From 7c4aeac5f30aed09c5ef3198141b033eea9912be Mon Sep 17 00:00:00 2001 From: Liam Cervante Date: Tue, 5 Nov 2024 16:13:08 +0100 Subject: [PATCH 1/4] stacks: load credentials from config file on startup (#35952) * stacks: load credentials from config file on startup * delete unneeded file --- commands.go | 4 +- .../command/cliconfig/plugins.go | 10 ++--- internal/rpcapi/credentials_source.go | 40 ------------------- internal/rpcapi/plugin.go | 22 +++++++++- 4 files changed, 26 insertions(+), 50 deletions(-) rename plugins.go => internal/command/cliconfig/plugins.go (79%) delete mode 100644 internal/rpcapi/credentials_source.go diff --git a/commands.go b/commands.go index 5adba2277e..ad4bb180d2 100644 --- a/commands.go +++ b/commands.go @@ -91,7 +91,7 @@ func initCommands( View: views.NewView(streams).SetRunningInAutomation(inAutomation), Color: true, - GlobalPluginDirs: globalPluginDirs(), + GlobalPluginDirs: cliconfig.GlobalPluginDirs(), Ui: Ui, Services: services, @@ -475,6 +475,6 @@ func makeShutdownCh() <-chan struct{} { } func credentialsSource(config *cliconfig.Config) (auth.CredentialsSource, error) { - helperPlugins := pluginDiscovery.FindPlugins("credentials", globalPluginDirs()) + helperPlugins := pluginDiscovery.FindPlugins("credentials", cliconfig.GlobalPluginDirs()) return config.CredentialsSource(helperPlugins) } diff --git a/plugins.go b/internal/command/cliconfig/plugins.go similarity index 79% rename from plugins.go rename to internal/command/cliconfig/plugins.go index 4e7415f676..ad4cab536c 100644 --- a/plugins.go +++ b/internal/command/cliconfig/plugins.go @@ -1,27 +1,25 @@ // Copyright (c) HashiCorp, Inc. // SPDX-License-Identifier: BUSL-1.1 -package main +package cliconfig import ( "fmt" "log" "path/filepath" "runtime" - - "github.com/hashicorp/terraform/internal/command/cliconfig" ) -// globalPluginDirs returns directories that should be searched for +// GlobalPluginDirs returns directories that should be searched for // globally-installed plugins (not specific to the current configuration). // // Earlier entries in this slice get priority over later when multiple copies // of the same plugin version are found, but newer versions always override // older versions where both satisfy the provider version constraints. -func globalPluginDirs() []string { +func GlobalPluginDirs() []string { var ret []string // Look in ~/.terraform.d/plugins/ , or its equivalent on non-UNIX - dir, err := cliconfig.ConfigDir() + dir, err := ConfigDir() if err != nil { log.Printf("[ERROR] Error finding global config directory: %s", err) } else { diff --git a/internal/rpcapi/credentials_source.go b/internal/rpcapi/credentials_source.go deleted file mode 100644 index c57d07f450..0000000000 --- a/internal/rpcapi/credentials_source.go +++ /dev/null @@ -1,40 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -package rpcapi - -import ( - svchost "github.com/hashicorp/terraform-svchost" - "github.com/hashicorp/terraform-svchost/auth" - "github.com/zclconf/go-cty/cty" -) - -var _ auth.CredentialsSource = &credentialsSource{} - -type credentialsSource struct { - configured map[svchost.Hostname]cty.Value -} - -func newCredentialsSource() *credentialsSource { - return &credentialsSource{ - configured: map[svchost.Hostname]cty.Value{}, - } -} - -func (c *credentialsSource) ForHost(host svchost.Hostname) (auth.HostCredentials, error) { - v, ok := c.configured[host] - if ok { - return auth.HostCredentialsFromObject(v), nil - } - return nil, nil -} - -func (c *credentialsSource) StoreForHost(host svchost.Hostname, credentials auth.HostCredentialsWritable) error { - c.configured[host] = credentials.ToStore() - return