github.com/openshift/installer@v1.4.17/pkg/asset/installconfig/platformpermscheck.go

github.com/openshift/installer@v1.4.17/pkg/asset/installconfig/platformpermscheck.go (about)

     1  package installconfig
     2  
     3  import (
     4  	"context"
     5  	"fmt"
     6  
     7  	"github.com/pkg/errors"
     8  	"github.com/sirupsen/logrus"
     9  
    10  	"github.com/openshift/installer/pkg/asset"
    11  	awsconfig "github.com/openshift/installer/pkg/asset/installconfig/aws"
    12  	gcpconfig "github.com/openshift/installer/pkg/asset/installconfig/gcp"
    13  	"github.com/openshift/installer/pkg/types/aws"
    14  	"github.com/openshift/installer/pkg/types/azure"
    15  	"github.com/openshift/installer/pkg/types/baremetal"
    16  	"github.com/openshift/installer/pkg/types/external"
    17  	"github.com/openshift/installer/pkg/types/gcp"
    18  	"github.com/openshift/installer/pkg/types/ibmcloud"
    19  	"github.com/openshift/installer/pkg/types/none"
    20  	"github.com/openshift/installer/pkg/types/nutanix"
    21  	"github.com/openshift/installer/pkg/types/openstack"
    22  	"github.com/openshift/installer/pkg/types/ovirt"
    23  	"github.com/openshift/installer/pkg/types/powervs"
    24  	"github.com/openshift/installer/pkg/types/vsphere"
    25  )
    26  
    27  // PlatformPermsCheck is an asset that checks platform credentials for the necessary permissions
    28  // to create a cluster.
    29  type PlatformPermsCheck struct {
    30  }
    31  
    32  var _ asset.Asset = (*PlatformPermsCheck)(nil)
    33  
    34  // Dependencies returns the dependencies for PlatformPermsCheck
    35  func (a *PlatformPermsCheck) Dependencies() []asset.Asset {
    36  	return []asset.Asset{
    37  		&InstallConfig{},
    38  	}
    39  }
    40  
    41  // Generate queries for input from the user.
    42  func (a *PlatformPermsCheck) Generate(ctx context.Context, dependencies asset.Parents) error {
    43  	ic := &InstallConfig{}
    44  	dependencies.Get(ic)
    45  
    46  	if ic.Config.CredentialsMode != "" {
    47  		logrus.Debug("CredentialsMode is set. Skipping platform permissions checks before attempting installation.")
    48  		return nil
    49  	}
    50  	logrus.Debug("CredentialsMode is not set. Performing platform permissions checks before attempting installation.")
    51  
    52  	var err error
    53  	platform := ic.Config.Platform.Name()
    54  	switch platform {
    55  	case aws.Name:
    56  		permissionGroups := awsconfig.RequiredPermissionGroups(ic.Config)
    57  
    58  		ssn, err := ic.AWS.Session(ctx)
    59  		if err != nil {
    60  			return err
    61  		}
    62  
    63  		err = awsconfig.ValidateCreds(ssn, permissionGroups, ic.Config.Platform.AWS.Region)
    64  		if err != nil {
    65  			return errors.Wrap(err, "validate AWS credentials")
    66  		}
    67  	case gcp.Name:
    68  		client, err := gcpconfig.NewClient(ctx)
    69  		if err != nil {
    70  			return err
    71  		}
    72  
    73  		if err = gcpconfig.ValidateEnabledServices(ctx, client, ic.Config.GCP.ProjectID); err != nil {
    74  			return errors.Wrap(err, "failed to validate services in this project")
    75  		}
    76  	case ibmcloud.Name:
    77  		// TODO: IBM[#90]: platformpermscheck
    78  	case powervs.Name:
    79  		// Nothing needs to be done here
    80  	case azure.Name, baremetal.Name, external.Name, none.Name, openstack.Name, ovirt.Name, vsphere.Name, nutanix.Name:
    81  		// no permissions to check
    82  	default:
    83  		err = fmt.Errorf("unknown platform type %q", platform)
    84  	}
    85  	return err
    86  }
    87  
    88  // Name returns the human-friendly name of the asset.
    89  func (a *PlatformPermsCheck) Name() string {
    90  	return "Platform Permissions Check"
    91  }