fix: refactor the way the config is read from file and envvars

The plugin will use the following order of precedence:

environment value > file value > default value

See the wiki for details on environment variable names.

Signed-off-by: Avi Miller <avi.miller@oracle.com>
pull/3539/head
Avi Miller 2021-06-20 14:38:24 +10:00
parent 7666022840
commit 1d089d4541
No known key found for this signature in database
GPG Key ID: 66D6066620F03B05
1 changed files with 72 additions and 53 deletions

View File

@ -80,76 +80,93 @@ _get_oci_zone() {
_oci_config() { _oci_config() {
OCI_CLI_CONFIG_FILE="${OCI_CLI_CONFIG_FILE:-$HOME/.oci/config}" _DEFAULT_OCI_CLI_CONFIG_FILE="$HOME/.oci/config"
OCI_CLI_PROFILE="${OCI_CLI_PROFILE:-DEFAULT}" OCI_CLI_CONFIG_FILE="${OCI_CLI_CONFIG_FILE:-$(_readaccountconf_mutable OCI_CLI_CONFIG_FILE)}"
# Read the configuration from either the default or specified config file if [ -z "$OCI_CLI_CONFIG_FILE" ]; then
# Override the config file value with the environment variable value (if set) OCI_CLI_CONFIG_FILE="$_DEFAULT_OCI_CLI_CONFIG_FILE"
if [ -f "$OCI_CLI_CONFIG_FILE" ]; then fi
_info "Reading OCI configuration file: $OCI_CLI_CONFIG_FILE"
OCI_CLI_TENANCY="${OCI_CLI_TENANCY:-$(_readini tenancy "$OCI_CLI_CONFIG_FILE" "$OCI_CLI_PROFILE")}" if [ "$_DEFAULT_OCI_CLI_CONFIG_FILE" != "$OCI_CLI_CONFIG_FILE" ]; then
OCI_CLI_USER="${OCI_CLI_USER:-$(_readini user "$OCI_CLI_CONFIG_FILE" "$OCI_CLI_PROFILE")}" _saveaccountconf_mutable OCI_CLI_CONFIG_FILE "$OCI_CLI_CONFIG_FILE"
OCI_CLI_KEY_FILE="${OCI_CLI_KEY_FILE:-$(_readini key_file "$OCI_CLI_CONFIG_FILE" "$OCI_CLI_PROFILE")}"
OCI_CLI_REGION="${OCI_CLI_REGION:-$(_readini region "$OCI_CLI_CONFIG_FILE" "$OCI_CLI_PROFILE")}"
else else
OCI_CLI_TENANCY="${OCI_CLI_TENANCY:-$(_readaccountconf_mutable OCI_CLI_TENANCY)}" _clearaccountconf_mutable OCI_CLI_CONFIG_FILE
OCI_CLI_USER="${OCI_CLI_USER:-$(_readaccountconf_mutable OCI_CLI_USER)}"
OCI_CLI_KEY="${OCI_CLI_KEY:-$(_readaccountconf_mutable OCI_CLI_KEY)}"
OCI_CLI_REGION="${OCI_CLI_REGION:-$(_readaccountconf_mutable OCI_CLI_REGION)}"
_save_config="true"
fi fi
_not_set="" _DEFAULT_OCI_CLI_PROFILE="DEFAULT"
_ret=0 OCI_CLI_PROFILE="${OCI_CLI_PROFILE:-$(_readaccountconf_mutable OCI_CLI_PROFILE)}"
if [ "$_DEFAULT_OCI_CLI_PROFILE" != "$OCI_CLI_PROFILE" ]; then
if [ -z "$OCI_CLI_KEY_FILE" ] && [ -z "$OCI_CLI_KEY" ]; then _saveaccountconf_mutable OCI_CLI_PROFILE "$OCI_CLI_PROFILE"
_err "Fatal: you must provide a value for either OCI_CLI_KEY_FILE or OCI_CLI_KEY." else
return 1 OCI_CLI_PROFILE="$_DEFAULT_OCI_CLI_PROFILE"
_clearaccountconf_mutable OCI_CLI_PROFILE
fi fi
if [ "$OCI_CLI_KEY_FILE" ] && [ -z "$OCI_CLI_KEY" ]; then OCI_CLI_TENANCY="${OCI_CLI_TENANCY:-$(_readaccountconf_mutable OCI_CLI_TENANCY)}"
