-
Notifications
You must be signed in to change notification settings - Fork 38
Add shared gRPC mode to run the native provider #267
Conversation
pkg/terraform/shared_grpc_server.go
Outdated
ws.mu.Unlock() | ||
}() | ||
//#nosec G204 no user input | ||
cmd := ws.executor.Command(ws.nativeProviderPath, ws.nativeProviderArgs...) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A reminder for my comment here. We should remove env var-based auth slowly since it won't work with this setup.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Commented on the corresponding code section in jet-template
as indicated together with an explanation:
https://github.com/crossplane-contrib/provider-jet-template/blob/ee4af597e5780c8feed2659b634909c011f0dbce/internal/clients/template.go#L89
It looks like the current upstream (native) provider used in the template no longer requires credentials. But still I have kept the credential injection sections but commented them out.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually I was meaning deprecating this field pointing that the configuration should be used instead of env.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, I see. I was considering Setup.Env
as a general purpose configuration field that would allow us to inject arbitrary env. variables, not just those used for injecting credentials. What do you think?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure. It's only used for credentials and they have to go to provider, so there isn't a use case coming to my mind that you want to affect TF CLI's env vars.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking pretty good, most of the comments are about styling. Thanks @ulucinar !
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Thank you @ulucinar !
w.env = ts.Env | ||
w.env = append(w.env, fmt.Sprintf(fmtEnv, envReattachConfig, attachmentConfig)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
w.env = ts.Env | |
w.env = append(w.env, fmt.Sprintf(fmtEnv, envReattachConfig, attachmentConfig)) | |
w.env = append(ts.Env, fmt.Sprintf(fmtEnv, envReattachConfig, attachmentConfig)) |
nitpick
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Funny thing is I had initially done it this way. But it results in a linter warning: appendAssign: append result not assigned to the same slice
.
mu: sync.Mutex{}, | ||
fs: afero.Afero{Fs: afero.NewOsFs()}, | ||
executor: exec.New(), | ||
providerRunner: NewNoOpProviderRunner(), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nitpick: since jet-template uses grpc by default, we can also use it by default, too, and document in the guide that you can use NoOp one if shared grpc doesn't work for you for some reason.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would prefer to have an initial set of providers in the wild for some time before making this the default. What do you think?
pkg/terraform/provider_runner.go
Outdated
if len(sr.nativeProviderPath) == 0 { | ||
return "", errors.New(errNativeProviderPath) | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can require this by taking it as direct argument on NewSharedProvider
, hence remove the if condition check.
Thanks @muvaf. I will test the latest changes in this PR against crossplane-contrib/provider-jet-azure#166 before merging. |
…ode for a provider Signed-off-by: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
Signed-off-by: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
- Add tests Signed-off-by: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
…erRunner Signed-off-by: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
Signed-off-by: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
Signed-off-by: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
func (sr *SharedProvider) Start() (string, error) { //nolint:gocyclo | ||
sr.mu.Lock() | ||
defer sr.mu.Unlock() | ||
log := sr.logger.WithValues("nativeProviderPath", sr.nativeProviderPath, "nativeProviderArgs", sr.nativeProviderArgs) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nitpick: we can do this initialization of log
in NewSharedProvider
so that it's done only once.
Description of your changes
Fixes #261
Adds a
config.Provider.SharedGRPC
provider configuration option to configure the shared gRPC native plugin mode.I have:
make reviewable
to ensure this PR is ready for review.backport release-x.y
labels to auto-backport this PR if necessary.How has this code been tested
Tested against
provider-jet-template
and withprovider-jet-azure
.