Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

mtls refactor for endpoints #4869

Merged
merged 17 commits into from
Jun 16, 2021
Merged
Show file tree
Hide file tree
Changes from 7 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
60 changes: 41 additions & 19 deletions mmv1/third_party/terraform/utils/config.go.erb
Original file line number Diff line number Diff line change
Expand Up @@ -129,9 +129,29 @@ type Config struct {
}

// Generated product base paths
var DefaultBasePaths = map[string]string{
<% products.each do |product| -%>
var <%= product[:definitions].name -%>DefaultBasePath = "<%= product[:definitions].base_url -%>"
"<%= product[:definitions].name -%>" : "<%= product[:definitions].base_url -%>",
<% end -%>
"CloudBilling" : "https://cloudbilling.googleapis.com/v1/",
<% if version == "ga" -%>
"Composer" : "https://composer.googleapis.com/v1/",
<% else -%>
"Composer" : "https://composer.googleapis.com/v1beta1/",
<% end -%>
"ComputeBeta" : "https://www.googleapis.com/compute/beta/",
ScottSuarez marked this conversation as resolved.
Show resolved Hide resolved
"Container" : "https://container.googleapis.com/v1/",
"ContainerBeta" : "https://container.googleapis.com/v1beta1/",
"DataprocBeta" : "https://dataproc.googleapis.com/v1beta2/",
"Dataflow" : "https://dataflow.googleapis.com/v1b3/",
"IAM" : "https://iam.googleapis.com/v1/",
"IamCredentials" : "https://iamcredentials.googleapis.com/v1/",
"ResourceManagerV2" : "https://cloudresourcemanager.googleapis.com/v2/",
"ServiceNetworking" : "https://servicenetworking.googleapis.com/v1/",
"StorageTransfer" : "https://storagetransfer.googleapis.com/v1/",
"BigtableAdmin" : "https://bigtableadmin.googleapis.com/v2/",
"Eventarc" : "https://eventarc.googleapis.com/v1beta1/",
}

var DefaultClientScopes = []string{
"https://www.googleapis.com/auth/compute",
Expand All @@ -158,9 +178,11 @@ func (c *Config) LoadAndValidate(ctx context.Context) error {

cleanCtx := context.WithValue(ctx, oauth2.HTTPClient, cleanhttp.DefaultClient())

// 1. OAUTH2 TRANSPORT/CLIENT - sets up proper auth headers
client := oauth2.NewClient(cleanCtx, tokenSource)

// 1. MTLS TRANSPORT/CLIENT - sets up proper auth headers
client, _, err := transport.NewHTTPClient(cleanCtx, option.WithTokenSource(tokenSource))
if err != nil {
return err
}
// Userinfo is fetched before request logging is enabled to reduce additional noise.
err = c.logGoogleIdentities()
if err != nil {
Expand Down Expand Up @@ -886,22 +908,22 @@ func removeBasePathVersion(url string) string {
func ConfigureBasePaths(c *Config) {
// Generated Products
<% products.map.each do |product| -%>
c.<%= product[:definitions].name -%>BasePath = <%= product[:definitions].name -%>DefaultBasePath
c.<%= product[:definitions].name -%>BasePath = DefaultBasePaths["<%= product[:definitions].name -%>"]
<% end -%>

