provider/azurerm: support non public clouds (#11026)

* vendor: update jen20/riviera to pull in endpoints change

* provider/auzrerm: support non public clouds

Ran tests below with ARM_ENVIRONMENT=german and changes the location to Germany
Central in the test config. The virtual network tests cover both Riviera (resource
groups) and the official SDK client.

TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMVirtualNetwork_ -timeout 120m
=== RUN   TestAccAzureRMVirtualNetwork_importBasic
--- PASS: TestAccAzureRMVirtualNetwork_importBasic (81.84s)
=== RUN   TestAccAzureRMVirtualNetwork_basic
--- PASS: TestAccAzureRMVirtualNetwork_basic (78.14s)
=== RUN   TestAccAzureRMVirtualNetwork_disappears
--- PASS: TestAccAzureRMVirtualNetwork_disappears (78.45s)
=== RUN   TestAccAzureRMVirtualNetwork_withTags
--- PASS: TestAccAzureRMVirtualNetwork_withTags (81.78s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/azurerm	320.310s
This commit is contained in:
Peter McAtominey 2017-01-04 12:00:14 +00:00 committed by Paul Stack
parent 4dcbbb82bd
commit 0284138440
11 changed files with 164 additions and 130 deletions

View File

@ -138,18 +138,31 @@ func (c *Config) getArmClient() (*ArmClient, error) {
subscriptionId: c.SubscriptionID, subscriptionId: c.SubscriptionID,
} }
// detect cloud from environment
env, envErr := azure.EnvironmentFromName(c.Environment)
if envErr != nil {
// try again with wrapped value to support readable values like german instead of AZUREGERMANCLOUD
wrapped := fmt.Sprintf("AZURE%sCLOUD", c.Environment)
var innerErr error
if env, innerErr = azure.EnvironmentFromName(wrapped); innerErr != nil {
return nil, envErr
}
}
rivieraClient, err := riviera.NewClient(&riviera.AzureResourceManagerCredentials{ rivieraClient, err := riviera.NewClient(&riviera.AzureResourceManagerCredentials{
ClientID: c.ClientID, ClientID: c.ClientID,
ClientSecret: c.ClientSecret, ClientSecret: c.ClientSecret,
TenantID: c.TenantID, TenantID: c.TenantID,
SubscriptionID: c.SubscriptionID, SubscriptionID: c.SubscriptionID,
ResourceManagerEndpoint: env.ResourceManagerEndpoint,
ActiveDirectoryEndpoint: env.ActiveDirectoryEndpoint,
}) })
if err != nil { if err != nil {
return nil, fmt.Errorf("Error creating Riviera client: %s", err) return nil, fmt.Errorf("Error creating Riviera client: %s", err)
} }
client.rivieraClient = rivieraClient client.rivieraClient = rivieraClient
oauthConfig, err := azure.PublicCloud.OAuthConfigForTenant(c.TenantID) oauthConfig, err := env.OAuthConfigForTenant(c.TenantID)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -159,267 +172,268 @@ func (c *Config) getArmClient() (*ArmClient, error) {
return nil, fmt.Errorf("Unable to configure OAuthConfig for tenant %s", c.TenantID) return nil, fmt.Errorf("Unable to configure OAuthConfig for tenant %s", c.TenantID)
} }
spt, err := azure.NewServicePrincipalToken(*oauthConfig, c.ClientID, c.ClientSecret, spt, err := azure.NewServicePrincipalToken(*oauthConfig, c.ClientID, c.ClientSecret, env.ResourceManagerEndpoint)
azure.PublicCloud.ResourceManagerEndpoint)
if err != nil { if err != nil {
return nil, err return nil, err
} }
endpoint := env.ResourceManagerEndpoint
// NOTE: these declarations should be left separate for clarity should the // NOTE: these declarations should be left separate for clarity should the
// clients be wished to be configured with custom Responders/PollingModess etc... // clients be wished to be configured with custom Responders/PollingModess etc...
asc := compute.NewAvailabilitySetsClient(c.SubscriptionID) asc := compute.NewAvailabilitySetsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&asc.Client) setUserAgent(&asc.Client)
asc.Authorizer = spt asc.Authorizer = spt
asc.Sender = autorest.CreateSender(withRequestLogging()) asc.Sender = autorest.CreateSender(withRequestLogging())
client.availSetClient = asc client.availSetClient = asc
uoc := compute.NewUsageOperationsClient(c.SubscriptionID) uoc := compute.NewUsageOperationsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&uoc.Client) setUserAgent(&uoc.Client)
uoc.Authorizer = spt uoc.Authorizer = spt
uoc.Sender = autorest.CreateSender(withRequestLogging()) uoc.Sender = autorest.CreateSender(withRequestLogging())
client.usageOpsClient = uoc client.usageOpsClient = uoc
vmeic := compute.NewVirtualMachineExtensionImagesClient(c.SubscriptionID) vmeic := compute.NewVirtualMachineExtensionImagesClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&vmeic.Client) setUserAgent(&vmeic.Client)
vmeic.Authorizer = spt vmeic.Authorizer = spt
vmeic.Sender = autorest.CreateSender(withRequestLogging()) vmeic.Sender = autorest.CreateSender(withRequestLogging())
client.vmExtensionImageClient = vmeic client.vmExtensionImageClient = vmeic
vmec := compute.NewVirtualMachineExtensionsClient(c.SubscriptionID) vmec := compute.NewVirtualMachineExtensionsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&vmec.Client) setUserAgent(&vmec.Client)
vmec.Authorizer = spt vmec.Authorizer = spt
vmec.Sender = autorest.CreateSender(withRequestLogging()) vmec.Sender = autorest.CreateSender(withRequestLogging())
client.vmExtensionClient = vmec client.vmExtensionClient = vmec
