terraform/command/cliconfig/cliconfig.go

399 lines
12 KiB
Go

// Package cliconfig has the types representing and the logic to load CLI-level
// configuration settings.
//
// The CLI config is a small collection of settings that a user can override via
// some files in their home directory or, in some cases, via environment
// variables. The CLI config is not the same thing as a Terraform configuration
// written in the Terraform language; the logic for those lives in the top-level
// directory "configs".
package cliconfig
import (
"fmt"
"io/ioutil"
"log"
"os"
"path/filepath"
"github.com/hashicorp/hcl"
svchost "github.com/hashicorp/terraform-svchost"
"github.com/hashicorp/terraform/internal/tfdiags"
)
const pluginCacheDirEnvVar = "TF_PLUGIN_CACHE_DIR"
// Config is the structure of the configuration for the Terraform CLI.
//
// This is not the configuration for Terraform itself. That is in the
// "config" package.
type Config struct {
Providers map[string]string
Provisioners map[string]string
DisableCheckpoint bool `hcl:"disable_checkpoint"`
DisableCheckpointSignature bool `hcl:"disable_checkpoint_signature"`
// If set, enables local caching of plugins in this directory to
// avoid repeatedly re-downloading over the Internet.
PluginCacheDir string `hcl:"plugin_cache_dir"`
Hosts map[string]*ConfigHost `hcl:"host"`
Credentials map[string]map[string]interface{} `hcl:"credentials"`
CredentialsHelpers map[string]*ConfigCredentialsHelper `hcl:"credentials_helper"`
// ProviderInstallation represents any provider_installation blocks
// in the configuration. Only one of these is allowed across the whole
// configuration, but we decode into a slice here so that we can handle
// that validation at validation time rather than initial decode time.
ProviderInstallation []*ProviderInstallation
}
// ConfigHost is the structure of the "host" nested block within the CLI
// configuration, which can be used to override the default service host
// discovery behavior for a particular hostname.
type ConfigHost struct {
Services map[string]interface{} `hcl:"services"`
}
// ConfigCredentialsHelper is the structure of the "credentials_helper"
// nested block within the CLI configuration.
type ConfigCredentialsHelper struct {
Args []string `hcl:"args"`
}
// BuiltinConfig is the built-in defaults for the configuration. These
// can be overridden by user configurations.
var BuiltinConfig Config
// ConfigFile returns the default path to the configuration file.
//
// On Unix-like systems this is the ".terraformrc" file in the home directory.
// On Windows, this is the "terraform.rc" file in the application data
// directory.
func ConfigFile() (string, error) {
return configFile()
}
// ConfigDir returns the configuration directory for Terraform.
func ConfigDir() (string, error) {
return configDir()
}
// LoadConfig reads the CLI configuration from the various filesystem locations
// and from the environment, returning a merged configuration along with any
// diagnostics (errors and warnings) encountered along the way.
func LoadConfig() (*Config, tfdiags.Diagnostics) {
var diags tfdiags.Diagnostics
configVal := BuiltinConfig // copy
config := &configVal
if mainFilename, err := cliConfigFile(); err == nil {
if _, err := os.Stat(mainFilename); err == nil {
mainConfig, mainDiags := loadConfigFile(mainFilename)
diags = diags.Append(mainDiags)
config = config.Merge(mainConfig)
}
}
// Unless the user has specifically overridden the configuration file
// location using an environment variable, we'll also load what we find
// in the config directory. We skip the config directory when source
// file override is set because we interpret the environment variable
// being set as an intention to ignore the default set of CLI config
// files because we're doing something special, like running Terraform
// in automation with a locally-customized configuration.
if cliConfigFileOverride() == "" {
if configDir, err := ConfigDir(); err == nil {
if info, err := os.Stat(configDir); err == nil && info.IsDir() {
dirConfig, dirDiags := loadConfigDir(configDir)
diags = diags.Append(dirDiags)
config = config.Merge(dirConfig)
}
}
} else {
log.Printf("[DEBUG] Not reading CLI config directory because config location is overridden by environment variable")
}
if envConfig := EnvConfig(); envConfig != nil {
// envConfig takes precedence
config = envConfig.Merge(config)
}
diags = diags.Append(config.Validate())
return config, diags
}
// loadConfigFile loads the CLI configuration from ".terraformrc" files.