if [ -f "$OCI_CLI_KEY_FILE" ]; then if [ "$OCI_CLI_TENANCY" ]; then
OCI_CLI_KEY=$(_base64 <"$OCI_CLI_KEY_FILE") _saveaccountconf_mutable OCI_CLI_TENANCY "$OCI_CLI_TENANCY"
else elif [ -f "$OCI_CLI_CONFIG_FILE" ]; then
_err "Fatal: unable to read key file: $OCI_CLI_KEY_FILE" _debug "Reading OCI_CLI_TENANCY value from: $OCI_CLI_CONFIG_FILE"
return 1 OCI_CLI_TENANCY="${OCI_CLI_TENANCY:-$(_readini "$OCI_CLI_CONFIG_FILE" tenancy "$OCI_CLI_PROFILE")}"
fi
fi fi
if [ -z "$OCI_CLI_TENANCY" ]; then if [ -z "$OCI_CLI_TENANCY" ]; then
_not_set="${_not_set}OCI_CLI_TENANCY " _err "Error: unable to read OCI_CLI_TENANCY from config file or environment variable."
return 1
fi fi
OCI_CLI_USER="${OCI_CLI_USER:-$(_readaccountconf_mutable OCI_CLI_USER)}"
if [ "$OCI_CLI_USER" ]; then
_saveaccountconf_mutable OCI_CLI_USER "$OCI_CLI_USER"
elif [ -f "$OCI_CLI_CONFIG_FILE" ]; then
_debug "Reading OCI_CLI_USER value from: $OCI_CLI_CONFIG_FILE"
OCI_CLI_USER="${OCI_CLI_USER:-$(_readini "$OCI_CLI_CONFIG_FILE" user "$OCI_CLI_PROFILE")}"
fi
if [ -z "$OCI_CLI_USER" ]; then if [ -z "$OCI_CLI_USER" ]; then
_not_set="${_not_set}OCI_CLI_USER " _err "Error: unable to read OCI_CLI_USER from config file or environment variable."
return 1
fi fi
OCI_CLI_REGION="${OCI_CLI_REGION:-$(_readaccountconf_mutable OCI_CLI_REGION)}"
if [ "$OCI_CLI_REGION" ]; then
_saveaccountconf_mutable OCI_CLI_REGION "$OCI_CLI_REGION"
elif [ -f "$OCI_CLI_CONFIG_FILE" ]; then
_debug "Reading OCI_CLI_REGION value from: $OCI_CLI_CONFIG_FILE"
OCI_CLI_REGION="${OCI_CLI_REGION:-$(_readini "$OCI_CLI_CONFIG_FILE" region "$OCI_CLI_PROFILE")}"
fi
if [ -z "$OCI_CLI_REGION" ]; then if [ -z "$OCI_CLI_REGION" ]; then
_not_set="${_not_set}OCI_CLI_REGION " _err "Error: unable to read OCI_CLI_REGION from config file or environment variable."
return 1
fi fi
if [ "$_not_set" ]; then OCI_CLI_KEY="${OCI_CLI_KEY:-$(_readaccountconf_mutable OCI_CLI_KEY)}"
_err "Fatal: required environment variable(s): ${_not_set} not set." if [ -z "$OCI_CLI_KEY" ]; then
_ret=1 _clearaccountconf_mutable OCI_CLI_KEY
else OCI_CLI_KEY_FILE="${OCI_CLI_KEY_FILE:-$(_readini "$OCI_CLI_CONFIG_FILE" key_file "$OCI_CLI_PROFILE")}"
if [ "$_save_config" ]; then if [ "$OCI_CLI_KEY_FILE" ] && [ -f "$OCI_CLI_KEY_FILE" ]; then
_saveaccountconf_mutable OCI_CLI_TENANCY "$OCI_CLI_TENANCY" _debug "Reading OCI_CLI_KEY value from: $OCI_CLI_KEY_FILE"
_saveaccountconf_mutable OCI_CLI_USER "$OCI_CLI_USER" OCI_CLI_KEY=$(_base64 <"$OCI_CLI_KEY_FILE")
_saveaccountconf_mutable OCI_CLI_KEY "$OCI_CLI_KEY" _saveaccountconf_mutable OCI_CLI_KEY "$OCI_CLI_KEY"
_saveaccountconf_mutable OCI_CLI_REGION "$OCI_CLI_REGION"
else
_info "Success: OCI configuration retrieved from $OCI_CLI_CONFIG_FILE."
