptionID, + ClientID: c.ClientID, + ClientSecret: c.ClientSecret, + TenantID: c.TenantID, + SubscriptionID: c.SubscriptionID, + ResourceManagerEndpoint: env.ResourceManagerEndpoint, + ActiveDirectoryEndpoint: env.ActiveDirectoryEndpoint, }) if err != nil { return nil, fmt.Errorf("Error creating Riviera client: %s", err) } client.rivieraClient = rivieraClient - oauthConfig, err := azure.PublicCloud.OAuthConfigForTenant(c.TenantID) + oauthConfig, err := env.OAuthConfigForTenant(c.TenantID) if err != nil { return nil, err } @@ -159,267 +172,268 @@ func (c *Config) getArmClient() (*ArmClient, error) { return nil, fmt.Errorf("Unable to configure OAuthConfig for tenant %s", c.TenantID) } - spt, err := azure.NewServicePrincipalToken(*oauthConfig, c.ClientID, c.ClientSecret, - azure.PublicCloud.ResourceManagerEndpoint) + spt, err := azure.NewServicePrincipalToken(*oauthConfig, c.ClientID, c.ClientSecret, env.ResourceManagerEndpoint) if err != nil { return nil, err } + endpoint := env.ResourceManagerEndpoint + // NOTE: these declarations should be left separate for clarity should the // clients be wished to be configured with custom Responders/PollingModess etc... - asc := compute.NewAvailabilitySetsClient(c.SubscriptionID) + asc := compute.NewAvailabilitySetsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&asc.Client) asc.Authorizer = spt asc.Sender = autorest.CreateSender(withRequestLogging()) client.availSetClient = asc - uoc := compute.NewUsageOperationsClient(c.SubscriptionID) + uoc := compute.NewUsageOperationsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&uoc.Client) uoc.Authorizer = spt uoc.Sender = autorest.CreateSender(withRequestLogging()) client.usageOpsClient = uoc - vmeic := compute.NewVirtualMachineExtensionImagesClient(c.SubscriptionID) + vmeic := compute.NewVirtualMachineExtensionImagesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vmeic.Client) vmeic.Authorizer = spt vmeic.Sender = autorest.CreateSender(withRequestLogging()) client.vmExtensionImageClient = vmeic - vmec := compute.NewVirtualMachineExtensionsClient(c.SubscriptionID) + vmec := compute.NewVirtualMachineExtensionsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vmec.Client) vmec.Authorizer = spt vmec.Sender = autorest.CreateSender(withRequestLogging()) client.vmExtensionClient = vmec - vmic := compute.NewVirtualMachineImagesClient(c.SubscriptionID) + vmic := compute.NewVirtualMachineImagesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vmic.Client) vmic.Authorizer = spt vmic.Sender = autorest.CreateSender(withRequestLogging()) client.vmImageClient = vmic - vmssc := compute.NewVirtualMachineScaleSetsClient(c.SubscriptionID) + vmssc := compute.NewVirtualMachineScaleSetsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vmssc.Client) vmssc.Authorizer = spt vmssc.Sender = autorest.CreateSender(withRequestLogging()) client.vmScaleSetClient = vmssc - vmc := compute.NewVirtualMachinesClient(c.SubscriptionID) + vmc := compute.NewVirtualMachinesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vmc.Client) vmc.Authorizer = spt vmc.Sender = autorest.CreateSender(withRequestLogging()) client.vmClient = vmc - agc := network.NewApplicationGatewaysClient(c.SubscriptionID) + agc := network.NewApplicationGatewaysClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&agc.Client) agc.Authorizer = spt agc.Sender = autorest.CreateSender(withRequestLogging()) client.appGatewayClient = agc - crc := containerregistry.NewRegistriesClient(c.SubscriptionID) + crc := containerregistry.NewRegistriesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&crc.Client) crc.Authorizer = spt crc.Sender = autorest.CreateSender(withRequestLogging()) client.containerRegistryClient = crc - ehc := eventhub.NewEventHubsClient(c.SubscriptionID) + ehc := eventhub.NewEventHubsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&ehc.Client) ehc.Authorizer = spt ehc.Sender = autorest.CreateSender(withRequestLogging()) client.eventHubClient = ehc - chcgc := eventhub.NewConsumerGroupsClient(c.SubscriptionID) + chcgc := eventhub.NewConsumerGroupsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&chcgc.Client) chcgc.Authorizer = spt chcgc.Sender = autorest.CreateSender(withRequestLogging()) client.eventHubConsumerGroupClient = chcgc - ehnc := eventhub.NewNamespacesClient(c.SubscriptionID) + ehnc := eventhub.NewNamespacesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&ehnc.Client) ehnc.Authorizer = spt ehnc.Sender = autorest.CreateSender(withRequestLogging()) client.eventHubNamespacesClient = ehnc - ifc := network.NewInterfacesClient(c.SubscriptionID) + ifc := network.NewInterfacesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&ifc.Client) ifc.Authorizer = spt ifc.Sender = autorest.CreateSender(withRequestLogging()) client.ifaceClient = ifc - lbc := network.NewLoadBalancersClient(c.SubscriptionID) + lbc := network.NewLoadBalancersClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&lbc.Client) lbc.Authorizer = spt lbc.Sender = autorest.CreateSender(withRequestLogging()) client.loadBalancerClient = lbc - lgc := network.NewLocalNetworkGatewaysClient(c.SubscriptionID) + lgc := network.NewLocalNetworkGatewaysClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&lgc.Client) lgc.Authorizer = spt lgc.Sender = autorest.CreateSender(withRequestLogging()) client.localNetConnClient = lgc - pipc := network.NewPublicIPAddressesClient(c.SubscriptionID) + pipc := network.NewPublicIPAddressesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&pipc.Client) pipc.Authorizer = spt pipc.Sender = autorest.CreateSender(withRequestLogging()) client.publicIPClient = pipc - sgc := network.NewSecurityGroupsClient(c.SubscriptionID) + sgc := network.NewSecurityGroupsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&sgc.Client) sgc.Authorizer = spt sgc.Sender = autorest.CreateSender(withRequestLogging()) client.secGroupClient = sgc - src := network.NewSecurityRulesClient(c.SubscriptionID) + src := network.NewSecurityRulesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&src.Client) src.Authorizer = spt src.Sender = autorest.CreateSender(withRequestLogging()) client.secRuleClient = src - snc := network.NewSubnetsClient(c.SubscriptionID) + snc := network.NewSubnetsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&snc.Client) snc.Authorizer = spt snc.Sender = autorest.CreateSender(withRequestLogging()) client.subnetClient = snc - vgcc := network.NewVirtualNetworkGatewayConnectionsClient(c.SubscriptionID) + vgcc := network.NewVirtualNetworkGatewayConnectionsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vgcc.Client) vgcc.Authorizer = spt vgcc.Sender = autorest.CreateSender(withRequestLogging()) client.vnetGatewayConnectionsClient = vgcc - vgc := network.NewVirtualNetworkGatewaysClient(c.SubscriptionID) + vgc := network.NewVirtualNetworkGatewaysClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vgc.Client) vgc.Authorizer = spt vgc.Sender = autorest.CreateSender(withRequestLogging()) client.vnetGatewayClient = vgc - vnc := network.NewVirtualNetworksClient(c.SubscriptionID) + vnc := network.NewVirtualNetworksClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vnc.Client) vnc.Authorizer = spt vnc.Sender = autorest.CreateSender(withRequestLogging()) client.vnetClient = vnc - vnpc := network.NewVirtualNetworkPeeringsClient(c.SubscriptionID) + vnpc := network.NewVirtualNetworkPeeringsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&vnpc.Client) vnpc.Authorizer = spt vnpc.Sender = autorest.CreateSender(withRequestLogging()) client.vnetPeeringsClient = vnpc - rtc := network.NewRouteTablesClient(c.SubscriptionID) + rtc := network.NewRouteTablesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&rtc.Client) rtc.Authorizer = spt rtc.Sender = autorest.CreateSender(withRequestLogging()) client.routeTablesClient = rtc - rc := network.NewRoutesClient(c.SubscriptionID) + rc := network.NewRoutesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&rc.Client) rc.Authorizer = spt rc.Sender = autorest.CreateSender(withRequestLogging()) client.routesClient = rc - rgc := resources.NewGroupsClient(c.SubscriptionID) + rgc := resources.NewGroupsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&rgc.Client) rgc.Authorizer = spt rgc.Sender = autorest.CreateSender(withRequestLogging()) client.resourceGroupClient = rgc - pc := resources.NewProvidersClient(c.SubscriptionID) + pc := resources.NewProvidersClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&pc.Client) pc.Authorizer = spt pc.Sender = autorest.CreateSender(withRequestLogging()) client.providers = pc - tc := resources.NewTagsClient(c.SubscriptionID) + tc := resources.NewTagsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&tc.Client) tc.Authorizer = spt tc.Sender = autorest.CreateSender(withRequestLogging()) client.tagsClient = tc - rf := resources.NewClient(c.SubscriptionID) + rf := resources.NewClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&rf.Client) rf.Authorizer = spt rf.Sender = autorest.CreateSender(withRequestLogging()) client.resourceFindClient = rf - jc := scheduler.NewJobsClient(c.SubscriptionID) + jc := scheduler.NewJobsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&jc.Client) jc.Authorizer = spt jc.Sender = autorest.CreateSender(withRequestLogging()) client.jobsClient = jc - jcc := scheduler.NewJobCollectionsClient(c.SubscriptionID) + jcc := scheduler.NewJobCollectionsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&jcc.Client) jcc.Authorizer = spt jcc.Sender = autorest.CreateSender(withRequestLogging()) client.jobsCollectionsClient = jcc - ssc := storage.NewAccountsClient(c.SubscriptionID) + ssc := storage.NewAccountsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&ssc.Client) ssc.Authorizer = spt ssc.Sender = autorest.CreateSender(withRequestLogging()) client.storageServiceClient = ssc - suc := storage.NewUsageOperationsClient(c.SubscriptionID) + suc := storage.NewUsageOperationsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&suc.Client) suc.Authorizer = spt suc.Sender = autorest.CreateSender(withRequestLogging()) client.storageUsageClient = suc - cpc := cdn.NewProfilesClient(c.SubscriptionID) + cpc := cdn.NewProfilesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&cpc.Client) cpc.Authorizer = spt cpc.Sender = autorest.CreateSender(withRequestLogging()) client.cdnProfilesClient = cpc - cec := cdn.NewEndpointsClient(c.SubscriptionID) + cec := cdn.NewEndpointsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&cec.Client) cec.Authorizer = spt cec.Sender = autorest.CreateSender(withRequestLogging()) client.cdnEndpointsClient = cec - dc := resources.NewDeploymentsClient(c.SubscriptionID) + dc := resources.NewDeploymentsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&dc.Client) dc.Authorizer = spt dc.Sender = autorest.CreateSender(withRequestLogging()) client.deploymentsClient = dc - tmpc := trafficmanager.NewProfilesClient(c.SubscriptionID) + tmpc := trafficmanager.NewProfilesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&tmpc.Client) tmpc.Authorizer = spt tmpc.Sender = autorest.CreateSender(withRequestLogging()) client.trafficManagerProfilesClient = tmpc - tmec := trafficmanager.NewEndpointsClient(c.SubscriptionID) + tmec := trafficmanager.NewEndpointsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&tmec.Client) tmec.Authorizer = spt