vmic := compute.NewVirtualMachineImagesClient(c.SubscriptionID) vmic := compute.NewVirtualMachineImagesClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&vmic.Client) setUserAgent(&vmic.Client)
vmic.Authorizer = spt vmic.Authorizer = spt
vmic.Sender = autorest.CreateSender(withRequestLogging()) vmic.Sender = autorest.CreateSender(withRequestLogging())
client.vmImageClient = vmic client.vmImageClient = vmic
vmssc := compute.NewVirtualMachineScaleSetsClient(c.SubscriptionID) vmssc := compute.NewVirtualMachineScaleSetsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&vmssc.Client) setUserAgent(&vmssc.Client)
vmssc.Authorizer = spt vmssc.Authorizer = spt
vmssc.Sender = autorest.CreateSender(withRequestLogging()) vmssc.Sender = autorest.CreateSender(withRequestLogging())
client.vmScaleSetClient = vmssc client.vmScaleSetClient = vmssc
vmc := compute.NewVirtualMachinesClient(c.SubscriptionID) vmc := compute.NewVirtualMachinesClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&vmc.Client) setUserAgent(&vmc.Client)
vmc.Authorizer = spt vmc.Authorizer = spt
vmc.Sender = autorest.CreateSender(withRequestLogging()) vmc.Sender = autorest.CreateSender(withRequestLogging())
client.vmClient = vmc client.vmClient = vmc
agc := network.NewApplicationGatewaysClient(c.SubscriptionID) agc := network.NewApplicationGatewaysClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&agc.Client) setUserAgent(&agc.Client)
agc.Authorizer = spt agc.Authorizer = spt
agc.Sender = autorest.CreateSender(withRequestLogging()) agc.Sender = autorest.CreateSender(withRequestLogging())
client.appGatewayClient = agc client.appGatewayClient = agc
crc := containerregistry.NewRegistriesClient(c.SubscriptionID) crc := containerregistry.NewRegistriesClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&crc.Client) setUserAgent(&crc.Client)
crc.Authorizer = spt crc.Authorizer = spt
crc.Sender = autorest.CreateSender(withRequestLogging()) crc.Sender = autorest.CreateSender(withRequestLogging())
client.containerRegistryClient = crc client.containerRegistryClient = crc
ehc := eventhub.NewEventHubsClient(c.SubscriptionID) ehc := eventhub.NewEventHubsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&ehc.Client) setUserAgent(&ehc.Client)
ehc.Authorizer = spt ehc.Authorizer = spt
ehc.Sender = autorest.CreateSender(withRequestLogging()) ehc.Sender = autorest.CreateSender(withRequestLogging())
client.eventHubClient = ehc client.eventHubClient = ehc
chcgc := eventhub.NewConsumerGroupsClient(c.SubscriptionID) chcgc := eventhub.NewConsumerGroupsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&chcgc.Client) setUserAgent(&chcgc.Client)
chcgc.Authorizer = spt chcgc.Authorizer = spt
chcgc.Sender = autorest.CreateSender(withRequestLogging()) chcgc.Sender = autorest.CreateSender(withRequestLogging())
client.eventHubConsumerGroupClient = chcgc client.eventHubConsumerGroupClient = chcgc
ehnc := eventhub.NewNamespacesClient(c.SubscriptionID) ehnc := eventhub.NewNamespacesClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&ehnc.Client) setUserAgent(&ehnc.Client)
ehnc.Authorizer = spt ehnc.Authorizer = spt
ehnc.Sender = autorest.CreateSender(withRequestLogging()) ehnc.Sender = autorest.CreateSender(withRequestLogging())
client.eventHubNamespacesClient = ehnc client.eventHubNamespacesClient = ehnc
ifc := network.NewInterfacesClient(c.SubscriptionID) ifc := network.NewInterfacesClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&ifc.Client) setUserAgent(&ifc.Client)
ifc.Authorizer = spt ifc.Authorizer = spt
ifc.Sender = autorest.CreateSender(withRequestLogging()) ifc.Sender = autorest.CreateSender(withRequestLogging())
client.ifaceClient = ifc client.ifaceClient = ifc
lbc := network.NewLoadBalancersClient(c.SubscriptionID) lbc := network.NewLoadBalancersClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&lbc.Client) setUserAgent(&lbc.Client)
lbc.Authorizer = spt lbc.Authorizer = spt
lbc.Sender = autorest.CreateSender(withRequestLogging()) lbc.Sender = autorest.CreateSender(withRequestLogging())
client.loadBalancerClient = lbc client.loadBalancerClient = lbc
lgc := network.NewLocalNetworkGatewaysClient(c.SubscriptionID) lgc := network.NewLocalNetworkGatewaysClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&lgc.Client) setUserAgent(&lgc.Client)
lgc.Authorizer = spt lgc.Authorizer = spt
lgc.Sender = autorest.CreateSender(withRequestLogging()) lgc.Sender = autorest.CreateSender(withRequestLogging())
client.localNetConnClient = lgc client.localNetConnClient = lgc
pipc := network.NewPublicIPAddressesClient(c.SubscriptionID) pipc := network.NewPublicIPAddressesClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&pipc.Client) setUserAgent(&pipc.Client)
pipc.Authorizer = spt pipc.Authorizer = spt
pipc.Sender = autorest.CreateSender(withRequestLogging()) pipc.Sender = autorest.CreateSender(withRequestLogging())
client.publicIPClient = pipc client.publicIPClient = pipc
sgc := network.NewSecurityGroupsClient(c.SubscriptionID) sgc := network.NewSecurityGroupsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&sgc.Client) setUserAgent(&sgc.Client)
sgc.Authorizer = spt sgc.Authorizer = spt
sgc.Sender = autorest.CreateSender(withRequestLogging()) sgc.Sender = autorest.CreateSender(withRequestLogging())
