Merge pull request #4237 from axw/cloud-credentials-bootstrap2

Bootstrap with (public-)clouds/credentials.yaml Update bootstrap to use clouds.yaml and credentials.yaml. The primary difference from the spec is that we will do an auto-detection of credentials if none are specified and there is no default. Full support for cloud credentials has been added to the following providers so far: - dummy (for unit tests) - lxd - ec2 - gce - openstack (Review request: http://reviews.vapour.ws/r/3677/)
juju · b033024f0dc55e2bc371978828e7301a532fc926 · jujubot committed Jan 29, 2016 · Jan 29, 2016 · b033024
2 parents 3c4c5d6 + 99f72f4
commit b033024f0dc55e2bc371978828e7301a532fc926
diff --git a/apiserver/addresser/addresser_test.go b/apiserver/addresser/addresser_test.go
@@ -275,7 +275,10 @@ func (s *AddresserSuite) TestWatchIPAddresses(c *gc.C) {
 func testingEnvConfig(c *gc.C) *config.Config {
 	cfg, err := config.New(config.NoDefaults, dummy.SampleConfig())
 	c.Assert(err, jc.ErrorIsNil)
-	env, err := environs.Prepare(cfg, envcmd.BootstrapContext(coretesting.Context(c)), configstore.NewMem())
+	env, err := environs.Prepare(
+		envcmd.BootstrapContext(coretesting.Context(c)), configstore.NewMem(),
+		"dummycontroller", environs.PrepareForBootstrapParams{Config: cfg},
+	)
 	c.Assert(err, jc.ErrorIsNil)
 	return env.Config()
 }
@@ -296,7 +299,10 @@ func nonexTestingEnvConfig(c *gc.C) *config.Config {
 func mockTestingEnvConfig(c *gc.C) *config.Config {
 	cfg, err := config.New(config.NoDefaults, mockConfig())
 	c.Assert(err, jc.ErrorIsNil)
-	env, err := environs.Prepare(cfg, envcmd.BootstrapContext(coretesting.Context(c)), configstore.NewMem())
+	env, err := environs.Prepare(
+		envcmd.BootstrapContext(coretesting.Context(c)), configstore.NewMem(),
+		"dummycontroller", environs.PrepareForBootstrapParams{Config: cfg},
+	)
 	c.Assert(err, jc.ErrorIsNil)
 	return env.Config()
 }
diff --git a/apiserver/common/environwatcher_test.go b/apiserver/common/environwatcher_test.go
@@ -125,7 +125,10 @@ func (*environWatcherSuite) TestEnvironConfigMaskedSecrets(c *gc.C) {
 func testingEnvConfig(c *gc.C) *config.Config {
 	cfg, err := config.New(config.NoDefaults, dummy.SampleConfig())
 	c.Assert(err, jc.ErrorIsNil)
-	env, err := environs.Prepare(cfg, envcmd.BootstrapContext(testing.Context(c)), configstore.NewMem())
+	env, err := environs.Prepare(
+		envcmd.BootstrapContext(testing.Context(c)), configstore.NewMem(),
+		"dummycontroller", environs.PrepareForBootstrapParams{Config: cfg},
+	)
 	c.Assert(err, jc.ErrorIsNil)
 	return env.Config()
 }
diff --git a/apiserver/environmentmanager/environmentmanager_test.go b/apiserver/environmentmanager/environmentmanager_test.go
@@ -211,9 +211,9 @@ func (s *envManagerSuite) TestCreateEnvironmentValidatesConfig(c *gc.C) {
 	admin := s.AdminUserTag(c)
 	s.setAPIUser(c, admin)
 	args := s.createArgs(c, admin)
-	delete(args.Config, "state-server")
+	args.Config["state-server"] = "maybe"
 	_, err := s.envmanager.CreateEnvironment(args)
-	c.Assert(err, gc.ErrorMatches, "provider validation failed: state-server: expected bool, got nothing")
+	c.Assert(err, gc.ErrorMatches, "provider validation failed: state-server: expected bool, got string\\(\"maybe\"\\)")
 }
 
