in internal/provider/provider.go [379:702]
func (p Provider) Configure(ctx context.Context, request provider.ConfigureRequest, response *provider.ConfigureResponse) {
var model providerData
if response.Diagnostics.Append(request.Config.Get(ctx, &model)...); response.Diagnostics.HasError() {
return
}
// set the defaults from environment variables
if model.SubscriptionID.IsNull() {
if v := os.Getenv("ARM_SUBSCRIPTION_ID"); v != "" {
model.SubscriptionID = types.StringValue(v)
}
}
if model.ClientID.IsNull() {
if v := os.Getenv("ARM_CLIENT_ID"); v != "" {
model.ClientID = types.StringValue(v)
}
}
if model.ClientIDFilePath.IsNull() {
if v := os.Getenv("ARM_CLIENT_ID_FILE_PATH"); v != "" {
model.ClientIDFilePath = types.StringValue(v)
}
}
if model.UseAKSWorkloadIdentity.IsNull() {
if v := os.Getenv("ARM_USE_AKS_WORKLOAD_IDENTITY"); v != "" {
model.UseAKSWorkloadIdentity = types.BoolValue(v == "true")
} else {
model.UseAKSWorkloadIdentity = types.BoolValue(false)
}
}
if model.TenantID.IsNull() {
if v := os.Getenv("ARM_TENANT_ID"); v != "" {
model.TenantID = types.StringValue(v)
}
if model.UseAKSWorkloadIdentity.ValueBool() && os.Getenv("AZURE_TENANT_ID") != "" {
aksTenantID := os.Getenv("AZURE_TENANT_ID")
if model.TenantID.ValueString() != "" && model.TenantID.ValueString() != aksTenantID {
response.Diagnostics.AddError("Invalid `tenant_id` value", "mismatch between supplied Tenant ID and that provided by AKS Workload Identity - please remove, ensure they match, or disable use_aks_workload_identity")
return
}
model.TenantID = types.StringValue(aksTenantID)
}
}
if model.Endpoint.IsNull() {
activeDirectoryAuthorityHost := os.Getenv("ARM_ACTIVE_DIRECTORY_AUTHORITY_HOST")
resourceManagerEndpoint := os.Getenv("ARM_RESOURCE_MANAGER_ENDPOINT")
resourceManagerAudience := os.Getenv("ARM_RESOURCE_MANAGER_AUDIENCE")
attrTypes := make(map[string]attr.Type)
attrTypes["active_directory_authority_host"] = types.StringType
attrTypes["resource_manager_endpoint"] = types.StringType
attrTypes["resource_manager_audience"] = types.StringType
model.Endpoint = types.ListValueMust(types.ObjectType{
AttrTypes: attrTypes,
}, []attr.Value{
types.ObjectValueMust(attrTypes, map[string]attr.Value{
"active_directory_authority_host": types.StringValue(activeDirectoryAuthorityHost),
"resource_manager_endpoint": types.StringValue(resourceManagerEndpoint),
"resource_manager_audience": types.StringValue(resourceManagerAudience),
}),
})
}
if model.Environment.IsNull() {
if v := os.Getenv("ARM_ENVIRONMENT"); v != "" {
model.Environment = types.StringValue(v)
} else {
model.Environment = types.StringValue("public")
}
}
if model.AuxiliaryTenantIDs.IsNull() {
if v := os.Getenv("ARM_AUXILIARY_TENANT_IDS"); v != "" {
values := make([]attr.Value, 0)
for _, v := range strings.Split(v, ";") {
values = append(values, types.StringValue(v))
}
model.AuxiliaryTenantIDs = types.ListValueMust(types.StringType, values)
}
}
if model.ClientCertificate.IsNull() {
if v := os.Getenv("ARM_CLIENT_CERTIFICATE"); v != "" {
model.ClientCertificate = types.StringValue(v)
}
}
if model.ClientCertificatePath.IsNull() {
if v := os.Getenv("ARM_CLIENT_CERTIFICATE_PATH"); v != "" {
model.ClientCertificatePath = types.StringValue(v)
}
}
if model.ClientCertificatePassword.IsNull() {
if v := os.Getenv("ARM_CLIENT_CERTIFICATE_PASSWORD"); v != "" {
model.ClientCertificatePassword = types.StringValue(v)
}
}
if model.ClientSecret.IsNull() {