client.secGroupClient = sgc client.secGroupClient = sgc
src := network.NewSecurityRulesClient(c.SubscriptionID) src := network.NewSecurityRulesClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&src.Client) setUserAgent(&src.Client)
src.Authorizer = spt src.Authorizer = spt
src.Sender = autorest.CreateSender(withRequestLogging()) src.Sender = autorest.CreateSender(withRequestLogging())
client.secRuleClient = src client.secRuleClient = src
snc := network.NewSubnetsClient(c.SubscriptionID) snc := network.NewSubnetsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&snc.Client) setUserAgent(&snc.Client)
snc.Authorizer = spt snc.Authorizer = spt
snc.Sender = autorest.CreateSender(withRequestLogging()) snc.Sender = autorest.CreateSender(withRequestLogging())
client.subnetClient = snc client.subnetClient = snc
vgcc := network.NewVirtualNetworkGatewayConnectionsClient(c.SubscriptionID) vgcc := network.NewVirtualNetworkGatewayConnectionsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&vgcc.Client) setUserAgent(&vgcc.Client)
vgcc.Authorizer = spt vgcc.Authorizer = spt
vgcc.Sender = autorest.CreateSender(withRequestLogging()) vgcc.Sender = autorest.CreateSender(withRequestLogging())
client.vnetGatewayConnectionsClient = vgcc client.vnetGatewayConnectionsClient = vgcc
vgc := network.NewVirtualNetworkGatewaysClient(c.SubscriptionID) vgc := network.NewVirtualNetworkGatewaysClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&vgc.Client) setUserAgent(&vgc.Client)
vgc.Authorizer = spt vgc.Authorizer = spt
vgc.Sender = autorest.CreateSender(withRequestLogging()) vgc.Sender = autorest.CreateSender(withRequestLogging())
client.vnetGatewayClient = vgc client.vnetGatewayClient = vgc
vnc := network.NewVirtualNetworksClient(c.SubscriptionID) vnc := network.NewVirtualNetworksClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&vnc.Client) setUserAgent(&vnc.Client)
vnc.Authorizer = spt vnc.Authorizer = spt
vnc.Sender = autorest.CreateSender(withRequestLogging()) vnc.Sender = autorest.CreateSender(withRequestLogging())
client.vnetClient = vnc client.vnetClient = vnc
vnpc := network.NewVirtualNetworkPeeringsClient(c.SubscriptionID) vnpc := network.NewVirtualNetworkPeeringsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&vnpc.Client) setUserAgent(&vnpc.Client)
vnpc.Authorizer = spt vnpc.Authorizer = spt
vnpc.Sender = autorest.CreateSender(withRequestLogging()) vnpc.Sender = autorest.CreateSender(withRequestLogging())
client.vnetPeeringsClient = vnpc client.vnetPeeringsClient = vnpc
rtc := network.NewRouteTablesClient(c.SubscriptionID) rtc := network.NewRouteTablesClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&rtc.Client) setUserAgent(&rtc.Client)
rtc.Authorizer = spt rtc.Authorizer = spt
rtc.Sender = autorest.CreateSender(withRequestLogging()) rtc.Sender = autorest.CreateSender(withRequestLogging())
client.routeTablesClient = rtc client.routeTablesClient = rtc
rc := network.NewRoutesClient(c.SubscriptionID) rc := network.NewRoutesClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&rc.Client) setUserAgent(&rc.Client)
rc.Authorizer = spt rc.Authorizer = spt
rc.Sender = autorest.CreateSender(withRequestLogging()) rc.Sender = autorest.CreateSender(withRequestLogging())
client.routesClient = rc client.routesClient = rc
rgc := resources.NewGroupsClient(c.SubscriptionID) rgc := resources.NewGroupsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&rgc.Client) setUserAgent(&rgc.Client)
rgc.Authorizer = spt rgc.Authorizer = spt
rgc.Sender = autorest.CreateSender(withRequestLogging()) rgc.Sender = autorest.CreateSender(withRequestLogging())
client.resourceGroupClient = rgc client.resourceGroupClient = rgc
pc := resources.NewProvidersClient(c.SubscriptionID) pc := resources.NewProvidersClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&pc.Client) setUserAgent(&pc.Client)
pc.Authorizer = spt pc.Authorizer = spt
pc.Sender = autorest.CreateSender(withRequestLogging()) pc.Sender = autorest.CreateSender(withRequestLogging())
client.providers = pc client.providers = pc
tc := resources.NewTagsClient(c.SubscriptionID) tc := resources.NewTagsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&tc.Client) setUserAgent(&tc.Client)
tc.Authorizer = spt tc.Authorizer = spt
tc.Sender = autorest.CreateSender(withRequestLogging()) tc.Sender = autorest.CreateSender(withRequestLogging())
client.tagsClient = tc client.tagsClient = tc
rf := resources.NewClient(c.SubscriptionID) rf := resources.NewClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&rf.Client) setUserAgent(&rf.Client)
rf.Authorizer = spt rf.Authorizer = spt
rf.Sender = autorest.CreateSender(withRequestLogging()) rf.Sender = autorest.CreateSender(withRequestLogging())
client.resourceFindClient = rf client.resourceFindClient = rf
jc := scheduler.NewJobsClient(c.SubscriptionID) jc := scheduler.NewJobsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&jc.Client) setUserAgent(&jc.Client)
jc.Authorizer = spt jc.Authorizer = spt
jc.Sender = autorest.CreateSender(withRequestLogging()) jc.Sender = autorest.CreateSender(withRequestLogging())
client.jobsClient = jc client.jobsClient = jc