tmec.Sender = autorest.CreateSender(withRequestLogging()) client.trafficManagerEndpointsClient = tmec - rdc := redis.NewClient(c.SubscriptionID) + rdc := redis.NewClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&rdc.Client) rdc.Authorizer = spt rdc.Sender = autorest.CreateSender(withRequestLogging()) client.redisClient = rdc - sbnc := servicebus.NewNamespacesClient(c.SubscriptionID) + sbnc := servicebus.NewNamespacesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&sbnc.Client) sbnc.Authorizer = spt sbnc.Sender = autorest.CreateSender(withRequestLogging()) client.serviceBusNamespacesClient = sbnc - sbtc := servicebus.NewTopicsClient(c.SubscriptionID) + sbtc := servicebus.NewTopicsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&sbtc.Client) sbtc.Authorizer = spt sbtc.Sender = autorest.CreateSender(withRequestLogging()) client.serviceBusTopicsClient = sbtc - sbsc := servicebus.NewSubscriptionsClient(c.SubscriptionID) + sbsc := servicebus.NewSubscriptionsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&sbsc.Client) sbsc.Authorizer = spt sbsc.Sender = autorest.CreateSender(withRequestLogging()) client.serviceBusSubscriptionsClient = sbsc - kvc := keyvault.NewVaultsClient(c.SubscriptionID) + kvc := keyvault.NewVaultsClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&kvc.Client) kvc.Authorizer = spt kvc.Sender = autorest.CreateSender(withRequestLogging()) diff --git a/builtin/providers/azurerm/provider.go b/builtin/providers/azurerm/provider.go index 9b4be30dd..62d060a39 100644 --- a/builtin/providers/azurerm/provider.go +++ b/builtin/providers/azurerm/provider.go @@ -45,6 +45,12 @@ func Provider() terraform.ResourceProvider { DefaultFunc: schema.EnvDefaultFunc("ARM_TENANT_ID", ""), }, + "environment": { + Type: schema.TypeString, + Required: true, + DefaultFunc: schema.EnvDefaultFunc("ARM_ENVIRONMENT", "public"), + }, + "skip_provider_registration": { Type: schema.TypeBool, Optional: true, @@ -134,6 +140,7 @@ type Config struct { ClientID string ClientSecret string TenantID string + Environment string SkipProviderRegistration bool validateCredentialsOnce sync.Once @@ -154,6 +161,9 @@ func (c *Config) validate() error { if c.TenantID == "" { err = multierror.Append(err, fmt.Errorf("Tenant ID must be configured for the AzureRM provider")) } + if c.Environment == "" { + err = multierror.Append(err, fmt.Errorf("Environment must be configured for the AzureRM provider")) + } return err.ErrorOrNil() } @@ -165,6 +175,7 @@ func providerConfigure(p *schema.Provider) schema.ConfigureFunc { ClientID: d.Get("client_id").(string), ClientSecret: d.Get("client_secret").(string), TenantID: d.Get("tenant_id").(string), + Environment: d.Get("environment").(string), SkipProviderRegistration: d.Get("skip_provider_registration").(bool), } diff --git a/vendor/github.com/jen20/riviera/azure/client.go b/vendor/github.com/jen20/riviera/azure/client.go index f7d2c885a..3de857187 100644 --- a/vendor/github.com/jen20/riviera/azure/client.go +++ b/vendor/github.com/jen20/riviera/azure/client.go @@ -12,7 +12,8 @@ import ( type Client struct { logger *log.Logger - subscriptionID string + subscriptionID string + resourceManagerEndpoint string tokenRequester *tokenRequester httpClient *retryablehttp.Client @@ -24,13 +25,21 @@ func NewClient(creds *AzureResourceManagerCredentials) (*Client, error) { httpClient := retryablehttp.NewClient() httpClient.Logger = defaultLogger - tr := newTokenRequester(httpClient, creds.ClientID, creds.ClientSecret, creds.TenantID) + if creds.ResourceManagerEndpoint == "" { + creds.ResourceManagerEndpoint = defaultResourceManagerEndpoint + } + if creds.ActiveDirectoryEndpoint == "" { + creds.ActiveDirectoryEndpoint = defaultActiveDirectoryEndpoint + } + + tr := newTokenRequester(httpClient, creds) return &Client{ - subscriptionID: creds.SubscriptionID, - httpClient: httpClient, - tokenRequester: tr, - logger: defaultLogger, + subscriptionID: creds.SubscriptionID, + resourceManagerEndpoint: creds.ResourceManagerEndpoint, + httpClient: httpClient, + tokenRequester: tr, + logger: defaultLogger, }, nil } diff --git a/vendor/github.com/jen20/riviera/azure/credentials.go b/vendor/github.com/jen20/riviera/azure/credentials.go index 7b3c8543b..4a595a6dc 100644 --- a/vendor/github.com/jen20/riviera/azure/credentials.go +++ b/vendor/github.com/jen20/riviera/azure/credentials.go @@ -1,8 +1,17 @@ package azure +const ( + defaultResourceManagerEndpoint = "https://management.azure.com" + defaultActiveDirectoryEndpoint = "https://login.microsoftonline.com" +) + type AzureResourceManagerCredentials struct { ClientID string ClientSecret string TenantID string SubscriptionID string + + // can be overridden for non public clouds + ResourceManagerEndpoint string + ActiveDirectoryEndpoint string } diff --git a/vendor/github.com/jen20/riviera/azure/endpoints.go b/vendor/github.com/jen20/riviera/azure/endpoints.go deleted file mode 100644 index e88eb66c3..000000000 --- a/vendor/github.com/jen20/riviera/azure/endpoints.go +++ /dev/null @@ -1,43 +0,0 @@ -package azure - -import ( - "reflect" - "strings" -) - -type Endpoints struct { - resourceManagerEndpointUrl string - activeDirectoryEndpointUrl string -} - -var ( - ChineseEndpoints = Endpoints{"https://management.chinacloudapi.cn", "https://login.chinacloudapi.cn"} - DefaultEndpoints = Endpoints{"https://management.azure.com", "https://login.microsoftonline.com"} - GermanEndpoints = Endpoints{"https://management.microsoftazure.de", "https://login.microsoftonline.de"} - USGovEndpoints = Endpoints{"https://management.usgovcloudapi.net", "https://login.microsoftonline.com"} -) - -func GetEndpointsForLocation(location string) Endpoints { - location = strings.Replace(strings.ToLower(location), " ", "", -1) - - switch location { - case GermanyCentral, GermanyEast: - return GermanEndpoints - case ChinaEast, ChinaNorth: - return ChineseEndpoints - case USGovIowa, USGovVirginia: - return USGovEndpoints - default: - return DefaultEndpoints - } -} - -func GetEndpointsForCommand(command APICall) Endpoints { - locationField := reflect.Indirect(reflect.ValueOf(command)).FieldByName("Location") - if locationField.IsValid() { - location := locationField.Interface().(string) - return GetEndpointsForLocation(location) - } - - return DefaultEndpoints -} diff --git a/vendor/github.com/jen20/riviera/azure/get_resource_provider.go b/vendor/github.com/jen20/riviera/azure/get_resource_provider.go new file mode 100644 index 000000000..cbce3d13f --- /dev/null +++ b/vendor/github.com/jen20/riviera/azure/get_resource_provider.go @@ -0,0 +1,26 @@ +package azure + +import "fmt" + +type GetResourceProviderResponse struct { + ID *string `mapstructure:"id"` + Namespace *string `mapstructure:"namespace"` + RegistrationState *string `mapstructure:"registrationState"` +} + +type GetResourceProvider struct { + Namespace string `json:"-"` +} + +func (command GetResourceProvider) APIInfo() APIInfo { + return APIInfo{ + APIVersion: resourceGroupAPIVersion, + Method: "GET", + URLPathFunc: func() string { + return fmt.Sprintf("providers/%s", command.Namespace) + }, + ResponseTypeFunc: func() interface{} { + return &GetResourceProviderResponse{} + }, + } +} diff --git a/vendor/github.com/jen20/riviera/azure/register_resource_provider.go b/vendor/github.com/jen20/riviera/azure/register_resource_provider.go index 857bce051..f1862842b 100644 --- a/vendor/github.com/jen20/riviera/azure/register_resource_provider.go +++ b/vendor/github.com/jen20/riviera/azure/register_resource_provider.go @@ -9,7 +9,6 @@ type