mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-08-08 15:02:18 -04:00
Remove iamid package
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
Daniel Weiße
Daniel Weiße
parent
23394ea2e2
commit
21c80e7bf3
10 changed files with 81 additions and 115 deletions
|
|
@ -18,7 +18,6 @@ go_library(
|
|||
visibility = ["//cli:__subpackages__"],
|
||||
deps = [
|
||||
"//cli/internal/clusterid",
|
||||
"//cli/internal/iamid",
|
||||
"//cli/internal/libvirt",
|
||||
"//cli/internal/terraform",
|
||||
"//internal/atls",
|
||||
|
|
@ -50,7 +49,6 @@ go_test(
|
|||
],
|
||||
embed = [":cloudcmd"],
|
||||
deps = [
|
||||
"//cli/internal/iamid",
|
||||
"//cli/internal/terraform",
|
||||
"//internal/attestation/measurements",
|
||||
"//internal/attestation/variant",
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@ import (
|
|||
"path"
|
||||
"strings"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/cli/internal/iamid"
|
||||
"github.com/edgelesssys/constellation/v2/cli/internal/terraform"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/gcpshared"
|
||||
|
|
@ -115,10 +114,10 @@ func NewIAMCreator(out io.Writer) *IAMCreator {
|
|||
}
|
||||
|
||||
// Create prepares and hands over the corresponding providers IAM creator.
|
||||
func (c *IAMCreator) Create(ctx context.Context, provider cloudprovider.Provider, opts *IAMConfigOptions) (iamid.File, error) {
|
||||
func (c *IAMCreator) Create(ctx context.Context, provider cloudprovider.Provider, opts *IAMConfigOptions) (IAMOutput, error) {
|
||||
cl, err := c.newTerraformClient(ctx, opts.TFWorkspace)
|
||||
if err != nil {
|
||||
return iamid.File{}, err
|
||||
return IAMOutput{}, err
|
||||
}
|
||||
defer cl.RemoveInstaller()
|
||||
|
||||
|
|
@ -130,12 +129,12 @@ func (c *IAMCreator) Create(ctx context.Context, provider cloudprovider.Provider
|
|||
case cloudprovider.AWS:
|
||||
return c.createAWS(ctx, cl, opts)
|
||||
default:
|
||||
return iamid.File{}, fmt.Errorf("unsupported cloud provider: %s", provider)
|
||||
return IAMOutput{}, fmt.Errorf("unsupported cloud provider: %s", provider)
|
||||
}
|
||||
}
|
||||
|
||||
// createGCP creates the IAM configuration on GCP.
|
||||
func (c *IAMCreator) createGCP(ctx context.Context, cl tfIAMClient, opts *IAMConfigOptions) (retFile iamid.File, retErr error) {
|
||||
func (c *IAMCreator) createGCP(ctx context.Context, cl tfIAMClient, opts *IAMConfigOptions) (iam IAMOutput, retErr error) {
|
||||
defer rollbackOnError(c.out, &retErr, &rollbackerTerraform{client: cl}, opts.TFLogLevel)
|
||||
|
||||
vars := terraform.GCPIAMVariables{
|
||||
|
|
@ -146,24 +145,24 @@ func (c *IAMCreator) createGCP(ctx context.Context, cl tfIAMClient, opts *IAMCon
|
|||
}
|
||||
|
||||
if err := cl.PrepareWorkspace(path.Join("terraform", "iam", strings.ToLower(cloudprovider.GCP.String())), &vars); err != nil {
|
||||
return iamid.File{}, err
|
||||
return IAMOutput{}, err
|
||||
}
|
||||
|
||||
iamOutput, err := cl.ApplyIAMConfig(ctx, cloudprovider.GCP, opts.TFLogLevel)
|
||||
if err != nil {
|
||||
return iamid.File{}, err
|
||||
return IAMOutput{}, err
|
||||
}
|
||||
|
||||
return iamid.File{
|
||||
return IAMOutput{
|
||||
CloudProvider: cloudprovider.GCP,
|
||||
GCPOutput: iamid.GCPFile{
|
||||
GCPOutput: GCPIAMOutput{
|
||||
ServiceAccountKey: iamOutput.GCP.SaKey,
|
||||
},
|
||||
}, nil
|
||||
}
|
||||
|
||||
// createAzure creates the IAM configuration on Azure.