// Handwritten Products / Versioned / Atypical Entries
c.CloudBillingBasePath = CloudBillingDefaultBasePath
c.ComposerBasePath = ComposerDefaultBasePath
c.ComputeBetaBasePath = ComputeBetaDefaultBasePath
c.ContainerBasePath = ContainerDefaultBasePath
c.ContainerBetaBasePath = ContainerBetaDefaultBasePath
c.DataprocBasePath = DataprocDefaultBasePath
c.DataflowBasePath = DataflowDefaultBasePath
c.IamCredentialsBasePath = IamCredentialsDefaultBasePath
c.ResourceManagerV2BasePath = ResourceManagerV2DefaultBasePath
c.IAMBasePath = IAMDefaultBasePath
c.ServiceNetworkingBasePath = ServiceNetworkingDefaultBasePath
c.BigQueryBasePath = BigQueryDefaultBasePath
c.StorageTransferBasePath = StorageTransferDefaultBasePath
c.BigtableAdminBasePath = BigtableAdminDefaultBasePath
c.CloudBillingBasePath = DefaultBasePaths["CloudBilling"]
c.ComposerBasePath = DefaultBasePaths["Composer"]
c.ComputeBetaBasePath = DefaultBasePaths["ComputeBeta"]
c.ContainerBasePath = DefaultBasePaths["Container"]
c.ContainerBetaBasePath = DefaultBasePaths["ContainerBeta"]
c.DataprocBasePath = DefaultBasePaths["Dataproc"]
c.DataflowBasePath = DefaultBasePaths["Dataflow"]
c.IamCredentialsBasePath = DefaultBasePaths["IamCredentials"]
c.ResourceManagerV2BasePath = DefaultBasePaths["ResourceManagerV2"]
c.IAMBasePath = DefaultBasePaths["IAM"]
c.ServiceNetworkingBasePath = DefaultBasePaths["ServiceNetworking"]
c.BigQueryBasePath = DefaultBasePaths["BigQuery"]
c.StorageTransferBasePath = DefaultBasePaths["StorageTransfer"]
c.BigtableAdminBasePath = DefaultBasePaths["BigtableAdmin"]
}
49 changes: 49 additions & 0 deletions mmv1/third_party/terraform/utils/mtls_util.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
package google

import (
"context"
"fmt"
"net/url"
"strings"

"google.golang.org/api/option/internaloption"
"google.golang.org/api/transport"
)

func isMtls() bool {
regularEndpoint := "https://mockservice.googleapis.com/v1/"
ScottSuarez marked this conversation as resolved.
Show resolved Hide resolved
mtlsEndpoint := getMtlsEndpoint(regularEndpoint)
_, endpoint, err := transport.NewHTTPClient(context.Background(),
internaloption.WithDefaultEndpoint(regularEndpoint),
internaloption.WithDefaultMTLSEndpoint(mtlsEndpoint),
)
if err != nil {
return false
}
isMtls := strings.Contains(endpoint, "mtls")
ScottSuarez marked this conversation as resolved.
Show resolved Hide resolved
return isMtls
}

func getMtlsEndpoint(baseEndpoint string) string {
u, err := url.Parse(baseEndpoint)
if err != nil {
if strings.Contains(baseEndpoint, ".googleapis") {
return strings.Replace(baseEndpoint, ".googleapis", ".mtls.googleapis", 1)
}
return baseEndpoint
}
portParts := strings.Split(u.Host, ":")
ScottSuarez marked this conversation as resolved.
Show resolved Hide resolved
if len(portParts) == 0 || portParts[0] == "" {
return baseEndpoint
}
domainParts := strings.Split(portParts[0], ".")
if len(domainParts) > 1 {
u.Host = fmt.Sprintf("%s.mtls.%s", domainParts[0], strings.Join(domainParts[1:], "."))
} else {
u.Host = fmt.Sprintf("%s.mtls", domainParts[0])
}
if len(portParts) > 1 {
u.Host = fmt.Sprintf("%s:%s", u.Host, portParts[1])
}
return u.String()
}
16 changes: 16 additions & 0 deletions mmv1/third_party/terraform/utils/mtls_util_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
package google

import (
"strings"
"testing"
)

func TestUnitMtls_urlSwitching(t *testing.T) {
t.Parallel()
for key, bp := range DefaultBasePaths {
url := getMtlsEndpoint(bp)
if !strings.Contains(url, ".mtls.") {
t.Errorf("%s: mtls conversion unsuccessful preconv - %s postconv - %s", key, bp, url)
}
}
}
9 changes: 8 additions & 1 deletion mmv1/third_party/terraform/utils/provider.go.erb
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,13 @@ var mutexKV = NewMutexKV()