RegisterResourceProviderResponse struct { ApplicationID *string `mapstructure:"applicationId"` } -// TODO: Investigate RegistrationState response polling type RegisterResourceProvider struct { Namespace string `json:"-"` } diff --git a/vendor/github.com/jen20/riviera/azure/request.go b/vendor/github.com/jen20/riviera/azure/request.go index 0bf412477..345bb7564 100644 --- a/vendor/github.com/jen20/riviera/azure/request.go +++ b/vendor/github.com/jen20/riviera/azure/request.go @@ -75,8 +75,7 @@ func (request *Request) pollForAsynchronousResponse(acceptedResponse *http.Respo return nil, err } - endpoints := GetEndpointsForCommand(request.Command) - err = request.client.tokenRequester.addAuthorizationToRequest(req, endpoints) + err = request.client.tokenRequester.addAuthorizationToRequest(req) if err != nil { return nil, err } @@ -116,11 +115,9 @@ func defaultARMRequestSerialize(body interface{}) (io.ReadSeeker, error) { func (request *Request) Execute() (*Response, error) { apiInfo := request.Command.APIInfo() - endpoints := GetEndpointsForCommand(request.Command) - var urlString string - urlObj, _ := url.Parse(endpoints.resourceManagerEndpointUrl) + urlObj, _ := url.Parse(request.client.resourceManagerEndpoint) // Determine whether to use the URLPathFunc or the URI explicitly set in the request if request.URI == nil { @@ -166,7 +163,7 @@ func (request *Request) Execute() (*Response, error) { req.Header.Add("Content-Type", "application/json") } - err = request.client.tokenRequester.addAuthorizationToRequest(req, endpoints) + err = request.client.tokenRequester.addAuthorizationToRequest(req) if err != nil { return nil, err } diff --git a/vendor/github.com/jen20/riviera/azure/token.go b/vendor/github.com/jen20/riviera/azure/token.go index e608fc1c5..aa7160b9f 100644 --- a/vendor/github.com/jen20/riviera/azure/token.go +++ b/vendor/github.com/jen20/riviera/azure/token.go @@ -19,6 +19,9 @@ func init() { } type tokenRequester struct { + activeDirectoryEndpoint string + resourceManagerEndpoint string + clientID string clientSecret string tenantID string @@ -31,21 +34,23 @@ type tokenRequester struct { currentToken *token } -func newTokenRequester(client *retryablehttp.Client, clientID, clientSecret, tenantID string) *tokenRequester { +func newTokenRequester(client *retryablehttp.Client, creds *AzureResourceManagerCredentials) *tokenRequester { return &tokenRequester{ - clientID: clientID, - clientSecret: clientSecret, - tenantID: tenantID, - refreshWithin: 5 * time.Minute, - httpClient: client, + activeDirectoryEndpoint: creds.ActiveDirectoryEndpoint, + resourceManagerEndpoint: creds.ResourceManagerEndpoint, + clientID: creds.ClientID, + clientSecret: creds.ClientSecret, + tenantID: creds.TenantID, + refreshWithin: 5 * time.Minute, + httpClient: client, } } // addAuthorizationToRequest adds an Authorization header to an http.Request, having ensured // that the token is sufficiently fresh. This may invoke network calls, so should not be // relied on to return quickly. -func (tr *tokenRequester) addAuthorizationToRequest(request *retryablehttp.Request, endpoints Endpoints) error { - token, err := tr.getUsableToken(endpoints) +func (tr *tokenRequester) addAuthorizationToRequest(request *retryablehttp.Request) error { + token, err := tr.getUsableToken() if err != nil { return fmt.Errorf("Error obtaining authorization token: %s", err) } @@ -54,7 +59,7 @@ func (tr *tokenRequester) addAuthorizationToRequest(request *retryablehttp.Reque return nil } -func (tr *tokenRequester) getUsableToken(endpoints Endpoints) (*token, error) { +func (tr *tokenRequester) getUsableToken() (*token, error) { tr.l.Lock() defer tr.l.Unlock() @@ -62,7 +67,7 @@ func (tr *tokenRequester) getUsableToken(endpoints Endpoints) (*token, error) { return