in alibabacloudstack/provider.go [853:1087]
func providerConfigure(d *schema.ResourceData) (interface{}, error) {
var getProviderConfig = func(str string, key string) string {
if str == "" {
value, err := getConfigFromProfile(d, key)
if err == nil && value != nil {
str = value.(string)
}
}
return str
}
accessKey := getProviderConfig(d.Get("access_key").(string), "access_key_id")
secretKey := getProviderConfig(d.Get("secret_key").(string), "access_key_secret")
region := getProviderConfig(d.Get("region").(string), "region_id")
region = strings.TrimSpace(region)
ecsRoleName := getProviderConfig(d.Get("ecs_role_name").(string), "ram_role_name")
var eagleeye connectivity.EagleEye
if os.Getenv("TF_EAGLEEYE_TRACEID") != "" && os.Getenv("TF_EAGLEEYE_TRACEID") != "" {
eagleeye = connectivity.EagleEye{
TraceId: os.Getenv("TF_EAGLEEYE_TRACEID"),
RpcId: os.Getenv("TF_EAGLEEYE_TRACEID"),
}
} else {
eagleeye = connectivity.EagleEye{
TraceId: connectivity.GenerateTraceId(),
RpcId: connectivity.DefaultRpcId,
}
}
log.Printf("Eagleeye's trace id is: %s", eagleeye.GetTraceId())
config := &connectivity.Config{
AccessKey: strings.TrimSpace(accessKey),
SecretKey: strings.TrimSpace(secretKey),
EcsRoleName: strings.TrimSpace(ecsRoleName),
Region: connectivity.Region(strings.TrimSpace(region)),
RegionId: strings.TrimSpace(region),
ConfigurationSource: d.Get("configuration_source").(string),
Protocol: d.Get("protocol").(string),
ClientReadTimeout: d.Get("client_read_timeout").(int),
ClientConnectTimeout: d.Get("client_connect_timeout").(int),
Insecure: d.Get("insecure").(bool),
Proxy: d.Get("proxy").(string),
Department: d.Get("department").(string),
ResourceGroup: d.Get("resource_group").(string),
ResourceSetName: d.Get("resource_group_set_name").(string),
SourceIp: strings.TrimSpace(d.Get("source_ip").(string)),
SecureTransport: strings.TrimSpace(d.Get("secure_transport").(string)),
Endpoints: make(map[connectivity.ServiceCode]string),
Eagleeye: eagleeye,
}
if v, ok := d.GetOk("security_transport"); config.SecureTransport == "" && ok && v.(string) != "" {
config.SecureTransport = v.(string)
}
token := getProviderConfig(d.Get("security_token").(string), "sts_token")
config.SecurityToken = strings.TrimSpace(token)
config.RamRoleArn = getProviderConfig(d.Get("role_arn").(string), "ram_role_arn")
log.Printf("$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$led!!! %s", config.RamRoleArn)
config.RamRoleSessionName = getProviderConfig("", "ram_session_name")
if config.RamRoleSessionName == "" {
config.RamRoleSessionName = "terraform"
}
expiredSeconds, err := getConfigFromProfile(d, "expired_seconds")
if err == nil && expiredSeconds != nil {
config.RamRoleSessionExpiration = (int)(expiredSeconds.(float64))
}
assumeRoleList := d.Get("assume_role").(*schema.Set).List()
log.Printf("$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$led!!! %s", assumeRoleList)
if len(assumeRoleList) == 1 {
assumeRole := assumeRoleList[0].(map[string]interface{})
if assumeRole["role_arn"].(string) != "" {
config.RamRoleArn = assumeRole["role_arn"].(string)
}
log.Printf("$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$led!!! %s", config.RamRoleArn)
if assumeRole["session_name"].(string) != "" {
config.RamRoleSessionName = assumeRole["session_name"].(string)
}
config.RamRolePolicy = assumeRole["policy"].(string)
if assumeRole["session_expiration"].(int) == 0 {
if v := os.Getenv("ALIBABACLOUDSTACK_ASSUME_ROLE_SESSION_EXPIRATION"); v != "" {
if expiredSeconds, err := strconv.Atoi(v); err == nil {
config.RamRoleSessionExpiration = expiredSeconds
}
}
if config.RamRoleSessionExpiration == 0 {
config.RamRoleSessionExpiration = 3600
}
} else {
config.RamRoleSessionExpiration = assumeRole["session_expiration"].(int)
}
log.Printf("[INFO] assume_role configuration set: (RamRoleArn: %q, RamRoleSessionName: %q, RamRolePolicy: %q, RamRoleSessionExpiration: %d)",
config.RamRoleArn, config.RamRoleSessionName, config.RamRolePolicy, config.RamRoleSessionExpiration)
}
if err := config.MakeConfigByEcsRoleName(); err != nil {
log.Printf("[ERROR] Assume role failed: %s", err)
return nil, err
}
domain := d.Get("domain").(string)
if domain != "" {
if strings.Contains(domain, "/") && d.Get("proxy").(string) != "" {
return nil, fmt.Errorf("[Error]Domain containing the character '/' is not supported for proxy configuration.")
