mirror of
https://gitea.com/Lydanne/buildx.git
synced 2025-07-09 21:17:09 +08:00
s3 cache client-side support
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
This commit is contained in:
140
vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md
generated
vendored
Normal file
140
vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md
generated
vendored
Normal file
@ -0,0 +1,140 @@
|
||||
# v1.15.5 (2022-05-09)
|
||||
|
||||
* **Bug Fix**: Fixes a bug in LoadDefaultConfig to correctly assign ConfigSources so all config resolvers have access to the config sources. This fixes the feature/ec2/imds client not having configuration applied via config.LoadOptions such as EC2IMDSClientEnableState. PR [#1682](https://github.com/aws/aws-sdk-go-v2/pull/1682)
|
||||
|
||||
# v1.15.4 (2022-04-25)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.15.3 (2022-03-30)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.15.2 (2022-03-24)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.15.1 (2022-03-23)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.15.0 (2022-03-08)
|
||||
|
||||
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.14.0 (2022-02-24)
|
||||
|
||||
* **Feature**: Adds support for loading RetryMaxAttempts and RetryMod from the environment and shared configuration files. These parameters drive how the SDK's API client will initialize its default retryer, if custome retryer has not been specified. See [config](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/config) module and [aws.Config](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/aws#Config) for more information about and how to use these new options.
|
||||
* **Feature**: Adds support for the `ca_bundle` parameter in shared config and credentials files. The usage of the file is the same as environment variable, `AWS_CA_BUNDLE`, but sourced from shared config. Fixes [#1589](https://github.com/aws/aws-sdk-go-v2/issues/1589)
|
||||
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.13.1 (2022-01-28)
|
||||
|
||||
* **Bug Fix**: Fixes LoadDefaultConfig handling of errors returned by passed in functional options. Previously errors returned from the LoadOptions passed into LoadDefaultConfig were incorrectly ignored. [#1562](https://github.com/aws/aws-sdk-go-v2/pull/1562). Thanks to [Pinglei Guo](https://github.com/pingleig) for submitting this PR.
|
||||
* **Bug Fix**: Fixes the SDK's handling of `duration_sections` in the shared credentials file or specified in multiple shared config and shared credentials files under the same profile. [#1568](https://github.com/aws/aws-sdk-go-v2/pull/1568). Thanks to [Amir Szekely](https://github.com/kichik) for help reproduce this bug.
|
||||
* **Bug Fix**: Updates `config` module to use os.UserHomeDir instead of hard coded environment variable for OS. [#1563](https://github.com/aws/aws-sdk-go-v2/pull/1563)
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.13.0 (2022-01-14)
|
||||
|
||||
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.12.0 (2022-01-07)
|
||||
|
||||
* **Feature**: Add load option for CredentialCache. Adds a new member to the LoadOptions struct, CredentialsCacheOptions. This member allows specifying a function that will be used to configure the CredentialsCache. The CredentialsCacheOptions will only be used if the configuration loader will wrap the underlying credential provider in the CredentialsCache.
|
||||
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.11.1 (2021-12-21)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.11.0 (2021-12-02)
|
||||
|
||||
* **Feature**: Add support for specifying `EndpointResolverWithOptions` on `LoadOptions`, and associated `WithEndpointResolverWithOptions`.
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.10.3 (2021-11-30)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.10.2 (2021-11-19)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.10.1 (2021-11-12)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.10.0 (2021-11-06)
|
||||
|
||||
* **Feature**: The SDK now supports configuration of FIPS and DualStack endpoints using environment variables, shared configuration, or programmatically.
|
||||
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.9.0 (2021-10-21)
|
||||
|
||||
* **Feature**: Updated to latest version
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.8.3 (2021-10-11)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.8.2 (2021-09-17)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.8.1 (2021-09-10)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.8.0 (2021-09-02)
|
||||
|
||||
* **Feature**: Add support for S3 Multi-Region Access Point ARNs.
|
||||
|
||||
# v1.7.0 (2021-08-27)
|
||||
|
||||
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.6.1 (2021-08-19)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.6.0 (2021-08-04)
|
||||
|
||||
* **Feature**: adds error handling for defered close calls
|
||||
* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version.
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.5.0 (2021-07-15)
|
||||
|
||||
* **Feature**: Support has been added for EC2 IPv6-enabled Instance Metadata Service Endpoints.
|
||||
* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.4.1 (2021-07-01)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.4.0 (2021-06-25)
|
||||
|
||||
* **Feature**: Adds configuration setting for enabling endpoint discovery.
|
||||
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.3.0 (2021-05-20)
|
||||
|
||||
* **Feature**: SSO credentials can now be defined alongside other credential providers within the same configuration profile.
|
||||
* **Bug Fix**: Profile names were incorrectly normalized to lower-case, which could result in unexpected profile configurations.
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.2.0 (2021-05-14)
|
||||
|
||||
* **Feature**: Constant has been added to modules to enable runtime version inspection for reporting.
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
202
vendor/github.com/aws/aws-sdk-go-v2/config/LICENSE.txt
generated
vendored
Normal file
202
vendor/github.com/aws/aws-sdk-go-v2/config/LICENSE.txt
generated
vendored
Normal file
@ -0,0 +1,202 @@
|
||||
|
||||
Apache License
|
||||
Version 2.0, January 2004
|
||||
http://www.apache.org/licenses/
|
||||
|
||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
||||
|
||||
1. Definitions.
|
||||
|
||||
"License" shall mean the terms and conditions for use, reproduction,
|
||||
and distribution as defined by Sections 1 through 9 of this document.
|
||||
|
||||
"Licensor" shall mean the copyright owner or entity authorized by
|
||||
the copyright owner that is granting the License.
|
||||
|
||||
"Legal Entity" shall mean the union of the acting entity and all
|
||||
other entities that control, are controlled by, or are under common
|
||||
control with that entity. For the purposes of this definition,
|
||||
"control" means (i) the power, direct or indirect, to cause the
|
||||
direction or management of such entity, whether by contract or
|
||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
||||
|
||||
"You" (or "Your") shall mean an individual or Legal Entity
|
||||
exercising permissions granted by this License.
|
||||
|
||||
"Source" form shall mean the preferred form for making modifications,
|
||||
including but not limited to software source code, documentation
|
||||
source, and configuration files.
|
||||
|
||||
"Object" form shall mean any form resulting from mechanical
|
||||
transformation or translation of a Source form, including but
|
||||
not limited to compiled object code, generated documentation,
|
||||
and conversions to other media types.
|
||||
|
||||
"Work" shall mean the work of authorship, whether in Source or
|
||||
Object form, made available under the License, as indicated by a
|
||||
copyright notice that is included in or attached to the work
|
||||
(an example is provided in the Appendix below).
|
||||
|
||||
"Derivative Works" shall mean any work, whether in Source or Object
|
||||
form, that is based on (or derived from) the Work and for which the
|
||||
editorial revisions, annotations, elaborations, or other modifications
|
||||
represent, as a whole, an original work of authorship. For the purposes
|
||||
of this License, Derivative Works shall not include works that remain
|
||||
separable from, or merely link (or bind by name) to the interfaces of,
|
||||
the Work and Derivative Works thereof.
|
||||
|
||||
"Contribution" shall mean any work of authorship, including
|
||||
the original version of the Work and any modifications or additions
|
||||
to that Work or Derivative Works thereof, that is intentionally
|
||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
||||
or by an individual or Legal Entity authorized to submit on behalf of
|
||||
the copyright owner. For the purposes of this definition, "submitted"
|
||||
means any form of electronic, verbal, or written communication sent
|
||||
to the Licensor or its representatives, including but not limited to
|
||||
communication on electronic mailing lists, source code control systems,
|
||||
and issue tracking systems that are managed by, or on behalf of, the
|
||||
Licensor for the purpose of discussing and improving the Work, but
|
||||
excluding communication that is conspicuously marked or otherwise
|
||||
designated in writing by the copyright owner as "Not a Contribution."
|
||||
|
||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
||||
on behalf of whom a Contribution has been received by Licensor and
|
||||
subsequently incorporated within the Work.
|
||||
|
||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
copyright license to reproduce, prepare Derivative Works of,
|
||||
publicly display, publicly perform, sublicense, and distribute the
|
||||
Work and such Derivative Works in Source or Object form.
|
||||
|
||||
3. Grant of Patent License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
(except as stated in this section) patent license to make, have made,
|
||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
||||
where such license applies only to those patent claims licensable
|
||||
by such Contributor that are necessarily infringed by their
|
||||
Contribution(s) alone or by combination of their Contribution(s)
|
||||
with the Work to which such Contribution(s) was submitted. If You
|
||||
institute patent litigation against any entity (including a
|
||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
||||
or a Contribution incorporated within the Work constitutes direct
|
||||
or contributory patent infringement, then any patent licenses
|
||||
granted to You under this License for that Work shall terminate
|
||||
as of the date such litigation is filed.
|
||||
|
||||
4. Redistribution. You may reproduce and distribute copies of the
|
||||
Work or Derivative Works thereof in any medium, with or without
|
||||
modifications, and in Source or Object form, provided that You
|
||||
meet the following conditions:
|
||||
|
||||
(a) You must give any other recipients of the Work or
|
||||
Derivative Works a copy of this License; and
|
||||
|
||||
(b) You must cause any modified files to carry prominent notices
|
||||
stating that You changed the files; and
|
||||
|
||||
(c) You must retain, in the Source form of any Derivative Works
|
||||
that You distribute, all copyright, patent, trademark, and
|
||||
attribution notices from the Source form of the Work,
|
||||
excluding those notices that do not pertain to any part of
|
||||
the Derivative Works; and
|
||||
|
||||
(d) If the Work includes a "NOTICE" text file as part of its
|
||||
distribution, then any Derivative Works that You distribute must
|
||||
include a readable copy of the attribution notices contained
|
||||
within such NOTICE file, excluding those notices that do not
|
||||
pertain to any part of the Derivative Works, in at least one
|
||||
of the following places: within a NOTICE text file distributed
|
||||
as part of the Derivative Works; within the Source form or
|
||||
documentation, if provided along with the Derivative Works; or,
|
||||
within a display generated by the Derivative Works, if and
|
||||
wherever such third-party notices normally appear. The contents
|
||||
of the NOTICE file are for informational purposes only and
|
||||
do not modify the License. You may add Your own attribution
|
||||
notices within Derivative Works that You distribute, alongside
|
||||
or as an addendum to the NOTICE text from the Work, provided
|
||||
that such additional attribution notices cannot be construed
|
||||
as modifying the License.
|
||||
|
||||
You may add Your own copyright statement to Your modifications and
|
||||
may provide additional or different license terms and conditions
|
||||
for use, reproduction, or distribution of Your modifications, or
|
||||
for any such Derivative Works as a whole, provided Your use,
|
||||
reproduction, and distribution of the Work otherwise complies with
|
||||
the conditions stated in this License.
|
||||
|
||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
||||
any Contribution intentionally submitted for inclusion in the Work
|
||||
by You to the Licensor shall be under the terms and conditions of
|
||||
this License, without any additional terms or conditions.
|
||||
Notwithstanding the above, nothing herein shall supersede or modify
|
||||
the terms of any separate license agreement you may have executed
|
||||
with Licensor regarding such Contributions.
|
||||
|
||||
6. Trademarks. This License does not grant permission to use the trade
|
||||
names, trademarks, service marks, or product names of the Licensor,
|
||||
except as required for reasonable and customary use in describing the
|
||||
origin of the Work and reproducing the content of the NOTICE file.
|
||||
|
||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
||||
agreed to in writing, Licensor provides the Work (and each
|
||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
implied, including, without limitation, any warranties or conditions
|
||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
||||
appropriateness of using or redistributing the Work and assume any
|
||||
risks associated with Your exercise of permissions under this License.
|
||||
|
||||
8. Limitation of Liability. In no event and under no legal theory,
|
||||
whether in tort (including negligence), contract, or otherwise,
|
||||
unless required by applicable law (such as deliberate and grossly
|
||||
negligent acts) or agreed to in writing, shall any Contributor be
|
||||
liable to You for damages, including any direct, indirect, special,
|
||||
incidental, or consequential damages of any character arising as a
|
||||
result of this License or out of the use or inability to use the
|
||||
Work (including but not limited to damages for loss of goodwill,
|
||||
work stoppage, computer failure or malfunction, or any and all
|
||||
other commercial damages or losses), even if such Contributor
|
||||
has been advised of the possibility of such damages.
|
||||
|
||||
9. Accepting Warranty or Additional Liability. While redistributing
|
||||
the Work or Derivative Works thereof, You may choose to offer,
|
||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
||||
or other liability obligations and/or rights consistent with this
|
||||
License. However, in accepting such obligations, You may act only
|
||||
on Your own behalf and on Your sole responsibility, not on behalf
|
||||
of any other Contributor, and only if You agree to indemnify,
|
||||
defend, and hold each Contributor harmless for any liability
|
||||
incurred by, or claims asserted against, such Contributor by reason
|
||||
of your accepting any such warranty or additional liability.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
APPENDIX: How to apply the Apache License to your work.
|
||||
|
||||
To apply the Apache License to your work, attach the following
|
||||
boilerplate notice, with the fields enclosed by brackets "[]"
|
||||
replaced with your own identifying information. (Don't include
|
||||
the brackets!) The text should be enclosed in the appropriate
|
||||
comment syntax for the file format. We also recommend that a
|
||||
file or class name and description of purpose be included on the
|
||||
same "printed page" as the copyright notice for easier
|
||||
identification within third-party archives.
|
||||
|
||||
Copyright [yyyy] [name of copyright owner]
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
198
vendor/github.com/aws/aws-sdk-go-v2/config/config.go
generated
vendored
Normal file
198
vendor/github.com/aws/aws-sdk-go-v2/config/config.go
generated
vendored
Normal file
@ -0,0 +1,198 @@
|
||||
package config
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/aws/aws-sdk-go-v2/aws"
|
||||
)
|
||||
|
||||
// defaultLoaders are a slice of functions that will read external configuration
|
||||
// sources for configuration values. These values are read by the AWSConfigResolvers
|
||||
// using interfaces to extract specific information from the external configuration.
|
||||
var defaultLoaders = []loader{
|
||||
loadEnvConfig,
|
||||
loadSharedConfigIgnoreNotExist,
|
||||
}
|
||||
|
||||
// defaultAWSConfigResolvers are a slice of functions that will resolve external
|
||||
// configuration values into AWS configuration values.
|
||||
//
|
||||
// This will setup the AWS configuration's Region,
|
||||
var defaultAWSConfigResolvers = []awsConfigResolver{
|
||||
// Resolves the default configuration the SDK's aws.Config will be
|
||||
// initialized with.
|
||||
resolveDefaultAWSConfig,
|
||||
|
||||
// Sets the logger to be used. Could be user provided logger, and client
|
||||
// logging mode.
|
||||
resolveLogger,
|
||||
resolveClientLogMode,
|
||||
|
||||
// Sets the HTTP client and configuration to use for making requests using
|
||||
// the HTTP transport.
|
||||
resolveHTTPClient,
|
||||
resolveCustomCABundle,
|
||||
|
||||
// Sets the endpoint resolving behavior the API Clients will use for making
|
||||
// requests to. Clients default to their own clients this allows overrides
|
||||
// to be specified. The resolveEndpointResolver option is deprecated, but
|
||||
// we still need to set it for backwards compatibility on config
|
||||
// construction.
|
||||
resolveEndpointResolver,
|
||||
resolveEndpointResolverWithOptions,
|
||||
|
||||
// Sets the retry behavior API clients will use within their retry attempt
|
||||
// middleware. Defaults to unset, allowing API clients to define their own
|
||||
// retry behavior.
|
||||
resolveRetryer,
|
||||
|
||||
// Sets the region the API Clients should use for making requests to.
|
||||
resolveRegion,
|
||||
resolveEC2IMDSRegion,
|
||||
resolveDefaultRegion,
|
||||
|
||||
// Sets the additional set of middleware stack mutators that will custom
|
||||
// API client request pipeline middleware.
|
||||
resolveAPIOptions,
|
||||
|
||||
// Resolves the DefaultsMode that should be used by SDK clients. If this
|
||||
// mode is set to DefaultsModeAuto.
|
||||
//
|
||||
// Comes after HTTPClient and CustomCABundle to ensure the HTTP client is
|
||||
// configured if provided before invoking IMDS if mode is auto. Comes
|
||||
// before resolving credentials so that those subsequent clients use the
|
||||
// configured auto mode.
|
||||
resolveDefaultsModeOptions,
|
||||
|
||||
// Sets the resolved credentials the API clients will use for
|
||||
// authentication. Provides the SDK's default credential chain.
|
||||
//
|
||||
// Should probably be the last step in the resolve chain to ensure that all
|
||||
// other configurations are resolved first in case downstream credentials
|
||||
// implementations depend on or can be configured with earlier resolved
|
||||
// configuration options.
|
||||
resolveCredentials,
|
||||
}
|
||||
|
||||
// A Config represents a generic configuration value or set of values. This type
|
||||
// will be used by the AWSConfigResolvers to extract
|
||||
//
|
||||
// General the Config type will use type assertion against the Provider interfaces
|
||||
// to extract specific data from the Config.
|
||||
type Config interface{}
|
||||
|
||||
// A loader is used to load external configuration data and returns it as
|
||||
// a generic Config type.
|
||||
//
|
||||
// The loader should return an error if it fails to load the external configuration
|
||||
// or the configuration data is malformed, or required components missing.
|
||||
type loader func(context.Context, configs) (Config, error)
|
||||
|
||||
// An awsConfigResolver will extract configuration data from the configs slice
|
||||
// using the provider interfaces to extract specific functionality. The extracted
|
||||
// configuration values will be written to the AWS Config value.
|
||||
//
|
||||
// The resolver should return an error if it it fails to extract the data, the
|
||||
// data is malformed, or incomplete.
|
||||
type awsConfigResolver func(ctx context.Context, cfg *aws.Config, configs configs) error
|
||||
|
||||
// configs is a slice of Config values. These values will be used by the
|
||||
// AWSConfigResolvers to extract external configuration values to populate the
|
||||
// AWS Config type.
|
||||
//
|
||||
// Use AppendFromLoaders to add additional external Config values that are
|
||||
// loaded from external sources.
|
||||
//
|
||||
// Use ResolveAWSConfig after external Config values have been added or loaded
|
||||
// to extract the loaded configuration values into the AWS Config.
|
||||
type configs []Config
|
||||
|
||||
// AppendFromLoaders iterates over the slice of loaders passed in calling each
|
||||
// loader function in order. The external config value returned by the loader
|
||||
// will be added to the returned configs slice.
|
||||
//
|
||||
// If a loader returns an error this method will stop iterating and return
|
||||
// that error.
|
||||
func (cs configs) AppendFromLoaders(ctx context.Context, loaders []loader) (configs, error) {
|
||||
for _, fn := range loaders {
|
||||
cfg, err := fn(ctx, cs)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
cs = append(cs, cfg)
|
||||
}
|
||||
|
||||
return cs, nil
|
||||
}
|
||||
|
||||
// ResolveAWSConfig returns a AWS configuration populated with values by calling
|
||||
// the resolvers slice passed in. Each resolver is called in order. Any resolver
|
||||
// may overwrite the AWS Configuration value of a previous resolver.
|
||||
//
|
||||
// If an resolver returns an error this method will return that error, and stop
|
||||
// iterating over the resolvers.
|
||||
func (cs configs) ResolveAWSConfig(ctx context.Context, resolvers []awsConfigResolver) (aws.Config, error) {
|
||||
var cfg aws.Config
|
||||
|
||||
for _, fn := range resolvers {
|
||||
if err := fn(ctx, &cfg, cs); err != nil {
|
||||
return aws.Config{}, err
|
||||
}
|
||||
}
|
||||
|
||||
return cfg, nil
|
||||
}
|
||||
|
||||
// ResolveConfig calls the provide function passing slice of configuration sources.
|
||||
// This implements the aws.ConfigResolver interface.
|
||||
func (cs configs) ResolveConfig(f func(configs []interface{}) error) error {
|
||||
var cfgs []interface{}
|
||||
for i := range cs {
|
||||
cfgs = append(cfgs, cs[i])
|
||||
}
|
||||
return f(cfgs)
|
||||
}
|
||||
|
||||
// LoadDefaultConfig reads the SDK's default external configurations, and
|
||||
// populates an AWS Config with the values from the external configurations.
|
||||
//
|
||||
// An optional variadic set of additional Config values can be provided as input
|
||||
// that will be prepended to the configs slice. Use this to add custom configuration.
|
||||
// The custom configurations must satisfy the respective providers for their data
|
||||
// or the custom data will be ignored by the resolvers and config loaders.
|
||||
//
|
||||
// cfg, err := config.LoadDefaultConfig( context.TODO(),
|
||||
// WithSharedConfigProfile("test-profile"),
|
||||
// )
|
||||
// if err != nil {
|
||||
// panic(fmt.Sprintf("failed loading config, %v", err))
|
||||
// }
|
||||
//
|
||||
//
|
||||
// The default configuration sources are:
|
||||
// * Environment Variables
|
||||
// * Shared Configuration and Shared Credentials files.
|
||||
func LoadDefaultConfig(ctx context.Context, optFns ...func(*LoadOptions) error) (cfg aws.Config, err error) {
|
||||
var options LoadOptions
|
||||
for _, optFn := range optFns {
|
||||
if err := optFn(&options); err != nil {
|
||||
return aws.Config{}, err
|
||||
}
|
||||
}
|
||||
|
||||
// assign Load Options to configs
|
||||
var cfgCpy = configs{options}
|
||||
|
||||
cfgCpy, err = cfgCpy.AppendFromLoaders(ctx, defaultLoaders)
|
||||
if err != nil {
|
||||
return aws.Config{}, err
|
||||
}
|
||||
|
||||
cfg, err = cfgCpy.ResolveAWSConfig(ctx, defaultAWSConfigResolvers)
|
||||
if err != nil {
|
||||
return aws.Config{}, err
|
||||
}
|
||||
|
||||
return cfg, nil
|
||||
}
|
47
vendor/github.com/aws/aws-sdk-go-v2/config/defaultsmode.go
generated
vendored
Normal file
47
vendor/github.com/aws/aws-sdk-go-v2/config/defaultsmode.go
generated
vendored
Normal file
@ -0,0 +1,47 @@
|
||||
package config
|
||||
|
||||
import (
|
||||
"context"
|
||||
"os"
|
||||
|
||||
"github.com/aws/aws-sdk-go-v2/aws"
|
||||
"github.com/aws/aws-sdk-go-v2/feature/ec2/imds"
|
||||
)
|
||||
|
||||
const execEnvVar = "AWS_EXECUTION_ENV"
|
||||
|
||||
// DefaultsModeOptions is the set of options that are used to configure
|
||||
type DefaultsModeOptions struct {
|
||||
// The SDK configuration defaults mode. Defaults to legacy if not specified.
|
||||
//
|
||||
// Supported modes are: auto, cross-region, in-region, legacy, mobile, standard
|
||||
Mode aws.DefaultsMode
|
||||
|
||||
// The EC2 Instance Metadata Client that should be used when performing environment
|
||||
// discovery when aws.DefaultsModeAuto is set.
|
||||
//
|
||||
// If not specified the SDK will construct a client if the instance metadata service has not been disabled by
|
||||
// the AWS_EC2_METADATA_DISABLED environment variable.
|
||||
IMDSClient *imds.Client
|
||||
}
|
||||
|
||||
func resolveDefaultsModeRuntimeEnvironment(ctx context.Context, envConfig *EnvConfig, client *imds.Client) (aws.RuntimeEnvironment, error) {
|
||||
getRegionOutput, err := client.GetRegion(ctx, &imds.GetRegionInput{})
|
||||
// honor context timeouts, but if we couldn't talk to IMDS don't fail runtime environment introspection.
|
||||
select {
|
||||
case <-ctx.Done():
|
||||
return aws.RuntimeEnvironment{}, err
|
||||
default:
|
||||
}
|
||||
|
||||
var imdsRegion string
|
||||
if err == nil {
|
||||
imdsRegion = getRegionOutput.Region
|
||||
}
|
||||
|
||||
return aws.RuntimeEnvironment{
|
||||
EnvironmentIdentifier: aws.ExecutionEnvironmentID(os.Getenv(execEnvVar)),
|
||||
Region: envConfig.Region,
|
||||
EC2InstanceMetadataRegion: imdsRegion,
|
||||
}, nil
|
||||
}
|
20
vendor/github.com/aws/aws-sdk-go-v2/config/doc.go
generated
vendored
Normal file
20
vendor/github.com/aws/aws-sdk-go-v2/config/doc.go
generated
vendored
Normal file
@ -0,0 +1,20 @@
|
||||
// Package config provides utilities for loading configuration from multiple
|
||||
// sources that can be used to configure the SDK's API clients, and utilities.
|
||||
//
|
||||
// The config package will load configuration from environment variables, AWS
|
||||
// shared configuration file (~/.aws/config), and AWS shared credentials file
|
||||
// (~/.aws/credentials).
|
||||
//
|
||||
// Use the LoadDefaultConfig to load configuration from all the SDK's supported
|
||||
// sources, and resolve credentials using the SDK's default credential chain.
|
||||
//
|
||||
// LoadDefaultConfig allows for a variadic list of additional Config sources that can
|
||||
// provide one or more configuration values which can be used to programmatically control the resolution
|
||||
// of a specific value, or allow for broader range of additional configuration sources not supported by the SDK.
|
||||
// A Config source implements one or more provider interfaces defined in this package. Config sources passed in will
|
||||
// take precedence over the default environment and shared config sources used by the SDK. If one or more Config sources
|
||||
// implement the same provider interface, priority will be handled by the order in which the sources were passed in.
|
||||
//
|
||||
// A number of helpers (prefixed by ``With``) are provided in this package that implement their respective provider
|
||||
// interface. These helpers should be used for overriding configuration programmatically at runtime.
|
||||
package config
|
665
vendor/github.com/aws/aws-sdk-go-v2/config/env_config.go
generated
vendored
Normal file
665
vendor/github.com/aws/aws-sdk-go-v2/config/env_config.go
generated
vendored
Normal file
@ -0,0 +1,665 @@
|
||||
package config
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"fmt"
|
||||
"io"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
"github.com/aws/aws-sdk-go-v2/aws"
|
||||
"github.com/aws/aws-sdk-go-v2/feature/ec2/imds"
|
||||
)
|
||||
|
||||
// CredentialsSourceName provides a name of the provider when config is
|
||||
// loaded from environment.
|
||||
const CredentialsSourceName = "EnvConfigCredentials"
|
||||
|
||||
// Environment variables that will be read for configuration values.
|
||||
const (
|
||||
awsAccessKeyIDEnvVar = "AWS_ACCESS_KEY_ID"
|
||||
awsAccessKeyEnvVar = "AWS_ACCESS_KEY"
|
||||
|
||||
awsSecretAccessKeyEnvVar = "AWS_SECRET_ACCESS_KEY"
|
||||
awsSecretKeyEnvVar = "AWS_SECRET_KEY"
|
||||
|
||||
awsSessionTokenEnvVar = "AWS_SESSION_TOKEN"
|
||||
|
||||
awsContainerCredentialsEndpointEnvVar = "AWS_CONTAINER_CREDENTIALS_FULL_URI"
|
||||
awsContainerCredentialsRelativePathEnvVar = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI"
|
||||
awsContainerPProviderAuthorizationEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN"
|
||||
|
||||
awsRegionEnvVar = "AWS_REGION"
|
||||
awsDefaultRegionEnvVar = "AWS_DEFAULT_REGION"
|
||||
|
||||
awsProfileEnvVar = "AWS_PROFILE"
|
||||
awsDefaultProfileEnvVar = "AWS_DEFAULT_PROFILE"
|
||||
|
||||
awsSharedCredentialsFileEnvVar = "AWS_SHARED_CREDENTIALS_FILE"
|
||||
|
||||
awsConfigFileEnvVar = "AWS_CONFIG_FILE"
|
||||
|
||||
awsCustomCABundleEnvVar = "AWS_CA_BUNDLE"
|
||||
|
||||
awsWebIdentityTokenFilePathEnvVar = "AWS_WEB_IDENTITY_TOKEN_FILE"
|
||||
|
||||
awsRoleARNEnvVar = "AWS_ROLE_ARN"
|
||||
awsRoleSessionNameEnvVar = "AWS_ROLE_SESSION_NAME"
|
||||
|
||||
awsEnableEndpointDiscoveryEnvVar = "AWS_ENABLE_ENDPOINT_DISCOVERY"
|
||||
|
||||
awsS3UseARNRegionEnvVar = "AWS_S3_USE_ARN_REGION"
|
||||
|
||||
awsEc2MetadataServiceEndpointModeEnvVar = "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE"
|
||||
|
||||
awsEc2MetadataServiceEndpointEnvVar = "AWS_EC2_METADATA_SERVICE_ENDPOINT"
|
||||
|
||||
awsEc2MetadataDisabled = "AWS_EC2_METADATA_DISABLED"
|
||||
|
||||
awsS3DisableMultiRegionAccessPointEnvVar = "AWS_S3_DISABLE_MULTIREGION_ACCESS_POINTS"
|
||||
|
||||
awsUseDualStackEndpoint = "AWS_USE_DUALSTACK_ENDPOINT"
|
||||
|
||||
awsUseFIPSEndpoint = "AWS_USE_FIPS_ENDPOINT"
|
||||
|
||||
awsDefaultMode = "AWS_DEFAULTS_MODE"
|
||||
|
||||
awsRetryMaxAttempts = "AWS_MAX_ATTEMPTS"
|
||||
awsRetryMode = "AWS_RETRY_MODE"
|
||||
)
|
||||
|
||||
var (
|
||||
credAccessEnvKeys = []string{
|
||||
awsAccessKeyIDEnvVar,
|
||||
awsAccessKeyEnvVar,
|
||||
}
|
||||
credSecretEnvKeys = []string{
|
||||
awsSecretAccessKeyEnvVar,
|
||||
awsSecretKeyEnvVar,
|
||||
}
|
||||
regionEnvKeys = []string{
|
||||
awsRegionEnvVar,
|
||||
awsDefaultRegionEnvVar,
|
||||
}
|
||||
profileEnvKeys = []string{
|
||||
awsProfileEnvVar,
|
||||
awsDefaultProfileEnvVar,
|
||||
}
|
||||
)
|
||||
|
||||
// EnvConfig is a collection of environment values the SDK will read
|
||||
// setup config from. All environment values are optional. But some values
|
||||
// such as credentials require multiple values to be complete or the values
|
||||
// will be ignored.
|
||||
type EnvConfig struct {
|
||||
// Environment configuration values. If set both Access Key ID and Secret Access
|
||||
// Key must be provided. Session Token and optionally also be provided, but is
|
||||
// not required.
|
||||
//
|
||||
// # Access Key ID
|
||||
// AWS_ACCESS_KEY_ID=AKID
|
||||
// AWS_ACCESS_KEY=AKID # only read if AWS_ACCESS_KEY_ID is not set.
|
||||
//
|
||||
// # Secret Access Key
|
||||
// AWS_SECRET_ACCESS_KEY=SECRET
|
||||
// AWS_SECRET_KEY=SECRET # only read if AWS_SECRET_ACCESS_KEY is not set.
|
||||
//
|
||||
// # Session Token
|
||||
// AWS_SESSION_TOKEN=TOKEN
|
||||
Credentials aws.Credentials
|
||||
|
||||
// ContainerCredentialsEndpoint value is the HTTP enabled endpoint to retrieve credentials
|
||||
// using the endpointcreds.Provider
|
||||
ContainerCredentialsEndpoint string
|
||||
|
||||
// ContainerCredentialsRelativePath is the relative URI path that will be used when attempting to retrieve
|
||||
// credentials from the container endpoint.
|
||||
ContainerCredentialsRelativePath string
|
||||
|
||||
// ContainerAuthorizationToken is the authorization token that will be included in the HTTP Authorization
|
||||
// header when attempting to retrieve credentials from the container credentials endpoint.
|
||||
ContainerAuthorizationToken string
|
||||
|
||||
// Region value will instruct the SDK where to make service API requests to. If is
|
||||
// not provided in the environment the region must be provided before a service
|
||||
// client request is made.
|
||||
//
|
||||
// AWS_REGION=us-west-2
|
||||
// AWS_DEFAULT_REGION=us-west-2
|
||||
Region string
|
||||
|
||||
// Profile name the SDK should load use when loading shared configuration from the
|
||||
// shared configuration files. If not provided "default" will be used as the
|
||||
// profile name.
|
||||
//
|
||||
// AWS_PROFILE=my_profile
|
||||
// AWS_DEFAULT_PROFILE=my_profile
|
||||
SharedConfigProfile string
|
||||
|
||||
// Shared credentials file path can be set to instruct the SDK to use an alternate
|
||||
// file for the shared credentials. If not set the file will be loaded from
|
||||
// $HOME/.aws/credentials on Linux/Unix based systems, and
|
||||
// %USERPROFILE%\.aws\credentials on Windows.
|
||||
//
|
||||
// AWS_SHARED_CREDENTIALS_FILE=$HOME/my_shared_credentials
|
||||
SharedCredentialsFile string
|
||||
|
||||
// Shared config file path can be set to instruct the SDK to use an alternate
|
||||
// file for the shared config. If not set the file will be loaded from
|
||||
// $HOME/.aws/config on Linux/Unix based systems, and
|
||||
// %USERPROFILE%\.aws\config on Windows.
|
||||
//
|
||||
// AWS_CONFIG_FILE=$HOME/my_shared_config
|
||||
SharedConfigFile string
|
||||
|
||||
// Sets the path to a custom Credentials Authority (CA) Bundle PEM file
|
||||
// that the SDK will use instead of the system's root CA bundle.
|
||||
// Only use this if you want to configure the SDK to use a custom set
|
||||
// of CAs.
|
||||
//
|
||||
// Enabling this option will attempt to merge the Transport
|
||||
// into the SDK's HTTP client. If the client's Transport is
|
||||
// not a http.Transport an error will be returned. If the
|
||||
// Transport's TLS config is set this option will cause the
|
||||
// SDK to overwrite the Transport's TLS config's RootCAs value.
|
||||
//
|
||||
// Setting a custom HTTPClient in the aws.Config options will override this setting.
|
||||
// To use this option and custom HTTP client, the HTTP client needs to be provided
|
||||
// when creating the config. Not the service client.
|
||||
//
|
||||
// AWS_CA_BUNDLE=$HOME/my_custom_ca_bundle
|
||||
CustomCABundle string
|
||||
|
||||
// Enables endpoint discovery via environment variables.
|
||||
//
|
||||
// AWS_ENABLE_ENDPOINT_DISCOVERY=true
|
||||
EnableEndpointDiscovery aws.EndpointDiscoveryEnableState
|
||||
|
||||
// Specifies the WebIdentity token the SDK should use to assume a role
|
||||
// with.
|
||||
//
|
||||
// AWS_WEB_IDENTITY_TOKEN_FILE=file_path
|
||||
WebIdentityTokenFilePath string
|
||||
|
||||
// Specifies the IAM role arn to use when assuming an role.
|
||||
//
|
||||
// AWS_ROLE_ARN=role_arn
|
||||
RoleARN string
|
||||
|
||||
// Specifies the IAM role session name to use when assuming a role.
|
||||
//
|
||||
// AWS_ROLE_SESSION_NAME=session_name
|
||||
RoleSessionName string
|
||||
|
||||
// Specifies if the S3 service should allow ARNs to direct the region
|
||||
// the client's requests are sent to.
|
||||
//
|
||||
// AWS_S3_USE_ARN_REGION=true
|
||||
S3UseARNRegion *bool
|
||||
|
||||
// Specifies if the EC2 IMDS service client is enabled.
|
||||
//
|
||||
// AWS_EC2_METADATA_DISABLED=true
|
||||
EC2IMDSClientEnableState imds.ClientEnableState
|
||||
|
||||
// Specifies the EC2 Instance Metadata Service default endpoint selection mode (IPv4 or IPv6)
|
||||
//
|
||||
// AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE=IPv6
|
||||
EC2IMDSEndpointMode imds.EndpointModeState
|
||||
|
||||
// Specifies the EC2 Instance Metadata Service endpoint to use. If specified it overrides EC2IMDSEndpointMode.
|
||||
//
|
||||
// AWS_EC2_METADATA_SERVICE_ENDPOINT=http://fd00:ec2::254
|
||||
EC2IMDSEndpoint string
|
||||
|
||||
// Specifies if the S3 service should disable multi-region access points
|
||||
// support.
|
||||
//
|
||||
// AWS_S3_DISABLE_MULTIREGION_ACCESS_POINTS=true
|
||||
S3DisableMultiRegionAccessPoints *bool
|
||||
|
||||
// Specifies that SDK clients must resolve a dual-stack endpoint for
|
||||
// services.
|
||||
//
|
||||
// AWS_USE_DUALSTACK_ENDPOINT=true
|
||||
UseDualStackEndpoint aws.DualStackEndpointState
|
||||
|
||||
// Specifies that SDK clients must resolve a FIPS endpoint for
|
||||
// services.
|
||||
//
|
||||
// AWS_USE_FIPS_ENDPOINT=true
|
||||
UseFIPSEndpoint aws.FIPSEndpointState
|
||||
|
||||
// Specifies the SDK Defaults Mode used by services.
|
||||
//
|
||||
// AWS_DEFAULTS_MODE=standard
|
||||
DefaultsMode aws.DefaultsMode
|
||||
|
||||
// Specifies the maximum number attempts an API client will call an
|
||||
// operation that fails with a retryable error.
|
||||
//
|
||||
// AWS_MAX_ATTEMPTS=3
|
||||
RetryMaxAttempts int
|
||||
|
||||
// Specifies the retry model the API client will be created with.
|
||||
//
|
||||
// aws_retry_mode=standard
|
||||
RetryMode aws.RetryMode
|
||||
}
|
||||
|
||||
// loadEnvConfig reads configuration values from the OS's environment variables.
|
||||
// Returning the a Config typed EnvConfig to satisfy the ConfigLoader func type.
|
||||
func loadEnvConfig(ctx context.Context, cfgs configs) (Config, error) {
|
||||
return NewEnvConfig()
|
||||
}
|
||||
|
||||
// NewEnvConfig retrieves the SDK's environment configuration.
|
||||
// See `EnvConfig` for the values that will be retrieved.
|
||||
func NewEnvConfig() (EnvConfig, error) {
|
||||
var cfg EnvConfig
|
||||
|
||||
creds := aws.Credentials{
|
||||
Source: CredentialsSourceName,
|
||||
}
|
||||
setStringFromEnvVal(&creds.AccessKeyID, credAccessEnvKeys)
|
||||
setStringFromEnvVal(&creds.SecretAccessKey, credSecretEnvKeys)
|
||||
if creds.HasKeys() {
|
||||
creds.SessionToken = os.Getenv(awsSessionTokenEnvVar)
|
||||
cfg.Credentials = creds
|
||||
}
|
||||
|
||||
cfg.ContainerCredentialsEndpoint = os.Getenv(awsContainerCredentialsEndpointEnvVar)
|
||||
cfg.ContainerCredentialsRelativePath = os.Getenv(awsContainerCredentialsRelativePathEnvVar)
|
||||
cfg.ContainerAuthorizationToken = os.Getenv(awsContainerPProviderAuthorizationEnvVar)
|
||||
|
||||
setStringFromEnvVal(&cfg.Region, regionEnvKeys)
|
||||
setStringFromEnvVal(&cfg.SharedConfigProfile, profileEnvKeys)
|
||||
|
||||
cfg.SharedCredentialsFile = os.Getenv(awsSharedCredentialsFileEnvVar)
|
||||
cfg.SharedConfigFile = os.Getenv(awsConfigFileEnvVar)
|
||||
|
||||
cfg.CustomCABundle = os.Getenv(awsCustomCABundleEnvVar)
|
||||
|
||||
cfg.WebIdentityTokenFilePath = os.Getenv(awsWebIdentityTokenFilePathEnvVar)
|
||||
|
||||
cfg.RoleARN = os.Getenv(awsRoleARNEnvVar)
|
||||
cfg.RoleSessionName = os.Getenv(awsRoleSessionNameEnvVar)
|
||||
|
||||
if err := setEndpointDiscoveryTypeFromEnvVal(&cfg.EnableEndpointDiscovery, []string{awsEnableEndpointDiscoveryEnvVar}); err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
if err := setBoolPtrFromEnvVal(&cfg.S3UseARNRegion, []string{awsS3UseARNRegionEnvVar}); err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
setEC2IMDSClientEnableState(&cfg.EC2IMDSClientEnableState, []string{awsEc2MetadataDisabled})
|
||||
if err := setEC2IMDSEndpointMode(&cfg.EC2IMDSEndpointMode, []string{awsEc2MetadataServiceEndpointModeEnvVar}); err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
cfg.EC2IMDSEndpoint = os.Getenv(awsEc2MetadataServiceEndpointEnvVar)
|
||||
|
||||
if err := setBoolPtrFromEnvVal(&cfg.S3DisableMultiRegionAccessPoints, []string{awsS3DisableMultiRegionAccessPointEnvVar}); err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
if err := setUseDualStackEndpointFromEnvVal(&cfg.UseDualStackEndpoint, []string{awsUseDualStackEndpoint}); err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
if err := setUseFIPSEndpointFromEnvVal(&cfg.UseFIPSEndpoint, []string{awsUseFIPSEndpoint}); err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
if err := setDefaultsModeFromEnvVal(&cfg.DefaultsMode, []string{awsDefaultMode}); err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
if err := setIntFromEnvVal(&cfg.RetryMaxAttempts, []string{awsRetryMaxAttempts}); err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
if err := setRetryModeFromEnvVal(&cfg.RetryMode, []string{awsRetryMode}); err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
return cfg, nil
|
||||
}
|
||||
|
||||
func (c EnvConfig) getDefaultsMode(ctx context.Context) (aws.DefaultsMode, bool, error) {
|
||||
if len(c.DefaultsMode) == 0 {
|
||||
return "", false, nil
|
||||
}
|
||||
return c.DefaultsMode, true, nil
|
||||
}
|
||||
|
||||
// GetRetryMaxAttempts returns the value of AWS_MAX_ATTEMPTS if was specified,
|
||||
// and not 0.
|
||||
func (c EnvConfig) GetRetryMaxAttempts(ctx context.Context) (int, bool, error) {
|
||||
if c.RetryMaxAttempts == 0 {
|
||||
return 0, false, nil
|
||||
}
|
||||
return c.RetryMaxAttempts, true, nil
|
||||
}
|
||||
|
||||
// GetRetryMode returns the RetryMode of AWS_RETRY_MODE if was specified, and a
|
||||
// valid value.
|
||||
func (c EnvConfig) GetRetryMode(ctx context.Context) (aws.RetryMode, bool, error) {
|
||||
if len(c.RetryMode) == 0 {
|
||||
return "", false, nil
|
||||
}
|
||||
return c.RetryMode, true, nil
|
||||
}
|
||||
|
||||
func setEC2IMDSClientEnableState(state *imds.ClientEnableState, keys []string) {
|
||||
for _, k := range keys {
|
||||
value := os.Getenv(k)
|
||||
if len(value) == 0 {
|
||||
continue
|
||||
}
|
||||
switch {
|
||||
case strings.EqualFold(value, "true"):
|
||||
*state = imds.ClientDisabled
|
||||
case strings.EqualFold(value, "false"):
|
||||
*state = imds.ClientEnabled
|
||||
default:
|
||||
continue
|
||||
}
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
func setDefaultsModeFromEnvVal(mode *aws.DefaultsMode, keys []string) error {
|
||||
for _, k := range keys {
|
||||
if value := os.Getenv(k); len(value) > 0 {
|
||||
if ok := mode.SetFromString(value); !ok {
|
||||
return fmt.Errorf("invalid %s value: %s", k, value)
|
||||
}
|
||||
break
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func setRetryModeFromEnvVal(mode *aws.RetryMode, keys []string) (err error) {
|
||||
for _, k := range keys {
|
||||
if value := os.Getenv(k); len(value) > 0 {
|
||||
*mode, err = aws.ParseRetryMode(value)
|
||||
if err != nil {
|
||||
return fmt.Errorf("invalid %s value, %w", k, err)
|
||||
}
|
||||
break
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func setEC2IMDSEndpointMode(mode *imds.EndpointModeState, keys []string) error {
|
||||
for _, k := range keys {
|
||||
value := os.Getenv(k)
|
||||
if len(value) == 0 {
|
||||
continue
|
||||
}
|
||||
if err := mode.SetFromString(value); err != nil {
|
||||
return fmt.Errorf("invalid value for environment variable, %s=%s, %v", k, value, err)
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// GetRegion returns the AWS Region if set in the environment. Returns an empty
|
||||
// string if not set.
|
||||
func (c EnvConfig) getRegion(ctx context.Context) (string, bool, error) {
|
||||
if len(c.Region) == 0 {
|
||||
return "", false, nil
|
||||
}
|
||||
return c.Region, true, nil
|
||||
}
|
||||
|
||||
// GetSharedConfigProfile returns the shared config profile if set in the
|
||||
// environment. Returns an empty string if not set.
|
||||
func (c EnvConfig) getSharedConfigProfile(ctx context.Context) (string, bool, error) {
|
||||
if len(c.SharedConfigProfile) == 0 {
|
||||
return "", false, nil
|
||||
}
|
||||
|
||||
return c.SharedConfigProfile, true, nil
|
||||
}
|
||||
|
||||
// getSharedConfigFiles returns a slice of filenames set in the environment.
|
||||
//
|
||||
// Will return the filenames in the order of:
|
||||
// * Shared Config
|
||||
func (c EnvConfig) getSharedConfigFiles(context.Context) ([]string, bool, error) {
|
||||
var files []string
|
||||
if v := c.SharedConfigFile; len(v) > 0 {
|
||||
files = append(files, v)
|
||||
}
|
||||
|
||||
if len(files) == 0 {
|
||||
return nil, false, nil
|
||||
}
|
||||
return files, true, nil
|
||||
}
|
||||
|
||||
// getSharedCredentialsFiles returns a slice of filenames set in the environment.
|
||||
//
|
||||
// Will return the filenames in the order of:
|
||||
// * Shared Credentials
|
||||
func (c EnvConfig) getSharedCredentialsFiles(context.Context) ([]string, bool, error) {
|
||||
var files []string
|
||||
if v := c.SharedCredentialsFile; len(v) > 0 {
|
||||
files = append(files, v)
|
||||
}
|
||||
if len(files) == 0 {
|
||||
return nil, false, nil
|
||||
}
|
||||
return files, true, nil
|
||||
}
|
||||
|
||||
// GetCustomCABundle returns the custom CA bundle's PEM bytes if the file was
|
||||
func (c EnvConfig) getCustomCABundle(context.Context) (io.Reader, bool, error) {
|
||||
if len(c.CustomCABundle) == 0 {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
b, err := ioutil.ReadFile(c.CustomCABundle)
|
||||
if err != nil {
|
||||
return nil, false, err
|
||||
}
|
||||
return bytes.NewReader(b), true, nil
|
||||
}
|
||||
|
||||
// GetS3UseARNRegion returns whether to allow ARNs to direct the region
|
||||
// the S3 client's requests are sent to.
|
||||
func (c EnvConfig) GetS3UseARNRegion(ctx context.Context) (value, ok bool, err error) {
|
||||
if c.S3UseARNRegion == nil {
|
||||
return false, false, nil
|
||||
}
|
||||
|
||||
return *c.S3UseARNRegion, true, nil
|
||||
}
|
||||
|
||||
// GetS3DisableMultRegionAccessPoints returns whether to disable multi-region access point
|
||||
// support for the S3 client.
|
||||
func (c EnvConfig) GetS3DisableMultRegionAccessPoints(ctx context.Context) (value, ok bool, err error) {
|
||||
if c.S3DisableMultiRegionAccessPoints == nil {
|
||||
return false, false, nil
|
||||
}
|
||||
|
||||
return *c.S3DisableMultiRegionAccessPoints, true, nil
|
||||
}
|
||||
|
||||
// GetUseDualStackEndpoint returns whether the service's dual-stack endpoint should be
|
||||
// used for requests.
|
||||
func (c EnvConfig) GetUseDualStackEndpoint(ctx context.Context) (value aws.DualStackEndpointState, found bool, err error) {
|
||||
if c.UseDualStackEndpoint == aws.DualStackEndpointStateUnset {
|
||||
return aws.DualStackEndpointStateUnset, false, nil
|
||||
}
|
||||
|
||||
return c.UseDualStackEndpoint, true, nil
|
||||
}
|
||||
|
||||
// GetUseFIPSEndpoint returns whether the service's FIPS endpoint should be
|
||||
// used for requests.
|
||||
func (c EnvConfig) GetUseFIPSEndpoint(ctx context.Context) (value aws.FIPSEndpointState, found bool, err error) {
|
||||
if c.UseFIPSEndpoint == aws.FIPSEndpointStateUnset {
|
||||
return aws.FIPSEndpointStateUnset, false, nil
|
||||
}
|
||||
|
||||
return c.UseFIPSEndpoint, true, nil
|
||||
}
|
||||
|
||||
func setStringFromEnvVal(dst *string, keys []string) {
|
||||
for _, k := range keys {
|
||||
if v := os.Getenv(k); len(v) > 0 {
|
||||
*dst = v
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func setIntFromEnvVal(dst *int, keys []string) error {
|
||||
for _, k := range keys {
|
||||
if v := os.Getenv(k); len(v) > 0 {
|
||||
i, err := strconv.ParseInt(v, 10, 64)
|
||||
if err != nil {
|
||||
return fmt.Errorf("invalid value %s=%s, %w", k, v, err)
|
||||
}
|
||||
*dst = int(i)
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func setBoolPtrFromEnvVal(dst **bool, keys []string) error {
|
||||
for _, k := range keys {
|
||||
value := os.Getenv(k)
|
||||
if len(value) == 0 {
|
||||
continue
|
||||
}
|
||||
|
||||
if *dst == nil {
|
||||
*dst = new(bool)
|
||||
}
|
||||
|
||||
switch {
|
||||
case strings.EqualFold(value, "false"):
|
||||
**dst = false
|
||||
case strings.EqualFold(value, "true"):
|
||||
**dst = true
|
||||
default:
|
||||
return fmt.Errorf(
|
||||
"invalid value for environment variable, %s=%s, need true or false",
|
||||
k, value)
|
||||
}
|
||||
break
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func setEndpointDiscoveryTypeFromEnvVal(dst *aws.EndpointDiscoveryEnableState, keys []string) error {
|
||||
for _, k := range keys {
|
||||
value := os.Getenv(k)
|
||||
if len(value) == 0 {
|
||||
continue // skip if empty
|
||||
}
|
||||
|
||||
switch {
|
||||
case strings.EqualFold(value, endpointDiscoveryDisabled):
|
||||
*dst = aws.EndpointDiscoveryDisabled
|
||||
case strings.EqualFold(value, endpointDiscoveryEnabled):
|
||||
*dst = aws.EndpointDiscoveryEnabled
|
||||
case strings.EqualFold(value, endpointDiscoveryAuto):
|
||||
*dst = aws.EndpointDiscoveryAuto
|
||||
default:
|
||||
return fmt.Errorf(
|
||||
"invalid value for environment variable, %s=%s, need true, false or auto",
|
||||
k, value)
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func setUseDualStackEndpointFromEnvVal(dst *aws.DualStackEndpointState, keys []string) error {
|
||||
for _, k := range keys {
|
||||
value := os.Getenv(k)
|
||||
if len(value) == 0 {
|
||||
continue // skip if empty
|
||||
}
|
||||
|
||||
switch {
|
||||
case strings.EqualFold(value, "true"):
|
||||
*dst = aws.DualStackEndpointStateEnabled
|
||||
case strings.EqualFold(value, "false"):
|
||||
*dst = aws.DualStackEndpointStateDisabled
|
||||
default:
|
||||
return fmt.Errorf(
|
||||
"invalid value for environment variable, %s=%s, need true, false",
|
||||
k, value)
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func setUseFIPSEndpointFromEnvVal(dst *aws.FIPSEndpointState, keys []string) error {
|
||||
for _, k := range keys {
|
||||
value := os.Getenv(k)
|
||||
if len(value) == 0 {
|
||||
continue // skip if empty
|
||||
}
|
||||
|
||||
switch {
|
||||
case strings.EqualFold(value, "true"):
|
||||
*dst = aws.FIPSEndpointStateEnabled
|
||||
case strings.EqualFold(value, "false"):
|
||||
*dst = aws.FIPSEndpointStateDisabled
|
||||
default:
|
||||
return fmt.Errorf(
|
||||
"invalid value for environment variable, %s=%s, need true, false",
|
||||
k, value)
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// GetEnableEndpointDiscovery returns resolved value for EnableEndpointDiscovery env variable setting.
|
||||
func (c EnvConfig) GetEnableEndpointDiscovery(ctx context.Context) (value aws.EndpointDiscoveryEnableState, found bool, err error) {
|
||||
if c.EnableEndpointDiscovery == aws.EndpointDiscoveryUnset {
|
||||
return aws.EndpointDiscoveryUnset, false, nil
|
||||
}
|
||||
|
||||
return c.EnableEndpointDiscovery, true, nil
|
||||
}
|
||||
|
||||
// GetEC2IMDSClientEnableState implements a EC2IMDSClientEnableState options resolver interface.
|
||||
func (c EnvConfig) GetEC2IMDSClientEnableState() (imds.ClientEnableState, bool, error) {
|
||||
if c.EC2IMDSClientEnableState == imds.ClientDefaultEnableState {
|
||||
return imds.ClientDefaultEnableState, false, nil
|
||||
}
|
||||
|
||||
return c.EC2IMDSClientEnableState, true, nil
|
||||
}
|
||||
|
||||
// GetEC2IMDSEndpointMode implements a EC2IMDSEndpointMode option resolver interface.
|
||||
func (c EnvConfig) GetEC2IMDSEndpointMode() (imds.EndpointModeState, bool, error) {
|
||||
if c.EC2IMDSEndpointMode == imds.EndpointModeStateUnset {
|
||||
return imds.EndpointModeStateUnset, false, nil
|
||||
}
|
||||
|
||||
return c.EC2IMDSEndpointMode, true, nil
|
||||
}
|
||||
|
||||
// GetEC2IMDSEndpoint implements a EC2IMDSEndpoint option resolver interface.
|
||||
func (c EnvConfig) GetEC2IMDSEndpoint() (string, bool, error) {
|
||||
if len(c.EC2IMDSEndpoint) == 0 {
|
||||
return "", false, nil
|
||||
}
|
||||
|
||||
return c.EC2IMDSEndpoint, true, nil
|
||||
}
|
4
vendor/github.com/aws/aws-sdk-go-v2/config/generate.go
generated
vendored
Normal file
4
vendor/github.com/aws/aws-sdk-go-v2/config/generate.go
generated
vendored
Normal file
@ -0,0 +1,4 @@
|
||||
package config
|
||||
|
||||
//go:generate go run -tags codegen ./codegen -output=provider_assert_test.go
|
||||
//go:generate gofmt -s -w ./
|
6
vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go
generated
vendored
Normal file
6
vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go
generated
vendored
Normal file
@ -0,0 +1,6 @@
|
||||
// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT.
|
||||
|
||||
package config
|
||||
|
||||
// goModuleVersion is the tagged release for this module
|
||||
const goModuleVersion = "1.15.5"
|
926
vendor/github.com/aws/aws-sdk-go-v2/config/load_options.go
generated
vendored
Normal file
926
vendor/github.com/aws/aws-sdk-go-v2/config/load_options.go
generated
vendored
Normal file
@ -0,0 +1,926 @@
|
||||
package config
|
||||
|
||||
import (
|
||||
"context"
|
||||
"io"
|
||||
|
||||
"github.com/aws/aws-sdk-go-v2/aws"
|
||||
"github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds"
|
||||
"github.com/aws/aws-sdk-go-v2/credentials/endpointcreds"
|
||||
"github.com/aws/aws-sdk-go-v2/credentials/processcreds"
|
||||
"github.com/aws/aws-sdk-go-v2/credentials/ssocreds"
|
||||
"github.com/aws/aws-sdk-go-v2/credentials/stscreds"
|
||||
"github.com/aws/aws-sdk-go-v2/feature/ec2/imds"
|
||||
"github.com/aws/smithy-go/logging"
|
||||
"github.com/aws/smithy-go/middleware"
|
||||
)
|
||||
|
||||
// LoadOptionsFunc is a type alias for LoadOptions functional option
|
||||
type LoadOptionsFunc func(*LoadOptions) error
|
||||
|
||||
// LoadOptions are discrete set of options that are valid for loading the
|
||||
// configuration
|
||||
type LoadOptions struct {
|
||||
|
||||
// Region is the region to send requests to.
|
||||
Region string
|
||||
|
||||
// Credentials object to use when signing requests.
|
||||
Credentials aws.CredentialsProvider
|
||||
|
||||
// HTTPClient the SDK's API clients will use to invoke HTTP requests.
|
||||
HTTPClient HTTPClient
|
||||
|
||||
// EndpointResolver that can be used to provide or override an endpoint for
|
||||
// the given service and region.
|
||||
//
|
||||
// See the `aws.EndpointResolver` documentation on usage.
|
||||
//
|
||||
// Deprecated: See EndpointResolverWithOptions
|
||||
EndpointResolver aws.EndpointResolver
|
||||
|
||||
// EndpointResolverWithOptions that can be used to provide or override an
|
||||
// endpoint for the given service and region.
|
||||
//
|
||||
// See the `aws.EndpointResolverWithOptions` documentation on usage.
|
||||
EndpointResolverWithOptions aws.EndpointResolverWithOptions
|
||||
|
||||
// RetryMaxAttempts specifies the maximum number attempts an API client
|
||||
// will call an operation that fails with a retryable error.
|
||||
//
|
||||
// This value will only be used if Retryer option is nil.
|
||||
RetryMaxAttempts int
|
||||
|
||||
// RetryMode specifies the retry model the API client will be created with.
|
||||
//
|
||||
// This value will only be used if Retryer option is nil.
|
||||
RetryMode aws.RetryMode
|
||||
|
||||
// Retryer is a function that provides a Retryer implementation. A Retryer
|
||||
// guides how HTTP requests should be retried in case of recoverable
|
||||
// failures.
|
||||
//
|
||||
// If not nil, RetryMaxAttempts, and RetryMode will be ignored.
|
||||
Retryer func() aws.Retryer
|
||||
|
||||
// APIOptions provides the set of middleware mutations modify how the API
|
||||
// client requests will be handled. This is useful for adding additional
|
||||
// tracing data to a request, or changing behavior of the SDK's client.
|
||||
APIOptions []func(*middleware.Stack) error
|
||||
|
||||
// Logger writer interface to write logging messages to.
|
||||
Logger logging.Logger
|
||||
|
||||
// ClientLogMode is used to configure the events that will be sent to the
|
||||
// configured logger. This can be used to configure the logging of signing,
|
||||
// retries, request, and responses of the SDK clients.
|
||||
//
|
||||
// See the ClientLogMode type documentation for the complete set of logging
|
||||
// modes and available configuration.
|
||||
ClientLogMode *aws.ClientLogMode
|
||||
|
||||
// SharedConfigProfile is the profile to be used when loading the SharedConfig
|
||||
SharedConfigProfile string
|
||||
|
||||
// SharedConfigFiles is the slice of custom shared config files to use when
|
||||
// loading the SharedConfig. A non-default profile used within config file
|
||||
// must have name defined with prefix 'profile '. eg [profile xyz]
|
||||
// indicates a profile with name 'xyz'. To read more on the format of the
|
||||
// config file, please refer the documentation at
|
||||
// https://docs.aws.amazon.com/credref/latest/refdocs/file-format.html#file-format-config
|
||||
//
|
||||
// If duplicate profiles are provided within the same, or across multiple
|
||||
// shared config files, the next parsed profile will override only the
|
||||
// properties that conflict with the previously defined profile. Note that
|
||||
// if duplicate profiles are provided within the SharedCredentialsFiles and
|
||||
// SharedConfigFiles, the properties defined in shared credentials file
|
||||
// take precedence.
|
||||
SharedConfigFiles []string
|
||||
|
||||
// SharedCredentialsFile is the slice of custom shared credentials files to
|
||||
// use when loading the SharedConfig. The profile name used within
|
||||
// credentials file must not prefix 'profile '. eg [xyz] indicates a
|
||||
// profile with name 'xyz'. Profile declared as [profile xyz] will be
|
||||
// ignored. To read more on the format of the credentials file, please
|
||||
// refer the documentation at
|
||||
// https://docs.aws.amazon.com/credref/latest/refdocs/file-format.html#file-format-creds
|
||||
//
|
||||
// If duplicate profiles are provided with a same, or across multiple
|
||||
// shared credentials files, the next parsed profile will override only
|
||||
// properties that conflict with the previously defined profile. Note that
|
||||
// if duplicate profiles are provided within the SharedCredentialsFiles and
|
||||
// SharedConfigFiles, the properties defined in shared credentials file
|
||||
// take precedence.
|
||||
SharedCredentialsFiles []string
|
||||
|
||||
// CustomCABundle is CA bundle PEM bytes reader
|
||||
CustomCABundle io.Reader
|
||||
|
||||
// DefaultRegion is the fall back region, used if a region was not resolved
|
||||
// from other sources
|
||||
DefaultRegion string
|
||||
|
||||
// UseEC2IMDSRegion indicates if SDK should retrieve the region
|
||||
// from the EC2 Metadata service
|
||||
UseEC2IMDSRegion *UseEC2IMDSRegion
|
||||
|
||||
// CredentialsCacheOptions is a function for setting the
|
||||
// aws.CredentialsCacheOptions
|
||||
CredentialsCacheOptions func(*aws.CredentialsCacheOptions)
|
||||
|
||||
// ProcessCredentialOptions is a function for setting
|
||||
// the processcreds.Options
|
||||
ProcessCredentialOptions func(*processcreds.Options)
|
||||
|
||||
// EC2RoleCredentialOptions is a function for setting
|
||||
// the ec2rolecreds.Options
|
||||
EC2RoleCredentialOptions func(*ec2rolecreds.Options)
|
||||
|
||||
// EndpointCredentialOptions is a function for setting
|
||||
// the endpointcreds.Options
|
||||
EndpointCredentialOptions func(*endpointcreds.Options)
|
||||
|
||||
// WebIdentityRoleCredentialOptions is a function for setting
|
||||
// the stscreds.WebIdentityRoleOptions
|
||||
WebIdentityRoleCredentialOptions func(*stscreds.WebIdentityRoleOptions)
|
||||
|
||||
// AssumeRoleCredentialOptions is a function for setting the
|
||||
// stscreds.AssumeRoleOptions
|
||||
AssumeRoleCredentialOptions func(*stscreds.AssumeRoleOptions)
|
||||
|
||||
// SSOProviderOptions is a function for setting
|
||||
// the ssocreds.Options
|
||||
SSOProviderOptions func(options *ssocreds.Options)
|
||||
|
||||
// LogConfigurationWarnings when set to true, enables logging
|
||||
// configuration warnings
|
||||
LogConfigurationWarnings *bool
|
||||
|
||||
// S3UseARNRegion specifies if the S3 service should allow ARNs to direct
|
||||
// the region, the client's requests are sent to.
|
||||
S3UseARNRegion *bool
|
||||
|
||||
// EnableEndpointDiscovery specifies if endpoint discovery is enable for
|
||||
// the client.
|
||||
EnableEndpointDiscovery aws.EndpointDiscoveryEnableState
|
||||
|
||||
// Specifies if the EC2 IMDS service client is enabled.
|
||||
//
|
||||
// AWS_EC2_METADATA_DISABLED=true
|
||||
EC2IMDSClientEnableState imds.ClientEnableState
|
||||
|
||||
// Specifies the EC2 Instance Metadata Service default endpoint selection
|
||||
// mode (IPv4 or IPv6)
|
||||
EC2IMDSEndpointMode imds.EndpointModeState
|
||||
|
||||
// Specifies the EC2 Instance Metadata Service endpoint to use. If
|
||||
// specified it overrides EC2IMDSEndpointMode.
|
||||
EC2IMDSEndpoint string
|
||||
|
||||
// Specifies that SDK clients must resolve a dual-stack endpoint for
|
||||
// services.
|
||||
UseDualStackEndpoint aws.DualStackEndpointState
|
||||
|
||||
// Specifies that SDK clients must resolve a FIPS endpoint for
|
||||
// services.
|
||||
UseFIPSEndpoint aws.FIPSEndpointState
|
||||
|
||||
// Specifies the SDK configuration mode for defaults.
|
||||
DefaultsModeOptions DefaultsModeOptions
|
||||
}
|
||||
|
||||
func (o LoadOptions) getDefaultsMode(ctx context.Context) (aws.DefaultsMode, bool, error) {
|
||||
if len(o.DefaultsModeOptions.Mode) == 0 {
|
||||
return "", false, nil
|
||||
}
|
||||
return o.DefaultsModeOptions.Mode, true, nil
|
||||
}
|
||||
|
||||
// GetRetryMaxAttempts returns the RetryMaxAttempts if specified in the
|
||||
// LoadOptions and not 0.
|
||||
func (o LoadOptions) GetRetryMaxAttempts(ctx context.Context) (int, bool, error) {
|
||||
if o.RetryMaxAttempts == 0 {
|
||||
return 0, false, nil
|
||||
}
|
||||
return o.RetryMaxAttempts, true, nil
|
||||
}
|
||||
|
||||
// GetRetryMode returns the RetryMode specified in the LoadOptions.
|
||||
func (o LoadOptions) GetRetryMode(ctx context.Context) (aws.RetryMode, bool, error) {
|
||||
if len(o.RetryMode) == 0 {
|
||||
return "", false, nil
|
||||
}
|
||||
return o.RetryMode, true, nil
|
||||
}
|
||||
|
||||
func (o LoadOptions) getDefaultsModeIMDSClient(ctx context.Context) (*imds.Client, bool, error) {
|
||||
if o.DefaultsModeOptions.IMDSClient == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
return o.DefaultsModeOptions.IMDSClient, true, nil
|
||||
}
|
||||
|
||||
// getRegion returns Region from config's LoadOptions
|
||||
func (o LoadOptions) getRegion(ctx context.Context) (string, bool, error) {
|
||||
if len(o.Region) == 0 {
|
||||
return "", false, nil
|
||||
}
|
||||
|
||||
return o.Region, true, nil
|
||||
}
|
||||
|
||||
// WithRegion is a helper function to construct functional options
|
||||
// that sets Region on config's LoadOptions. Setting the region to
|
||||
// an empty string, will result in the region value being ignored.
|
||||
// If multiple WithRegion calls are made, the last call overrides
|
||||
// the previous call values.
|
||||
func WithRegion(v string) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.Region = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// getDefaultRegion returns DefaultRegion from config's LoadOptions
|
||||
func (o LoadOptions) getDefaultRegion(ctx context.Context) (string, bool, error) {
|
||||
if len(o.DefaultRegion) == 0 {
|
||||
return "", false, nil
|
||||
}
|
||||
|
||||
return o.DefaultRegion, true, nil
|
||||
}
|
||||
|
||||
// WithDefaultRegion is a helper function to construct functional options
|
||||
// that sets a DefaultRegion on config's LoadOptions. Setting the default
|
||||
// region to an empty string, will result in the default region value
|
||||
// being ignored. If multiple WithDefaultRegion calls are made, the last
|
||||
// call overrides the previous call values. Note that both WithRegion and
|
||||
// WithEC2IMDSRegion call takes precedence over WithDefaultRegion call
|
||||
// when resolving region.
|
||||
func WithDefaultRegion(v string) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.DefaultRegion = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// getSharedConfigProfile returns SharedConfigProfile from config's LoadOptions
|
||||
func (o LoadOptions) getSharedConfigProfile(ctx context.Context) (string, bool, error) {
|
||||
if len(o.SharedConfigProfile) == 0 {
|
||||
return "", false, nil
|
||||
}
|
||||
|
||||
return o.SharedConfigProfile, true, nil
|
||||
}
|
||||
|
||||
// WithSharedConfigProfile is a helper function to construct functional options
|
||||
// that sets SharedConfigProfile on config's LoadOptions. Setting the shared
|
||||
// config profile to an empty string, will result in the shared config profile
|
||||
// value being ignored.
|
||||
// If multiple WithSharedConfigProfile calls are made, the last call overrides
|
||||
// the previous call values.
|
||||
func WithSharedConfigProfile(v string) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.SharedConfigProfile = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// getSharedConfigFiles returns SharedConfigFiles set on config's LoadOptions
|
||||
func (o LoadOptions) getSharedConfigFiles(ctx context.Context) ([]string, bool, error) {
|
||||
if o.SharedConfigFiles == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.SharedConfigFiles, true, nil
|
||||
}
|
||||
|
||||
// WithSharedConfigFiles is a helper function to construct functional options
|
||||
// that sets slice of SharedConfigFiles on config's LoadOptions.
|
||||
// Setting the shared config files to an nil string slice, will result in the
|
||||
// shared config files value being ignored.
|
||||
// If multiple WithSharedConfigFiles calls are made, the last call overrides
|
||||
// the previous call values.
|
||||
func WithSharedConfigFiles(v []string) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.SharedConfigFiles = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// getSharedCredentialsFiles returns SharedCredentialsFiles set on config's LoadOptions
|
||||
func (o LoadOptions) getSharedCredentialsFiles(ctx context.Context) ([]string, bool, error) {
|
||||
if o.SharedCredentialsFiles == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.SharedCredentialsFiles, true, nil
|
||||
}
|
||||
|
||||
// WithSharedCredentialsFiles is a helper function to construct functional options
|
||||
// that sets slice of SharedCredentialsFiles on config's LoadOptions.
|
||||
// Setting the shared credentials files to an nil string slice, will result in the
|
||||
// shared credentials files value being ignored.
|
||||
// If multiple WithSharedCredentialsFiles calls are made, the last call overrides
|
||||
// the previous call values.
|
||||
func WithSharedCredentialsFiles(v []string) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.SharedCredentialsFiles = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// getCustomCABundle returns CustomCABundle from LoadOptions
|
||||
func (o LoadOptions) getCustomCABundle(ctx context.Context) (io.Reader, bool, error) {
|
||||
if o.CustomCABundle == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.CustomCABundle, true, nil
|
||||
}
|
||||
|
||||
// WithCustomCABundle is a helper function to construct functional options
|
||||
// that sets CustomCABundle on config's LoadOptions. Setting the custom CA Bundle
|
||||
// to nil will result in custom CA Bundle value being ignored.
|
||||
// If multiple WithCustomCABundle calls are made, the last call overrides the
|
||||
// previous call values.
|
||||
func WithCustomCABundle(v io.Reader) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.CustomCABundle = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// UseEC2IMDSRegion provides a regionProvider that retrieves the region
|
||||
// from the EC2 Metadata service.
|
||||
type UseEC2IMDSRegion struct {
|
||||
// If unset will default to generic EC2 IMDS client.
|
||||
Client *imds.Client
|
||||
}
|
||||
|
||||
// getRegion attempts to retrieve the region from EC2 Metadata service.
|
||||
func (p *UseEC2IMDSRegion) getRegion(ctx context.Context) (string, bool, error) {
|
||||
if ctx == nil {
|
||||
ctx = context.Background()
|
||||
}
|
||||
|
||||
client := p.Client
|
||||
if client == nil {
|
||||
client = imds.New(imds.Options{})
|
||||
}
|
||||
|
||||
result, err := client.GetRegion(ctx, nil)
|
||||
if err != nil {
|
||||
return "", false, err
|
||||
}
|
||||
if len(result.Region) != 0 {
|
||||
return result.Region, true, nil
|
||||
}
|
||||
return "", false, nil
|
||||
}
|
||||
|
||||
// getEC2IMDSRegion returns the value of EC2 IMDS region.
|
||||
func (o LoadOptions) getEC2IMDSRegion(ctx context.Context) (string, bool, error) {
|
||||
if o.UseEC2IMDSRegion == nil {
|
||||
return "", false, nil
|
||||
}
|
||||
|
||||
return o.UseEC2IMDSRegion.getRegion(ctx)
|
||||
}
|
||||
|
||||
// WithEC2IMDSRegion is a helper function to construct functional options
|
||||
// that enables resolving EC2IMDS region. The function takes
|
||||
// in a UseEC2IMDSRegion functional option, and can be used to set the
|
||||
// EC2IMDS client which will be used to resolve EC2IMDSRegion.
|
||||
// If no functional option is provided, an EC2IMDS client is built and used
|
||||
// by the resolver. If multiple WithEC2IMDSRegion calls are made, the last
|
||||
// call overrides the previous call values. Note that the WithRegion calls takes
|
||||
// precedence over WithEC2IMDSRegion when resolving region.
|
||||
func WithEC2IMDSRegion(fnOpts ...func(o *UseEC2IMDSRegion)) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.UseEC2IMDSRegion = &UseEC2IMDSRegion{}
|
||||
|
||||
for _, fn := range fnOpts {
|
||||
fn(o.UseEC2IMDSRegion)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// getCredentialsProvider returns the credentials value
|
||||
func (o LoadOptions) getCredentialsProvider(ctx context.Context) (aws.CredentialsProvider, bool, error) {
|
||||
if o.Credentials == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.Credentials, true, nil
|
||||
}
|
||||
|
||||
// WithCredentialsProvider is a helper function to construct functional options
|
||||
// that sets Credential provider value on config's LoadOptions. If credentials
|
||||
// provider is set to nil, the credentials provider value will be ignored.
|
||||
// If multiple WithCredentialsProvider calls are made, the last call overrides
|
||||
// the previous call values.
|
||||
func WithCredentialsProvider(v aws.CredentialsProvider) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.Credentials = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// getCredentialsCacheOptionsProvider returns the wrapped function to set aws.CredentialsCacheOptions
|
||||
func (o LoadOptions) getCredentialsCacheOptions(ctx context.Context) (func(*aws.CredentialsCacheOptions), bool, error) {
|
||||
if o.CredentialsCacheOptions == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.CredentialsCacheOptions, true, nil
|
||||
}
|
||||
|
||||
// WithCredentialsCacheOptions is a helper function to construct functional
|
||||
// options that sets a function to modify the aws.CredentialsCacheOptions the
|
||||
// aws.CredentialsCache will be configured with, if the CredentialsCache is used
|
||||
// by the configuration loader.
|
||||
//
|
||||
// If multiple WithCredentialsCacheOptions calls are made, the last call
|
||||
// overrides the previous call values.
|
||||
func WithCredentialsCacheOptions(v func(*aws.CredentialsCacheOptions)) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.CredentialsCacheOptions = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// getProcessCredentialOptions returns the wrapped function to set processcreds.Options
|
||||
func (o LoadOptions) getProcessCredentialOptions(ctx context.Context) (func(*processcreds.Options), bool, error) {
|
||||
if o.ProcessCredentialOptions == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.ProcessCredentialOptions, true, nil
|
||||
}
|
||||
|
||||
// WithProcessCredentialOptions is a helper function to construct functional options
|
||||
// that sets a function to use processcreds.Options on config's LoadOptions.
|
||||
// If process credential options is set to nil, the process credential value will
|
||||
// be ignored. If multiple WithProcessCredentialOptions calls are made, the last call
|
||||
// overrides the previous call values.
|
||||
func WithProcessCredentialOptions(v func(*processcreds.Options)) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.ProcessCredentialOptions = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// getEC2RoleCredentialOptions returns the wrapped function to set the ec2rolecreds.Options
|
||||
func (o LoadOptions) getEC2RoleCredentialOptions(ctx context.Context) (func(*ec2rolecreds.Options), bool, error) {
|
||||
if o.EC2RoleCredentialOptions == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.EC2RoleCredentialOptions, true, nil
|
||||
}
|
||||
|
||||
// WithEC2RoleCredentialOptions is a helper function to construct functional options
|
||||
// that sets a function to use ec2rolecreds.Options on config's LoadOptions. If
|
||||
// EC2 role credential options is set to nil, the EC2 role credential options value
|
||||
// will be ignored. If multiple WithEC2RoleCredentialOptions calls are made,
|
||||
// the last call overrides the previous call values.
|
||||
func WithEC2RoleCredentialOptions(v func(*ec2rolecreds.Options)) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.EC2RoleCredentialOptions = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// getEndpointCredentialOptions returns the wrapped function to set endpointcreds.Options
|
||||
func (o LoadOptions) getEndpointCredentialOptions(context.Context) (func(*endpointcreds.Options), bool, error) {
|
||||
if o.EndpointCredentialOptions == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.EndpointCredentialOptions, true, nil
|
||||
}
|
||||
|
||||
// WithEndpointCredentialOptions is a helper function to construct functional options
|
||||
// that sets a function to use endpointcreds.Options on config's LoadOptions. If
|
||||
// endpoint credential options is set to nil, the endpoint credential options
|
||||
// value will be ignored. If multiple WithEndpointCredentialOptions calls are made,
|
||||
// the last call overrides the previous call values.
|
||||
func WithEndpointCredentialOptions(v func(*endpointcreds.Options)) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.EndpointCredentialOptions = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// getWebIdentityRoleCredentialOptions returns the wrapped function
|
||||
func (o LoadOptions) getWebIdentityRoleCredentialOptions(context.Context) (func(*stscreds.WebIdentityRoleOptions), bool, error) {
|
||||
if o.WebIdentityRoleCredentialOptions == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.WebIdentityRoleCredentialOptions, true, nil
|
||||
}
|
||||
|
||||
// WithWebIdentityRoleCredentialOptions is a helper function to construct
|
||||
// functional options that sets a function to use stscreds.WebIdentityRoleOptions
|
||||
// on config's LoadOptions. If web identity role credentials options is set to nil,
|
||||
// the web identity role credentials value will be ignored. If multiple
|
||||
// WithWebIdentityRoleCredentialOptions calls are made, the last call
|
||||
// overrides the previous call values.
|
||||
func WithWebIdentityRoleCredentialOptions(v func(*stscreds.WebIdentityRoleOptions)) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.WebIdentityRoleCredentialOptions = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// getAssumeRoleCredentialOptions returns AssumeRoleCredentialOptions from LoadOptions
|
||||
func (o LoadOptions) getAssumeRoleCredentialOptions(context.Context) (func(options *stscreds.AssumeRoleOptions), bool, error) {
|
||||
if o.AssumeRoleCredentialOptions == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.AssumeRoleCredentialOptions, true, nil
|
||||
}
|
||||
|
||||
// WithAssumeRoleCredentialOptions is a helper function to construct
|
||||
// functional options that sets a function to use stscreds.AssumeRoleOptions
|
||||
// on config's LoadOptions. If assume role credentials options is set to nil,
|
||||
// the assume role credentials value will be ignored. If multiple
|
||||
// WithAssumeRoleCredentialOptions calls are made, the last call overrides
|
||||
// the previous call values.
|
||||
func WithAssumeRoleCredentialOptions(v func(*stscreds.AssumeRoleOptions)) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.AssumeRoleCredentialOptions = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func (o LoadOptions) getHTTPClient(ctx context.Context) (HTTPClient, bool, error) {
|
||||
if o.HTTPClient == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.HTTPClient, true, nil
|
||||
}
|
||||
|
||||
// WithHTTPClient is a helper function to construct functional options
|
||||
// that sets HTTPClient on LoadOptions. If HTTPClient is set to nil,
|
||||
// the HTTPClient value will be ignored.
|
||||
// If multiple WithHTTPClient calls are made, the last call overrides
|
||||
// the previous call values.
|
||||
func WithHTTPClient(v HTTPClient) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.HTTPClient = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func (o LoadOptions) getAPIOptions(ctx context.Context) ([]func(*middleware.Stack) error, bool, error) {
|
||||
if o.APIOptions == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.APIOptions, true, nil
|
||||
}
|
||||
|
||||
// WithAPIOptions is a helper function to construct functional options
|
||||
// that sets APIOptions on LoadOptions. If APIOptions is set to nil, the
|
||||
// APIOptions value is ignored. If multiple WithAPIOptions calls are
|
||||
// made, the last call overrides the previous call values.
|
||||
func WithAPIOptions(v []func(*middleware.Stack) error) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
if v == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
o.APIOptions = append(o.APIOptions, v...)
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func (o LoadOptions) getRetryMaxAttempts(ctx context.Context) (int, bool, error) {
|
||||
if o.RetryMaxAttempts == 0 {
|
||||
return 0, false, nil
|
||||
}
|
||||
|
||||
return o.RetryMaxAttempts, true, nil
|
||||
}
|
||||
|
||||
// WithRetryMaxAttempts is a helper function to construct functional options that sets
|
||||
// RetryMaxAttempts on LoadOptions. If RetryMaxAttempts is unset, the RetryMaxAttempts value is
|
||||
// ignored. If multiple WithRetryMaxAttempts calls are made, the last call overrides
|
||||
// the previous call values.
|
||||
//
|
||||
// Will be ignored of LoadOptions.Retryer or WithRetryer are used.
|
||||
func WithRetryMaxAttempts(v int) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.RetryMaxAttempts = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func (o LoadOptions) getRetryMode(ctx context.Context) (aws.RetryMode, bool, error) {
|
||||
if o.RetryMode == "" {
|
||||
return "", false, nil
|
||||
}
|
||||
|
||||
return o.RetryMode, true, nil
|
||||
}
|
||||
|
||||
// WithRetryMode is a helper function to construct functional options that sets
|
||||
// RetryMode on LoadOptions. If RetryMode is unset, the RetryMode value is
|
||||
// ignored. If multiple WithRetryMode calls are made, the last call overrides
|
||||
// the previous call values.
|
||||
//
|
||||
// Will be ignored of LoadOptions.Retryer or WithRetryer are used.
|
||||
func WithRetryMode(v aws.RetryMode) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.RetryMode = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func (o LoadOptions) getRetryer(ctx context.Context) (func() aws.Retryer, bool, error) {
|
||||
if o.Retryer == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.Retryer, true, nil
|
||||
}
|
||||
|
||||
// WithRetryer is a helper function to construct functional options
|
||||
// that sets Retryer on LoadOptions. If Retryer is set to nil, the
|
||||
// Retryer value is ignored. If multiple WithRetryer calls are
|
||||
// made, the last call overrides the previous call values.
|
||||
func WithRetryer(v func() aws.Retryer) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.Retryer = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func (o LoadOptions) getEndpointResolver(ctx context.Context) (aws.EndpointResolver, bool, error) {
|
||||
if o.EndpointResolver == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.EndpointResolver, true, nil
|
||||
}
|
||||
|
||||
// WithEndpointResolver is a helper function to construct functional options
|
||||
// that sets the EndpointResolver on LoadOptions. If the EndpointResolver is set to nil,
|
||||
// the EndpointResolver value is ignored. If multiple WithEndpointResolver calls
|
||||
// are made, the last call overrides the previous call values.
|
||||
//
|
||||
// Deprecated: See WithEndpointResolverWithOptions
|
||||
func WithEndpointResolver(v aws.EndpointResolver) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.EndpointResolver = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func (o LoadOptions) getEndpointResolverWithOptions(ctx context.Context) (aws.EndpointResolverWithOptions, bool, error) {
|
||||
if o.EndpointResolverWithOptions == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.EndpointResolverWithOptions, true, nil
|
||||
}
|
||||
|
||||
// WithEndpointResolverWithOptions is a helper function to construct functional options
|
||||
// that sets the EndpointResolverWithOptions on LoadOptions. If the EndpointResolverWithOptions is set to nil,
|
||||
// the EndpointResolver value is ignored. If multiple WithEndpointResolver calls
|
||||
// are made, the last call overrides the previous call values.
|
||||
func WithEndpointResolverWithOptions(v aws.EndpointResolverWithOptions) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.EndpointResolverWithOptions = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func (o LoadOptions) getLogger(ctx context.Context) (logging.Logger, bool, error) {
|
||||
if o.Logger == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.Logger, true, nil
|
||||
}
|
||||
|
||||
// WithLogger is a helper function to construct functional options
|
||||
// that sets Logger on LoadOptions. If Logger is set to nil, the
|
||||
// Logger value will be ignored. If multiple WithLogger calls are made,
|
||||
// the last call overrides the previous call values.
|
||||
func WithLogger(v logging.Logger) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.Logger = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func (o LoadOptions) getClientLogMode(ctx context.Context) (aws.ClientLogMode, bool, error) {
|
||||
if o.ClientLogMode == nil {
|
||||
return 0, false, nil
|
||||
}
|
||||
|
||||
return *o.ClientLogMode, true, nil
|
||||
}
|
||||
|
||||
// WithClientLogMode is a helper function to construct functional options
|
||||
// that sets client log mode on LoadOptions. If client log mode is set to nil,
|
||||
// the client log mode value will be ignored. If multiple WithClientLogMode calls are made,
|
||||
// the last call overrides the previous call values.
|
||||
func WithClientLogMode(v aws.ClientLogMode) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.ClientLogMode = &v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func (o LoadOptions) getLogConfigurationWarnings(ctx context.Context) (v bool, found bool, err error) {
|
||||
if o.LogConfigurationWarnings == nil {
|
||||
return false, false, nil
|
||||
}
|
||||
return *o.LogConfigurationWarnings, true, nil
|
||||
}
|
||||
|
||||
// WithLogConfigurationWarnings is a helper function to construct
|
||||
// functional options that can be used to set LogConfigurationWarnings
|
||||
// on LoadOptions.
|
||||
//
|
||||
// If multiple WithLogConfigurationWarnings calls are made, the last call
|
||||
// overrides the previous call values.
|
||||
func WithLogConfigurationWarnings(v bool) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.LogConfigurationWarnings = &v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// GetS3UseARNRegion returns whether to allow ARNs to direct the region
|
||||
// the S3 client's requests are sent to.
|
||||
func (o LoadOptions) GetS3UseARNRegion(ctx context.Context) (v bool, found bool, err error) {
|
||||
if o.S3UseARNRegion == nil {
|
||||
return false, false, nil
|
||||
}
|
||||
return *o.S3UseARNRegion, true, nil
|
||||
}
|
||||
|
||||
// WithS3UseARNRegion is a helper function to construct functional options
|
||||
// that can be used to set S3UseARNRegion on LoadOptions.
|
||||
// If multiple WithS3UseARNRegion calls are made, the last call overrides
|
||||
// the previous call values.
|
||||
func WithS3UseARNRegion(v bool) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.S3UseARNRegion = &v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// GetEnableEndpointDiscovery returns if the EnableEndpointDiscovery flag is set.
|
||||
func (o LoadOptions) GetEnableEndpointDiscovery(ctx context.Context) (value aws.EndpointDiscoveryEnableState, ok bool, err error) {
|
||||
if o.EnableEndpointDiscovery == aws.EndpointDiscoveryUnset {
|
||||
return aws.EndpointDiscoveryUnset, false, nil
|
||||
}
|
||||
return o.EnableEndpointDiscovery, true, nil
|
||||
}
|
||||
|
||||
// WithEndpointDiscovery is a helper function to construct functional options
|
||||
// that can be used to enable endpoint discovery on LoadOptions for supported clients.
|
||||
// If multiple WithEndpointDiscovery calls are made, the last call overrides
|
||||
// the previous call values.
|
||||
func WithEndpointDiscovery(v aws.EndpointDiscoveryEnableState) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.EnableEndpointDiscovery = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// getSSOProviderOptions returns AssumeRoleCredentialOptions from LoadOptions
|
||||
func (o LoadOptions) getSSOProviderOptions(context.Context) (func(options *ssocreds.Options), bool, error) {
|
||||
if o.SSOProviderOptions == nil {
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
return o.SSOProviderOptions, true, nil
|
||||
}
|
||||
|
||||
// WithSSOProviderOptions is a helper function to construct
|
||||
// functional options that sets a function to use ssocreds.Options
|
||||
// on config's LoadOptions. If the SSO credential provider options is set to nil,
|
||||
// the sso provider options value will be ignored. If multiple
|
||||
// WithSSOProviderOptions calls are made, the last call overrides
|
||||
// the previous call values.
|
||||
func WithSSOProviderOptions(v func(*ssocreds.Options)) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.SSOProviderOptions = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// GetEC2IMDSClientEnableState implements a EC2IMDSClientEnableState options resolver interface.
|
||||
func (o LoadOptions) GetEC2IMDSClientEnableState() (imds.ClientEnableState, bool, error) {
|
||||
if o.EC2IMDSClientEnableState == imds.ClientDefaultEnableState {
|
||||
return imds.ClientDefaultEnableState, false, nil
|
||||
}
|
||||
|
||||
return o.EC2IMDSClientEnableState, true, nil
|
||||
}
|
||||
|
||||
// GetEC2IMDSEndpointMode implements a EC2IMDSEndpointMode option resolver interface.
|
||||
func (o LoadOptions) GetEC2IMDSEndpointMode() (imds.EndpointModeState, bool, error) {
|
||||
if o.EC2IMDSEndpointMode == imds.EndpointModeStateUnset {
|
||||
return imds.EndpointModeStateUnset, false, nil
|
||||
}
|
||||
|
||||
return o.EC2IMDSEndpointMode, true, nil
|
||||
}
|
||||
|
||||
// GetEC2IMDSEndpoint implements a EC2IMDSEndpoint option resolver interface.
|
||||
func (o LoadOptions) GetEC2IMDSEndpoint() (string, bool, error) {
|
||||
if len(o.EC2IMDSEndpoint) == 0 {
|
||||
return "", false, nil
|
||||
}
|
||||
|
||||
return o.EC2IMDSEndpoint, true, nil
|
||||
}
|
||||
|
||||
// WithEC2IMDSClientEnableState is a helper function to construct functional options that sets the EC2IMDSClientEnableState.
|
||||
func WithEC2IMDSClientEnableState(v imds.ClientEnableState) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.EC2IMDSClientEnableState = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// WithEC2IMDSEndpointMode is a helper function to construct functional options that sets the EC2IMDSEndpointMode.
|
||||
func WithEC2IMDSEndpointMode(v imds.EndpointModeState) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.EC2IMDSEndpointMode = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// WithEC2IMDSEndpoint is a helper function to construct functional options that sets the EC2IMDSEndpoint.
|
||||
func WithEC2IMDSEndpoint(v string) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.EC2IMDSEndpoint = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// WithUseDualStackEndpoint is a helper function to construct
|
||||
// functional options that can be used to set UseDualStackEndpoint on LoadOptions.
|
||||
func WithUseDualStackEndpoint(v aws.DualStackEndpointState) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.UseDualStackEndpoint = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// GetUseDualStackEndpoint returns whether the service's dual-stack endpoint should be
|
||||
// used for requests.
|
||||
func (o LoadOptions) GetUseDualStackEndpoint(ctx context.Context) (value aws.DualStackEndpointState, found bool, err error) {
|
||||
if o.UseDualStackEndpoint == aws.DualStackEndpointStateUnset {
|
||||
return aws.DualStackEndpointStateUnset, false, nil
|
||||
}
|
||||
return o.UseDualStackEndpoint, true, nil
|
||||
}
|
||||
|
||||
// WithUseFIPSEndpoint is a helper function to construct
|
||||
// functional options that can be used to set UseFIPSEndpoint on LoadOptions.
|
||||
func WithUseFIPSEndpoint(v aws.FIPSEndpointState) LoadOptionsFunc {
|
||||
return func(o *LoadOptions) error {
|
||||
o.UseFIPSEndpoint = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// GetUseFIPSEndpoint returns whether the service's FIPS endpoint should be
|
||||
// used for requests.
|
||||
func (o LoadOptions) GetUseFIPSEndpoint(ctx context.Context) (value aws.FIPSEndpointState, found bool, err error) {
|
||||
if o.UseFIPSEndpoint == aws.FIPSEndpointStateUnset {
|
||||
return aws.FIPSEndpointStateUnset, false, nil
|
||||
}
|
||||
return o.UseFIPSEndpoint, true, nil
|
||||
}
|
||||
|
||||
// WithDefaultsMode sets the SDK defaults configuration mode to the value provided.
|
||||
//
|
||||
// Zero or more functional options can be provided to provide configuration options for performing
|
||||
// environment discovery when using aws.DefaultsModeAuto.
|
||||
func WithDefaultsMode(mode aws.DefaultsMode, optFns ...func(options *DefaultsModeOptions)) LoadOptionsFunc {
|
||||
do := DefaultsModeOptions{
|
||||
Mode: mode,
|
||||
}
|
||||
for _, fn := range optFns {
|
||||
fn(&do)
|
||||
}
|
||||
return func(options *LoadOptions) error {
|
||||
options.DefaultsModeOptions = do
|
||||
return nil
|
||||
}
|
||||
}
|
51
vendor/github.com/aws/aws-sdk-go-v2/config/local.go
generated
vendored
Normal file
51
vendor/github.com/aws/aws-sdk-go-v2/config/local.go
generated
vendored
Normal file
@ -0,0 +1,51 @@
|
||||
package config
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net"
|
||||
"net/url"
|
||||
)
|
||||
|
||||
var lookupHostFn = net.LookupHost
|
||||
|
||||
func isLoopbackHost(host string) (bool, error) {
|
||||
ip := net.ParseIP(host)
|
||||
if ip != nil {
|
||||
return ip.IsLoopback(), nil
|
||||
}
|
||||
|
||||
// Host is not an ip, perform lookup
|
||||
addrs, err := lookupHostFn(host)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
if len(addrs) == 0 {
|
||||
return false, fmt.Errorf("no addrs found for host, %s", host)
|
||||
}
|
||||
|
||||
for _, addr := range addrs {
|
||||
if !net.ParseIP(addr).IsLoopback() {
|
||||
return false, nil
|
||||
}
|
||||
}
|
||||
|
||||
return true, nil
|
||||
}
|
||||
|
||||
func validateLocalURL(v string) error {
|
||||
u, err := url.Parse(v)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
host := u.Hostname()
|
||||
if len(host) == 0 {
|
||||
return fmt.Errorf("unable to parse host from local HTTP cred provider URL")
|
||||
} else if isLoopback, err := isLoopbackHost(host); err != nil {
|
||||
return fmt.Errorf("failed to resolve host %q, %v", host, err)
|
||||
} else if !isLoopback {
|
||||
return fmt.Errorf("invalid endpoint host, %q, only host resolving to loopback addresses are allowed", host)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
533
vendor/github.com/aws/aws-sdk-go-v2/config/provider.go
generated
vendored
Normal file
533
vendor/github.com/aws/aws-sdk-go-v2/config/provider.go
generated
vendored
Normal file
@ -0,0 +1,533 @@
|
||||
package config
|
||||
|
||||
import (
|
||||
"context"
|
||||
"io"
|
||||
"net/http"
|
||||
|
||||
"github.com/aws/aws-sdk-go-v2/aws"
|
||||
"github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds"
|
||||
"github.com/aws/aws-sdk-go-v2/credentials/endpointcreds"
|
||||
"github.com/aws/aws-sdk-go-v2/credentials/processcreds"
|
||||
"github.com/aws/aws-sdk-go-v2/credentials/ssocreds"
|
||||
"github.com/aws/aws-sdk-go-v2/credentials/stscreds"
|
||||
"github.com/aws/aws-sdk-go-v2/feature/ec2/imds"
|
||||
"github.com/aws/smithy-go/logging"
|
||||
"github.com/aws/smithy-go/middleware"
|
||||
)
|
||||
|
||||
// sharedConfigProfileProvider provides access to the shared config profile
|
||||
// name external configuration value.
|
||||
type sharedConfigProfileProvider interface {
|
||||
getSharedConfigProfile(ctx context.Context) (string, bool, error)
|
||||
}
|
||||
|
||||
// getSharedConfigProfile searches the configs for a sharedConfigProfileProvider
|
||||
// and returns the value if found. Returns an error if a provider fails before a
|
||||
// value is found.
|
||||
func getSharedConfigProfile(ctx context.Context, configs configs) (value string, found bool, err error) {
|
||||
for _, cfg := range configs {
|
||||
if p, ok := cfg.(sharedConfigProfileProvider); ok {
|
||||
value, found, err = p.getSharedConfigProfile(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// sharedConfigFilesProvider provides access to the shared config filesnames
|
||||
// external configuration value.
|
||||
type sharedConfigFilesProvider interface {
|
||||
getSharedConfigFiles(ctx context.Context) ([]string, bool, error)
|
||||
}
|
||||
|
||||
// getSharedConfigFiles searches the configs for a sharedConfigFilesProvider
|
||||
// and returns the value if found. Returns an error if a provider fails before a
|
||||
// value is found.
|
||||
func getSharedConfigFiles(ctx context.Context, configs configs) (value []string, found bool, err error) {
|
||||
for _, cfg := range configs {
|
||||
if p, ok := cfg.(sharedConfigFilesProvider); ok {
|
||||
value, found, err = p.getSharedConfigFiles(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// sharedCredentialsFilesProvider provides access to the shared credentials filesnames
|
||||
// external configuration value.
|
||||
type sharedCredentialsFilesProvider interface {
|
||||
getSharedCredentialsFiles(ctx context.Context) ([]string, bool, error)
|
||||
}
|
||||
|
||||
// getSharedCredentialsFiles searches the configs for a sharedCredentialsFilesProvider
|
||||
// and returns the value if found. Returns an error if a provider fails before a
|
||||
// value is found.
|
||||
func getSharedCredentialsFiles(ctx context.Context, configs configs) (value []string, found bool, err error) {
|
||||
for _, cfg := range configs {
|
||||
if p, ok := cfg.(sharedCredentialsFilesProvider); ok {
|
||||
value, found, err = p.getSharedCredentialsFiles(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// customCABundleProvider provides access to the custom CA bundle PEM bytes.
|
||||
type customCABundleProvider interface {
|
||||
getCustomCABundle(ctx context.Context) (io.Reader, bool, error)
|
||||
}
|
||||
|
||||
// getCustomCABundle searches the configs for a customCABundleProvider
|
||||
// and returns the value if found. Returns an error if a provider fails before a
|
||||
// value is found.
|
||||
func getCustomCABundle(ctx context.Context, configs configs) (value io.Reader, found bool, err error) {
|
||||
for _, cfg := range configs {
|
||||
if p, ok := cfg.(customCABundleProvider); ok {
|
||||
value, found, err = p.getCustomCABundle(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// regionProvider provides access to the region external configuration value.
|
||||
type regionProvider interface {
|
||||
getRegion(ctx context.Context) (string, bool, error)
|
||||
}
|
||||
|
||||
// getRegion searches the configs for a regionProvider and returns the value
|
||||
// if found. Returns an error if a provider fails before a value is found.
|
||||
func getRegion(ctx context.Context, configs configs) (value string, found bool, err error) {
|
||||
for _, cfg := range configs {
|
||||
if p, ok := cfg.(regionProvider); ok {
|
||||
value, found, err = p.getRegion(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// ec2IMDSRegionProvider provides access to the ec2 imds region
|
||||
// configuration value
|
||||
type ec2IMDSRegionProvider interface {
|
||||
getEC2IMDSRegion(ctx context.Context) (string, bool, error)
|
||||
}
|
||||
|
||||
// getEC2IMDSRegion searches the configs for a ec2IMDSRegionProvider and
|
||||
// returns the value if found. Returns an error if a provider fails before
|
||||
// a value is found.
|
||||
func getEC2IMDSRegion(ctx context.Context, configs configs) (region string, found bool, err error) {
|
||||
for _, cfg := range configs {
|
||||
if provider, ok := cfg.(ec2IMDSRegionProvider); ok {
|
||||
region, found, err = provider.getEC2IMDSRegion(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// credentialsProviderProvider provides access to the credentials external
|
||||
// configuration value.
|
||||
type credentialsProviderProvider interface {
|
||||
getCredentialsProvider(ctx context.Context) (aws.CredentialsProvider, bool, error)
|
||||
}
|
||||
|
||||
// getCredentialsProvider searches the configs for a credentialsProviderProvider
|
||||
// and returns the value if found. Returns an error if a provider fails before a
|
||||
// value is found.
|
||||
func getCredentialsProvider(ctx context.Context, configs configs) (p aws.CredentialsProvider, found bool, err error) {
|
||||
for _, cfg := range configs {
|
||||
if provider, ok := cfg.(credentialsProviderProvider); ok {
|
||||
p, found, err = provider.getCredentialsProvider(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// credentialsCacheOptionsProvider is an interface for retrieving a function for setting
|
||||
// the aws.CredentialsCacheOptions.
|
||||
type credentialsCacheOptionsProvider interface {
|
||||
getCredentialsCacheOptions(ctx context.Context) (func(*aws.CredentialsCacheOptions), bool, error)
|
||||
}
|
||||
|
||||
// getCredentialsCacheOptionsProvider is an interface for retrieving a function for setting
|
||||
// the aws.CredentialsCacheOptions.
|
||||
func getCredentialsCacheOptionsProvider(ctx context.Context, configs configs) (
|
||||
f func(*aws.CredentialsCacheOptions), found bool, err error,
|
||||
) {
|
||||
for _, config := range configs {
|
||||
if p, ok := config.(credentialsCacheOptionsProvider); ok {
|
||||
f, found, err = p.getCredentialsCacheOptions(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// processCredentialOptions is an interface for retrieving a function for setting
|
||||
// the processcreds.Options.
|
||||
type processCredentialOptions interface {
|
||||
getProcessCredentialOptions(ctx context.Context) (func(*processcreds.Options), bool, error)
|
||||
}
|
||||
|
||||
// getProcessCredentialOptions searches the slice of configs and returns the first function found
|
||||
func getProcessCredentialOptions(ctx context.Context, configs configs) (f func(*processcreds.Options), found bool, err error) {
|
||||
for _, config := range configs {
|
||||
if p, ok := config.(processCredentialOptions); ok {
|
||||
f, found, err = p.getProcessCredentialOptions(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// ec2RoleCredentialOptionsProvider is an interface for retrieving a function
|
||||
// for setting the ec2rolecreds.Provider options.
|
||||
type ec2RoleCredentialOptionsProvider interface {
|
||||
getEC2RoleCredentialOptions(ctx context.Context) (func(*ec2rolecreds.Options), bool, error)
|
||||
}
|
||||
|
||||
// getEC2RoleCredentialProviderOptions searches the slice of configs and returns the first function found
|
||||
func getEC2RoleCredentialProviderOptions(ctx context.Context, configs configs) (f func(*ec2rolecreds.Options), found bool, err error) {
|
||||
for _, config := range configs {
|
||||
if p, ok := config.(ec2RoleCredentialOptionsProvider); ok {
|
||||
f, found, err = p.getEC2RoleCredentialOptions(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// defaultRegionProvider is an interface for retrieving a default region if a region was not resolved from other sources
|
||||
type defaultRegionProvider interface {
|
||||
getDefaultRegion(ctx context.Context) (string, bool, error)
|
||||
}
|
||||
|
||||
// getDefaultRegion searches the slice of configs and returns the first fallback region found
|
||||
func getDefaultRegion(ctx context.Context, configs configs) (value string, found bool, err error) {
|
||||
for _, config := range configs {
|
||||
if p, ok := config.(defaultRegionProvider); ok {
|
||||
value, found, err = p.getDefaultRegion(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// endpointCredentialOptionsProvider is an interface for retrieving a function for setting
|
||||
// the endpointcreds.ProviderOptions.
|
||||
type endpointCredentialOptionsProvider interface {
|
||||
getEndpointCredentialOptions(ctx context.Context) (func(*endpointcreds.Options), bool, error)
|
||||
}
|
||||
|
||||
// getEndpointCredentialProviderOptions searches the slice of configs and returns the first function found
|
||||
func getEndpointCredentialProviderOptions(ctx context.Context, configs configs) (f func(*endpointcreds.Options), found bool, err error) {
|
||||
for _, config := range configs {
|
||||
if p, ok := config.(endpointCredentialOptionsProvider); ok {
|
||||
f, found, err = p.getEndpointCredentialOptions(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// webIdentityRoleCredentialOptionsProvider is an interface for retrieving a function for setting
|
||||
// the stscreds.WebIdentityRoleProvider.
|
||||
type webIdentityRoleCredentialOptionsProvider interface {
|
||||
getWebIdentityRoleCredentialOptions(ctx context.Context) (func(*stscreds.WebIdentityRoleOptions), bool, error)
|
||||
}
|
||||
|
||||
// getWebIdentityCredentialProviderOptions searches the slice of configs and returns the first function found
|
||||
func getWebIdentityCredentialProviderOptions(ctx context.Context, configs configs) (f func(*stscreds.WebIdentityRoleOptions), found bool, err error) {
|
||||
for _, config := range configs {
|
||||
if p, ok := config.(webIdentityRoleCredentialOptionsProvider); ok {
|
||||
f, found, err = p.getWebIdentityRoleCredentialOptions(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// assumeRoleCredentialOptionsProvider is an interface for retrieving a function for setting
|
||||
// the stscreds.AssumeRoleOptions.
|
||||
type assumeRoleCredentialOptionsProvider interface {
|
||||
getAssumeRoleCredentialOptions(ctx context.Context) (func(*stscreds.AssumeRoleOptions), bool, error)
|
||||
}
|
||||
|
||||
// getAssumeRoleCredentialProviderOptions searches the slice of configs and returns the first function found
|
||||
func getAssumeRoleCredentialProviderOptions(ctx context.Context, configs configs) (f func(*stscreds.AssumeRoleOptions), found bool, err error) {
|
||||
for _, config := range configs {
|
||||
if p, ok := config.(assumeRoleCredentialOptionsProvider); ok {
|
||||
f, found, err = p.getAssumeRoleCredentialOptions(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// HTTPClient is an HTTP client implementation
|
||||
type HTTPClient interface {
|
||||
Do(*http.Request) (*http.Response, error)
|
||||
}
|
||||
|
||||
// httpClientProvider is an interface for retrieving HTTPClient
|
||||
type httpClientProvider interface {
|
||||
getHTTPClient(ctx context.Context) (HTTPClient, bool, error)
|
||||
}
|
||||
|
||||
// getHTTPClient searches the slice of configs and returns the HTTPClient set on configs
|
||||
func getHTTPClient(ctx context.Context, configs configs) (client HTTPClient, found bool, err error) {
|
||||
for _, config := range configs {
|
||||
if p, ok := config.(httpClientProvider); ok {
|
||||
client, found, err = p.getHTTPClient(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// apiOptionsProvider is an interface for retrieving APIOptions
|
||||
type apiOptionsProvider interface {
|
||||
getAPIOptions(ctx context.Context) ([]func(*middleware.Stack) error, bool, error)
|
||||
}
|
||||
|
||||
// getAPIOptions searches the slice of configs and returns the APIOptions set on configs
|
||||
func getAPIOptions(ctx context.Context, configs configs) (apiOptions []func(*middleware.Stack) error, found bool, err error) {
|
||||
for _, config := range configs {
|
||||
if p, ok := config.(apiOptionsProvider); ok {
|
||||
// retrieve APIOptions from configs and set it on cfg
|
||||
apiOptions, found, err = p.getAPIOptions(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// endpointResolverProvider is an interface for retrieving an aws.EndpointResolver from a configuration source
|
||||
type endpointResolverProvider interface {
|
||||
getEndpointResolver(ctx context.Context) (aws.EndpointResolver, bool, error)
|
||||
}
|
||||
|
||||
// getEndpointResolver searches the provided config sources for a EndpointResolverFunc that can be used
|
||||
// to configure the aws.Config.EndpointResolver value.
|
||||
func getEndpointResolver(ctx context.Context, configs configs) (f aws.EndpointResolver, found bool, err error) {
|
||||
for _, c := range configs {
|
||||
if p, ok := c.(endpointResolverProvider); ok {
|
||||
f, found, err = p.getEndpointResolver(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// endpointResolverWithOptionsProvider is an interface for retrieving an aws.EndpointResolverWithOptions from a configuration source
|
||||
type endpointResolverWithOptionsProvider interface {
|
||||
getEndpointResolverWithOptions(ctx context.Context) (aws.EndpointResolverWithOptions, bool, error)
|
||||
}
|
||||
|
||||
// getEndpointResolver searches the provided config sources for a EndpointResolverFunc that can be used
|
||||
// to configure the aws.Config.EndpointResolver value.
|
||||
func getEndpointResolverWithOptions(ctx context.Context, configs configs) (f aws.EndpointResolverWithOptions, found bool, err error) {
|
||||
for _, c := range configs {
|
||||
if p, ok := c.(endpointResolverWithOptionsProvider); ok {
|
||||
f, found, err = p.getEndpointResolverWithOptions(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// loggerProvider is an interface for retrieving a logging.Logger from a configuration source.
|
||||
type loggerProvider interface {
|
||||
getLogger(ctx context.Context) (logging.Logger, bool, error)
|
||||
}
|
||||
|
||||
// getLogger searches the provided config sources for a logging.Logger that can be used
|
||||
// to configure the aws.Config.Logger value.
|
||||
func getLogger(ctx context.Context, configs configs) (l logging.Logger, found bool, err error) {
|
||||
for _, c := range configs {
|
||||
if p, ok := c.(loggerProvider); ok {
|
||||
l, found, err = p.getLogger(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// clientLogModeProvider is an interface for retrieving the aws.ClientLogMode from a configuration source.
|
||||
type clientLogModeProvider interface {
|
||||
getClientLogMode(ctx context.Context) (aws.ClientLogMode, bool, error)
|
||||
}
|
||||
|
||||
func getClientLogMode(ctx context.Context, configs configs) (m aws.ClientLogMode, found bool, err error) {
|
||||
for _, c := range configs {
|
||||
if p, ok := c.(clientLogModeProvider); ok {
|
||||
m, found, err = p.getClientLogMode(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// retryProvider is an configuration provider for custom Retryer.
|
||||
type retryProvider interface {
|
||||
getRetryer(ctx context.Context) (func() aws.Retryer, bool, error)
|
||||
}
|
||||
|
||||
func getRetryer(ctx context.Context, configs configs) (v func() aws.Retryer, found bool, err error) {
|
||||
for _, c := range configs {
|
||||
if p, ok := c.(retryProvider); ok {
|
||||
v, found, err = p.getRetryer(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// logConfigurationWarningsProvider is an configuration provider for
|
||||
// retrieving a boolean indicating whether configuration issues should
|
||||
// be logged when loading from config sources
|
||||
type logConfigurationWarningsProvider interface {
|
||||
getLogConfigurationWarnings(ctx context.Context) (bool, bool, error)
|
||||
}
|
||||
|
||||
func getLogConfigurationWarnings(ctx context.Context, configs configs) (v bool, found bool, err error) {
|
||||
for _, c := range configs {
|
||||
if p, ok := c.(logConfigurationWarningsProvider); ok {
|
||||
v, found, err = p.getLogConfigurationWarnings(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// ssoCredentialOptionsProvider is an interface for retrieving a function for setting
|
||||
// the ssocreds.Options.
|
||||
type ssoCredentialOptionsProvider interface {
|
||||
getSSOProviderOptions(context.Context) (func(*ssocreds.Options), bool, error)
|
||||
}
|
||||
|
||||
func getSSOProviderOptions(ctx context.Context, configs configs) (v func(options *ssocreds.Options), found bool, err error) {
|
||||
for _, c := range configs {
|
||||
if p, ok := c.(ssoCredentialOptionsProvider); ok {
|
||||
v, found, err = p.getSSOProviderOptions(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return v, found, err
|
||||
}
|
||||
|
||||
type defaultsModeIMDSClientProvider interface {
|
||||
getDefaultsModeIMDSClient(context.Context) (*imds.Client, bool, error)
|
||||
}
|
||||
|
||||
func getDefaultsModeIMDSClient(ctx context.Context, configs configs) (v *imds.Client, found bool, err error) {
|
||||
for _, c := range configs {
|
||||
if p, ok := c.(defaultsModeIMDSClientProvider); ok {
|
||||
v, found, err = p.getDefaultsModeIMDSClient(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return v, found, err
|
||||
}
|
||||
|
||||
type defaultsModeProvider interface {
|
||||
getDefaultsMode(context.Context) (aws.DefaultsMode, bool, error)
|
||||
}
|
||||
|
||||
func getDefaultsMode(ctx context.Context, configs configs) (v aws.DefaultsMode, found bool, err error) {
|
||||
for _, c := range configs {
|
||||
if p, ok := c.(defaultsModeProvider); ok {
|
||||
v, found, err = p.getDefaultsMode(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return v, found, err
|
||||
}
|
||||
|
||||
type retryMaxAttemptsProvider interface {
|
||||
GetRetryMaxAttempts(context.Context) (int, bool, error)
|
||||
}
|
||||
|
||||
func getRetryMaxAttempts(ctx context.Context, configs configs) (v int, found bool, err error) {
|
||||
for _, c := range configs {
|
||||
if p, ok := c.(retryMaxAttemptsProvider); ok {
|
||||
v, found, err = p.GetRetryMaxAttempts(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return v, found, err
|
||||
}
|
||||
|
||||
type retryModeProvider interface {
|
||||
GetRetryMode(context.Context) (aws.RetryMode, bool, error)
|
||||
}
|
||||
|
||||
func getRetryMode(ctx context.Context, configs configs) (v aws.RetryMode, found bool, err error) {
|
||||
for _, c := range configs {
|
||||
if p, ok := c.(retryModeProvider); ok {
|
||||
v, found, err = p.GetRetryMode(ctx)
|
||||
if err != nil || found {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return v, found, err
|
||||
}
|
307
vendor/github.com/aws/aws-sdk-go-v2/config/resolve.go
generated
vendored
Normal file
307
vendor/github.com/aws/aws-sdk-go-v2/config/resolve.go
generated
vendored
Normal file
@ -0,0 +1,307 @@
|
||||
package config
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"os"
|
||||
|
||||
"github.com/aws/aws-sdk-go-v2/aws"
|
||||
awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http"
|
||||
"github.com/aws/aws-sdk-go-v2/feature/ec2/imds"
|
||||
"github.com/aws/smithy-go/logging"
|
||||
)
|
||||
|
||||
// resolveDefaultAWSConfig will write default configuration values into the cfg
|
||||
// value. It will write the default values, overwriting any previous value.
|
||||
//
|
||||
// This should be used as the first resolver in the slice of resolvers when
|
||||
// resolving external configuration.
|
||||
func resolveDefaultAWSConfig(ctx context.Context, cfg *aws.Config, cfgs configs) error {
|
||||
var sources []interface{}
|
||||
for _, s := range cfgs {
|
||||
sources = append(sources, s)
|
||||
}
|
||||
|
||||
*cfg = aws.Config{
|
||||
Credentials: aws.AnonymousCredentials{},
|
||||
Logger: logging.NewStandardLogger(os.Stderr),
|
||||
ConfigSources: sources,
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// resolveCustomCABundle extracts the first instance of a custom CA bundle filename
|
||||
// from the external configurations. It will update the HTTP Client's builder
|
||||
// to be configured with the custom CA bundle.
|
||||
//
|
||||
// Config provider used:
|
||||
// * customCABundleProvider
|
||||
func resolveCustomCABundle(ctx context.Context, cfg *aws.Config, cfgs configs) error {
|
||||
pemCerts, found, err := getCustomCABundle(ctx, cfgs)
|
||||
if err != nil {
|
||||
// TODO error handling, What is the best way to handle this?
|
||||
// capture previous errors continue. error out if all errors
|
||||
return err
|
||||
}
|
||||
if !found {
|
||||
return nil
|
||||
}
|
||||
|
||||
if cfg.HTTPClient == nil {
|
||||
cfg.HTTPClient = awshttp.NewBuildableClient()
|
||||
}
|
||||
|
||||
trOpts, ok := cfg.HTTPClient.(*awshttp.BuildableClient)
|
||||
if !ok {
|
||||
return fmt.Errorf("unable to add custom RootCAs HTTPClient, "+
|
||||
"has no WithTransportOptions, %T", cfg.HTTPClient)
|
||||
}
|
||||
|
||||
var appendErr error
|
||||
client := trOpts.WithTransportOptions(func(tr *http.Transport) {
|
||||
if tr.TLSClientConfig == nil {
|
||||
tr.TLSClientConfig = &tls.Config{}
|
||||
}
|
||||
if tr.TLSClientConfig.RootCAs == nil {
|
||||
tr.TLSClientConfig.RootCAs = x509.NewCertPool()
|
||||
}
|
||||
|
||||
b, err := ioutil.ReadAll(pemCerts)
|
||||
if err != nil {
|
||||
appendErr = fmt.Errorf("failed to read custom CA bundle PEM file")
|
||||
}
|
||||
|
||||
if !tr.TLSClientConfig.RootCAs.AppendCertsFromPEM(b) {
|
||||
appendErr = fmt.Errorf("failed to load custom CA bundle PEM file")
|
||||
}
|
||||
})
|
||||
if appendErr != nil {
|
||||
return appendErr
|
||||
}
|
||||
|
||||
cfg.HTTPClient = client
|
||||
return err
|
||||
}
|
||||
|
||||
// resolveRegion extracts the first instance of a Region from the configs slice.
|
||||
//
|
||||
// Config providers used:
|
||||
// * regionProvider
|
||||
func resolveRegion(ctx context.Context, cfg *aws.Config, configs configs) error {
|
||||
v, found, err := getRegion(ctx, configs)
|
||||
if err != nil {
|
||||
// TODO error handling, What is the best way to handle this?
|
||||
// capture previous errors continue. error out if all errors
|
||||
return err
|
||||
}
|
||||
if !found {
|
||||
return nil
|
||||
}
|
||||
|
||||
cfg.Region = v
|
||||
return nil
|
||||
}
|
||||
|
||||
// resolveDefaultRegion extracts the first instance of a default region and sets `aws.Config.Region` to the default
|
||||
// region if region had not been resolved from other sources.
|
||||
func resolveDefaultRegion(ctx context.Context, cfg *aws.Config, configs configs) error {
|
||||
if len(cfg.Region) > 0 {
|
||||
return nil
|
||||
}
|
||||
|
||||
v, found, err := getDefaultRegion(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if !found {
|
||||
return nil
|
||||
}
|
||||
|
||||
cfg.Region = v
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// resolveHTTPClient extracts the first instance of a HTTPClient and sets `aws.Config.HTTPClient` to the HTTPClient instance
|
||||
// if one has not been resolved from other sources.
|
||||
func resolveHTTPClient(ctx context.Context, cfg *aws.Config, configs configs) error {
|
||||
c, found, err := getHTTPClient(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if !found {
|
||||
return nil
|
||||
}
|
||||
|
||||
cfg.HTTPClient = c
|
||||
return nil
|
||||
}
|
||||
|
||||
// resolveAPIOptions extracts the first instance of APIOptions and sets `aws.Config.APIOptions` to the resolved API options
|
||||
// if one has not been resolved from other sources.
|
||||
func resolveAPIOptions(ctx context.Context, cfg *aws.Config, configs configs) error {
|
||||
o, found, err := getAPIOptions(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if !found {
|
||||
return nil
|
||||
}
|
||||
|
||||
cfg.APIOptions = o
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// resolveEndpointResolver extracts the first instance of a EndpointResolverFunc from the config slice
|
||||
// and sets the functions result on the aws.Config.EndpointResolver
|
||||
func resolveEndpointResolver(ctx context.Context, cfg *aws.Config, configs configs) error {
|
||||
endpointResolver, found, err := getEndpointResolver(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if !found {
|
||||
return nil
|
||||
}
|
||||
|
||||
cfg.EndpointResolver = endpointResolver
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// resolveEndpointResolver extracts the first instance of a EndpointResolverFunc from the config slice
|
||||
// and sets the functions result on the aws.Config.EndpointResolver
|
||||
func resolveEndpointResolverWithOptions(ctx context.Context, cfg *aws.Config, configs configs) error {
|
||||
endpointResolver, found, err := getEndpointResolverWithOptions(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if !found {
|
||||
return nil
|
||||
}
|
||||
|
||||
cfg.EndpointResolverWithOptions = endpointResolver
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resolveLogger(ctx context.Context, cfg *aws.Config, configs configs) error {
|
||||
logger, found, err := getLogger(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if !found {
|
||||
return nil
|
||||
}
|
||||
|
||||
cfg.Logger = logger
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resolveClientLogMode(ctx context.Context, cfg *aws.Config, configs configs) error {
|
||||
mode, found, err := getClientLogMode(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if !found {
|
||||
return nil
|
||||
}
|
||||
|
||||
cfg.ClientLogMode = mode
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resolveRetryer(ctx context.Context, cfg *aws.Config, configs configs) error {
|
||||
retryer, found, err := getRetryer(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if found {
|
||||
cfg.Retryer = retryer
|
||||
return nil
|
||||
}
|
||||
|
||||
// Only load the retry options if a custom retryer has not be specified.
|
||||
if err = resolveRetryMaxAttempts(ctx, cfg, configs); err != nil {
|
||||
return err
|
||||
}
|
||||
return resolveRetryMode(ctx, cfg, configs)
|
||||
}
|
||||
|
||||
func resolveEC2IMDSRegion(ctx context.Context, cfg *aws.Config, configs configs) error {
|
||||
if len(cfg.Region) > 0 {
|
||||
return nil
|
||||
}
|
||||
|
||||
region, found, err := getEC2IMDSRegion(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if !found {
|
||||
return nil
|
||||
}
|
||||
|
||||
cfg.Region = region
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resolveDefaultsModeOptions(ctx context.Context, cfg *aws.Config, configs configs) error {
|
||||
defaultsMode, found, err := getDefaultsMode(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if !found {
|
||||
defaultsMode = aws.DefaultsModeLegacy
|
||||
}
|
||||
|
||||
var environment aws.RuntimeEnvironment
|
||||
if defaultsMode == aws.DefaultsModeAuto {
|
||||
envConfig, _, _ := getAWSConfigSources(configs)
|
||||
|
||||
client, found, err := getDefaultsModeIMDSClient(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if !found {
|
||||
client = imds.NewFromConfig(*cfg)
|
||||
}
|
||||
|
||||
environment, err = resolveDefaultsModeRuntimeEnvironment(ctx, envConfig, client)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
cfg.DefaultsMode = defaultsMode
|
||||
cfg.RuntimeEnvironment = environment
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resolveRetryMaxAttempts(ctx context.Context, cfg *aws.Config, configs configs) error {
|
||||
maxAttempts, found, err := getRetryMaxAttempts(ctx, configs)
|
||||
if err != nil || !found {
|
||||
return err
|
||||
}
|
||||
cfg.RetryMaxAttempts = maxAttempts
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resolveRetryMode(ctx context.Context, cfg *aws.Config, configs configs) error {
|
||||
retryMode, found, err := getRetryMode(ctx, configs)
|
||||
if err != nil || !found {
|
||||
return err
|
||||
}
|
||||
cfg.RetryMode = retryMode
|
||||
|
||||
return nil
|
||||
}
|
470
vendor/github.com/aws/aws-sdk-go-v2/config/resolve_credentials.go
generated
vendored
Normal file
470
vendor/github.com/aws/aws-sdk-go-v2/config/resolve_credentials.go
generated
vendored
Normal file
@ -0,0 +1,470 @@
|
||||
package config
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net/url"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go-v2/aws"
|
||||
"github.com/aws/aws-sdk-go-v2/credentials"
|
||||
"github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds"
|
||||
"github.com/aws/aws-sdk-go-v2/credentials/endpointcreds"
|
||||
"github.com/aws/aws-sdk-go-v2/credentials/processcreds"
|
||||
"github.com/aws/aws-sdk-go-v2/credentials/ssocreds"
|
||||
"github.com/aws/aws-sdk-go-v2/credentials/stscreds"
|
||||
"github.com/aws/aws-sdk-go-v2/feature/ec2/imds"
|
||||
"github.com/aws/aws-sdk-go-v2/service/sso"
|
||||
"github.com/aws/aws-sdk-go-v2/service/sts"
|
||||
)
|
||||
|
||||
const (
|
||||
// valid credential source values
|
||||
credSourceEc2Metadata = "Ec2InstanceMetadata"
|
||||
credSourceEnvironment = "Environment"
|
||||
credSourceECSContainer = "EcsContainer"
|
||||
)
|
||||
|
||||
var (
|
||||
ecsContainerEndpoint = "http://169.254.170.2" // not constant to allow for swapping during unit-testing
|
||||
)
|
||||
|
||||
// resolveCredentials extracts a credential provider from slice of config sources.
|
||||
//
|
||||
// If an explict credential provider is not found the resolver will fallback to resolving
|
||||
// credentials by extracting a credential provider from EnvConfig and SharedConfig.
|
||||
func resolveCredentials(ctx context.Context, cfg *aws.Config, configs configs) error {
|
||||
found, err := resolveCredentialProvider(ctx, cfg, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if found {
|
||||
return nil
|
||||
}
|
||||
|
||||
err = resolveCredentialChain(ctx, cfg, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// resolveCredentialProvider extracts the first instance of Credentials from the
|
||||
// config slices.
|
||||
//
|
||||
// The resolved CredentialProvider will be wrapped in a cache to ensure the
|
||||
// credentials are only refreshed when needed. This also protects the
|
||||
// credential provider to be used concurrently.
|
||||
//
|
||||
// Config providers used:
|
||||
// * credentialsProviderProvider
|
||||
func resolveCredentialProvider(ctx context.Context, cfg *aws.Config, configs configs) (bool, error) {
|
||||
credProvider, found, err := getCredentialsProvider(ctx, configs)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
if !found {
|
||||
return false, nil
|
||||
}
|
||||
|
||||
cfg.Credentials, err = wrapWithCredentialsCache(ctx, configs, credProvider)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
return true, nil
|
||||
}
|
||||
|
||||
// resolveCredentialChain resolves a credential provider chain using EnvConfig
|
||||
// and SharedConfig if present in the slice of provided configs.
|
||||
//
|
||||
// The resolved CredentialProvider will be wrapped in a cache to ensure the
|
||||
// credentials are only refreshed when needed. This also protects the
|
||||
// credential provider to be used concurrently.
|
||||
func resolveCredentialChain(ctx context.Context, cfg *aws.Config, configs configs) (err error) {
|
||||
envConfig, sharedConfig, other := getAWSConfigSources(configs)
|
||||
|
||||
// When checking if a profile was specified programmatically we should only consider the "other"
|
||||
// configuration sources that have been provided. This ensures we correctly honor the expected credential
|
||||
// hierarchy.
|
||||
_, sharedProfileSet, err := getSharedConfigProfile(ctx, other)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
switch {
|
||||
case sharedProfileSet:
|
||||
err = resolveCredsFromProfile(ctx, cfg, envConfig, sharedConfig, other)
|
||||
case envConfig.Credentials.HasKeys():
|
||||
cfg.Credentials = credentials.StaticCredentialsProvider{Value: envConfig.Credentials}
|
||||
case len(envConfig.WebIdentityTokenFilePath) > 0:
|
||||
err = assumeWebIdentity(ctx, cfg, envConfig.WebIdentityTokenFilePath, envConfig.RoleARN, envConfig.RoleSessionName, configs)
|
||||
default:
|
||||
err = resolveCredsFromProfile(ctx, cfg, envConfig, sharedConfig, other)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// Wrap the resolved provider in a cache so the SDK will cache credentials.
|
||||
cfg.Credentials, err = wrapWithCredentialsCache(ctx, configs, cfg.Credentials)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resolveCredsFromProfile(ctx context.Context, cfg *aws.Config, envConfig *EnvConfig, sharedConfig *SharedConfig, configs configs) (err error) {
|
||||
|
||||
switch {
|
||||
case sharedConfig.Source != nil:
|
||||
// Assume IAM role with credentials source from a different profile.
|
||||
err = resolveCredsFromProfile(ctx, cfg, envConfig, sharedConfig.Source, configs)
|
||||
|
||||
case sharedConfig.Credentials.HasKeys():
|
||||
// Static Credentials from Shared Config/Credentials file.
|
||||
cfg.Credentials = credentials.StaticCredentialsProvider{
|
||||
Value: sharedConfig.Credentials,
|
||||
}
|
||||
|
||||
case len(sharedConfig.CredentialSource) != 0:
|
||||
err = resolveCredsFromSource(ctx, cfg, envConfig, sharedConfig, configs)
|
||||
|
||||
case len(sharedConfig.WebIdentityTokenFile) != 0:
|
||||
// Credentials from Assume Web Identity token require an IAM Role, and
|
||||
// that roll will be assumed. May be wrapped with another assume role
|
||||
// via SourceProfile.
|
||||
return assumeWebIdentity(ctx, cfg, sharedConfig.WebIdentityTokenFile, sharedConfig.RoleARN, sharedConfig.RoleSessionName, configs)
|
||||
|
||||
case sharedConfig.hasSSOConfiguration():
|
||||
err = resolveSSOCredentials(ctx, cfg, sharedConfig, configs)
|
||||
|
||||
case len(sharedConfig.CredentialProcess) != 0:
|
||||
// Get credentials from CredentialProcess
|
||||
err = processCredentials(ctx, cfg, sharedConfig, configs)
|
||||
|
||||
case len(envConfig.ContainerCredentialsEndpoint) != 0:
|
||||
err = resolveLocalHTTPCredProvider(ctx, cfg, envConfig.ContainerCredentialsEndpoint, envConfig.ContainerAuthorizationToken, configs)
|
||||
|
||||
case len(envConfig.ContainerCredentialsRelativePath) != 0:
|
||||
err = resolveHTTPCredProvider(ctx, cfg, ecsContainerURI(envConfig.ContainerCredentialsRelativePath), envConfig.ContainerAuthorizationToken, configs)
|
||||
|
||||
default:
|
||||
err = resolveEC2RoleCredentials(ctx, cfg, configs)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if len(sharedConfig.RoleARN) > 0 {
|
||||
return credsFromAssumeRole(ctx, cfg, sharedConfig, configs)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resolveSSOCredentials(ctx context.Context, cfg *aws.Config, sharedConfig *SharedConfig, configs configs) error {
|
||||
if err := sharedConfig.validateSSOConfiguration(); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
var options []func(*ssocreds.Options)
|
||||
v, found, err := getSSOProviderOptions(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if found {
|
||||
options = append(options, v)
|
||||
}
|
||||
|
||||
cfgCopy := cfg.Copy()
|
||||
cfgCopy.Region = sharedConfig.SSORegion
|
||||
|
||||
cfg.Credentials = ssocreds.New(sso.NewFromConfig(cfgCopy), sharedConfig.SSOAccountID, sharedConfig.SSORoleName, sharedConfig.SSOStartURL, options...)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func ecsContainerURI(path string) string {
|
||||
return fmt.Sprintf("%s%s", ecsContainerEndpoint, path)
|
||||
}
|
||||
|
||||
func processCredentials(ctx context.Context, cfg *aws.Config, sharedConfig *SharedConfig, configs configs) error {
|
||||
var opts []func(*processcreds.Options)
|
||||
|
||||
options, found, err := getProcessCredentialOptions(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if found {
|
||||
opts = append(opts, options)
|
||||
}
|
||||
|
||||
cfg.Credentials = processcreds.NewProvider(sharedConfig.CredentialProcess, opts...)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resolveLocalHTTPCredProvider(ctx context.Context, cfg *aws.Config, endpointURL, authToken string, configs configs) error {
|
||||
var resolveErr error
|
||||
|
||||
parsed, err := url.Parse(endpointURL)
|
||||
if err != nil {
|
||||
resolveErr = fmt.Errorf("invalid URL, %w", err)
|
||||
} else {
|
||||
host := parsed.Hostname()
|
||||
if len(host) == 0 {
|
||||
resolveErr = fmt.Errorf("unable to parse host from local HTTP cred provider URL")
|
||||
} else if isLoopback, loopbackErr := isLoopbackHost(host); loopbackErr != nil {
|
||||
resolveErr = fmt.Errorf("failed to resolve host %q, %v", host, loopbackErr)
|
||||
} else if !isLoopback {
|
||||
resolveErr = fmt.Errorf("invalid endpoint host, %q, only loopback hosts are allowed", host)
|
||||
}
|
||||
}
|
||||
|
||||
if resolveErr != nil {
|
||||
return resolveErr
|
||||
}
|
||||
|
||||
return resolveHTTPCredProvider(ctx, cfg, endpointURL, authToken, configs)
|
||||
}
|
||||
|
||||
func resolveHTTPCredProvider(ctx context.Context, cfg *aws.Config, url, authToken string, configs configs) error {
|
||||
optFns := []func(*endpointcreds.Options){
|
||||
func(options *endpointcreds.Options) {
|
||||
if len(authToken) != 0 {
|
||||
options.AuthorizationToken = authToken
|
||||
}
|
||||
options.APIOptions = cfg.APIOptions
|
||||
if cfg.Retryer != nil {
|
||||
options.Retryer = cfg.Retryer()
|
||||
}
|
||||
},
|
||||
}
|
||||
|
||||
optFn, found, err := getEndpointCredentialProviderOptions(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if found {
|
||||
optFns = append(optFns, optFn)
|
||||
}
|
||||
|
||||
provider := endpointcreds.New(url, optFns...)
|
||||
|
||||
cfg.Credentials, err = wrapWithCredentialsCache(ctx, configs, provider, func(options *aws.CredentialsCacheOptions) {
|
||||
options.ExpiryWindow = 5 * time.Minute
|
||||
})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resolveCredsFromSource(ctx context.Context, cfg *aws.Config, envConfig *EnvConfig, sharedCfg *SharedConfig, configs configs) (err error) {
|
||||
switch sharedCfg.CredentialSource {
|
||||
case credSourceEc2Metadata:
|
||||
return resolveEC2RoleCredentials(ctx, cfg, configs)
|
||||
|
||||
case credSourceEnvironment:
|
||||
cfg.Credentials = credentials.StaticCredentialsProvider{Value: envConfig.Credentials}
|
||||
|
||||
case credSourceECSContainer:
|
||||
if len(envConfig.ContainerCredentialsRelativePath) == 0 {
|
||||
return fmt.Errorf("EcsContainer was specified as the credential_source, but 'AWS_CONTAINER_CREDENTIALS_RELATIVE_URI' was not set")
|
||||
}
|
||||
return resolveHTTPCredProvider(ctx, cfg, ecsContainerURI(envConfig.ContainerCredentialsRelativePath), envConfig.ContainerAuthorizationToken, configs)
|
||||
|
||||
default:
|
||||
return fmt.Errorf("credential_source values must be EcsContainer, Ec2InstanceMetadata, or Environment")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resolveEC2RoleCredentials(ctx context.Context, cfg *aws.Config, configs configs) error {
|
||||
optFns := make([]func(*ec2rolecreds.Options), 0, 2)
|
||||
|
||||
optFn, found, err := getEC2RoleCredentialProviderOptions(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if found {
|
||||
optFns = append(optFns, optFn)
|
||||
}
|
||||
|
||||
optFns = append(optFns, func(o *ec2rolecreds.Options) {
|
||||
// Only define a client from config if not already defined.
|
||||
if o.Client == nil {
|
||||
o.Client = imds.NewFromConfig(*cfg)
|
||||
}
|
||||
})
|
||||
|
||||
provider := ec2rolecreds.New(optFns...)
|
||||
|
||||
cfg.Credentials, err = wrapWithCredentialsCache(ctx, configs, provider)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func getAWSConfigSources(cfgs configs) (*EnvConfig, *SharedConfig, configs) {
|
||||
var (
|
||||
envConfig *EnvConfig
|
||||
sharedConfig *SharedConfig
|
||||
other configs
|
||||
)
|
||||
|
||||
for i := range cfgs {
|
||||
switch c := cfgs[i].(type) {
|
||||
case EnvConfig:
|
||||
if envConfig == nil {
|
||||
envConfig = &c
|
||||
}
|
||||
case *EnvConfig:
|
||||
if envConfig == nil {
|
||||
envConfig = c
|
||||
}
|
||||
case SharedConfig:
|
||||
if sharedConfig == nil {
|
||||
sharedConfig = &c
|
||||
}
|
||||
case *SharedConfig:
|
||||
if envConfig == nil {
|
||||
sharedConfig = c
|
||||
}
|
||||
default:
|
||||
other = append(other, c)
|
||||
}
|
||||
}
|
||||
|
||||
if envConfig == nil {
|
||||
envConfig = &EnvConfig{}
|
||||
}
|
||||
|
||||
if sharedConfig == nil {
|
||||
sharedConfig = &SharedConfig{}
|
||||
}
|
||||
|
||||
return envConfig, sharedConfig, other
|
||||
}
|
||||
|
||||
// AssumeRoleTokenProviderNotSetError is an error returned when creating a
|
||||
// session when the MFAToken option is not set when shared config is configured
|
||||
// load assume a role with an MFA token.
|
||||
type AssumeRoleTokenProviderNotSetError struct{}
|
||||
|
||||
// Error is the error message
|
||||
func (e AssumeRoleTokenProviderNotSetError) Error() string {
|
||||
return fmt.Sprintf("assume role with MFA enabled, but AssumeRoleTokenProvider session option not set.")
|
||||
}
|
||||
|
||||
func assumeWebIdentity(ctx context.Context, cfg *aws.Config, filepath string, roleARN, sessionName string, configs configs) error {
|
||||
if len(filepath) == 0 {
|
||||
return fmt.Errorf("token file path is not set")
|
||||
}
|
||||
|
||||
if len(roleARN) == 0 {
|
||||
return fmt.Errorf("role ARN is not set")
|
||||
}
|
||||
|
||||
optFns := []func(*stscreds.WebIdentityRoleOptions){
|
||||
func(options *stscreds.WebIdentityRoleOptions) {
|
||||
options.RoleSessionName = sessionName
|
||||
},
|
||||
}
|
||||
|
||||
optFn, found, err := getWebIdentityCredentialProviderOptions(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if found {
|
||||
optFns = append(optFns, optFn)
|
||||
}
|
||||
|
||||
provider := stscreds.NewWebIdentityRoleProvider(sts.NewFromConfig(*cfg), roleARN, stscreds.IdentityTokenFile(filepath), optFns...)
|
||||
|
||||
cfg.Credentials = provider
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func credsFromAssumeRole(ctx context.Context, cfg *aws.Config, sharedCfg *SharedConfig, configs configs) (err error) {
|
||||
optFns := []func(*stscreds.AssumeRoleOptions){
|
||||
func(options *stscreds.AssumeRoleOptions) {
|
||||
options.RoleSessionName = sharedCfg.RoleSessionName
|
||||
if sharedCfg.RoleDurationSeconds != nil {
|
||||
if *sharedCfg.RoleDurationSeconds/time.Minute > 15 {
|
||||
options.Duration = *sharedCfg.RoleDurationSeconds
|
||||
}
|
||||
}
|
||||
// Assume role with external ID
|
||||
if len(sharedCfg.ExternalID) > 0 {
|
||||
options.ExternalID = aws.String(sharedCfg.ExternalID)
|
||||
}
|
||||
|
||||
// Assume role with MFA
|
||||
if len(sharedCfg.MFASerial) != 0 {
|
||||
options.SerialNumber = aws.String(sharedCfg.MFASerial)
|
||||
}
|
||||
},
|
||||
}
|
||||
|
||||
optFn, found, err := getAssumeRoleCredentialProviderOptions(ctx, configs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if found {
|
||||
optFns = append(optFns, optFn)
|
||||
}
|
||||
|
||||
{
|
||||
// Synthesize options early to validate configuration errors sooner to ensure a token provider
|
||||
// is present if the SerialNumber was set.
|
||||
var o stscreds.AssumeRoleOptions
|
||||
for _, fn := range optFns {
|
||||
fn(&o)
|
||||
}
|
||||
if o.TokenProvider == nil && o.SerialNumber != nil {
|
||||
return AssumeRoleTokenProviderNotSetError{}
|
||||
}
|
||||
}
|
||||
|
||||
cfg.Credentials = stscreds.NewAssumeRoleProvider(sts.NewFromConfig(*cfg), sharedCfg.RoleARN, optFns...)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// wrapWithCredentialsCache will wrap provider with an aws.CredentialsCache
|
||||
// with the provided options if the provider is not already a
|
||||
// aws.CredentialsCache.
|
||||
func wrapWithCredentialsCache(
|
||||
ctx context.Context,
|
||||
cfgs configs,
|
||||
provider aws.CredentialsProvider,
|
||||
optFns ...func(options *aws.CredentialsCacheOptions),
|
||||
) (aws.CredentialsProvider, error) {
|
||||
_, ok := provider.(*aws.CredentialsCache)
|
||||
if ok {
|
||||
return provider, nil
|
||||
}
|
||||
|
||||
credCacheOptions, found, err := getCredentialsCacheOptionsProvider(ctx, cfgs)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// force allocation of a new slice if the additional options are
|
||||
// needed, to prevent overwriting the passed in slice of options.
|
||||
optFns = optFns[:len(optFns):len(optFns)]
|
||||
if found {
|
||||
optFns = append(optFns, credCacheOptions)
|
||||
}
|
||||
|
||||
return aws.NewCredentialsCache(provider, optFns...), nil
|
||||
}
|
1265
vendor/github.com/aws/aws-sdk-go-v2/config/shared_config.go
generated
vendored
Normal file
1265
vendor/github.com/aws/aws-sdk-go-v2/config/shared_config.go
generated
vendored
Normal file
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user