|
||||
func (c *IAMCreator) createAzure(ctx context.Context, cl tfIAMClient, opts *IAMConfigOptions) (retFile iamid.File, retErr error) {
|
||||
func (c *IAMCreator) createAzure(ctx context.Context, cl tfIAMClient, opts *IAMConfigOptions) (iam IAMOutput, retErr error) {
|
||||
defer rollbackOnError(c.out, &retErr, &rollbackerTerraform{client: cl}, opts.TFLogLevel)
|
||||
|
||||
vars := terraform.AzureIAMVariables{
|
||||
|
|
@ -173,17 +172,17 @@ func (c *IAMCreator) createAzure(ctx context.Context, cl tfIAMClient, opts *IAMC
|
|||
}
|
||||
|
||||
if err := cl.PrepareWorkspace(path.Join("terraform", "iam", strings.ToLower(cloudprovider.Azure.String())), &vars); err != nil {
|
||||
return iamid.File{}, err
|
||||
return IAMOutput{}, err
|
||||
}
|
||||
|
||||
iamOutput, err := cl.ApplyIAMConfig(ctx, cloudprovider.Azure, opts.TFLogLevel)
|
||||
if err != nil {
|
||||
return iamid.File{}, err
|
||||
return IAMOutput{}, err
|
||||
}
|
||||
|
||||
return iamid.File{
|
||||
return IAMOutput{
|
||||
CloudProvider: cloudprovider.Azure,
|
||||
AzureOutput: iamid.AzureFile{
|
||||
AzureOutput: AzureIAMOutput{
|
||||
SubscriptionID: iamOutput.Azure.SubscriptionID,
|
||||
TenantID: iamOutput.Azure.TenantID,
|
||||
UAMIID: iamOutput.Azure.UAMIID,
|
||||
|
|
@ -192,7 +191,7 @@ func (c *IAMCreator) createAzure(ctx context.Context, cl tfIAMClient, opts *IAMC
|
|||
}
|
||||
|
||||
// createAWS creates the IAM configuration on AWS.
|
||||
func (c *IAMCreator) createAWS(ctx context.Context, cl tfIAMClient, opts *IAMConfigOptions) (retFile iamid.File, retErr error) {
|
||||
func (c *IAMCreator) createAWS(ctx context.Context, cl tfIAMClient, opts *IAMConfigOptions) (iam IAMOutput, retErr error) {
|
||||
defer rollbackOnError(c.out, &retErr, &rollbackerTerraform{client: cl}, opts.TFLogLevel)
|
||||
|
||||
vars := terraform.AWSIAMVariables{
|
||||
|
|
@ -201,23 +200,51 @@ func (c *IAMCreator) createAWS(ctx context.Context, cl tfIAMClient, opts *IAMCon
|
|||
}
|
||||
|
||||
if err := cl.PrepareWorkspace(path.Join("terraform", "iam", strings.ToLower(cloudprovider.AWS.String())), &vars); err != nil {
|
||||
return iamid.File{}, err
|
||||
return IAMOutput{}, err
|
||||
}
|
||||
|
||||
iamOutput, err := cl.ApplyIAMConfig(ctx, cloudprovider.AWS, opts.TFLogLevel)
|
||||
if err != nil {
|
||||
return iamid.File{}, err
|
||||
return IAMOutput{}, err
|
||||
}
|
||||
|
||||
return iamid.File{
|
||||
return IAMOutput{
|
||||
CloudProvider: cloudprovider.AWS,
|
||||
AWSOutput: iamid.AWSFile{
|
||||
AWSOutput: AWSIAMOutput{
|
||||
WorkerNodeInstanceProfile: iamOutput.AWS.WorkerNodeInstanceProfile,
|
||||
ControlPlaneInstanceProfile: iamOutput.AWS.ControlPlaneInstanceProfile,
|
||||
},
|
||||
}, nil
|
||||
}
|
||||
|
||||
// IAMOutput is the output of creating a new IAM profile.
|
||||
type IAMOutput struct {
|
||||
// CloudProvider is the cloud provider of the cluster.
