Make git credentials available to inline and remote (#74)

internal/controller/workspace/workspace.go

@@ -165,32 +165,35 @@ func (c *connector) Connect(ctx context.Context, mg resource.Managed) (managed.E
 		return nil, errors.Wrap(err, errGetPC)
 	}
 
-	switch cr.Spec.ForProvider.Source {
-	case v1alpha1.ModuleSourceRemote:
-		// NOTE(ytsarev): Retrieve .git-credentials from Spec to /tmp outside of workspace directory
+	// Make git credentials available to inline and remote sources
+	for _, cd := range pc.Spec.Credentials {
+		if cd.Filename != gitCredentialsFilename {
+			continue
+		}
+		data, err := resource.CommonCredentialExtractor(ctx, cd.Source, c.kube, cd.CommonCredentialSelectors)
+		if err != nil {
+			return nil, errors.Wrap(err, errGetCreds)
+		}
+		// NOTE(bobh66): Put the git credentials file in /tmp/tf/<UUID> so it doesn't get removed or overwritten
+		// by the remote module source case
 		gitCredDir := filepath.Clean(filepath.Join("/tmp", dir))
-		if err := c.fs.MkdirAll(gitCredDir, 0700); err != nil {
+		if err = c.fs.MkdirAll(gitCredDir, 0700); err != nil {
 			return nil, errors.Wrap(err, errWriteGitCreds)
 		}
-		for _, cd := range pc.Spec.Credentials {
-			if cd.Filename != gitCredentialsFilename {
-				continue
-			}
-			data, err := resource.CommonCredentialExtractor(ctx, cd.Source, c.kube, cd.CommonCredentialSelectors)
-			if err != nil {
-				return nil, errors.Wrap(err, errGetCreds)
-			}
-			p := filepath.Clean(filepath.Join(gitCredDir, filepath.Base(cd.Filename)))
-			if err := c.fs.WriteFile(p, data, 0600); err != nil {
-				return nil, errors.Wrap(err, errWriteGitCreds)
-			}
-			// NOTE(ytsarev): Make go-getter pick up .git-credentials, see /.gitconfig in the container image
-			err = os.Setenv("GIT_CRED_DIR", gitCredDir)
-			if err != nil {
-				return nil, errors.Wrap(err, errRemoteModule)
-			}
+
+		// NOTE(ytsarev): Make go-getter pick up .git-credentials, see /.gitconfig in the container image
+		err = os.Setenv("GIT_CRED_DIR", gitCredDir)
+		if err != nil {
+			return nil, errors.Wrap(err, errRemoteModule)
 		}
+		p := filepath.Clean(filepath.Join(gitCredDir, filepath.Base(cd.Filename)))
+		if err := c.fs.WriteFile(p, data, 0600); err != nil {
+			return nil, errors.Wrap(err, errWriteGitCreds)
+		}
+	}
 
+	switch cr.Spec.ForProvider.Source {
+	case v1alpha1.ModuleSourceRemote:
 		// Workaround of https://github.com/hashicorp/go-getter/issues/114
 		if err := c.fs.RemoveAll(dir); err != nil {
 			return nil, errors.Wrap(err, errRemoteModule)

internal/controller/workspace/workspace_test.go

@@ -304,6 +304,49 @@ func TestConnect(t *testing.T) {
 			},
 			want: errors.Wrap(errBoom, errWriteGitCreds),
 		},
+		"WriteProviderGitCredentialsMkdirError": {
+			reason: "We should return any error encountered while creating the credentials directory in /tmp",
+			fields: fields{
+				kube: &test.MockClient{
+					MockGet: test.NewMockGetFn(nil, func(obj client.Object) error {
+						if pc, ok := obj.(*v1alpha1.ProviderConfig); ok {
+							pc.Spec.Credentials = []v1alpha1.ProviderCredentials{{
+								Filename: ".git-credentials",
+								Source:   xpv1.CredentialsSourceNone,
+							}}
+						}
+						return nil
+					}),
+				},
+				usage: resource.TrackerFn(func(_ context.Context, _ resource.Managed) error { return nil }),
+				fs: afero.Afero{
+					Fs: &ErrFs{
+						Fs:   afero.NewMemMapFs(),
+						errs: map[string]error{filepath.Join("/tmp", tfDir, string(uid)): errBoom},
+					},
+				},
+				terraform: func(_ string) tfclient {
+					return &MockTf{
+						MockInit: func(ctx context.Context, o ...terraform.InitOption) error { return nil },
+					}
+				},
+			},
+			args: args{
+				mg: &v1alpha1.Workspace{
+					ObjectMeta: metav1.ObjectMeta{UID: uid},
+					Spec: v1alpha1.WorkspaceSpec{
+						ResourceSpec: xpv1.ResourceSpec{
+							ProviderConfigReference: &xpv1.Reference{},
+						},
+						ForProvider: v1alpha1.WorkspaceParameters{
+							Module: "github.com/crossplane/rocks",
+							Source: v1alpha1.ModuleSourceRemote,
+						},
+					},
+				},
+			},
+			want: errors.Wrap(errBoom, errWriteGitCreds),
+		},
 		"WriteConfigError": {
 			reason: "We should return any error encountered while writing our crossplane-provider-config.tf file",
 			fields: fields{