}
// 没有生成popgw地址的,继续使用asapi
var setEndpointIfEmpty = func(endpoint string, domain string) string {
if endpoint == "" {
return domain
}
return endpoint
}
for popcode := range connectivity.PopEndpoints {
if popcode == connectivity.OssDataCode {
// oss的数据网关不做配置
continue
}
if popcode == connectivity.SlSDataCode {
// SLS的数据网关不做配置
continue
}
config.Endpoints[popcode] = setEndpointIfEmpty(config.Endpoints[popcode], domain)
}
}
if v, ok := d.GetOk("popgw_domain"); !d.Get("force_use_asapi").(bool) && ok && v.(string) != "" {
popgw_domain := v.(string)
log.Printf("Generator Popgw Endpoint: %s", popgw_domain)
// 使用各云产品的endpoint的规则生成popgw地址
is_center_region := d.Get("is_center_region").(bool)
for popcode := range connectivity.PopEndpoints {
endpoint := connectivity.GeneratorEndpoint(popcode, region, popgw_domain, is_center_region)
if endpoint != "" {
config.Endpoints[popcode] = endpoint
}
}
}
if endpoints, ok := d.GetOk("endpoints"); ok {
endpointsSet := endpoints.(*schema.Set)
for _, endpointsSetI := range endpointsSet.List() {
endpoints := endpointsSetI.(map[string]interface{})
for popcode := range connectivity.PopEndpoints {
endpoint := strings.TrimSpace(endpoints[strings.ToLower(string(popcode))].(string))
if endpoint != "" {
config.Endpoints[popcode] = endpoint
}
}
}
}
ossServicedomain := d.Get("ossservice_domain").(string)
if ossServicedomain != "" {
config.Endpoints[connectivity.OssDataCode] = ossServicedomain
}
DbsEndpoint := d.Get("dbs_endpoint").(string)
if DbsEndpoint != "" {
config.Endpoints[connectivity.DDSCode] = DbsEndpoint
}
DataworkspublicEndpoint := d.Get("dataworkspublic").(string)
if DataworkspublicEndpoint != "" {
config.Endpoints[connectivity.DataworkspublicCode] = DataworkspublicEndpoint
}
QuickbiEndpoint := d.Get("quickbi_endpoint").(string)
if QuickbiEndpoint != "" {
config.Endpoints[connectivity.QuickbiCode] = QuickbiEndpoint
}
kafkaOpenApidomain := d.Get("kafkaopenapi_domain").(string)
if kafkaOpenApidomain != "" {
config.Endpoints[connectivity.ALIKAFKACode] = kafkaOpenApidomain
}
StsEndpoint := d.Get("sts_endpoint").(string)
if StsEndpoint != "" {
config.Endpoints[connectivity.STSCode] = StsEndpoint
}
organizationAccessKey := d.Get("organization_accesskey").(string)
organizationSecretKey := d.Get("organization_secretkey").(string)
if organizationAccessKey != "" && organizationSecretKey != "" {
config.AccessKey = organizationAccessKey
config.SecretKey = organizationSecretKey
}
slsOpenAPIEndpoint := d.Get("sls_openapi_endpoint").(string)
if slsOpenAPIEndpoint != "" {
config.Endpoints[connectivity.SlSDataCode] = slsOpenAPIEndpoint
}
ascmOpenAPIEndpoint := d.Get("ascm_openapi_endpoint").(string)
if ascmOpenAPIEndpoint != "" {
config.Endpoints[connectivity.ASCMCode] = ascmOpenAPIEndpoint
}
if strings.ToLower(config.Protocol) == "https" {
config.Protocol = "HTTPS"
} else {
config.Protocol = "HTTP"
}
if config.RamRoleArn != "" {
config.AccessKey, config.SecretKey, config.SecurityToken, err = getAssumeRoleAK(config)
if err != nil {
return nil, err
}
}
config.ResourceSetName = d.Get("resource_group_set_name").(string)
if config.Department == "" || config.ResourceGroup == "" {
dept, resId, rgid, err := getResourceCredentials(config)
if err != nil {
return nil, err
}
config.Department = dept
config.ResourceGroup = fmt.Sprintf("%d", rgid)
config.ResourceGroupId = resId
}
if ots_instance_name, ok := d.GetOk("ots_instance_name"); ok && ots_instance_name.(string) != "" {
config.OtsInstanceName = strings.TrimSpace(ots_instance_name.(string))
}
if account, ok := d.GetOk("account_id"); ok && account.(string) != "" {
config.AccountId = strings.TrimSpace(account.(string))
}
if config.ConfigurationSource == "" {
sourceName := fmt.Sprintf("Default/%s:%s", config.AccessKey, strings.Trim(uuid.New().String(), "-"))
if len(sourceName) > 64 {
sourceName = sourceName[:64]
}
config.ConfigurationSource = sourceName
}
client, err := config.Client()
if err != nil {
return nil, err
}
return client, nil
}