github.com/altoros/juju-vmware@v0.0.0-20150312064031-f19ae857ccca/provider/ec2/config.go

github.com/altoros/juju-vmware@v0.0.0-20150312064031-f19ae857ccca/provider/ec2/config.go (about)

     1  // Copyright 2011, 2012, 2013 Canonical Ltd.
     2  // Licensed under the AGPLv3, see LICENCE file for details.
     3  
     4  package ec2
     5  
     6  import (
     7  	"fmt"
     8  
     9  	"github.com/juju/schema"
    10  	"gopkg.in/amz.v2/aws"
    11  
    12  	"github.com/juju/juju/environs/config"
    13  )
    14  
    15  const boilerplateConfig = `
    16  # https://juju.ubuntu.com/docs/config-aws.html
    17  amazon:
    18      type: ec2
    19  
    20      # region specifies the EC2 region. It defaults to us-east-1.
    21      #
    22      # region: us-east-1
    23  
    24      # access-key holds the EC2 access key. It defaults to the
    25      # environment variable AWS_ACCESS_KEY_ID.
    26      #
    27      # access-key: <secret>
    28  
    29      # secret-key holds the EC2 secret key. It defaults to the
    30      # environment variable AWS_SECRET_ACCESS_KEY.
    31      #
    32      # secret-key: <secret>
    33  
    34      # image-stream chooses a simplestreams stream from which to select
    35      # OS images, for example daily or released images (or any other stream
    36      # available on simplestreams).
    37      #
    38      # image-stream: "released"
    39  
    40      # agent-stream chooses a simplestreams stream from which to select tools,
    41      # for example released or proposed tools (or any other stream available
    42      # on simplestreams).
    43      #
    44      # agent-stream: "released"
    45  
    46      # Whether or not to refresh the list of available updates for an
    47      # OS. The default option of true is recommended for use in
    48      # production systems, but disabling this can speed up local
    49      # deployments for development or testing.
    50      #
    51      # enable-os-refresh-update: true
    52  
    53      # Whether or not to perform OS upgrades when machines are
    54      # provisioned. The default option of true is recommended for use
    55      # in production systems, but disabling this can speed up local
    56      # deployments for development or testing.
    57      #
    58      # enable-os-upgrade: true
    59  
    60  `
    61  
    62  var configFields = schema.Fields{
    63  	"access-key":     schema.String(),
    64  	"secret-key":     schema.String(),
    65  	"region":         schema.String(),
    66  	"control-bucket": schema.String(),
    67  }
    68  
    69  var configDefaults = schema.Defaults{
    70  	"access-key": "",
    71  	"secret-key": "",
    72  	"region":     "us-east-1",
    73  }
    74  
    75  type environConfig struct {
    76  	*config.Config
    77  	attrs map[string]interface{}
    78  }
    79  
    80  func (c *environConfig) region() string {
    81  	return c.attrs["region"].(string)
    82  }
    83  
    84  func (c *environConfig) controlBucket() string {
    85  	return c.attrs["control-bucket"].(string)
    86  }
    87  
    88  func (c *environConfig) accessKey() string {
    89  	return c.attrs["access-key"].(string)
    90  }
    91  
    92  func (c *environConfig) secretKey() string {
    93  	return c.attrs["secret-key"].(string)
    94  }
    95  
    96  func (p environProvider) newConfig(cfg *config.Config) (*environConfig, error) {
    97  	valid, err := p.Validate(cfg, nil)
    98  	if err != nil {
    99  		return nil, err
   100  	}
   101  	return &environConfig{valid, valid.UnknownAttrs()}, nil
   102  }
   103  
   104  func validateConfig(cfg, old *config.Config) (*environConfig, error) {
   105  	// Check for valid changes for the base config values.
   106  	if err := config.Validate(cfg, old); err != nil {
   107  		return nil, err
   108  	}
   109  	validated, err := cfg.ValidateUnknownAttrs(configFields, configDefaults)
   110  	if err != nil {
   111  		return nil, err
   112  	}
   113  	ecfg := &environConfig{cfg, validated}
   114  
   115  	if ecfg.accessKey() == "" || ecfg.secretKey() == "" {
   116  		auth, err := aws.EnvAuth()
   117  		if err != nil || ecfg.accessKey() != "" || ecfg.secretKey() != "" {
   118  			return nil, fmt.Errorf("environment has no access-key or secret-key")
   119  		}
   120  		ecfg.attrs["access-key"] = auth.AccessKey
   121  		ecfg.attrs["secret-key"] = auth.SecretKey
   122  	}
   123  	if _, ok := aws.Regions[ecfg.region()]; !ok {
   124  		return nil, fmt.Errorf("invalid region name %q", ecfg.region())
   125  	}
   126  
   127  	if old != nil {
   128  		attrs := old.UnknownAttrs()
   129  		if region, _ := attrs["region"].(string); ecfg.region() != region {
   130  			return nil, fmt.Errorf("cannot change region from %q to %q", region, ecfg.region())
   131  		}
   132  		if bucket, _ := attrs["control-bucket"].(string); ecfg.controlBucket() != bucket {
   133  			return nil, fmt.Errorf("cannot change control-bucket from %q to %q", bucket, ecfg.controlBucket())
   134  		}
   135  	}
   136  
   137  	// ssl-hostname-verification cannot be disabled
   138  	if !ecfg.SSLHostnameVerification() {
   139  		return nil, fmt.Errorf("disabling ssh-hostname-verification is not supported")
   140  	}
   141  	return ecfg, nil
   142  }