in internal/clients/config/elasticsearch.go [26:136]
func newElasticsearchConfigFromSDK(d *schema.ResourceData, base baseConfig, key string, useEnvAsDefault bool) (*elasticsearchConfig, sdkdiags.Diagnostics) {
esConn, ok := d.GetOk(key)
if !ok {
return nil, nil
}
var diags sdkdiags.Diagnostics
config := base.toElasticsearchConfig()
// if defined, then we only have a single entry
if es := esConn.([]interface{})[0]; es != nil {
esConfig := es.(map[string]interface{})
if endpoints, ok := esConfig["endpoints"]; ok && len(endpoints.([]interface{})) > 0 {
var addrs []string
for _, e := range endpoints.([]interface{}) {
addrs = append(addrs, e.(string))
}
config.config.Addresses = addrs
}
if headers, ok := esConfig["headers"]; ok && len(headers.(map[string]interface{})) > 0 {
headersMap := headers.(map[string]interface{})
for header, value := range headersMap {
config.config.Header.Add(strings.TrimSpace(header), strings.TrimSpace(value.(string)))
}
}
if bearer_token, ok := esConfig["bearer_token"].(string); ok && bearer_token != "" {
config.bearerToken = bearer_token
}
if es_client_authentication, ok := esConfig["es_client_authentication"].(string); ok && es_client_authentication != "" {
config.esClientAuthentication = es_client_authentication
}
if insecure, ok := esConfig["insecure"]; ok && insecure.(bool) {
tlsClientConfig := config.ensureTLSClientConfig()
tlsClientConfig.InsecureSkipVerify = true
}
if caFile, ok := esConfig["ca_file"]; ok && caFile.(string) != "" {
caCert, err := os.ReadFile(caFile.(string))
if err != nil {
diags = append(diags, sdkdiags.Diagnostic{
Severity: sdkdiags.Error,
Summary: "Unable to read CA File",
Detail: err.Error(),
})
return nil, diags
}
config.config.CACert = caCert
}
if caData, ok := esConfig["ca_data"]; ok && caData.(string) != "" {
config.config.CACert = []byte(caData.(string))
}
if certFile, ok := esConfig["cert_file"]; ok && certFile.(string) != "" {
if keyFile, ok := esConfig["key_file"]; ok && keyFile.(string) != "" {
cert, err := tls.LoadX509KeyPair(certFile.(string), keyFile.(string))
if err != nil {
diags = append(diags, sdkdiags.Diagnostic{
Severity: sdkdiags.Error,
Summary: "Unable to read certificate or key file",
Detail: err.Error(),
})
return nil, diags
}
tlsClientConfig := config.ensureTLSClientConfig()
tlsClientConfig.Certificates = []tls.Certificate{cert}
} else {
diags = append(diags, sdkdiags.Diagnostic{
Severity: sdkdiags.Error,
Summary: "Unable to read key file",
Detail: "Path to key file has not been configured or is empty",
})
return nil, diags
}
}
if certData, ok := esConfig["cert_data"]; ok && certData.(string) != "" {
if keyData, ok := esConfig["key_data"]; ok && keyData.(string) != "" {
cert, err := tls.X509KeyPair([]byte(certData.(string)), []byte(keyData.(string)))
if err != nil {
diags = append(diags, sdkdiags.Diagnostic{
Severity: sdkdiags.Error,
Summary: "Unable to parse certificate or key",
Detail: err.Error(),
})
return nil, diags
}
tlsClientConfig := config.ensureTLSClientConfig()
tlsClientConfig.Certificates = []tls.Certificate{cert}
} else {
diags = append(diags, sdkdiags.Diagnostic{
Severity: sdkdiags.Error,
Summary: "Unable to parse key",
Detail: "Key data has not been configured or is empty",
})
return nil, diags
}
}
}
if logging.IsDebugOrHigher() {
config.config.EnableDebugLogger = true
config.config.Logger = &debugLogger{Name: "elasticsearch"}
}
config = config.withEnvironmentOverrides()
return &config, nil
}