github.com/aliyun/credentials-go@v1.4.7/credentials/oidc_credential_provider.go

github.com/aliyun/credentials-go@v1.4.7/credentials/oidc_credential_provider.go (about)

     1  package credentials
     2  
     3  import (
     4  	"os"
     5  
     6  	"github.com/alibabacloud-go/tea/tea"
     7  )
     8  
     9  type oidcCredentialsProvider struct{}
    10  
    11  var providerOIDC = new(oidcCredentialsProvider)
    12  
    13  func newOidcCredentialsProvider() Provider {
    14  	return &oidcCredentialsProvider{}
    15  }
    16  
    17  func (p *oidcCredentialsProvider) resolve() (*Config, error) {
    18  	roleArn, ok1 := os.LookupEnv(ENVRoleArn)
    19  	oidcProviderArn, ok2 := os.LookupEnv(ENVOIDCProviderArn)
    20  	oidcTokenFilePath, ok3 := os.LookupEnv(ENVOIDCTokenFile)
    21  	if !ok1 || !ok2 || !ok3 {
    22  		return nil, nil
    23  	}
    24  
    25  	config := &Config{
    26  		Type:              tea.String("oidc_role_arn"),
    27  		RoleArn:           tea.String(roleArn),
    28  		OIDCProviderArn:   tea.String(oidcProviderArn),
    29  		OIDCTokenFilePath: tea.String(oidcTokenFilePath),
    30  		RoleSessionName:   tea.String("defaultSessionName"),
    31  	}
    32  	roleSessionName, ok := os.LookupEnv(ENVRoleSessionName)
    33  	if ok {
    34  		config.RoleSessionName = tea.String(roleSessionName)
    35  	}
    36  	return config, nil
    37  }