github.com/ndarilek/terraform@v0.3.8-0.20150320140257-d3135c1b2bac/builtin/providers/google/config.go

github.com/ndarilek/terraform@v0.3.8-0.20150320140257-d3135c1b2bac/builtin/providers/google/config.go (about)

     1  package google
     2  
     3  import (
     4  	"encoding/json"
     5  	"fmt"
     6  	"log"
     7  	"net/http"
     8  	"os"
     9  
    10  	"code.google.com/p/google-api-go-client/compute/v1"
    11  
    12  	"golang.org/x/oauth2"
    13  	"golang.org/x/oauth2/google"
    14  	"golang.org/x/oauth2/jwt"
    15  )
    16  
    17  // Config is the configuration structure used to instantiate the Google
    18  // provider.
    19  type Config struct {
    20  	AccountFile string
    21  	Project     string
    22  	Region      string
    23  
    24  	clientCompute *compute.Service
    25  }
    26  
    27  func (c *Config) loadAndValidate() error {
    28  	var account accountFile
    29  
    30  	// TODO: validation that it isn't blank
    31  	if c.AccountFile == "" {
    32  		c.AccountFile = os.Getenv("GOOGLE_ACCOUNT_FILE")
    33  	}
    34  	if c.Project == "" {
    35  		c.Project = os.Getenv("GOOGLE_PROJECT")
    36  	}
    37  	if c.Region == "" {
    38  		c.Region = os.Getenv("GOOGLE_REGION")
    39  	}
    40  
    41  	var client *http.Client
    42  
    43  	if c.AccountFile != "" {
    44  		if err := loadJSON(&account, c.AccountFile); err != nil {
    45  			return fmt.Errorf(
    46  				"Error loading account file '%s': %s",
    47  				c.AccountFile,
    48  				err)
    49  		}
    50  
    51  		clientScopes := []string{"https://www.googleapis.com/auth/compute"}
    52  
    53  		// Get the token for use in our requests
    54  		log.Printf("[INFO] Requesting Google token...")
    55  		log.Printf("[INFO]   -- Email: %s", account.ClientEmail)
    56  		log.Printf("[INFO]   -- Scopes: %s", clientScopes)
    57  		log.Printf("[INFO]   -- Private Key Length: %d", len(account.PrivateKey))
    58  
    59  		conf := jwt.Config{
    60  			Email:      account.ClientEmail,
    61  			PrivateKey: []byte(account.PrivateKey),
    62  			Scopes:     clientScopes,
    63  			TokenURL:   "https://accounts.google.com/o/oauth2/token",
    64  		}
    65  
    66  		// Initiate an http.Client. The following GET request will be
    67  		// authorized and authenticated on the behalf of
    68  		// your service account.
    69  		client = conf.Client(oauth2.NoContext)
    70  
    71  	} else {
    72  		log.Printf("[INFO] Requesting Google token via GCE Service Role...")
    73  		client = &http.Client{
    74  			Transport: &oauth2.Transport{
    75  				// Fetch from Google Compute Engine's metadata server to retrieve
    76  				// an access token for the provided account.
    77  				// If no account is specified, "default" is used.
    78  				Source: google.ComputeTokenSource(""),
    79  			},
    80  		}
    81  
    82  	}
    83  
    84  	log.Printf("[INFO] Instantiating GCE client...")
    85  	var err error
    86  	c.clientCompute, err = compute.New(client)
    87  	if err != nil {
    88  		return err
    89  	}
    90  
    91  	return nil
    92  }
    93  
    94  // accountFile represents the structure of the account file JSON file.
    95  type accountFile struct {
    96  	PrivateKeyId string `json:"private_key_id"`
    97  	PrivateKey   string `json:"private_key"`
    98  	ClientEmail  string `json:"client_email"`
    99  	ClientId     string `json:"client_id"`
   100  }
   101  
   102  func loadJSON(result interface{}, path string) error {
   103  	f, err := os.Open(path)
   104  	if err != nil {
   105  		return err
   106  	}
   107  	defer f.Close()
   108  
   109  	dec := json.NewDecoder(f)
   110  	return dec.Decode(result)
   111  }