 func (s *envManagerSuite) TestCreateEnvironmentBadConfig(c *gc.C) {
diff --git a/apiserver/imagemetadata/updatefrompublished_test.go b/apiserver/imagemetadata/updatefrompublished_test.go
@@ -178,7 +178,10 @@ func (s *imageMetadataUpdateSuite) TestUpdateFromPublishedImages(c *gc.C) {
 		s.calls = append(s.calls, environConfig)
 		cfg, err := config.New(config.NoDefaults, dummy.SampleConfig())
 		c.Assert(err, jc.ErrorIsNil)
-		env, err := environs.Prepare(cfg, envcmd.BootstrapContext(testing.Context(c)), configstore.NewMem())
+		env, err := environs.Prepare(
+			envcmd.BootstrapContext(testing.Context(c)), configstore.NewMem(),
+			"dummycontroller", environs.PrepareForBootstrapParams{Config: cfg},
+		)
 		c.Assert(err, jc.ErrorIsNil)
 		return env.Config(), err
 	}
diff --git a/cloud/clouds.go b/cloud/clouds.go
@@ -73,6 +73,30 @@ type Region struct {
 	Endpoint string `yaml:"endpoint,omitempty"`
 }
 
+// CloudByName returns the cloud with the specified name.
+// If there exists no cloud with the specified name, an
+// error satisfying errors.IsNotFound will be returned.
+//
+// TODO(axw) write unit tests for this.
+func CloudByName(name string) (*Cloud, error) {
+	// Personal clouds take precedence.
+	personalClouds, err := PersonalCloudMetadata()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	if cloud, ok := personalClouds[name]; ok {
+		return &cloud, nil
+	}
+	clouds, _, err := PublicCloudMetadata(JujuPublicCloudsPath())
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	if cloud, ok := clouds[name]; ok {
+		return &cloud, nil
+	}
+	return nil, errors.NotFoundf("cloud %s", name)
+}
+
 // JujuPublicCloudsPath is the location where public cloud information is
 // expected to be found. Requires JUJU_HOME to be set.
 func JujuPublicCloudsPath() string {
diff --git a/cloud/credentials.go b/cloud/credentials.go
@@ -4,6 +4,8 @@
 package cloud
 
 import (
+	"io/ioutil"
+	"os"
 	"strings"
 
 	"github.com/juju/errors"
@@ -181,6 +183,53 @@ func (c cloudCredentialValueChecker) Coerce(v interface{}, path []string) (inter
 	return Credential{AuthType(authType), attrs}, nil
 }
 
+// CredentialByName returns the credential and default region to use for the
+// specified cloud, optionally specifying a credential name. If no credential
+// name is specified, then use the default credential for the cloud if one has
+// been specified. The credential name is returned also, in case the default
+// credential is used.
+//
+// If there exists no matching credentials, an error satisfying
+// errors.IsNotFound will be returned.
+//
+// NOTE: the credential returned is not validated. The caller must validate
+//       the credential with the cloud provider.
+//
+// TODO(axw) write unit tests for this.
+func CredentialByName(
+	cloudName, credentialName string,
+) (_ *Credential, credentialNameUsed string, defaultRegion string, _ error) {
+
+	// Parse the credentials, and extract the credentials for the specified
+	// cloud.
+	credentialsData, err := ioutil.ReadFile(JujuCredentials())
+	if os.IsNotExist(err) {
+		return nil, "", "", errors.NotFoundf("credentials file")
+	} else if err != nil {
+		return nil, "", "", errors.Trace(err)
+	}
+	credentials, err := ParseCredentials(credentialsData)
+	if err != nil {
+		return nil, "", "", errors.Annotate(err, "parsing credentials")
+	}
+	cloudCredentials, ok := credentials.Credentials[cloudName]
+	if !ok {
+		return nil, "", "", errors.NotFoundf("credentials for cloud %q", cloudName)
+	}
+
+	if credentialName == "" {
+		// No credential specified, so use the default for the cloud.
+		credentialName = cloudCredentials.DefaultCredential
+	}
+	credential, ok := cloudCredentials.AuthCredentials[credentialName]
+	if !ok {
+		return nil, "", "", errors.NotFoundf(
+			"%q credential for cloud %q", credentialName, cloudName,
+		)
+	}
+	return &credential, credentialName, cloudCredentials.DefaultRegion, nil
+}
+
 // JujuCredentials is the location where credentials are
 // expected to be found. Requires JUJU_HOME to be set.
 func JujuCredentials() string {