// Provider returns a *schema.Provider.
func Provider() *schema.Provider {
if isMtls() {
// if mtls is enabled switch all
// default endpoints to use the mtls endpoint
for key, bp := range DefaultBasePaths {
DefaultBasePaths[key] = getMtlsEndpoint(bp)
}
}
provider := &schema.Provider{
Schema: map[string]*schema.Schema{
"credentials": &schema.Schema{
Expand Down Expand Up @@ -134,7 +141,7 @@ func Provider() *schema.Provider {
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_<%= product[:definitions].name.underscore.upcase -%>_CUSTOM_ENDPOINT",
}, <%= product[:definitions].name -%>DefaultBasePath),
}, DefaultBasePaths["<%= product[:definitions].name -%>"]),
},
<% end -%>

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,118 +9,104 @@ import (
// files. Collect handwritten ones here. If any of these are modified, be sure
// to update the provider_reference docs page.

var CloudBillingDefaultBasePath = "https://cloudbilling.googleapis.com/v1/"
var CloudBillingCustomEndpointEntryKey = "cloud_billing_custom_endpoint"
var CloudBillingCustomEndpointEntry = &schema.Schema{
Type: schema.TypeString,
Optional: true,
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_CLOUD_BILLING_CUSTOM_ENDPOINT",
}, CloudBillingDefaultBasePath),
}, DefaultBasePaths["CloudBilling"]),
}

<% if version == "ga" -%>
var ComposerDefaultBasePath = "https://composer.googleapis.com/v1/"
<% else -%>
var ComposerDefaultBasePath = "https://composer.googleapis.com/v1beta1/"
<% end -%>
var ComposerCustomEndpointEntryKey = "composer_custom_endpoint"
var ComposerCustomEndpointEntry = &schema.Schema{
Type: schema.TypeString,
Optional: true,
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_COMPOSER_CUSTOM_ENDPOINT",
}, ComposerDefaultBasePath),
}, DefaultBasePaths["Composer"]),
}

var ComputeBetaDefaultBasePath = "https://www.googleapis.com/compute/beta/"
var ComputeBetaCustomEndpointEntryKey = "compute_beta_custom_endpoint"
var ComputeBetaCustomEndpointEntry = &schema.Schema{
Type: schema.TypeString,
Optional: true,
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_COMPUTE_BETA_CUSTOM_ENDPOINT",
}, ComputeBetaDefaultBasePath),
}, DefaultBasePaths["ComputeBeta"]),
}

var ContainerDefaultBasePath = "https://container.googleapis.com/v1/"
var ContainerCustomEndpointEntryKey = "container_custom_endpoint"
var ContainerCustomEndpointEntry = &schema.Schema{
Type: schema.TypeString,
Optional: true,
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_CONTAINER_CUSTOM_ENDPOINT",
}, ContainerDefaultBasePath),
}, DefaultBasePaths["Container"]),
}

var ContainerBetaDefaultBasePath = "https://container.googleapis.com/v1beta1/"
var ContainerBetaCustomEndpointEntryKey = "container_beta_custom_endpoint"
var ContainerBetaCustomEndpointEntry = &schema.Schema{
Type: schema.TypeString,
Optional: true,
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_CONTAINER_BETA_CUSTOM_ENDPOINT",
}, ContainerBetaDefaultBasePath),
}, DefaultBasePaths["ContainerBeta"]),
}

var DataprocBetaDefaultBasePath = "https://dataproc.googleapis.com/v1beta2/"
var DataprocBetaCustomEndpointEntryKey = "dataproc_beta_custom_endpoint"
var DataprocBetaCustomEndpointEntry = &schema.Schema{
Type: schema.TypeString,
Optional: true,
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_DATAPROC_BETA_CUSTOM_ENDPOINT",
}, DataprocBetaDefaultBasePath),
}, DefaultBasePaths["DataprocBeta"]),
}

var DataflowDefaultBasePath = "https://dataflow.googleapis.com/v1b3/"
var DataflowCustomEndpointEntryKey = "dataflow_custom_endpoint"
var DataflowCustomEndpointEntry = &schema.Schema{
Type: schema.TypeString,
Optional: true,
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_DATAFLOW_CUSTOM_ENDPOINT",
}, DataflowDefaultBasePath),
}, DefaultBasePaths["Dataflow"]),
}

var IAMDefaultBasePath = "https://iam.googleapis.com/v1/"
var IAMCustomEndpointEntryKey = "iam_custom_endpoint"
var IAMCustomEndpointEntry = &schema.Schema{
Type: schema.TypeString,
Optional: true,
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_IAM_CUSTOM_ENDPOINT",
}, IAMDefaultBasePath),
}, DefaultBasePaths["IAM"]),
}

