-
Notifications
You must be signed in to change notification settings - Fork 22
/
bosh.go
96 lines (75 loc) · 2.47 KB
/
bosh.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
package test_helpers
import (
"fmt"
boshdir "github.com/cloudfoundry/bosh-cli/director"
boshuaa "github.com/cloudfoundry/bosh-cli/uaa"
boshlog "github.com/cloudfoundry/bosh-utils/logger"
. "github.com/onsi/gomega"
"io/ioutil"
"os"
)
func BuildBoshDirector() (boshdir.Director, error) {
logger := boshlog.NewLogger(boshlog.LevelError)
factory := boshdir.NewFactory(logger)
// Build a Director config from address-like string.
// HTTPS is required and certificates are always verified.
config, err := boshdir.NewConfigFromURL(BoshEnvironment())
if err != nil {
return nil, fmt.Errorf("building director config: %s", err)
}
// Configure custom trusted CA certificates.
// If nothing is provided default system certificates are used.
config.CACert = BoshCaCert()
// Allow Director to fetch UAA tokens when necessary.
uaa, err := buildUAA()
if err != nil {
return nil, fmt.Errorf("building uaa: %s", err)
}
config.TokenFunc = boshuaa.NewClientTokenSession(uaa).TokenFunc
return factory.New(config, boshdir.NewNoopTaskReporter(), boshdir.NewNoopFileReporter())
}
func BoshDeployment() string {
return os.Getenv("BOSH_DEPLOYMENT")
}
func BoshEnvironment() string {
return os.Getenv("BOSH_ENVIRONMENT")
}
func BoshClient() string {
return os.Getenv("BOSH_CLIENT")
}
func BoshClientSecret() string {
return os.Getenv("BOSH_CLIENT_SECRET")
}
func BoshCaCert() string {
path := os.Getenv("BOSH_CA_CERT_PATH")
key, err := ioutil.ReadFile(path)
Expect(err).NotTo(HaveOccurred())
return string(key)
}
func BoshGwUser() string {
return os.Getenv("BOSH_GW_USER")
}
func BoshGwPrivateKey() []byte {
path := os.Getenv("BOSH_GW_PRIVATE_KEY_PATH")
key, err := ioutil.ReadFile(path)
Expect(err).NotTo(HaveOccurred())
return key
}
func buildUAA() (boshuaa.UAA, error) {
logger := boshlog.NewLogger(boshlog.LevelError)
factory := boshuaa.NewFactory(logger)
// Build a UAA config from a URL.
// HTTPS is required and certificates are always verified.
config, err := boshuaa.NewConfigFromURL(fmt.Sprintf("https://%s:8443", BoshEnvironment()))
if err != nil {
return nil, fmt.Errorf("ERROR build uaa config: %s", err)
}
// Set client credentials for authentication.
// Machine level access should typically use a client instead of a particular user.
config.Client = BoshClient()
config.ClientSecret = BoshClientSecret()
// Configure trusted CA certificates.
// If nothing is provided default system certificates are used.
config.CACert = BoshCaCert()
return factory.New(config)
}