func loadConfigFile(path string) (*Config, tfdiags.Diagnostics) {
var diags tfdiags.Diagnostics
result := &Config{}
log.Printf("Loading CLI configuration from %s", path)
// Read the HCL file and prepare for parsing
d, err := ioutil.ReadFile(path)
if err != nil {
diags = diags.Append(fmt.Errorf("Error reading %s: %s", path, err))
return result, diags
}
// Parse it
obj, err := hcl.Parse(string(d))
if err != nil {
diags = diags.Append(fmt.Errorf("Error parsing %s: %s", path, err))
return result, diags
}
// Build up the result
if err := hcl.DecodeObject(&result, obj); err != nil {
diags = diags.Append(fmt.Errorf("Error parsing %s: %s", path, err))
return result, diags
}
// Deal with the provider_installation block, which is not handled using
// DecodeObject because its structure is not compatible with the
// limitations of that function.
providerInstBlocks, moreDiags := decodeProviderInstallationFromConfig(obj)
diags = diags.Append(moreDiags)
result.ProviderInstallation = providerInstBlocks
// Replace all env vars
for k, v := range result.Providers {
result.Providers[k] = os.ExpandEnv(v)
}
for k, v := range result.Provisioners {
result.Provisioners[k] = os.ExpandEnv(v)
}
if result.PluginCacheDir != "" {
result.PluginCacheDir = os.ExpandEnv(result.PluginCacheDir)
}
return result, diags
}
func loadConfigDir(path string) (*Config, tfdiags.Diagnostics) {
var diags tfdiags.Diagnostics
result := &Config{}
entries, err := ioutil.ReadDir(path)
if err != nil {
diags = diags.Append(fmt.Errorf("Error reading %s: %s", path, err))
return result, diags
}
for _, entry := range entries {
name := entry.Name()
// Ignoring errors here because it is used only to indicate pattern
// syntax errors, and our patterns are hard-coded here.
hclMatched, _ := filepath.Match("*.tfrc", name)
jsonMatched, _ := filepath.Match("*.tfrc.json", name)
if !(hclMatched || jsonMatched) {
continue
}
filePath := filepath.Join(path, name)
fileConfig, fileDiags := loadConfigFile(filePath)
diags = diags.Append(fileDiags)
result = result.Merge(fileConfig)
}
return result, diags
}
// EnvConfig returns a Config populated from environment variables.
//
// Any values specified in this config should override those set in the
// configuration file.
func EnvConfig() *Config {
config := &Config{}
if envPluginCacheDir := os.Getenv(pluginCacheDirEnvVar); envPluginCacheDir != "" {
// No Expandenv here, because expanding environment variables inside
// an environment variable would be strange and seems unnecessary.
// (User can expand variables into the value while setting it using
// standard shell features.)
config.PluginCacheDir = envPluginCacheDir
}
return config
}
// Validate checks for errors in the configuration that cannot be detected
// just by HCL decoding, returning any problems as diagnostics.
//
// On success, the returned diagnostics will return false from the HasErrors
// method. A non-nil diagnostics is not necessarily an error, since it may
// contain just warnings.
func (c *Config) Validate() tfdiags.Diagnostics {
var diags tfdiags.Diagnostics
if c == nil {
return diags
}
// FIXME: Right now our config parsing doesn't retain enough information
// to give proper source references to any errors. We should improve
// on this when we change the CLI config parser to use HCL2.