jcc := scheduler.NewJobCollectionsClient(c.SubscriptionID) jcc := scheduler.NewJobCollectionsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&jcc.Client) setUserAgent(&jcc.Client)
jcc.Authorizer = spt jcc.Authorizer = spt
jcc.Sender = autorest.CreateSender(withRequestLogging()) jcc.Sender = autorest.CreateSender(withRequestLogging())
client.jobsCollectionsClient = jcc client.jobsCollectionsClient = jcc
ssc := storage.NewAccountsClient(c.SubscriptionID) ssc := storage.NewAccountsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&ssc.Client) setUserAgent(&ssc.Client)
ssc.Authorizer = spt ssc.Authorizer = spt
ssc.Sender = autorest.CreateSender(withRequestLogging()) ssc.Sender = autorest.CreateSender(withRequestLogging())
client.storageServiceClient = ssc client.storageServiceClient = ssc
suc := storage.NewUsageOperationsClient(c.SubscriptionID) suc := storage.NewUsageOperationsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&suc.Client) setUserAgent(&suc.Client)
suc.Authorizer = spt suc.Authorizer = spt
suc.Sender = autorest.CreateSender(withRequestLogging()) suc.Sender = autorest.CreateSender(withRequestLogging())
client.storageUsageClient = suc client.storageUsageClient = suc
cpc := cdn.NewProfilesClient(c.SubscriptionID) cpc := cdn.NewProfilesClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&cpc.Client) setUserAgent(&cpc.Client)
cpc.Authorizer = spt cpc.Authorizer = spt
cpc.Sender = autorest.CreateSender(withRequestLogging()) cpc.Sender = autorest.CreateSender(withRequestLogging())
client.cdnProfilesClient = cpc client.cdnProfilesClient = cpc
cec := cdn.NewEndpointsClient(c.SubscriptionID) cec := cdn.NewEndpointsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&cec.Client) setUserAgent(&cec.Client)
cec.Authorizer = spt cec.Authorizer = spt
cec.Sender = autorest.CreateSender(withRequestLogging()) cec.Sender = autorest.CreateSender(withRequestLogging())
client.cdnEndpointsClient = cec client.cdnEndpointsClient = cec
dc := resources.NewDeploymentsClient(c.SubscriptionID) dc := resources.NewDeploymentsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&dc.Client) setUserAgent(&dc.Client)
dc.Authorizer = spt dc.Authorizer = spt
dc.Sender = autorest.CreateSender(withRequestLogging()) dc.Sender = autorest.CreateSender(withRequestLogging())
client.deploymentsClient = dc client.deploymentsClient = dc
tmpc := trafficmanager.NewProfilesClient(c.SubscriptionID) tmpc := trafficmanager.NewProfilesClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&tmpc.Client) setUserAgent(&tmpc.Client)
tmpc.Authorizer = spt tmpc.Authorizer = spt
tmpc.Sender = autorest.CreateSender(withRequestLogging()) tmpc.Sender = autorest.CreateSender(withRequestLogging())
client.trafficManagerProfilesClient = tmpc client.trafficManagerProfilesClient = tmpc
tmec := trafficmanager.NewEndpointsClient(c.SubscriptionID) tmec := trafficmanager.NewEndpointsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&tmec.Client) setUserAgent(&tmec.Client)
tmec.Authorizer = spt tmec.Authorizer = spt
tmec.Sender = autorest.CreateSender(withRequestLogging()) tmec.Sender = autorest.CreateSender(withRequestLogging())
client.trafficManagerEndpointsClient = tmec client.trafficManagerEndpointsClient = tmec
rdc := redis.NewClient(c.SubscriptionID) rdc := redis.NewClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&rdc.Client) setUserAgent(&rdc.Client)
rdc.Authorizer = spt rdc.Authorizer = spt
rdc.Sender = autorest.CreateSender(withRequestLogging()) rdc.Sender = autorest.CreateSender(withRequestLogging())
client.redisClient = rdc client.redisClient = rdc
sbnc := servicebus.NewNamespacesClient(c.SubscriptionID) sbnc := servicebus.NewNamespacesClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&sbnc.Client) setUserAgent(&sbnc.Client)
sbnc.Authorizer = spt sbnc.Authorizer = spt
sbnc.Sender = autorest.CreateSender(withRequestLogging()) sbnc.Sender = autorest.CreateSender(withRequestLogging())
client.serviceBusNamespacesClient = sbnc client.serviceBusNamespacesClient = sbnc
sbtc := servicebus.NewTopicsClient(c.SubscriptionID) sbtc := servicebus.NewTopicsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&sbtc.Client) setUserAgent(&sbtc.Client)
sbtc.Authorizer = spt sbtc.Authorizer = spt
sbtc.Sender = autorest.CreateSender(withRequestLogging()) sbtc.Sender = autorest.CreateSender(withRequestLogging())
client.serviceBusTopicsClient = sbtc client.serviceBusTopicsClient = sbtc
sbsc := servicebus.NewSubscriptionsClient(c.SubscriptionID) sbsc := servicebus.NewSubscriptionsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&sbsc.Client) setUserAgent(&sbsc.Client)
sbsc.Authorizer = spt sbsc.Authorizer = spt
sbsc.Sender = autorest.CreateSender(withRequestLogging()) sbsc.Sender = autorest.CreateSender(withRequestLogging())
client.serviceBusSubscriptionsClient = sbsc client.serviceBusSubscriptionsClient = sbsc
kvc := keyvault.NewVaultsClient(c.SubscriptionID) kvc := keyvault.NewVaultsClientWithBaseURI(endpoint, c.SubscriptionID)
setUserAgent(&kvc.Client) setUserAgent(&kvc.Client)
kvc.Authorizer = spt kvc.Authorizer = spt
kvc.Sender = autorest.CreateSender(withRequestLogging()) kvc.Sender = autorest.CreateSender(withRequestLogging())