fi fi
else
_saveaccountconf_mutable OCI_CLI_KEY "$OCI_CLI_KEY"
fi fi
if ! _contains "PRIVATE KEY" "$OCI_CLI_KEY"; then if [ -z "$OCI_CLI_KEY_FILE" ] && [ -z "$OCI_CLI_KEY" ]; then
_err "Error: unable to find key file path in OCI config file or OCI_CLI_KEY_FILE."
_err "Error: unable to load private API signing key from OCI_CLI_KEY."
return 1
fi
if [ "$(printf "%s\n" "$OCI_CLI_KEY" | wc -l)" -eq 1 ]; then
OCI_CLI_KEY=$(printf "%s" "$OCI_CLI_KEY" | _dbase64 multiline) OCI_CLI_KEY=$(printf "%s" "$OCI_CLI_KEY" | _dbase64 multiline)
fi fi
return $_ret return 0
} }
# _get_zone(): retrieves the Zone name and OCID # _get_zone(): retrieves the Zone name and OCID
# #
# _sub_domain=_acme-challenge.www # _sub_domain=_acme-challenge.www
@ -189,6 +206,7 @@ _get_zone() {
#Usage: privatekey #Usage: privatekey
#Output MD5 fingerprint #Output MD5 fingerprint
_fingerprint() { _fingerprint() {
pkey="$1" pkey="$1"
if [ -z "$pkey" ]; then if [ -z "$pkey" ]; then
_usage "Usage: _fingerprint privkey" _usage "Usage: _fingerprint privkey"
@ -272,36 +290,37 @@ _signed_request() {
# file key [section] # file key [section]
_readini() { _readini() {
_key="$1" _file="$1"
_file="$2" _key="$2"
_section="${3:-DEFAULT}" _section="${3:-DEFAULT}"
_start_n=$(grep -n '\['"$_section"']' "$_file" | cut -d : -f 1) _start_n=$(grep -n '\['"$_section"']' "$_file" | cut -d : -f 1)
_debug2 _start_n "$_start_n" _debug3 _start_n "$_start_n"
if [ -z "$_start_n" ]; then if [ -z "$_start_n" ]; then
_err "Can not find section: $_section" _err "Can not find section: $_section"
return 1 return 1
fi fi
_start_nn=$(_math "$_start_n" + 1) _start_nn=$(_math "$_start_n" + 1)
_debug2 "_start_nn" "$_start_nn" _debug3 "_start_nn" "$_start_nn"
_left="$(sed -n "${_start_nn},99999p" "$_file")" _left="$(sed -n "${_start_nn},99999p" "$_file")"
_debug2 _left "$_left" _debug3 _left "$_left"
_end="$(echo "$_left" | grep -n "^\[" | _head_n 1)" _end="$(echo "$_left" | grep -n "^\[" | _head_n 1)"
_debug2 "_end" "$_end" _debug3 "_end" "$_end"
if [ "$_end" ]; then if [ "$_end" ]; then
_end_n=$(echo "$_end" | cut -d : -f 1) _end_n=$(echo "$_end" | cut -d : -f 1)
_debug "_end_n" "$_end_n" _debug3 "_end_n" "$_end_n"
_seg_n=$(echo "$_left" | sed -n "1,${_end_n}p") _seg_n=$(echo "$_left" | sed -n "1,${_end_n}p")
else else
_seg_n="$_left" _seg_n="$_left"
fi fi
_debug2 "_seg_n" "$_seg_n" _debug3 "_seg_n" "$_seg_n"
_lineini="$(echo "$_seg_n" | grep "^ *$_key *= *")" _lineini="$(echo "$_seg_n" | grep "^ *$_key *= *")"
_inivalue="$(printf "%b" "$(eval "echo $_lineini | sed \"s/^ *${_key} *= *//g\"")")"
_debug2 _inivalue "$_inivalue"
echo "$_inivalue"
_debug2 "_lineini" "$_lineini"
printf "%b" "$(eval "echo $_lineini | sed -e \"s/^ *${_key} *= *//g\"")"
} }