func()

in credentials/providers/oidc.go [97:156]

• 50 lines of code
• 15 McCabe index (conditional complexity)

func (b *OIDCCredentialsProviderBuilder) Build() (provider *OIDCCredentialsProvider, err error) {
	if b.provider.roleSessionName == "" {
		b.provider.roleSessionName = "credentials-go-" + strconv.FormatInt(time.Now().UnixNano()/1000, 10)
	}

	if b.provider.oidcTokenFilePath == "" {
		b.provider.oidcTokenFilePath = os.Getenv("ALIBABA_CLOUD_OIDC_TOKEN_FILE")
	}

	if b.provider.oidcTokenFilePath == "" {
		err = errors.New("the OIDCTokenFilePath is empty")
		return
	}

	if b.provider.oidcProviderARN == "" {
		b.provider.oidcProviderARN = os.Getenv("ALIBABA_CLOUD_OIDC_PROVIDER_ARN")
	}

	if b.provider.oidcProviderARN == "" {
		err = errors.New("the OIDCProviderARN is empty")
		return
	}

	if b.provider.roleArn == "" {
		b.provider.roleArn = os.Getenv("ALIBABA_CLOUD_ROLE_ARN")
	}

	if b.provider.roleArn == "" {
		err = errors.New("the RoleArn is empty")
		return
	}

	if b.provider.durationSeconds == 0 {
		b.provider.durationSeconds = 3600
	}

	if b.provider.durationSeconds < 900 {
		err = errors.New("the Assume Role session duration should be in the range of 15min - max duration seconds")
	}

	if b.provider.stsEndpoint == "" {
		if !b.provider.enableVpc {
			b.provider.enableVpc = strings.ToLower(os.Getenv("ALIBABA_CLOUD_VPC_ENDPOINT_ENABLED")) == "true"
		}
		prefix := "sts"
		if b.provider.enableVpc {
			prefix = "sts-vpc"
		}
		if b.provider.stsRegionId != "" {
			b.provider.stsEndpoint = fmt.Sprintf("%s.%s.aliyuncs.com", prefix, b.provider.stsRegionId)
		} else if region := os.Getenv("ALIBABA_CLOUD_STS_REGION"); region != "" {
			b.provider.stsEndpoint = fmt.Sprintf("%s.%s.aliyuncs.com", prefix, region)
		} else {
			b.provider.stsEndpoint = "sts.aliyuncs.com"
		}
	}

	provider = b.provider
	return
}