View File

@ -45,6 +45,12 @@ func Provider() terraform.ResourceProvider {
DefaultFunc: schema.EnvDefaultFunc("ARM_TENANT_ID", ""), DefaultFunc: schema.EnvDefaultFunc("ARM_TENANT_ID", ""),
}, },
"environment": {
Type: schema.TypeString,
Required: true,
DefaultFunc: schema.EnvDefaultFunc("ARM_ENVIRONMENT", "public"),
},
"skip_provider_registration": { "skip_provider_registration": {
Type: schema.TypeBool, Type: schema.TypeBool,
Optional: true, Optional: true,
@ -134,6 +140,7 @@ type Config struct {
ClientID string ClientID string
ClientSecret string ClientSecret string
TenantID string TenantID string
Environment string
SkipProviderRegistration bool SkipProviderRegistration bool
validateCredentialsOnce sync.Once validateCredentialsOnce sync.Once
@ -154,6 +161,9 @@ func (c *Config) validate() error {
if c.TenantID == "" { if c.TenantID == "" {
err = multierror.Append(err, fmt.Errorf("Tenant ID must be configured for the AzureRM provider")) err = multierror.Append(err, fmt.Errorf("Tenant ID must be configured for the AzureRM provider"))
} }
if c.Environment == "" {
err = multierror.Append(err, fmt.Errorf("Environment must be configured for the AzureRM provider"))
}
return err.ErrorOrNil() return err.ErrorOrNil()
} }
@ -165,6 +175,7 @@ func providerConfigure(p *schema.Provider) schema.ConfigureFunc {
ClientID: d.Get("client_id").(string), ClientID: d.Get("client_id").(string),
ClientSecret: d.Get("client_secret").(string), ClientSecret: d.Get("client_secret").(string),
TenantID: d.Get("tenant_id").(string), TenantID: d.Get("tenant_id").(string),
Environment: d.Get("environment").(string),
SkipProviderRegistration: d.Get("skip_provider_registration").(bool), SkipProviderRegistration: d.Get("skip_provider_registration").(bool),
} }

