This repository has been archived by the owner on Jan 19, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 2
/
oci_properties.go
161 lines (133 loc) · 4.19 KB
/
oci_properties.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
package config
import (
"fmt"
"os"
"path/filepath"
"strings"
"oracle/oracle-iaas-go.git/transport"
)
const stemcellUserName string = "vcap"
// OCIProperties contains the properties for configuring
// BOSH CPI for Oracle Cloud Infrastructure
type OCIProperties struct {
// Tenancy under which the resources are provisioned
Tenancy string `json:"tenancy"`
// User OCID
User string `json:"user"`
// Compartment OCID
CompartmentID string `json:"compartment"`
// Region name
Region string `json:"region"`
// Fingerprint of the User API key
Fingerprint string `json:"fingerprint"`
// APIKeyFile is the path to the private API key
APIKeyFile string `json:"apikeyfile"`
// CPIKeyfile is the path to the private key used by the CPI
// used for SSH connections
CpiKeyFile string `json:"cpikeyfile"`
// UsePublicIPForSSH controls whether to use public or private IP
// of the target insatnce for establishing SSH connections
UsePublicIPForSSH bool `json:"usePublicIPForSSH,omitempty"`
// AuthorizedKeys contains the public ssh-keys to provision
// on new vms
AuthorizedKeys AuthorizedKeys `json:"authorized_keys"`
// SSHTunnel is the configuration for creating a forward SSH tunnel
SSHTunnel SSHTunnel `json:"sshTunnel,omitempty"`
}
// AuthorizedKeys is the set of public
// ssh-rsa keys to be installed
// on the default initial account
// provisioned on a new vm
type AuthorizedKeys struct {
Cpi string `json:"cpi"`
User string `json:"user, omitempty"`
}
// Validate raises an error if any of the mandatory
// properties are missing
func (b OCIProperties) Validate() error {
if err := isAnyEmpty(map[string]string{
"tenancy": b.Tenancy,
"user": b.User,
"fingerprint": b.Fingerprint,
"apikeyfile": b.APIKeyFile,
"compartment": b.CompartmentID,
"cpikeyfile": b.CpiKeyFile,
}); err != nil {
return err
}
return validateFilePaths([]string{b.APIKeyFile})
}
func isAnyEmpty(attributes map[string]string) error {
for name, value := range attributes {
if value == "" {
return fmt.Errorf(" Property %s must not be empty", name)
}
}
return nil
}
func validateFilePaths(paths []string) error {
for _, path := range paths {
if err := validateFilePath(path); err != nil {
return err
}
}
return nil
}
func validateFilePath(path string) error {
if _, err := os.Stat(path); os.IsNotExist(err) {
return fmt.Errorf("File %s doesn't exist", path)
}
return nil
}
func newSanitizedConfig(configFullPath string, b OCIProperties) OCIProperties {
dir := filepath.Dir(configFullPath)
return OCIProperties{
Tenancy: b.Tenancy,
User: b.User,
CompartmentID: b.CompartmentID,
Region: b.Region,
Fingerprint: b.Fingerprint,
APIKeyFile: filepath.Join(dir, filepath.Base(b.APIKeyFile)),
CpiKeyFile: filepath.Join(dir, filepath.Base(b.CpiKeyFile)),
UsePublicIPForSSH: b.UsePublicIPForSSH,
AuthorizedKeys: b.AuthorizedKeys,
SSHTunnel: b.SSHTunnel,
}
}
// TransportConfig returns the configuration properties
// needed by the underlying transport layer for communicating
// with OCI
func (b OCIProperties) TransportConfig(host string) transport.Config {
return transport.Config{Tenant: b.Tenancy, User: b.User,
Fingerprint: b.Fingerprint, Host: host, KeyFile: b.APIKeyFile}
}
// UserSSHPublicKeyContent returns the configured ssh-rsa user public key
func (b OCIProperties) UserSSHPublicKeyContent() string {
return sanitizeSSHKey(b.AuthorizedKeys.User)
}
// CpiSSHPublicKeyContent returns the configured cpi user's ssh-rsa public key
func (b OCIProperties) CpiSSHPublicKeyContent() string {
return sanitizeSSHKey(b.AuthorizedKeys.Cpi)
}
// CpiSSHConfig returns the CPI ssh configuration
func (b OCIProperties) CpiSSHConfig() SSHConfig {
return SSHConfig{stemcellUserName, b.CpiKeyFile, b.UsePublicIPForSSH}
}
func sanitizeSSHKey(key string) string {
if key != "" {
return strings.TrimSuffix(strings.TrimSpace(key), "\n")
}
return key
}
func (b OCIProperties) AuthorizedKeysContents() []string {
keys := []string{}
userKey := b.UserSSHPublicKeyContent()
if userKey != "" {
keys = append(keys, userKey)
}
cpiKey := b.CpiSSHPublicKeyContent()
if cpiKey != "" {
keys = append(keys, cpiKey)
}
return keys
}