if v := os.Getenv("ARM_CLIENT_SECRET"); v != "" {
model.ClientSecret = types.StringValue(v)
}
}
if model.ClientSecretFilePath.IsNull() {
if v := os.Getenv("ARM_CLIENT_SECRET_FILE_PATH"); v != "" {
model.ClientSecretFilePath = types.StringValue(v)
}
}
if model.SkipProviderRegistration.IsNull() {
if v := os.Getenv("ARM_SKIP_PROVIDER_REGISTRATION"); v != "" {
model.SkipProviderRegistration = types.BoolValue(v == "true")
} else {
model.SkipProviderRegistration = types.BoolValue(false)
}
}
if model.OIDCRequestToken.IsNull() {
if v := os.Getenv("ARM_OIDC_REQUEST_TOKEN"); v != "" {
model.OIDCRequestToken = types.StringValue(v)
} else if v := os.Getenv("ACTIONS_ID_TOKEN_REQUEST_TOKEN"); v != "" {
model.OIDCRequestToken = types.StringValue(v)
} else if v := os.Getenv("SYSTEM_ACCESSTOKEN"); v != "" {
model.OIDCRequestToken = types.StringValue(v)
}
}
if model.OIDCRequestURL.IsNull() {
if v := os.Getenv("ARM_OIDC_REQUEST_URL"); v != "" {
model.OIDCRequestURL = types.StringValue(v)
} else if v := os.Getenv("ACTIONS_ID_TOKEN_REQUEST_URL"); v != "" {
model.OIDCRequestURL = types.StringValue(v)
}
}
if model.OIDCToken.IsNull() {
if v := os.Getenv("ARM_OIDC_TOKEN"); v != "" {
model.OIDCToken = types.StringValue(v)
}
}
if model.OIDCTokenFilePath.IsNull() {
if v := os.Getenv("ARM_OIDC_TOKEN_FILE_PATH"); v != "" {
model.OIDCTokenFilePath = types.StringValue(v)
}
}
if model.OIDCAzureServiceConnectionID.IsNull() {
if v := os.Getenv("ARM_ADO_PIPELINE_SERVICE_CONNECTION_ID"); v != "" {
model.OIDCAzureServiceConnectionID = types.StringValue(v)
} else if v := os.Getenv("ARM_OIDC_AZURE_SERVICE_CONNECTION_ID"); v != "" {
model.OIDCAzureServiceConnectionID = types.StringValue(v)
} else if v := os.Getenv("AZURESUBSCRIPTION_SERVICE_CONNECTION_ID"); v != "" {
model.OIDCAzureServiceConnectionID = types.StringValue(v)
}
}
if model.UseOIDC.IsNull() {
if v := os.Getenv("ARM_USE_OIDC"); v != "" {
model.UseOIDC = types.BoolValue(v == "true")
} else {
model.UseOIDC = types.BoolValue(false)
}
}
if model.UseCLI.IsNull() {
if v := os.Getenv("ARM_USE_CLI"); v != "" {
model.UseCLI = types.BoolValue(v == "true")
} else {
model.UseCLI = types.BoolValue(true)
}
}
if model.UseMSI.IsNull() {
if v := os.Getenv("ARM_USE_MSI"); v != "" {
model.UseMSI = types.BoolValue(v == "true")
} else {
model.UseMSI = types.BoolValue(false)
}
}
if model.PartnerID.IsNull() {
if v := os.Getenv("ARM_PARTNER_ID"); v != "" {
model.PartnerID = types.StringValue(v)
}
}
if model.CustomCorrelationRequestID.IsNull() {
if v := os.Getenv("ARM_CORRELATION_REQUEST_ID"); v != "" {
model.CustomCorrelationRequestID = types.StringValue(v)
}
}
if model.DisableCorrelationRequestID.IsNull() {
if v := os.Getenv("ARM_DISABLE_CORRELATION_REQUEST_ID"); v != "" {
model.DisableCorrelationRequestID = types.BoolValue(v == "true")
} else {
model.DisableCorrelationRequestID = types.BoolValue(false)
}
}
if model.DisableTerraformPartnerID.IsNull() {
if v := os.Getenv("ARM_DISABLE_TERRAFORM_PARTNER_ID"); v != "" {
model.DisableTerraformPartnerID = types.BoolValue(v == "true")
} else {
model.DisableTerraformPartnerID = types.BoolValue(false)
}
}
if model.EnablePreflight.IsNull() {
if v := os.Getenv("ARM_ENABLE_PREFLIGHT"); v != "" {
model.EnablePreflight = types.BoolValue(v == "true")
} else {
model.EnablePreflight = types.BoolValue(false)
}
}
if model.DisableDefaultOutput.IsNull() {
if v := os.Getenv("ARM_DISABLE_DEFAULT_OUTPUT"); v != "" {