nil -} - -func (c *credentialsSource) ForgetForHost(host svchost.Hostname) error { - delete(c.configured, host) - return nil -} diff --git a/internal/rpcapi/plugin.go b/internal/rpcapi/plugin.go index 3e236f1d1f..adfbfd3bb6 100644 --- a/internal/rpcapi/plugin.go +++ b/internal/rpcapi/plugin.go @@ -13,6 +13,8 @@ import ( "github.com/hashicorp/terraform-svchost/disco" "google.golang.org/grpc" + "github.com/hashicorp/terraform/internal/command/cliconfig" + pluginDiscovery "github.com/hashicorp/terraform/internal/plugin/discovery" "github.com/hashicorp/terraform/internal/rpcapi/dynrpcserver" "github.com/hashicorp/terraform/internal/rpcapi/terraform1/dependencies" "github.com/hashicorp/terraform/internal/rpcapi/terraform1/packages" @@ -101,9 +103,25 @@ type serviceOpts struct { } func newServiceDisco(config *setup.Config) (*disco.Disco, error) { - services := disco.New() - credSrc := newCredentialsSource() + // First, we'll try and load any credentials that might have been available + // to the UI. It's perfectly fine if there are none so any errors we find + // are from malformed credentials rather than missing ones. + file, diags := cliconfig.LoadConfig() + if diags.HasErrors() { + return nil, fmt.Errorf("problem loading CLI configuration: %w", diags.ErrWithWarnings()) + } + + helperPlugins := pluginDiscovery.FindPlugins("credentials", cliconfig.GlobalPluginDirs()) + src, err := file.CredentialsSource(helperPlugins) + if err != nil { + return nil, fmt.Errorf("problem creating credentials source: %w", err) + } + services := disco.NewWithCredentialsSource(src) + + // Second, we'll side-load any credentials that might have been passed in. + + credSrc := services.CredentialsSource() if config != nil { for host, cred := range config.GetCredentials() { if err := credSrc.StoreForHost(svchost.Hostname(host), auth.HostCredentialsToken(cred.Token)); err != nil { From 18534b3d95de68d650a0aca69347bff2b71e8d13 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Nov 2024 16:19:46 +0100 Subject: [PATCH 2/4] Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 (#35951) * Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) from 4.5.0 to 4.5.1. - [Release notes](https://github.com/golang-jwt/jwt/releases) - [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md) - [Commits](https://github.com/golang-jwt/jwt/compare/v4.5.0...v4.5.1) --- updated-dependencies: - dependency-name: github.com/golang-jwt/jwt/v4 dependency-type: indirect ... Signed-off-by: dependabot[bot] * sync deps --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Liam Cervante --- go.mod | 2 +- go.sum | 3 ++- internal/backend/remote-state/azure/go.mod | 2 +- internal/backend/remote-state/azure/go.sum | 4 ++-- internal/backend/remote-state/kubernetes/go.mod | 2 +- internal/backend/remote-state/kubernetes/go.sum | 4 ++-- 6 files changed, 9 insertions(+), 8 deletions(-) diff --git a/go.mod b/go.mod index c8c1cc110f..8263b7434a 100644 --- a/go.mod +++ b/go.mod @@ -168,7 +168,7 @@ require ( github.com/go-openapi/swag v0.19.14 // indirect github.com/gofrs/uuid v4.0.0+incompatible // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang-jwt/jwt/v4 v4.5.0 // indirect + github.com/golang-jwt/jwt/v4 v4.5.1 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.4 // indirect github.com/google/gnostic v0.5.7-v3refs // indirect diff --git a/go.sum b/go.sum index faa85cc761..1b68af5229 100644 --- a/go.sum +++ b/go.sum @@ -498,8 +498,9 @@ github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69 github.com/goji/httpauth v0.0.0-20160601135302-2da839ab0f4d/go.mod