tr.currentToken, nil } - newToken, err := tr.refreshToken(endpoints) + newToken, err := tr.refreshToken() if err != nil { return nil, fmt.Errorf("Error refreshing token: %s", err) } @@ -71,14 +76,14 @@ func (tr *tokenRequester) getUsableToken(endpoints Endpoints) (*token, error) { return newToken, nil } -func (tr *tokenRequester) refreshToken(endpoints Endpoints) (*token, error) { - oauthURL := fmt.Sprintf("%s/%s/oauth2/%s?api-version=1.0", endpoints.activeDirectoryEndpointUrl, tr.tenantID, "token") +func (tr *tokenRequester) refreshToken() (*token, error) { + oauthURL := fmt.Sprintf("%s/%s/oauth2/%s?api-version=1.0", tr.activeDirectoryEndpoint, tr.tenantID, "token") v := url.Values{} v.Set("client_id", tr.clientID) v.Set("client_secret", tr.clientSecret) v.Set("grant_type", "client_credentials") - v.Set("resource", strings.TrimSuffix(endpoints.resourceManagerEndpointUrl, "/")+"/") + v.Set("resource", strings.TrimSuffix(tr.resourceManagerEndpoint, "/")+"/") var newToken token response, err := tr.httpClient.PostForm(oauthURL, v) diff --git a/vendor/vendor.json b/vendor/vendor.json index eb27d57e5..91b5a7ed7 100644 --- a/vendor/vendor.json +++ b/vendor/vendor.json @@ -1863,34 +1863,34 @@ "revisionTime": "2017-01-03T19:23:32Z" }, { - "checksumSHA1": "tRK0n/cIjBCYjnumPiP9cCS2CnA=", + "checksumSHA1": "hD8LA+lIAv6MB82Db29L71c2Jjc=", "path": "github.com/jen20/riviera/azure", - "revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f", - "revisionTime": "2016-11-01T10:00:17Z" + "revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc", + "revisionTime": "2017-01-04T10:03:54Z" }, { "checksumSHA1": "ncdT+1PFEF5ly0niXuQc9/pKzT0=", "path": "github.com/jen20/riviera/dns", - "revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f", - "revisionTime": "2016-11-01T10:00:17Z" + "revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc", + "revisionTime": "2017-01-04T10:03:54Z" }, { "checksumSHA1": "zVXx6ha3bt0N4ukRbRHXjSl91S4=", "path": "github.com/jen20/riviera/search", - "revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f", - "revisionTime": "2016-11-01T10:00:17Z" + "revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc", + "revisionTime": "2017-01-04T10:03:54Z" }, { "checksumSHA1": "mD+brnqSfkLheYdGzTUqUi6VWgw=", "path": "github.com/jen20/riviera/sql", - "revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f", - "revisionTime": "2016-11-01T10:00:17Z" + "revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc", + "revisionTime": "2017-01-04T10:03:54Z" }, { "checksumSHA1": "nKUCquNpJ9ifHgkXoT4K3Xar6R8=", "path": "github.com/jen20/riviera/storage", - "revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f", - "revisionTime": "2016-11-01T10:00:17Z" + "revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc", + "revisionTime": "2017-01-04T10:03:54Z" }, { "comment": "0.2.2-2-gc01cf91", diff --git a/website/source/docs/providers/azurerm/index.html.markdown b/website/source/docs/providers/azurerm/index.html.markdown index f6d9bc2af..9c5f0ee07 100644 --- a/website/source/docs/providers/azurerm/index.html.markdown +++ b/website/source/docs/providers/azurerm/index.html.markdown @@ -76,6 +76,13 @@ The following arguments are supported: * `tenant_id` - (Optional) The tenant ID to use. It can also be sourced from the `ARM_TENANT_ID` environment variable. +* `environment` - (Optional) The cloud environment to use. It can also be sourced + from the `ARM_ENVIRONMENT` environment variable. Supported values are: + * `public` (default) + * `usgovernment` + * `german` + * `china` + * `skip_provider_registration` - (Optional) Prevents the provier from registering the ARM provider namespaces, this can be used if you don't wish to give the Active Directory Application permission to register resource providers. It can also be