// Check that all "host" blocks have valid hostnames.
for givenHost := range c.Hosts {
_, err := svchost.ForComparison(givenHost)
if err != nil {
diags = diags.Append(
fmt.Errorf("The host %q block has an invalid hostname: %s", givenHost, err),
)
}
}
// Check that all "credentials" blocks have valid hostnames.
for givenHost := range c.Credentials {
_, err := svchost.ForComparison(givenHost)
if err != nil {
diags = diags.Append(
fmt.Errorf("The credentials %q block has an invalid hostname: %s", givenHost, err),
)
}
}
// Should have zero or one "credentials_helper" blocks
if len(c.CredentialsHelpers) > 1 {
diags = diags.Append(
fmt.Errorf("No more than one credentials_helper block may be specified"),
)
}
// Should have zero or one "provider_installation" blocks
if len(c.ProviderInstallation) > 1 {
diags = diags.Append(
fmt.Errorf("No more than one provider_installation block may be specified"),
)
}
if c.PluginCacheDir != "" {
_, err := os.Stat(c.PluginCacheDir)
if err != nil {
diags = diags.Append(
fmt.Errorf("The specified plugin cache dir %s cannot be opened: %s", c.PluginCacheDir, err),
)
}
}
return diags
}
// Merge merges two configurations and returns a third entirely
// new configuration with the two merged.
func (c *Config) Merge(c2 *Config) *Config {
var result Config
result.Providers = make(map[string]string)
result.Provisioners = make(map[string]string)
for k, v := range c.Providers {
result.Providers[k] = v
}
for k, v := range c2.Providers {
if v1, ok := c.Providers[k]; ok {
log.Printf("[INFO] Local %s provider configuration '%s' overrides '%s'", k, v, v1)
}
result.Providers[k] = v
}
for k, v := range c.Provisioners {
result.Provisioners[k] = v
}
for k, v := range c2.Provisioners {
if v1, ok := c.Provisioners[k]; ok {
log.Printf("[INFO] Local %s provisioner configuration '%s' overrides '%s'", k, v, v1)
}
result.Provisioners[k] = v
}
result.DisableCheckpoint = c.DisableCheckpoint || c2.DisableCheckpoint
result.DisableCheckpointSignature = c.DisableCheckpointSignature || c2.DisableCheckpointSignature
result.PluginCacheDir = c.PluginCacheDir
if result.PluginCacheDir == "" {
result.PluginCacheDir = c2.PluginCacheDir
}
if (len(c.Hosts) + len(c2.Hosts)) > 0 {
result.Hosts = make(map[string]*ConfigHost)
for name, host := range c.Hosts {
result.Hosts[name] = host
}
for name, host := range c2.Hosts {
result.Hosts[name] = host
}
}
if (len(c.Credentials) + len(c2.Credentials)) > 0 {
result.Credentials = make(map[string]map[string]interface{})
for host, creds := range c.Credentials {
result.Credentials[host] = creds
}
for host, creds := range c2.Credentials {
// We just clobber an entry from the other file right now. Will
// improve on this later using the more-robust merging behavior
// built in to HCL2.
result.Credentials[host] = creds
}
}
if (len(c.CredentialsHelpers) + len(c2.CredentialsHelpers)) > 0 {
result.CredentialsHelpers = make(map[string]*ConfigCredentialsHelper)
for name, helper := range c.CredentialsHelpers {
result.CredentialsHelpers[name] = helper
}
for name, helper := range c2.CredentialsHelpers {
result.CredentialsHelpers[name] = helper
}
}
if (len(c.ProviderInstallation) + len(c2.ProviderInstallation)) > 0 {
result.ProviderInstallation = append(result.ProviderInstallation, c.ProviderInstallation...)
result.ProviderInstallation = append(result.ProviderInstallation, c2.ProviderInstallation...)
}
return &result
}
func cliConfigFile() (string, error) {
mustExist := true
configFilePath := cliConfigFileOverride()
if configFilePath == "" {
var err error
configFilePath, err = ConfigFile()
mustExist = false
if err != nil {
log.Printf(
"[ERROR] Error detecting default CLI config file path: %s",
err)
}
}
log.Printf("[DEBUG] Attempting to open CLI config file: %s", configFilePath)
f, err := os.Open(configFilePath)
if err == nil {
f.Close()
return configFilePath, nil
}
if mustExist || !os.IsNotExist(err) {
return "", err
}
log.Println("[DEBUG] File doesn't exist, but doesn't need to. Ignoring.")
return "", nil
}
func cliConfigFileOverride() string {
configFilePath := os.Getenv("TF_CLI_CONFIG_FILE")
if configFilePath == "" {
configFilePath = os.Getenv("TERRAFORM_CONFIG")
}
return configFilePath
}