refactor getAWSConfig calls in external client to make single call pe…

…r connect Signed-off-by: Erhan Cagirici <[email protected]>
crossplane-contrib · Dec 6, 2023 · 9529217 · 9529217
1 parent ebc343b
commit 9529217
Showing 1 changed file with 20 additions and 30 deletions.
diff --git a/internal/clients/aws.go b/internal/clients/aws.go
@@ -6,11 +6,12 @@ package clients
 
 import (
 	"context"
+	"os"
+
 	"github.com/aws/aws-sdk-go-v2/aws"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	tfsdk "github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
 	"k8s.io/apimachinery/pkg/types"
-	"os"
 
 	"github.com/crossplane/crossplane-runtime/pkg/logging"
 	"github.com/crossplane/crossplane-runtime/pkg/resource"
@@ -68,9 +69,19 @@ func SelectTerraformSetup(log logging.Logger, config *SetupConfig) terraform.Set
 			},
 			Scheduler: config.DefaultScheduler,
 		}
+		awsCfg, err := getAWSConfig(ctx, c, mg)
+		if err != nil {
+			return terraform.Setup{}, errors.Wrap(err, "cannot get aws config")
+		} else if awsCfg == nil {
+			return terraform.Setup{}, errors.Wrap(err, "obtained aws config cannot be nil")
+		}
+		creds, err := awsCfg.Credentials.Retrieve(ctx)
+		if err != nil {
+			return terraform.Setup{}, errors.Wrap(err, "failed to retrieve aws credentials from aws config")
+		}
 		account := "000000000"
 		if !pc.Spec.SkipCredsValidation {
-			account, err = getAccountId(ctx, c, mg)
+			account, err = getAccountId(ctx, awsCfg, creds)
 			if err != nil {
 				return terraform.Setup{}, errors.Wrap(err, "cannot get account id")
 			}
@@ -81,7 +92,7 @@ func SelectTerraformSetup(log logging.Logger, config *SetupConfig) terraform.Set
 		}
 
 		if len(pc.Spec.AssumeRoleChain) > 1 || pc.Spec.Endpoint != nil {
-			err = DefaultTerraformSetupBuilder(ctx, c, mg, pc, &ps)
+			err = DefaultTerraformSetupBuilder(ctx, pc, &ps, awsCfg, creds)
 			if err != nil {
 				return terraform.Setup{}, errors.Wrap(err, "cannot build terraform configuration")
 			}
@@ -91,7 +102,7 @@ func SelectTerraformSetup(log logging.Logger, config *SetupConfig) terraform.Set
 				ps.Scheduler = terraform.NewWorkspaceProviderScheduler(log, terraform.WithNativeProviderPath(*config.NativeProviderPath), terraform.WithNativeProviderName("registry.terraform.io/"+*config.NativeProviderSource))
 			}
 		} else {
-			err = pushDownTerraformSetupBuilder(ctx, c, mg, pc, &ps)
+			err = pushDownTerraformSetupBuilder(ctx, c, pc, &ps, awsCfg)
 			if err != nil {
 				return terraform.Setup{}, errors.Wrap(err, "cannot build terraform configuration")
 			}
@@ -105,16 +116,12 @@ func SelectTerraformSetup(log logging.Logger, config *SetupConfig) terraform.Set
 	}
 }
 
-func pushDownTerraformSetupBuilder(ctx context.Context, c client.Client, mg resource.Managed, pc *v1beta1.ProviderConfig, ps *terraform.Setup) error { //nolint:gocyclo
+func pushDownTerraformSetupBuilder(ctx context.Context, c client.Client, pc *v1beta1.ProviderConfig, ps *terraform.Setup, cfg *aws.Config) error { //nolint:gocyclo
 	if len(pc.Spec.AssumeRoleChain) > 1 || pc.Spec.Endpoint != nil {
 		return errors.New("shared scheduler cannot be used because the length of assume role chain array " +
 			"is more than 1 or endpoint configuration is not nil")
 	}
 
-	cfg, err := getAWSConfig(ctx, c, mg)
-	if err != nil {
-		return errors.Wrap(err, "cannot get AWS config")
-	}
 	ps.Configuration = map[string]any{
 		keyRegion: cfg.Region,
 	}
@@ -173,16 +180,7 @@ func pushDownTerraformSetupBuilder(ctx context.Context, c client.Client, mg reso
 	return nil
 }
 
-func DefaultTerraformSetupBuilder(ctx context.Context, c client.Client, mg resource.Managed, pc *v1beta1.ProviderConfig, ps *terraform.Setup) error {
-	cfg, err := getAWSConfig(ctx, c, mg)
-	if err != nil {
-		return errors.Wrap(err, "cannot get AWS config")
-	}
-	creds, err := cfg.Credentials.Retrieve(ctx)
-	if err != nil {
-		return errors.Wrap(err, "failed to retrieve aws credentials from aws config")
-	}
-
+func DefaultTerraformSetupBuilder(_ context.Context, pc *v1beta1.ProviderConfig, ps *terraform.Setup, cfg *aws.Config, creds aws.Credentials) error {
 	ps.Configuration = map[string]any{
 		keyRegion:               cfg.Region,
 		keyAccessKeyID:          creds.AccessKeyID,
@@ -198,7 +196,7 @@ func DefaultTerraformSetupBuilder(ctx context.Context, c client.Client, mg resou
 	if pc.Spec.Endpoint != nil {
 		if pc.Spec.Endpoint.URL.Static != nil {
 			if len(pc.Spec.Endpoint.Services) > 0 && *pc.Spec.Endpoint.URL.Static == "" {
-				return errors.Wrap(err, "endpoint is wrong")
+				return errors.New("endpoint.url.static cannot be empty")
 			} else {
 				endpoints := make(map[string]string)
 				for _, service := range pc.Spec.Endpoint.Services {
@@ -208,18 +206,10 @@ func DefaultTerraformSetupBuilder(ctx context.Context, c client.Client, mg resou
 			}
 		}
 	}
-	return err
+	return nil
 }
 
-func getAccountId(ctx context.Context, c client.Client, mg resource.Managed) (string, error) {
-	cfg, err := getAWSConfig(ctx, c, mg)
-	if err != nil {
-		return "", errors.Wrap(err, "cannot get AWS config")
-	}
-	creds, err := cfg.Credentials.Retrieve(ctx)
-	if err != nil {
-		return "", errors.Wrap(err, "failed to retrieve aws credentials from aws config")
-	}
+func getAccountId(ctx context.Context, cfg *aws.Config, creds aws.Credentials) (string, error) {
 	identity, err := GlobalCallerIdentityCache.GetCallerIdentity(ctx, *cfg, creds)
 	if err != nil {
 		return "", errors.Wrap(err, "cannot get the caller identity")