upstream/packer
1
0
Fork 0
mirror of https://github.com/hashicorp/packer.git synced 2026-06-09 00:32:09 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
packer/internal/hcp/env/env.go
hashicorp-copywrite[bot] 219421c08c [COMPLIANCE] Update Copyright and License Headers (Batch 2 of 5)
2025-12-11 07:02:15 +00:00

126 lines
3.6 KiB
Go
Raw Permalink Blame History

// Copyright IBM Corp. 2013, 2025
// SPDX-License-Identifier: BUSL-1.1
// Package env provides HCP Packer environment variables.
package env
import (
"errors"
"fmt"
"log"
"os"
"path/filepath"
"strings"
)
func HasHCPAuth() (bool, error) {
// Client crendential authentication requires the following environment variables be set; `HCP_CLIENT_ID` and `HCP_CLIENT_SECRET`.
hasClientCredentials := HasHCPClientCredentials()
// Client certificate authentication requires a valid HCP certificate file placed in either the default location (~/.config/hcp/cred_file.json) or at a location specified in the `HCP_CRED_FILE` env var
hasCertificate, err := HasHCPCertificateFile()
if err != nil {
return false, err
}
if hasClientCredentials && hasCertificate {
fmt.Printf("HCP Client Credentials (HCP_CLIENT_ID/HCP_CLIENT_SECRET environment variables) and certificate (HCP_CRED_FILE environment variable, or certificate located at default path (%s) are both supplied, only one is required. The HCP SDK will determine which authentication mechanism to configure here, it is reccomended to only configure one authentication method", HCPDefaultCredFilePathFull)
}
return (hasClientCredentials || hasCertificate), nil
}
func HasProjectID() bool {
return hasEnvVar(HCPProjectID)
}
func HasOrganizationID() bool {
return hasEnvVar(HCPOrganizationID)
}
func HasClientID() bool {
return hasEnvVar(HCPClientID)
}
func HasClientSecret() bool {
return hasEnvVar(HCPClientSecret)
}
func HasPackerRegistryBucket() bool {
return hasEnvVar(HCPPackerBucket)
}
func hasEnvVar(varName string) bool {
val, ok := os.LookupEnv(varName)
if !ok {
return false
}
return val != ""
}
func HasHCPClientCredentials() bool {
checks := []func() bool{
HasClientID,
HasClientSecret,
}
for _, check := range checks {
if !check() {
return false
}
}
return true
}
func HasHCPCertificateFile() (bool, error) {
envVarCredFile, _ := os.LookupEnv(HCPCredFile)
var envVarCertExists bool
var err error
if envVarCredFile != "" {
envVarCertExists, err = fileExists(envVarCredFile)
if err != nil {
return false, err
}
}
// Get the user's home directory.
userHome, err := os.UserHomeDir()
if err != nil {
return false, fmt.Errorf("failed to retrieve user's home directory path: %v", err)
}
// builds file path ~/.config/hcp/cred_file.json, if we don't parse the home directory os.Stat can't find the default credential path
defaultCredFilePath := filepath.Join(userHome, HCPDefaultCredFilePath, HCPDefaultCredFile)
log.Printf("Checking for default HCP credential file at path %s", defaultCredFilePath)
defaultPathCertExists, err := fileExists(defaultCredFilePath)
if err != nil {
return false, err
}
log.Printf("Default file found status - %t", defaultPathCertExists)
if envVarCertExists && defaultPathCertExists {
fmt.Println("A HCP credential file was found at the default path, and an HCP_CRED_FILE was specified, the HCP SDK will use the HCP_CRED_FILE")
}
if envVarCertExists || defaultPathCertExists {
return true, nil
}
return false, nil
}
func IsHCPDisabled() bool {
hcp, ok := os.LookupEnv(HCPPackerRegistry)
return ok && strings.ToLower(hcp) == "off" || hcp == "0"
}
// IsHCPExplicitelyEnabled returns true if the client enabled HCP_PACKER_REGISTRY explicitely, i.e. it is defined and not 0 or off
func IsHCPExplicitelyEnabled() bool {
_, ok := os.LookupEnv(HCPPackerRegistry)
return ok && !IsHCPDisabled()
}
func fileExists(path string) (bool, error) {
_, err := os.Stat(path)
if err == nil {
return true, nil // Path exists, no error
}
if errors.Is(err, os.ErrNotExist) {
return false, nil // Path does not exist
}
return false, err // Another error occurred
}
Reference in a new issue View git blame Copy permalink