1c4e41b916
This improves the overall cloud CLI experience workflow. Now whether a stack is local or cloud is inherent to the stack itself. If you interact with a cloud stack, we transparently talk to the cloud; if you interact with a local stack, we just do the right thing, and perform all operations locally. Aside from sometimes seeing a cloud emoji pop-up ☁️, the experience is quite similar. For example, to initialize a new cloud stack, simply: $ pulumi login Logging into Pulumi Cloud: https://pulumi.com/ Enter Pulumi access token: <enter your token> $ pulumi stack init my-cloud-stack Note that you may log into a specific cloud if you'd like. For now, this is just for our own testing purposes, but someday when we support custom clouds (e.g., Enterprise), you can just say: $ pulumi login --cloud-url https://corp.acme.my-ppc.net:9873 The cloud is now the default. If you instead prefer a "fire and forget" style of stack, you can skip the login and pass `--local`: $ pulumi stack init my-faf-stack --local If you are logged in and run `pulumi`, we tell you as much: $ pulumi Usage: pulumi [command] // as before... Currently logged into the Pulumi Cloud ☁️ https://pulumi.com/ And if you list your stacks, we tell you which one is local or not: $ pulumi stack ls NAME LAST UPDATE RESOURCE COUNT CLOUD URL my-cloud-stack 2017-12-01 ... 3 https://pulumi.com/ my-faf-stack n/a 0 n/a And `pulumi stack` by itself prints information like your cloud org, PPC name, and so on, in addition to the usuals. I shall write up more details and make sure to document these changes. This change also fairly significantly refactors the layout of cloud versus local logic, so that the cmd/ package is resonsible for CLI things, and the new pkg/backend/ package is responsible for the backends. The following is the overall resulting package architecture: * The backend.Backend interface can be implemented to substitute a new backend. This has operations to get and list stacks, perform updates, and so on. * The backend.Stack struct is a wrapper around a stack that has or is being manipulated by a Backend. It resembles our existing Stack notions in the engine, but carries additional metadata about its source. Notably, it offers functions that allow operations like updating and deleting on the Backend from which it came. * There is very little else in the pkg/backend/ package. * A new package, pkg/backend/local/, encapsulates all local state management for "fire and forget" scenarios. It simply implements the above logic and contains anything specific to the local experience. * A peer package, pkg/backend/cloud/, encapsulates all logic required for the cloud experience. This includes its subpackage apitype/ which contains JSON schema descriptions required for REST calls against the cloud backend. It also contains handy functions to list which clouds we have authenticated with. * A subpackage here, pkg/backend/state/, is not a provider at all. Instead, it contains all of the state management functions that are currently shared between local and cloud backends. This includes configuration logic -- including encryption -- as well as logic pertaining to which stacks are known to the workspace. This addresses pulumi/pulumi#629 and pulumi/pulumi#494.
170 lines
5.5 KiB
Go
170 lines
5.5 KiB
Go
// Copyright 2016-2017, Pulumi Corporation. All rights reserved.
|
|
|
|
package cloud
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/json"
|
|
"fmt"
|
|
"io/ioutil"
|
|
"net/http"
|
|
"net/url"
|
|
"os"
|
|
"strings"
|
|
|
|
"github.com/golang/glog"
|
|
"github.com/pkg/errors"
|
|
|
|
"github.com/pulumi/pulumi/pkg/backend/cloud/apitype"
|
|
"github.com/pulumi/pulumi/pkg/tokens"
|
|
"github.com/pulumi/pulumi/pkg/util/contract"
|
|
"github.com/pulumi/pulumi/pkg/workspace"
|
|
)
|
|
|
|
const (
|
|
// apiPrefix is the API URL prefix for any cloud endpoint.
|
|
apiPrefix = "api"
|
|
// defaultURL is used if no environment or explicit cloud is chosen.
|
|
defaultURL = "https://pulumi.com/"
|
|
// defaultAPIEnvVar can be set to override the default cloud chosen, if `--cloud` is not present.
|
|
defaultURLEnvVar = "PULUMI_API"
|
|
// AccessTokenEnvVar is the environment variable used to bypass a prompt on login.
|
|
AccessTokenEnvVar = "PULUMI_ACCESS_TOKEN"
|
|
)
|
|
|
|
// DefaultURL returns the default cloud URL. This may be overridden using the PULUMI_API environment
|
|
// variable. If no override is found, the default is the pulumi.com cloud.
|
|
func DefaultURL() string {
|
|
cloudURL := os.Getenv(defaultURLEnvVar)
|
|
if cloudURL == "" {
|
|
cloudURL = defaultURL
|
|
}
|
|
return cloudURL
|
|
}
|
|
|
|
// getCloudAPI returns the API endpoint to use for the Pulumi Cloud at the given base URL.
|
|
func getCloudAPI(cloudURL string) (string, error) {
|
|
if cloudURL == "" {
|
|
return "", errors.New("missing cloud URL")
|
|
}
|
|
|
|
// Ensure this parses as a valid URL; and ensure it doesn't have any illegal elements.
|
|
url, err := url.Parse(cloudURL)
|
|
if err != nil {
|
|
return "", errors.Wrapf(err, "malformed cloud URL")
|
|
} else if url.RawQuery != "" || url.Fragment != "" {
|
|
return "", errors.Errorf("cloud URL may not contain querystring or fragment: %s", cloudURL)
|
|
}
|
|
|
|
// If this isn't already an API-style URL, turn it into one.
|
|
if !strings.HasPrefix(url.Host, apiPrefix+".") {
|
|
url.Host = apiPrefix + "." + url.Host
|
|
}
|
|
|
|
// But return it as a string, since we will be dynamically creating URLs later on.
|
|
return strings.TrimSuffix(url.String(), "/"), err
|
|
}
|
|
|
|
// cloudProjectIdentifier is the set of data needed to identify a Pulumi Cloud project. This the
|
|
// logical "home" of a stack on the Pulumi Cloud.
|
|
type cloudProjectIdentifier struct {
|
|
Owner string
|
|
Repository string
|
|
Project tokens.PackageName
|
|
}
|
|
|
|
// pulumiAPICall makes an HTTP request to the Pulumi API.
|
|
func pulumiAPICall(cloudAPI, method, path string, body []byte, accessToken string) (string, *http.Response, error) {
|
|
apiEndpoint, err := getCloudAPI(cloudAPI)
|
|
if err != nil {
|
|
return "", nil, fmt.Errorf("getting Pulumi API endpoint: %v", err)
|
|
}
|
|
|
|
// Normalize URL components
|
|
apiEndpoint = strings.TrimSuffix(apiEndpoint, "/")
|
|
path = strings.TrimPrefix(path, "/")
|
|
|
|
url := fmt.Sprintf("%s/api/%s", apiEndpoint, path)
|
|
req, err := http.NewRequest(method, url, bytes.NewBuffer(body))
|
|
if err != nil {
|
|
return "", nil, fmt.Errorf("creating new HTTP request: %v", err)
|
|
}
|
|
req.Header.Set("Content-Type", "application/json")
|
|
|
|
// Apply credentials if provided.
|
|
if accessToken != "" {
|
|
req.Header.Set("Authorization", fmt.Sprintf("token %s", accessToken))
|
|
}
|
|
|
|
glog.V(7).Infof("Making Pulumi API call: %s", url)
|
|
if glog.V(9) {
|
|
glog.V(9).Infof("Pulumi API call details (%s): headers=%v; body=%v", url, req.Header, string(body))
|
|
}
|
|
|
|
client := &http.Client{}
|
|
resp, err := client.Do(req)
|
|
if err != nil {
|
|
return "", nil, fmt.Errorf("performing HTTP request: %v", err)
|
|
}
|
|
glog.V(7).Infof("Pulumi API call response code (%s): %v", url, resp.Status)
|
|
|
|
return url, resp, nil
|
|
}
|
|
|
|
// pulumiRESTCall calls the pulumi REST API marshalling reqObj to JSON and using that as
|
|
// the request body (use nil for GETs), and if successful, marshalling the responseObj
|
|
// as JSON and storing it in respObj (use nil for NoContent). The error return type might
|
|
// be an instance of apitype.ErrorResponse, in which case will have the response code.
|
|
func pulumiRESTCall(cloudAPI, method, path string, reqObj interface{}, respObj interface{}) error {
|
|
token, err := workspace.GetAccessToken(cloudAPI)
|
|
if err != nil {
|
|
return fmt.Errorf("getting stored credentials: %v", err)
|
|
}
|
|
return pulumiRESTCallWithAccessToken(cloudAPI, method, path, reqObj, respObj, token)
|
|
}
|
|
|
|
// pulumiRESTCallWithAccessToken requires you pass in the auth token rather than reading it from the machine's config.
|
|
func pulumiRESTCallWithAccessToken(cloudAPI, method, path string,
|
|
reqObj interface{}, respObj interface{}, token string) error {
|
|
var reqBody []byte
|
|
var err error
|
|
if reqObj != nil {
|
|
reqBody, err = json.Marshal(reqObj)
|
|
if err != nil {
|
|
return fmt.Errorf("marshalling request object as JSON: %v", err)
|
|
}
|
|
}
|
|
|
|
url, resp, err := pulumiAPICall(cloudAPI, method, path, reqBody, token)
|
|
if err != nil {
|
|
return fmt.Errorf("calling API: %v", err)
|
|
}
|
|
defer contract.IgnoreClose(resp.Body)
|
|
|
|
respBody, err := ioutil.ReadAll(resp.Body)
|
|
if err != nil {
|
|
return fmt.Errorf("reading response from API: %v", err)
|
|
}
|
|
if glog.V(9) {
|
|
glog.V(7).Infof("Pulumi API call response body (%s): %v", url, string(respBody))
|
|
}
|
|
|
|
// 4xx and 5xx responses should be of type ErrorResponse. See if we can unmarshal as that
|
|
// type, and if not just return the raw response text.
|
|
if resp.StatusCode >= 400 && resp.StatusCode <= 599 {
|
|
var errResp apitype.ErrorResponse
|
|
if err = json.Unmarshal(respBody, &errResp); err != nil {
|
|
errResp.Code = resp.StatusCode
|
|
errResp.Message = string(respBody)
|
|
}
|
|
return &errResp
|
|
}
|
|
|
|
if respObj != nil {
|
|
if err = json.Unmarshal(respBody, respObj); err != nil {
|
|
return fmt.Errorf("unmarshalling response object: %v", err)
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|