diff options
| author | Chris Lu <chrislusf@users.noreply.github.com> | 2025-07-02 18:03:17 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-07-02 18:03:17 -0700 |
| commit | 1db7c2b8aad59177f9ccb32f156908faf0c13eca (patch) | |
| tree | b1ea2df918591ab01822e3bd3ce08277825c47fb /weed/credential/config_loader.go | |
| parent | 6b706f9ccdf46046133c867c4240c4e8594da5b3 (diff) | |
| download | seaweedfs-1db7c2b8aad59177f9ccb32f156908faf0c13eca.tar.xz seaweedfs-1db7c2b8aad59177f9ccb32f156908faf0c13eca.zip | |
Add credential storage (#6938)
* add credential store interface
* load credential.toml
* lint
* create credentialManager with explicit store type
* add type name
* InitializeCredentialManager
* remove unused functions
* fix missing import
* fix import
* fix nil configuration
Diffstat (limited to 'weed/credential/config_loader.go')
| -rw-r--r-- | weed/credential/config_loader.go | 133 |
1 files changed, 133 insertions, 0 deletions
diff --git a/weed/credential/config_loader.go b/weed/credential/config_loader.go new file mode 100644 index 000000000..959f1cfb4 --- /dev/null +++ b/weed/credential/config_loader.go @@ -0,0 +1,133 @@ +package credential + +import ( + "fmt" + + "github.com/seaweedfs/seaweedfs/weed/glog" + "github.com/seaweedfs/seaweedfs/weed/util" +) + +// CredentialConfig represents the credential configuration from credential.toml +type CredentialConfig struct { + Store string + Config util.Configuration + Prefix string +} + +// LoadCredentialConfiguration loads credential configuration from credential.toml +// Returns the store type, configuration, and prefix for credential management +func LoadCredentialConfiguration() (*CredentialConfig, error) { + // Try to load credential.toml configuration + loaded := util.LoadConfiguration("credential", false) + if !loaded { + glog.V(1).Info("No credential.toml found, credential store disabled") + return nil, nil + } + + viper := util.GetViper() + + // Find which credential store is enabled + var enabledStore string + var storePrefix string + + // Get available store types from registered stores + storeTypes := GetAvailableStores() + for _, storeType := range storeTypes { + key := fmt.Sprintf("credential.%s.enabled", string(storeType)) + if viper.GetBool(key) { + if enabledStore != "" { + return nil, fmt.Errorf("multiple credential stores enabled: %s and %s. Only one store can be enabled", enabledStore, string(storeType)) + } + enabledStore = string(storeType) + storePrefix = fmt.Sprintf("credential.%s.", string(storeType)) + } + } + + if enabledStore == "" { + glog.V(1).Info("No credential store enabled in credential.toml") + return nil, nil + } + + glog.V(0).Infof("Loaded credential configuration: store=%s", enabledStore) + + return &CredentialConfig{ + Store: enabledStore, + Config: viper, + Prefix: storePrefix, + }, nil +} + +// GetCredentialStoreConfig extracts credential store configuration from command line flags +// This is used when credential store is configured via command line instead of credential.toml +func GetCredentialStoreConfig(store string, config util.Configuration, prefix string) *CredentialConfig { + if store == "" { + return nil + } + + return &CredentialConfig{ + Store: store, + Config: config, + Prefix: prefix, + } +} + +// MergeCredentialConfig merges command line credential config with credential.toml config +// Command line flags take priority over credential.toml +func MergeCredentialConfig(cmdLineStore string, cmdLineConfig util.Configuration, cmdLinePrefix string) (*CredentialConfig, error) { + // If command line credential store is specified, use it + if cmdLineStore != "" { + glog.V(0).Infof("Using command line credential configuration: store=%s", cmdLineStore) + return GetCredentialStoreConfig(cmdLineStore, cmdLineConfig, cmdLinePrefix), nil + } + + // Otherwise, try to load from credential.toml + config, err := LoadCredentialConfiguration() + if err != nil { + return nil, err + } + + if config == nil { + glog.V(1).Info("No credential store configured") + } + + return config, nil +} + +// NewCredentialManagerWithDefaults creates a credential manager with fallback to defaults +// If explicitStore is provided, it will be used regardless of credential.toml +// If explicitStore is empty, it tries credential.toml first, then defaults to "filer_etc" +func NewCredentialManagerWithDefaults(explicitStore CredentialStoreTypeName) (*CredentialManager, error) { + var storeName CredentialStoreTypeName + var config util.Configuration + var prefix string + + // If explicit store is provided, use it + if explicitStore != "" { + storeName = explicitStore + config = nil + prefix = "" + glog.V(0).Infof("Using explicit credential store: %s", storeName) + } else { + // Try to load from credential.toml first + if credConfig, err := LoadCredentialConfiguration(); err == nil && credConfig != nil { + storeName = CredentialStoreTypeName(credConfig.Store) + config = credConfig.Config + prefix = credConfig.Prefix + glog.V(0).Infof("Loaded credential configuration from credential.toml: store=%s", storeName) + } else { + // Default to filer_etc store + storeName = StoreTypeFilerEtc + config = nil + prefix = "" + glog.V(1).Info("No credential.toml found, defaulting to filer_etc store") + } + } + + // Create the credential manager + credentialManager, err := NewCredentialManager(storeName, config, prefix) + if err != nil { + return nil, fmt.Errorf("failed to initialize credential manager with store '%s': %v", storeName, err) + } + + return credentialManager, nil +} |