github.com/makyo/juju@v0.0.0-20160425123129-2608902037e9/provider/ec2/config.go (about) 1 // Copyright 2011, 2012, 2013 Canonical Ltd. 2 // Licensed under the AGPLv3, see LICENCE file for details. 3 4 package ec2 5 6 import ( 7 "fmt" 8 9 "github.com/juju/schema" 10 "gopkg.in/amz.v3/aws" 11 "gopkg.in/juju/environschema.v1" 12 13 "github.com/juju/juju/environs/config" 14 ) 15 16 var configSchema = environschema.Fields{ 17 "access-key": { 18 Description: "The EC2 access key", 19 EnvVar: "AWS_ACCESS_KEY_ID", 20 Type: environschema.Tstring, 21 Mandatory: true, 22 Group: environschema.AccountGroup, 23 }, 24 "secret-key": { 25 Description: "The EC2 secret key", 26 EnvVar: "AWS_SECRET_ACCESS_KEY", 27 Type: environschema.Tstring, 28 Mandatory: true, 29 Secret: true, 30 Group: environschema.AccountGroup, 31 }, 32 "region": { 33 Description: "The EC2 region to use", 34 Type: environschema.Tstring, 35 }, 36 } 37 38 var configFields = func() schema.Fields { 39 fs, _, err := configSchema.ValidationSchema() 40 if err != nil { 41 panic(err) 42 } 43 return fs 44 }() 45 46 var configDefaults = schema.Defaults{ 47 "access-key": "", 48 "secret-key": "", 49 "region": "us-east-1", 50 } 51 52 type environConfig struct { 53 *config.Config 54 attrs map[string]interface{} 55 } 56 57 func (c *environConfig) region() string { 58 return c.attrs["region"].(string) 59 } 60 61 func (c *environConfig) accessKey() string { 62 return c.attrs["access-key"].(string) 63 } 64 65 func (c *environConfig) secretKey() string { 66 return c.attrs["secret-key"].(string) 67 } 68 69 func (p environProvider) newConfig(cfg *config.Config) (*environConfig, error) { 70 valid, err := p.Validate(cfg, nil) 71 if err != nil { 72 return nil, err 73 } 74 return &environConfig{valid, valid.UnknownAttrs()}, nil 75 } 76 77 // Schema returns the configuration schema for an environment. 78 func (environProvider) Schema() environschema.Fields { 79 fields, err := config.Schema(configSchema) 80 if err != nil { 81 panic(err) 82 } 83 return fields 84 } 85 86 func validateConfig(cfg, old *config.Config) (*environConfig, error) { 87 // Check for valid changes for the base config values. 88 if err := config.Validate(cfg, old); err != nil { 89 return nil, err 90 } 91 validated, err := cfg.ValidateUnknownAttrs(configFields, configDefaults) 92 if err != nil { 93 return nil, err 94 } 95 ecfg := &environConfig{cfg, validated} 96 97 if ecfg.accessKey() == "" || ecfg.secretKey() == "" { 98 auth, err := aws.EnvAuth() 99 if err != nil || ecfg.accessKey() != "" || ecfg.secretKey() != "" { 100 return nil, fmt.Errorf("model has no access-key or secret-key") 101 } 102 ecfg.attrs["access-key"] = auth.AccessKey 103 ecfg.attrs["secret-key"] = auth.SecretKey 104 } 105 if _, ok := aws.Regions[ecfg.region()]; !ok { 106 return nil, fmt.Errorf("invalid region name %q", ecfg.region()) 107 } 108 109 if old != nil { 110 attrs := old.UnknownAttrs() 111 if region, _ := attrs["region"].(string); ecfg.region() != region { 112 return nil, fmt.Errorf("cannot change region from %q to %q", region, ecfg.region()) 113 } 114 } 115 116 // ssl-hostname-verification cannot be disabled 117 if !ecfg.SSLHostnameVerification() { 118 return nil, fmt.Errorf("disabling ssh-hostname-verification is not supported") 119 } 120 return ecfg, nil 121 }