|
||||
CloudProvider cloudprovider.Provider `json:"cloudprovider,omitempty"`
|
||||
|
||||
GCPOutput GCPIAMOutput `json:"gcpOutput,omitempty"`
|
||||
AzureOutput AzureIAMOutput `json:"azureOutput,omitempty"`
|
||||
AWSOutput AWSIAMOutput `json:"awsOutput,omitempty"`
|
||||
}
|
||||
|
||||
// GCPIAMOutput contains the output information of a GCP IAM configuration.
|
||||
type GCPIAMOutput struct {
|
||||
ServiceAccountKey string `json:"serviceAccountID,omitempty"`
|
||||
}
|
||||
|
||||
// AzureIAMOutput contains the output information of a Microsoft Azure IAM configuration.
|
||||
type AzureIAMOutput struct {
|
||||
SubscriptionID string `json:"subscriptionID,omitempty"`
|
||||
TenantID string `json:"tenantID,omitempty"`
|
||||
UAMIID string `json:"uamiID,omitempty"`
|
||||
}
|
||||
|
||||
// AWSIAMOutput contains the output information of an AWS IAM configuration.
|
||||
type AWSIAMOutput struct {
|
||||
ControlPlaneInstanceProfile string `json:"controlPlaneInstanceProfile,omitempty"`
|
||||
WorkerNodeInstanceProfile string `json:"workerNodeInstanceProfile,omitempty"`
|
||||
}
|
||||
|
||||
type newTFIAMClientFunc func(ctx context.Context, workspace string) (tfIAMClient, error)
|
||||
|
||||
func newTerraformIAMClient(ctx context.Context, workspace string) (tfIAMClient, error) {
|
||||
|
|
|
|||
|
|
@ -13,7 +13,6 @@ import (
|
|||
"errors"
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/cli/internal/iamid"
|
||||
"github.com/edgelesssys/constellation/v2/cli/internal/terraform"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/gcpshared"
|
||||
|
|
@ -33,9 +32,9 @@ func TestIAMCreator(t *testing.T) {
|
|||
SaKey: "not_a_secret",
|
||||
},
|
||||
}
|
||||
validGCPIAMIDFile := iamid.File{
|
||||
validGCPIAMIDFile := IAMOutput{
|
||||
CloudProvider: cloudprovider.GCP,
|
||||
GCPOutput: iamid.GCPFile{
|
||||
GCPOutput: GCPIAMOutput{
|
||||
ServiceAccountKey: "not_a_secret",
|
||||
},
|
||||
}
|
||||
|
|
@ -52,9 +51,9 @@ func TestIAMCreator(t *testing.T) {
|
|||
UAMIID: "test_uami_id",
|
||||
},
|
||||
}
|
||||
validAzureIAMIDFile := iamid.File{
|
||||
validAzureIAMIDFile := IAMOutput{
|
||||
CloudProvider: cloudprovider.Azure,
|
||||
AzureOutput: iamid.AzureFile{
|
||||
AzureOutput: AzureIAMOutput{
|
||||
SubscriptionID: "test_subscription_id",
|
||||
TenantID: "test_tenant_id",
|
||||
UAMIID: "test_uami_id",
|
||||
|
|
@ -71,9 +70,9 @@ func TestIAMCreator(t *testing.T) {
|
|||
ControlPlaneInstanceProfile: "test_control_plane_instance_profile",
|
||||
},
|
||||
}
|
||||
validAWSIAMIDFile := iamid.File{
|
||||
validAWSIAMIDFile := IAMOutput{
|
||||
CloudProvider: cloudprovider.AWS,
|
||||
AWSOutput: iamid.AWSFile{
|
||||
AWSOutput: AWSIAMOutput{
|
||||
ControlPlaneInstanceProfile: "test_control_plane_instance_profile",
|
||||
WorkerNodeInstanceProfile: "test_worker_node_instance_profile",
|
||||
},
|
||||
|
|
@ -84,7 +83,7 @@ func TestIAMCreator(t *testing.T) {
|
|||
newTfClientErr error
|
||||
config *IAMConfigOptions
|
||||
provider cloudprovider.Provider
|
||||
wantIAMIDFile iamid.File
|
||||
wantIAMIDFile IAMOutput
|
||||
wantErr bool
|
||||
}{
|
||||
"new terraform client err": {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue