mirror of
https://github.com/opentofu/opentofu.git
synced 2024-12-28 01:41:48 -06:00
981c95f699
This CredentialsSource can serve as an extension point to pass credentials from an arbitrary external system to Terraform. For example, an external helper program could fetch limited-time credentials from HashiCorp Vault and return them, thus avoiding the need for any static configuration to be maintained locally (except a Vault token!). So far there are no real programs implementing this protocol, though this commit includes a basic implementation that we use for unit tests.
40 lines
771 B
Go
40 lines
771 B
Go
package main
|
|
|
|
import (
|
|
"fmt"
|
|
"os"
|
|
)
|
|
|
|
// This is a simple program that implements the "helper program" protocol
|
|
// for the svchost/auth package for unit testing purposes.
|
|
|
|
func main() {
|
|
args := os.Args
|
|
|
|
if len(args) < 3 {
|
|
die("not enough arguments\n")
|
|
}
|
|
|
|
if args[1] != "get" {
|
|
die("unknown subcommand %q\n", args[1])
|
|
}
|
|
|
|
host := args[2]
|
|
|
|
switch host {
|
|
case "example.com":
|
|
fmt.Print(`{"token":"example-token"}`)
|
|
case "other-cred-type.example.com":
|
|
fmt.Print(`{"username":"alfred"}`) // unrecognized by main program
|
|
case "fail.example.com":
|
|
die("failing because you told me to fail\n")
|
|
default:
|
|
fmt.Print("{}") // no credentials available
|
|
}
|
|
}
|
|
|
|
func die(f string, args ...interface{}) {
|
|
fmt.Fprintf(os.Stderr, fmt.Sprintf(f, args...))
|
|
os.Exit(1)
|
|
}
|