github.com/aliyun/credentials-go@v1.4.7/credentials/providers/default.go (about) 1 package providers 2 3 import ( 4 "fmt" 5 "os" 6 "strings" 7 ) 8 9 type DefaultCredentialsProvider struct { 10 providerChain []CredentialsProvider 11 lastUsedProvider CredentialsProvider 12 } 13 14 func NewDefaultCredentialsProvider() (provider *DefaultCredentialsProvider) { 15 providers := []CredentialsProvider{} 16 17 // Add static ak or sts credentials provider 18 envProvider, err := NewEnvironmentVariableCredentialsProviderBuilder().Build() 19 if err == nil { 20 providers = append(providers, envProvider) 21 } 22 23 // oidc check 24 oidcProvider, err := NewOIDCCredentialsProviderBuilder().Build() 25 if err == nil { 26 providers = append(providers, oidcProvider) 27 } 28 29 // cli credentials provider 30 cliProfileProvider, err := NewCLIProfileCredentialsProviderBuilder().Build() 31 if err == nil { 32 providers = append(providers, cliProfileProvider) 33 } 34 35 // profile credentials provider 36 profileProvider, err := NewProfileCredentialsProviderBuilder().Build() 37 if err == nil { 38 providers = append(providers, profileProvider) 39 } 40 41 // Add IMDS 42 ecsRamRoleProvider, err := NewECSRAMRoleCredentialsProviderBuilder().Build() 43 if err == nil { 44 providers = append(providers, ecsRamRoleProvider) 45 } 46 47 // credentials uri 48 if os.Getenv("ALIBABA_CLOUD_CREDENTIALS_URI") != "" { 49 credentialsUriProvider, err := NewURLCredentialsProviderBuilder().Build() 50 if err == nil { 51 providers = append(providers, credentialsUriProvider) 52 } 53 } 54 55 return &DefaultCredentialsProvider{ 56 providerChain: providers, 57 } 58 } 59 60 func (provider *DefaultCredentialsProvider) GetCredentials() (cc *Credentials, err error) { 61 if provider.lastUsedProvider != nil { 62 inner, err1 := provider.lastUsedProvider.GetCredentials() 63 if err1 != nil { 64 err = err1 65 return 66 } 67 68 providerName := inner.ProviderName 69 if providerName == "" { 70 providerName = provider.lastUsedProvider.GetProviderName() 71 } 72 73 cc = &Credentials{ 74 AccessKeyId: inner.AccessKeyId, 75 AccessKeySecret: inner.AccessKeySecret, 76 SecurityToken: inner.SecurityToken, 77 ProviderName: fmt.Sprintf("%s/%s", provider.GetProviderName(), providerName), 78 } 79 return 80 } 81 82 errors := []string{} 83 for _, p := range provider.providerChain { 84 provider.lastUsedProvider = p 85 inner, errInLoop := p.GetCredentials() 86 if errInLoop != nil { 87 errors = append(errors, errInLoop.Error()) 88 // 如果有错误,进入下一个获取过程 89 continue 90 } 91 92 if inner != nil { 93 providerName := inner.ProviderName 94 if providerName == "" { 95 providerName = p.GetProviderName() 96 } 97 cc = &Credentials{ 98 AccessKeyId: inner.AccessKeyId, 99 AccessKeySecret: inner.AccessKeySecret, 100 SecurityToken: inner.SecurityToken, 101 ProviderName: fmt.Sprintf("%s/%s", provider.GetProviderName(), providerName), 102 } 103 return 104 } 105 } 106 107 err = fmt.Errorf("unable to get credentials from any of the providers in the chain: %s", strings.Join(errors, ", ")) 108 return 109 } 110 111 func (provider *DefaultCredentialsProvider) GetProviderName() string { 112 return "default" 113 }