h1:nnjvkQ9ptGaCkuDUx6wNykzzlUixGxvkme+H/lnzb+A= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo= +github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/glog v1.1.2 h1:DVjP2PbBOzHyzA+dn3WhHIq4NdVu3Q+pvivFICf/7fo= github.com/golang/glog v1.1.2/go.mod h1:zR+okUeTbrL6EL3xHUDxZuEtGv04p5shwip1+mL/rLQ= diff --git a/internal/backend/remote-state/azure/go.mod b/internal/backend/remote-state/azure/go.mod index 60e08ee57e..7fc31ffcdf 100644 --- a/internal/backend/remote-state/azure/go.mod +++ b/internal/backend/remote-state/azure/go.mod @@ -28,7 +28,7 @@ require ( github.com/davecgh/go-spew v1.1.1 // indirect github.com/dimchansky/utfbom v1.1.1 // indirect github.com/fatih/color v1.17.0 // indirect - github.com/golang-jwt/jwt/v4 v4.5.0 // indirect + github.com/golang-jwt/jwt/v4 v4.5.1 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect diff --git a/internal/backend/remote-state/azure/go.sum b/internal/backend/remote-state/azure/go.sum index da6d99d22c..0f89bed347 100644 --- a/internal/backend/remote-state/azure/go.sum +++ b/internal/backend/remote-state/azure/go.sum @@ -126,8 +126,8 @@ github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68= github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= -github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo= +github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= diff --git a/internal/backend/remote-state/kubernetes/go.mod b/internal/backend/remote-state/kubernetes/go.mod index e6498cea4e..1a5b4d8db5 100644 --- a/internal/backend/remote-state/kubernetes/go.mod +++ b/internal/backend/remote-state/kubernetes/go.mod @@ -32,7 +32,7 @@ require ( github.com/go-openapi/jsonreference v0.19.5 // indirect github.com/go-openapi/swag v0.19.14 // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang-jwt/jwt/v4 v4.5.0 // indirect + github.com/golang-jwt/jwt/v4 v4.5.1 // indirect github.com/golang/protobuf v1.5.4 // indirect github.com/google/gnostic v0.5.7-v3refs // indirect github.com/google/go-cmp v0.6.0 // indirect diff --git a/internal/backend/remote-state/kubernetes/go.sum b/internal/backend/remote-state/kubernetes/go.sum index 087828e1ad..10ea1f3b41 100644 --- a/internal/backend/remote-state/kubernetes/go.sum +++ b/internal/backend/remote-state/kubernetes/go.sum @@ -121,8 +121,8 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= -github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo= +github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= From caf10429ee9ea37e23b1b2c2a394267121e22cc7 Mon Sep 17 00:00:00 2001 From: Liam Cervante Date: Wed, 6 Nov 2024 13:24:26 +0100 Subject: [PATCH 3/4] prepare for v1.11.0-alpha20241106 release --- CHANGELOG.md | 2 +- version/VERSION | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ae928c8fff..39e6806e9e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,4 @@ -## 1.11.0 (Unreleased) +## 1.11.0-alpha20241106 (November 6, 2024) EXPERIMENTS: diff --git a/version/VERSION b/version/VERSION index 1f724bf455..ca68ef4400 100644 --- a/version/VERSION +++ b/version/VERSION @@ -1 +1 @@ -1.11.0-dev +1.11.0-alpha20241106 From c754d95a156b7b7c6bdb173c9fbd7736630652ac Mon Sep 17 00:00:00 2001 From: Liam Cervante Date: Wed, 6 Nov 2024 13:58:01 +0100 Subject: [PATCH 4/4] clean up after v1.11.0-alpha20241106 release --- CHANGELOG.md | 2 +- version/VERSION | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 39e6806e9e..ae928c8fff 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,4 @@ -## 1.11.0-alpha20241106 (November 6, 2024) +## 1.11.0 (Unreleased) EXPERIMENTS: diff --git a/version/VERSION b/version/VERSION index ca68ef4400..1f724bf455 100644 --- a/version/VERSION +++ b/version/VERSION @@ -1 +1 @@ -1.11.0-alpha20241106 +1.11.0-dev