View File

@ -12,7 +12,8 @@ import (
type Client struct { type Client struct {
logger *log.Logger logger *log.Logger
subscriptionID string subscriptionID string
resourceManagerEndpoint string
tokenRequester *tokenRequester tokenRequester *tokenRequester
httpClient *retryablehttp.Client httpClient *retryablehttp.Client
@ -24,13 +25,21 @@ func NewClient(creds *AzureResourceManagerCredentials) (*Client, error) {
httpClient := retryablehttp.NewClient() httpClient := retryablehttp.NewClient()
httpClient.Logger = defaultLogger httpClient.Logger = defaultLogger
tr := newTokenRequester(httpClient, creds.ClientID, creds.ClientSecret, creds.TenantID) if creds.ResourceManagerEndpoint == "" {
creds.ResourceManagerEndpoint = defaultResourceManagerEndpoint
}
if creds.ActiveDirectoryEndpoint == "" {
creds.ActiveDirectoryEndpoint = defaultActiveDirectoryEndpoint
}
tr := newTokenRequester(httpClient, creds)
return &Client{ return &Client{
subscriptionID: creds.SubscriptionID, subscriptionID: creds.SubscriptionID,
httpClient: httpClient, resourceManagerEndpoint: creds.ResourceManagerEndpoint,
tokenRequester: tr, httpClient: httpClient,
logger: defaultLogger, tokenRequester: tr,
logger: defaultLogger,
}, nil }, nil
} }

View File

@ -1,8 +1,17 @@
package azure package azure
const (
defaultResourceManagerEndpoint = "https://management.azure.com"
defaultActiveDirectoryEndpoint = "https://login.microsoftonline.com"
)
type AzureResourceManagerCredentials struct { type AzureResourceManagerCredentials struct {
ClientID string ClientID string
ClientSecret string ClientSecret string
TenantID string TenantID string
SubscriptionID string SubscriptionID string
// can be overridden for non public clouds
ResourceManagerEndpoint string
ActiveDirectoryEndpoint string
} }

View File

@ -1,43 +0,0 @@
package azure
import (
"reflect"
"strings"
)
type Endpoints struct {
resourceManagerEndpointUrl string
activeDirectoryEndpointUrl string
}
var (
ChineseEndpoints = Endpoints{"https://management.chinacloudapi.cn", "https://login.chinacloudapi.cn"}
DefaultEndpoints = Endpoints{"https://management.azure.com", "https://login.microsoftonline.com"}
GermanEndpoints = Endpoints{"https://management.microsoftazure.de", "https://login.microsoftonline.de"}
USGovEndpoints = Endpoints{"https://management.usgovcloudapi.net", "https://login.microsoftonline.com"}
)
func GetEndpointsForLocation(location string) Endpoints {
location = strings.Replace(strings.ToLower(location), " ", "", -1)
switch location {
case GermanyCentral, GermanyEast:
return GermanEndpoints
case ChinaEast, ChinaNorth:
return ChineseEndpoints
case USGovIowa, USGovVirginia:
return USGovEndpoints
default:
return DefaultEndpoints
}
}
func GetEndpointsForCommand(command APICall) Endpoints {
locationField := reflect.Indirect(reflect.ValueOf(command)).FieldByName("Location")
if locationField.IsValid() {
location := locationField.Interface().(string)
return GetEndpointsForLocation(location)
}
return DefaultEndpoints
}

View File

@ -0,0 +1,26 @@
package azure
import "fmt"
type GetResourceProviderResponse struct {
ID *string `mapstructure:"id"`
Namespace *string `mapstructure:"namespace"`
RegistrationState *string `mapstructure:"registrationState"`
}
type GetResourceProvider struct {
Namespace string `json:"-"`
}
func (command GetResourceProvider) APIInfo() APIInfo {
return APIInfo{
APIVersion: resourceGroupAPIVersion,
Method: "GET",
URLPathFunc: func() string {
return fmt.Sprintf("providers/%s", command.Namespace)
},
ResponseTypeFunc: func() interface{} {
return &GetResourceProviderResponse{}
},
}
}