model.DisableDefaultOutput = types.BoolValue(v == "true")
} else {
model.DisableDefaultOutput = types.BoolValue(false)
}
}
var cloudConfig cloud.Configuration
env := model.Environment.ValueString()
switch strings.ToLower(env) {
case "public":
cloudConfig = cloud.AzurePublic
case "usgovernment":
cloudConfig = cloud.AzureGovernment
case "china":
cloudConfig = cloud.AzureChina
default:
response.Diagnostics.AddError("Invalid `environment` value.", fmt.Sprintf("The `environment` value '%s' is invalid. Valid values are 'public', 'usgovernment' and 'china'.", env))
return
}
if elements := model.Endpoint.Elements(); len(elements) != 0 {
var endpoint providerEndpointData
diags := elements[0].(basetypes.ObjectValue).As(ctx, &endpoint, basetypes.ObjectAsOptions{
UnhandledNullAsEmpty: false,
UnhandledUnknownAsEmpty: false,
})
response.Diagnostics.Append(diags...)
if diags.HasError() {
return
}
resourceManagerEndpoint := cloudConfig.Services[cloud.ResourceManager].Endpoint
resourceManagerAudience := cloudConfig.Services[cloud.ResourceManager].Audience
if v := endpoint.ResourceManagerEndpoint.ValueString(); v != "" {
resourceManagerEndpoint = v
}
if v := endpoint.ResourceManagerAudience.ValueString(); v != "" {
resourceManagerAudience = v
}
cloudConfig.Services[cloud.ResourceManager] = cloud.ServiceConfiguration{
Endpoint: resourceManagerEndpoint,
Audience: resourceManagerAudience,
}
if v := endpoint.ActiveDirectoryAuthorityHost.ValueString(); v != "" {
cloudConfig.ActiveDirectoryAuthorityHost = v
}
}
var auxTenants []string
if elements := model.AuxiliaryTenantIDs.Elements(); len(elements) != 0 {
for _, element := range elements {
auxTenants = append(auxTenants, element.(basetypes.StringValue).ValueString())
}
}
option := azidentity.DefaultAzureCredentialOptions{
AdditionallyAllowedTenants: auxTenants,
ClientOptions: azcore.ClientOptions{
Cloud: cloudConfig,
},
TenantID: model.TenantID.ValueString(),
}
cred, err := buildChainedTokenCredential(model, option)
if err != nil {
response.Diagnostics.AddError("Failed to obtain a credential.", err.Error())
return
}
maxGoSdkRetryAttempts := int32(3)
if !model.MaximumBusyRetryAttempts.IsNull() {
maxGoSdkRetryAttempts = model.MaximumBusyRetryAttempts.ValueInt32()
}
copt := &clients.Option{
Cred: cred,
CloudCfg: cloudConfig,
ApplicationUserAgent: buildUserAgent(request.TerraformVersion, model.PartnerID.ValueString(), model.DisableTerraformPartnerID.ValueBool()),
MaxGoSdkRetries: maxGoSdkRetryAttempts,
Features: features.UserFeatures{
DefaultTags: tags.ExpandTags(model.DefaultTags),
DefaultLocation: location.Normalize(model.DefaultLocation.ValueString()),
DefaultNaming: model.DefaultName.ValueString(),
EnablePreflight: model.EnablePreflight.ValueBool(),
DisableDefaultOutput: model.DisableDefaultOutput.ValueBool(),
},
SkipProviderRegistration: model.SkipProviderRegistration.ValueBool(),
DisableCorrelationRequestID: model.DisableCorrelationRequestID.ValueBool(),
CustomCorrelationRequestID: model.CustomCorrelationRequestID.ValueString(),
SubscriptionId: model.SubscriptionID.ValueString(),
TenantId: model.TenantID.ValueString(),
}
client := &clients.Client{}
if err = client.Build(ctx, copt); err != nil {
response.Diagnostics.AddError("Error Building Client", err.Error())
return
}
// load schema
azure.GetAzureSchema()
response.ResourceData = client
response.DataSourceData = client
response.EphemeralResourceData = client
}