From ef7740c65f77fefb6e41f34a1367f516208103e2 Mon Sep 17 00:00:00 2001 From: Erhan Cagirici Date: Mon, 4 Dec 2023 16:52:32 +0300 Subject: [PATCH] refactor getAWSConfig calls in external client to make single call per connect Signed-off-by: Erhan Cagirici --- internal/clients/aws.go | 52 +++++++++++++++++------------------------ 1 file changed, 21 insertions(+), 31 deletions(-) diff --git a/internal/clients/aws.go b/internal/clients/aws.go index 898dd80dc1..6e5576a66e 100644 --- a/internal/clients/aws.go +++ b/internal/clients/aws.go @@ -69,9 +69,19 @@ func SelectTerraformSetup(log logging.Logger, config *SetupConfig) terraform.Set }, Scheduler: config.DefaultScheduler, } + awsCfg, err := getAWSConfig(ctx, c, mg) + if err != nil { + return terraform.Setup{}, errors.Wrap(err, "cannot get aws config") + } else if awsCfg == nil { + return terraform.Setup{}, errors.Wrap(err, "obtained aws config cannot be nil") + } + creds, err := awsCfg.Credentials.Retrieve(ctx) + if err != nil { + return terraform.Setup{}, errors.Wrap(err, "failed to retrieve aws credentials from aws config") + } account := "000000000" if !pc.Spec.SkipCredsValidation { - account, err = getAccountId(ctx, c, mg) + account, err = getAccountId(ctx, awsCfg, creds) if err != nil { return terraform.Setup{}, errors.Wrap(err, "cannot get account id") } @@ -82,7 +92,7 @@ func SelectTerraformSetup(log logging.Logger, config *SetupConfig) terraform.Set } if len(pc.Spec.AssumeRoleChain) > 1 || pc.Spec.Endpoint != nil { - err = DefaultTerraformSetupBuilder(ctx, c, mg, pc, &ps) + err = DefaultTerraformSetupBuilder(ctx, pc, &ps, awsCfg, creds) if err != nil { return terraform.Setup{}, errors.Wrap(err, "cannot build terraform configuration") } @@ -92,7 +102,7 @@ func SelectTerraformSetup(log logging.Logger, config *SetupConfig) terraform.Set ps.Scheduler = terraform.NewWorkspaceProviderScheduler(log, terraform.WithNativeProviderPath(*config.NativeProviderPath), terraform.WithNativeProviderName("registry.terraform.io/"+*config.NativeProviderSource)) } } else { - err = pushDownTerraformSetupBuilder(ctx, c, mg, pc, &ps) + err = pushDownTerraformSetupBuilder(ctx, c, pc, &ps, awsCfg) if err != nil { return terraform.Setup{}, errors.Wrap(err, "cannot build terraform configuration") } @@ -106,16 +116,12 @@ func SelectTerraformSetup(log logging.Logger, config *SetupConfig) terraform.Set } } -func pushDownTerraformSetupBuilder(ctx context.Context, c client.Client, mg resource.Managed, pc *v1beta1.ProviderConfig, ps *terraform.Setup) error { //nolint:gocyclo +func pushDownTerraformSetupBuilder(ctx context.Context, c client.Client, pc *v1beta1.ProviderConfig, ps *terraform.Setup, cfg *aws.Config) error { //nolint:gocyclo if len(pc.Spec.AssumeRoleChain) > 1 || pc.Spec.Endpoint != nil { return errors.New("shared scheduler cannot be used because the length of assume role chain array " + "is more than 1 or endpoint configuration is not nil") } - cfg, err := getAWSConfig(ctx, c, mg) - if err != nil { - return errors.Wrap(err, "cannot get AWS config") - } ps.Configuration = map[string]any{ keyRegion: cfg.Region, } @@ -174,16 +180,7 @@ func pushDownTerraformSetupBuilder(ctx context.Context, c client.Client, mg reso return nil } -func DefaultTerraformSetupBuilder(ctx context.Context, c client.Client, mg resource.Managed, pc *v1beta1.ProviderConfig, ps *terraform.Setup) error { - cfg, err := getAWSConfig(ctx, c, mg) - if err != nil { - return errors.Wrap(err, "cannot get AWS config") - } - creds, err := cfg.Credentials.Retrieve(ctx) - if err != nil { - return errors.Wrap(err, "failed to retrieve aws credentials from aws config") - } - +func DefaultTerraformSetupBuilder(_ context.Context, pc *v1beta1.ProviderConfig, ps *terraform.Setup, cfg *aws.Config, creds aws.Credentials) error { ps.Configuration = map[string]any{ keyRegion: cfg.Region, keyAccessKeyID: creds.AccessKeyID, @@ -199,7 +196,7 @@ func DefaultTerraformSetupBuilder(ctx context.Context, c client.Client, mg resou if pc.Spec.Endpoint != nil { if pc.Spec.Endpoint.URL.Static != nil { if len(pc.Spec.Endpoint.Services) > 0 && *pc.Spec.Endpoint.URL.Static == "" { - return errors.Wrap(err, "endpoint is wrong") + return errors.New("endpoint.url.static cannot be empty") } else { endpoints := make(map[string]string) for _, service := range pc.Spec.Endpoint.Services { @@ -209,18 +206,10 @@ func DefaultTerraformSetupBuilder(ctx context.Context, c client.Client, mg resou } } } - return err + return nil } -func getAccountId(ctx context.Context, c client.Client, mg resource.Managed) (string, error) { - cfg, err := getAWSConfig(ctx, c, mg) - if err != nil { - return "", errors.Wrap(err, "cannot get AWS config") - } - creds, err := cfg.Credentials.Retrieve(ctx) - if err != nil { - return "", errors.Wrap(err, "failed to retrieve aws credentials from aws config") - } +func getAccountId(ctx context.Context, cfg *aws.Config, creds aws.Credentials) (string, error) { identity, err := GlobalCallerIdentityCache.GetCallerIdentity(ctx, *cfg, creds) if err != nil { return "", errors.Wrap(err, "cannot get the caller identity") @@ -239,8 +228,9 @@ func getAWSConfig(ctx context.Context, c client.Client, mg resource.Managed) (*a return cfg, nil } -func configureNoForkAWSClient(ctx context.Context, ps *terraform.Setup, p schema.Provider) error { //nolint:gocyclo - diag := p.Configure(context.TODO(), &tfsdk.ResourceConfig{ +func configureNoForkAWSClient(_ context.Context, ps *terraform.Setup, p schema.Provider) error { //nolint:gocyclo + // TODO: use context.WithoutCancel(ctx) after switching to Go >=1.21 + diag := p.Configure(context.TODO(), &tfsdk.ResourceConfig{ //nolint:contextcheck Config: ps.Configuration, }) if diag != nil && diag.HasError() {