View File

@ -9,7 +9,6 @@ type RegisterResourceProviderResponse struct {
ApplicationID *string `mapstructure:"applicationId"` ApplicationID *string `mapstructure:"applicationId"`
} }
// TODO: Investigate RegistrationState response polling
type RegisterResourceProvider struct { type RegisterResourceProvider struct {
Namespace string `json:"-"` Namespace string `json:"-"`
} }

View File

@ -75,8 +75,7 @@ func (request *Request) pollForAsynchronousResponse(acceptedResponse *http.Respo
return nil, err return nil, err
} }
endpoints := GetEndpointsForCommand(request.Command) err = request.client.tokenRequester.addAuthorizationToRequest(req)
err = request.client.tokenRequester.addAuthorizationToRequest(req, endpoints)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -116,11 +115,9 @@ func defaultARMRequestSerialize(body interface{}) (io.ReadSeeker, error) {
func (request *Request) Execute() (*Response, error) { func (request *Request) Execute() (*Response, error) {
apiInfo := request.Command.APIInfo() apiInfo := request.Command.APIInfo()
endpoints := GetEndpointsForCommand(request.Command)
var urlString string var urlString string
urlObj, _ := url.Parse(endpoints.resourceManagerEndpointUrl) urlObj, _ := url.Parse(request.client.resourceManagerEndpoint)
// Determine whether to use the URLPathFunc or the URI explicitly set in the request // Determine whether to use the URLPathFunc or the URI explicitly set in the request
if request.URI == nil { if request.URI == nil {
@ -166,7 +163,7 @@ func (request *Request) Execute() (*Response, error) {
req.Header.Add("Content-Type", "application/json") req.Header.Add("Content-Type", "application/json")
} }
err = request.client.tokenRequester.addAuthorizationToRequest(req, endpoints) err = request.client.tokenRequester.addAuthorizationToRequest(req)
if err != nil { if err != nil {
return nil, err return nil, err
} }

View File

@ -19,6 +19,9 @@ func init() {
} }
type tokenRequester struct { type tokenRequester struct {
activeDirectoryEndpoint string
resourceManagerEndpoint string
clientID string clientID string
clientSecret string clientSecret string
tenantID string tenantID string
@ -31,21 +34,23 @@ type tokenRequester struct {
currentToken *token currentToken *token
} }
func newTokenRequester(client *retryablehttp.Client, clientID, clientSecret, tenantID string) *tokenRequester { func newTokenRequester(client *retryablehttp.Client, creds *AzureResourceManagerCredentials) *tokenRequester {
return &tokenRequester{ return &tokenRequester{
clientID: clientID, activeDirectoryEndpoint: creds.ActiveDirectoryEndpoint,
clientSecret: clientSecret, resourceManagerEndpoint: creds.ResourceManagerEndpoint,
tenantID: tenantID, clientID: creds.ClientID,
refreshWithin: 5 * time.Minute, clientSecret: creds.ClientSecret,
httpClient: client, tenantID: creds.TenantID,
refreshWithin: 5 * time.Minute,
httpClient: client,
} }
} }
// addAuthorizationToRequest adds an Authorization header to an http.Request, having ensured // addAuthorizationToRequest adds an Authorization header to an http.Request, having ensured
// that the token is sufficiently fresh. This may invoke network calls, so should not be // that the token is sufficiently fresh. This may invoke network calls, so should not be
// relied on to return quickly. // relied on to return quickly.
func (tr *tokenRequester) addAuthorizationToRequest(request *retryablehttp.Request, endpoints Endpoints) error { func (tr *tokenRequester) addAuthorizationToRequest(request *retryablehttp.Request) error {
token, err := tr.getUsableToken(endpoints) token, err := tr.getUsableToken()
if err != nil { if err != nil {
return fmt.Errorf("Error obtaining authorization token: %s", err) return fmt.Errorf("Error obtaining authorization token: %s", err)
} }
@ -54,7 +59,7 @@ func (tr *tokenRequester) addAuthorizationToRequest(request *retryablehttp.Reque
return nil return nil
} }
func (tr *tokenRequester) getUsableToken(endpoints Endpoints) (*token, error) { func (tr *tokenRequester) getUsableToken() (*token, error) {
tr.l.Lock() tr.l.Lock()
defer tr.l.Unlock() defer tr.l.Unlock()
@ -62,7 +67,7 @@ func (tr *tokenRequester) getUsableToken(endpoints Endpoints) (*token, error) {
return tr.currentToken, nil return tr.currentToken, nil
} }
newToken, err := tr.refreshToken(endpoints) newToken, err := tr.refreshToken()
if err != nil { if err != nil {
return nil, fmt.Errorf("Error refreshing token: %s", err) return nil, fmt.Errorf("Error refreshing token: %s", err)
} }
@ -71,14 +76,14 @@ func (tr *tokenRequester) getUsableToken(endpoints Endpoints) (*token, error) {
return newToken, nil return newToken, nil
} }
func (tr *tokenRequester) refreshToken(endpoints Endpoints) (*token, error) { func (tr *tokenRequester) refreshToken() (*token, error) {
oauthURL := fmt.Sprintf("%s/%s/oauth2/%s?api-version=1.0", endpoints.activeDirectoryEndpointUrl, tr.tenantID, "token") oauthURL := fmt.Sprintf("%s/%s/oauth2/%s?api-version=1.0", tr.activeDirectoryEndpoint, tr.tenantID, "token")
v := url.Values{} v := url.Values{}
v.Set("client_id", tr.clientID) v.Set("client_id", tr.clientID)
v.Set("client_secret", tr.clientSecret) v.Set("client_secret", tr.clientSecret)
v.Set("grant_type", "client_credentials") v.Set("grant_type", "client_credentials")
v.Set("resource", strings.TrimSuffix(endpoints.resourceManagerEndpointUrl, "/")+"/") v.Set("resource", strings.TrimSuffix(tr.resourceManagerEndpoint, "/")+"/")
var newToken token var newToken token
response, err := tr.httpClient.PostForm(oauthURL, v) response, err := tr.httpClient.PostForm(oauthURL, v)

