1 // Copyright 2022 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package tfprovider 16 17 import ( 18 "context" 19 "fmt" 20 21 "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/deepcopy" 22 "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/krmtotf" 23 "k8s.io/klog/v2" 24 25 tfschema "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 26 "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" 27 "github.com/hashicorp/terraform-provider-google-beta/google-beta" 28 transport_tpg "github.com/hashicorp/terraform-provider-google-beta/google-beta/transport" 29 ) 30 31 // Config holds additional configuration for the google TF provider 32 type Config struct { 33 // AccessToken is the access_token to be passed to the TF provider (if non-empty), 34 // allowing use of a non-default OAuth2 identity 35 AccessToken string 36 37 // Scopes is the list of OAuth2 scopes to be passed to the TF provider, 38 // allowing use of non-default OAuth2 scopes. If none are specified, then 39 // Terraform has a default list of scopes that it will use. 40 Scopes []string 41 42 // Controls the quota project used in requests to GCP APIs for the purpose of preconditions, 43 // quota, and billing. If false, the quota project is determined by the API and may be the project 44 // associated with your credentials, or the resource project. If true, most resources in 45 // the provider will explicitly supply their resource project, as described in their documentation. 46 // Otherwise, a billing_project value must be supplied. 47 // https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override 48 UserProjectOverride bool 49 50 // BillingProject is the project used by the TF provider for preconditions, 51 // quota, and billing if UserProjectOverride is set to true. If this field is empty, 52 // but UserProjectOverride is set to true, then the TF provider uses the resource's project. 53 // https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#billing_project 54 BillingProject string 55 } 56 57 var DefaultConfig = NewConfig() 58 59 func NewConfig() Config { 60 return Config{ 61 Scopes: append(deepcopy.StringSlice(transport_tpg.DefaultClientScopes), 62 63 // Needed by the KCC controller to be able to create resources that 64 // read Google Drive files. 65 "https://www.googleapis.com/auth/drive.readonly", 66 ), 67 } 68 } 69 70 // New builds a new tfschema.Provider for the google provider. 71 func New(ctx context.Context, config Config) (*tfschema.Provider, error) { 72 googleProvider := google.Provider() 73 cfgMap := map[string]interface{}{} 74 if config.AccessToken != "" { 75 cfgMap["access_token"] = config.AccessToken 76 } 77 78 cfgMap["scopes"] = config.Scopes 79 cfgMap["user_project_override"] = config.UserProjectOverride 80 cfgMap["billing_project"] = config.BillingProject 81 82 schema := tfschema.InternalMap(googleProvider.Schema).CoreConfigSchema() 83 cfg := terraform.NewResourceConfigShimmed(krmtotf.MapToCtyVal(cfgMap, schema.ImpliedType()), schema) 84 if err := googleProvider.Configure(ctx, cfg); err != nil { 85 return nil, fmt.Errorf("error configuring provider: %v", err) 86 } 87 return googleProvider, nil 88 } 89 90 // NewOrLogFatal calls New and panics on error 91 // deprecated: Prefer New and handle the error 92 func NewOrLogFatal(config Config) *tfschema.Provider { 93 ctx := context.TODO() 94 p, err := New(ctx, config) 95 if err != nil { 96 klog.Fatal(err) 97 } 98 return p 99 } 100