var IamCredentialsDefaultBasePath = "https://iamcredentials.googleapis.com/v1/"
var IamCredentialsCustomEndpointEntryKey = "iam_credentials_custom_endpoint"
var IamCredentialsCustomEndpointEntry = &schema.Schema{
Type: schema.TypeString,
Optional: true,
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_IAM_CREDENTIALS_CUSTOM_ENDPOINT",
}, IamCredentialsDefaultBasePath),
}, DefaultBasePaths["IamCredentials"]),
}

var ResourceManagerV2DefaultBasePath = "https://cloudresourcemanager.googleapis.com/v2/"
var ResourceManagerV2CustomEndpointEntryKey = "resource_manager_v2_custom_endpoint"
var ResourceManagerV2CustomEndpointEntry = &schema.Schema{
Type: schema.TypeString,
Optional: true,
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_RESOURCE_MANAGER_V2_CUSTOM_ENDPOINT",
}, ResourceManagerV2DefaultBasePath),
}, DefaultBasePaths["ResourceManagerV2"]),
}

var RuntimeConfigCustomEndpointEntryKey = "runtimeconfig_custom_endpoint"
Expand All @@ -130,18 +116,17 @@ var RuntimeConfigCustomEndpointEntry = &schema.Schema{
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_RUNTIMECONFIG_CUSTOM_ENDPOINT",
}, RuntimeConfigDefaultBasePath),
}, DefaultBasePaths["RuntimeConfig"]),
}

var ServiceNetworkingDefaultBasePath = "https://servicenetworking.googleapis.com/v1/"
var ServiceNetworkingCustomEndpointEntryKey = "service_networking_custom_endpoint"
var ServiceNetworkingCustomEndpointEntry = &schema.Schema{
Type: schema.TypeString,
Optional: true,
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_SERVICE_NETWORKING_CUSTOM_ENDPOINT",
}, ServiceNetworkingDefaultBasePath),
}, DefaultBasePaths["ServiceNetworking"]),
}

var ServiceUsageCustomEndpointEntryKey = "service_usage_custom_endpoint"
Expand All @@ -151,40 +136,27 @@ var ServiceUsageCustomEndpointEntry = &schema.Schema{
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_SERVICE_USAGE_CUSTOM_ENDPOINT",
}, ServiceUsageDefaultBasePath),
}, DefaultBasePaths["ServiceUsage"]),
}

var StorageTransferDefaultBasePath = "https://storagetransfer.googleapis.com/v1/"
var StorageTransferCustomEndpointEntryKey = "storage_transfer_custom_endpoint"
var StorageTransferCustomEndpointEntry = &schema.Schema{
Type: schema.TypeString,
Optional: true,
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_STORAGE_TRANSFER_CUSTOM_ENDPOINT",
}, StorageTransferDefaultBasePath),
}, DefaultBasePaths["StorageTransfer"]),
}

var BigtableAdminDefaultBasePath = "https://bigtableadmin.googleapis.com/v2/"
var BigtableAdminCustomEndpointEntryKey = "bigtable_custom_endpoint"
var BigtableAdminCustomEndpointEntry = &schema.Schema{
Type: schema.TypeString,
Optional: true,
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_BIGTABLE_CUSTOM_ENDPOINT",
}, BigtableAdminDefaultBasePath),
}

var EventarcDefaultBasePath = "https://eventarc.googleapis.com/v1/"
ScottSuarez marked this conversation as resolved.
Show resolved Hide resolved
var EventarcCustomEndpointEntryKey = "eventarc_custom_endpoint"
var EventarcCustomEndpointEntry = &schema.Schema{
Type: schema.TypeString,
Optional: true,
ValidateFunc: validateCustomEndpoint,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_EVENTARC_CUSTOM_ENDPOINT",
}, EventarcDefaultBasePath),
}, DefaultBasePaths["BigtableAdmin"]),
}

// GkeHubFeature uses a different base path "v1beta" than GkeHubMembership "v1beta1"
Expand Down