22
vendor/vendor.json vendored
View File

@ -1863,34 +1863,34 @@
"revisionTime": "2017-01-03T19:23:32Z" "revisionTime": "2017-01-03T19:23:32Z"
}, },
{ {
"checksumSHA1": "tRK0n/cIjBCYjnumPiP9cCS2CnA=", "checksumSHA1": "hD8LA+lIAv6MB82Db29L71c2Jjc=",
"path": "github.com/jen20/riviera/azure", "path": "github.com/jen20/riviera/azure",
"revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f", "revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc",
"revisionTime": "2016-11-01T10:00:17Z" "revisionTime": "2017-01-04T10:03:54Z"
}, },
{ {
"checksumSHA1": "ncdT+1PFEF5ly0niXuQc9/pKzT0=", "checksumSHA1": "ncdT+1PFEF5ly0niXuQc9/pKzT0=",
"path": "github.com/jen20/riviera/dns", "path": "github.com/jen20/riviera/dns",
"revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f", "revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc",
"revisionTime": "2016-11-01T10:00:17Z" "revisionTime": "2017-01-04T10:03:54Z"
}, },
{ {
"checksumSHA1": "zVXx6ha3bt0N4ukRbRHXjSl91S4=", "checksumSHA1": "zVXx6ha3bt0N4ukRbRHXjSl91S4=",
"path": "github.com/jen20/riviera/search", "path": "github.com/jen20/riviera/search",
"revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f", "revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc",
"revisionTime": "2016-11-01T10:00:17Z" "revisionTime": "2017-01-04T10:03:54Z"
}, },
{ {
"checksumSHA1": "mD+brnqSfkLheYdGzTUqUi6VWgw=", "checksumSHA1": "mD+brnqSfkLheYdGzTUqUi6VWgw=",
"path": "github.com/jen20/riviera/sql", "path": "github.com/jen20/riviera/sql",
"revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f", "revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc",
"revisionTime": "2016-11-01T10:00:17Z" "revisionTime": "2017-01-04T10:03:54Z"
}, },
{ {
"checksumSHA1": "nKUCquNpJ9ifHgkXoT4K3Xar6R8=", "checksumSHA1": "nKUCquNpJ9ifHgkXoT4K3Xar6R8=",
"path": "github.com/jen20/riviera/storage", "path": "github.com/jen20/riviera/storage",
"revision": "04d3aa8ac7df6c05dbfeaf5344f754f31a7e711f", "revision": "7ee711f4d8cc27b811bde3907614ecd86e98c9bc",
"revisionTime": "2016-11-01T10:00:17Z" "revisionTime": "2017-01-04T10:03:54Z"
}, },
{ {
"comment": "0.2.2-2-gc01cf91", "comment": "0.2.2-2-gc01cf91",

View File

@ -76,6 +76,13 @@ The following arguments are supported:
* `tenant_id` - (Optional) The tenant ID to use. It can also be sourced from the * `tenant_id` - (Optional) The tenant ID to use. It can also be sourced from the
`ARM_TENANT_ID` environment variable. `ARM_TENANT_ID` environment variable.
* `environment` - (Optional) The cloud environment to use. It can also be sourced
from the `ARM_ENVIRONMENT` environment variable. Supported values are:
* `public` (default)
* `usgovernment`
* `german`
* `china`
* `skip_provider_registration` - (Optional) Prevents the provier from registering * `skip_provider_registration` - (Optional) Prevents the provier from registering
the ARM provider namespaces, this can be used if you don't wish to give the Active the ARM provider namespaces, this can be used if you don't wish to give the Active
Directory Application permission to register resource providers. It can also be Directory Application permission to register resource providers. It can also be