From ecf7ae9ad372b96dad94e52f6e7aae9b6db44063 Mon Sep 17 00:00:00 2001 From: Alper Rifat Ulucinar Date: Thu, 15 Feb 2024 15:05:13 +0300 Subject: [PATCH 1/2] Also honour the WEBHOOK_TLS_CERT_DIR env. variable for finding the Webhook TLS certificate - Crosslane versions before v1.14 mount the Webhook TLS certificate and key at a path other than the current default /tls/certs and make the location available via the environment variable WEBHOOK_TLS_CERT_DIR. Signed-off-by: Alper Rifat Ulucinar --- cmd/provider/accessanalyzer/zz_main.go | 35 ++++++++++++++++++- cmd/provider/account/zz_main.go | 35 ++++++++++++++++++- cmd/provider/acm/zz_main.go | 35 ++++++++++++++++++- cmd/provider/acmpca/zz_main.go | 35 ++++++++++++++++++- cmd/provider/amp/zz_main.go | 35 ++++++++++++++++++- cmd/provider/amplify/zz_main.go | 35 ++++++++++++++++++- cmd/provider/apigateway/zz_main.go | 35 ++++++++++++++++++- cmd/provider/apigatewayv2/zz_main.go | 35 ++++++++++++++++++- cmd/provider/appautoscaling/zz_main.go | 35 ++++++++++++++++++- cmd/provider/appconfig/zz_main.go | 35 ++++++++++++++++++- cmd/provider/appflow/zz_main.go | 35 ++++++++++++++++++- cmd/provider/appintegrations/zz_main.go | 35 ++++++++++++++++++- cmd/provider/applicationinsights/zz_main.go | 35 ++++++++++++++++++- cmd/provider/appmesh/zz_main.go | 35 ++++++++++++++++++- cmd/provider/apprunner/zz_main.go | 35 ++++++++++++++++++- cmd/provider/appstream/zz_main.go | 35 ++++++++++++++++++- cmd/provider/appsync/zz_main.go | 35 ++++++++++++++++++- cmd/provider/athena/zz_main.go | 35 ++++++++++++++++++- cmd/provider/autoscaling/zz_main.go | 35 ++++++++++++++++++- cmd/provider/autoscalingplans/zz_main.go | 35 ++++++++++++++++++- cmd/provider/backup/zz_main.go | 35 ++++++++++++++++++- cmd/provider/batch/zz_main.go | 35 ++++++++++++++++++- cmd/provider/budgets/zz_main.go | 35 ++++++++++++++++++- cmd/provider/ce/zz_main.go | 35 ++++++++++++++++++- cmd/provider/chime/zz_main.go | 35 ++++++++++++++++++- cmd/provider/cloud9/zz_main.go | 35 ++++++++++++++++++- cmd/provider/cloudcontrol/zz_main.go | 35 ++++++++++++++++++- cmd/provider/cloudformation/zz_main.go | 35 ++++++++++++++++++- cmd/provider/cloudfront/zz_main.go | 35 ++++++++++++++++++- cmd/provider/cloudsearch/zz_main.go | 35 ++++++++++++++++++- cmd/provider/cloudtrail/zz_main.go | 35 ++++++++++++++++++- cmd/provider/cloudwatch/zz_main.go | 35 ++++++++++++++++++- cmd/provider/cloudwatchevents/zz_main.go | 35 ++++++++++++++++++- cmd/provider/cloudwatchlogs/zz_main.go | 35 ++++++++++++++++++- cmd/provider/codecommit/zz_main.go | 35 ++++++++++++++++++- cmd/provider/codepipeline/zz_main.go | 35 ++++++++++++++++++- cmd/provider/codestarconnections/zz_main.go | 35 ++++++++++++++++++- cmd/provider/codestarnotifications/zz_main.go | 35 ++++++++++++++++++- cmd/provider/cognitoidentity/zz_main.go | 35 ++++++++++++++++++- cmd/provider/cognitoidp/zz_main.go | 35 ++++++++++++++++++- cmd/provider/config/zz_main.go | 35 ++++++++++++++++++- cmd/provider/configservice/zz_main.go | 35 ++++++++++++++++++- cmd/provider/connect/zz_main.go | 35 ++++++++++++++++++- cmd/provider/cur/zz_main.go | 35 ++++++++++++++++++- cmd/provider/dataexchange/zz_main.go | 35 ++++++++++++++++++- cmd/provider/datapipeline/zz_main.go | 35 ++++++++++++++++++- cmd/provider/datasync/zz_main.go | 35 ++++++++++++++++++- cmd/provider/dax/zz_main.go | 35 ++++++++++++++++++- cmd/provider/deploy/zz_main.go | 35 ++++++++++++++++++- cmd/provider/detective/zz_main.go | 35 ++++++++++++++++++- cmd/provider/devicefarm/zz_main.go | 35 ++++++++++++++++++- cmd/provider/directconnect/zz_main.go | 35 ++++++++++++++++++- cmd/provider/dlm/zz_main.go | 35 ++++++++++++++++++- cmd/provider/dms/zz_main.go | 35 ++++++++++++++++++- cmd/provider/docdb/zz_main.go | 35 ++++++++++++++++++- cmd/provider/ds/zz_main.go | 35 ++++++++++++++++++- cmd/provider/dynamodb/zz_main.go | 35 ++++++++++++++++++- cmd/provider/ec2/zz_main.go | 35 ++++++++++++++++++- cmd/provider/ecr/zz_main.go | 35 ++++++++++++++++++- cmd/provider/ecrpublic/zz_main.go | 35 ++++++++++++++++++- cmd/provider/ecs/zz_main.go | 35 ++++++++++++++++++- cmd/provider/efs/zz_main.go | 35 ++++++++++++++++++- cmd/provider/eks/zz_main.go | 35 ++++++++++++++++++- cmd/provider/elasticache/zz_main.go | 35 ++++++++++++++++++- cmd/provider/elasticbeanstalk/zz_main.go | 35 ++++++++++++++++++- cmd/provider/elasticsearch/zz_main.go | 35 ++++++++++++++++++- cmd/provider/elastictranscoder/zz_main.go | 35 ++++++++++++++++++- cmd/provider/elb/zz_main.go | 35 ++++++++++++++++++- cmd/provider/elbv2/zz_main.go | 35 ++++++++++++++++++- cmd/provider/emr/zz_main.go | 35 ++++++++++++++++++- cmd/provider/emrserverless/zz_main.go | 35 ++++++++++++++++++- cmd/provider/evidently/zz_main.go | 35 ++++++++++++++++++- cmd/provider/firehose/zz_main.go | 35 ++++++++++++++++++- cmd/provider/fis/zz_main.go | 35 ++++++++++++++++++- cmd/provider/fsx/zz_main.go | 35 ++++++++++++++++++- cmd/provider/gamelift/zz_main.go | 35 ++++++++++++++++++- cmd/provider/glacier/zz_main.go | 35 ++++++++++++++++++- cmd/provider/globalaccelerator/zz_main.go | 35 ++++++++++++++++++- cmd/provider/glue/zz_main.go | 35 ++++++++++++++++++- cmd/provider/grafana/zz_main.go | 35 ++++++++++++++++++- cmd/provider/guardduty/zz_main.go | 35 ++++++++++++++++++- cmd/provider/iam/zz_main.go | 35 ++++++++++++++++++- cmd/provider/identitystore/zz_main.go | 35 ++++++++++++++++++- cmd/provider/imagebuilder/zz_main.go | 35 ++++++++++++++++++- cmd/provider/inspector/zz_main.go | 35 ++++++++++++++++++- cmd/provider/inspector2/zz_main.go | 35 ++++++++++++++++++- cmd/provider/iot/zz_main.go | 35 ++++++++++++++++++- cmd/provider/ivs/zz_main.go | 35 ++++++++++++++++++- cmd/provider/kafka/zz_main.go | 35 ++++++++++++++++++- cmd/provider/kendra/zz_main.go | 35 ++++++++++++++++++- cmd/provider/keyspaces/zz_main.go | 35 ++++++++++++++++++- cmd/provider/kinesis/zz_main.go | 35 ++++++++++++++++++- cmd/provider/kinesisanalytics/zz_main.go | 35 ++++++++++++++++++- cmd/provider/kinesisanalyticsv2/zz_main.go | 35 ++++++++++++++++++- cmd/provider/kinesisvideo/zz_main.go | 35 ++++++++++++++++++- cmd/provider/kms/zz_main.go | 35 ++++++++++++++++++- cmd/provider/lakeformation/zz_main.go | 35 ++++++++++++++++++- cmd/provider/lambda/zz_main.go | 35 ++++++++++++++++++- cmd/provider/lexmodels/zz_main.go | 35 ++++++++++++++++++- cmd/provider/licensemanager/zz_main.go | 35 ++++++++++++++++++- cmd/provider/lightsail/zz_main.go | 35 ++++++++++++++++++- cmd/provider/location/zz_main.go | 35 ++++++++++++++++++- cmd/provider/macie2/zz_main.go | 35 ++++++++++++++++++- cmd/provider/mediaconvert/zz_main.go | 35 ++++++++++++++++++- cmd/provider/medialive/zz_main.go | 35 ++++++++++++++++++- cmd/provider/mediapackage/zz_main.go | 35 ++++++++++++++++++- cmd/provider/mediastore/zz_main.go | 35 ++++++++++++++++++- cmd/provider/memorydb/zz_main.go | 35 ++++++++++++++++++- cmd/provider/monolith/zz_main.go | 35 ++++++++++++++++++- cmd/provider/mq/zz_main.go | 35 ++++++++++++++++++- cmd/provider/neptune/zz_main.go | 35 ++++++++++++++++++- cmd/provider/networkfirewall/zz_main.go | 35 ++++++++++++++++++- cmd/provider/networkmanager/zz_main.go | 35 ++++++++++++++++++- cmd/provider/opensearch/zz_main.go | 35 ++++++++++++++++++- cmd/provider/opsworks/zz_main.go | 35 ++++++++++++++++++- cmd/provider/organizations/zz_main.go | 35 ++++++++++++++++++- cmd/provider/pinpoint/zz_main.go | 35 ++++++++++++++++++- cmd/provider/qldb/zz_main.go | 35 ++++++++++++++++++- cmd/provider/quicksight/zz_main.go | 35 ++++++++++++++++++- cmd/provider/ram/zz_main.go | 35 ++++++++++++++++++- cmd/provider/rds/zz_main.go | 35 ++++++++++++++++++- cmd/provider/redshift/zz_main.go | 35 ++++++++++++++++++- cmd/provider/redshiftserverless/zz_main.go | 35 ++++++++++++++++++- cmd/provider/resourcegroups/zz_main.go | 35 ++++++++++++++++++- cmd/provider/rolesanywhere/zz_main.go | 35 ++++++++++++++++++- cmd/provider/route53/zz_main.go | 35 ++++++++++++++++++- .../route53recoverycontrolconfig/zz_main.go | 35 ++++++++++++++++++- .../route53recoveryreadiness/zz_main.go | 35 ++++++++++++++++++- cmd/provider/route53resolver/zz_main.go | 35 ++++++++++++++++++- cmd/provider/rum/zz_main.go | 35 ++++++++++++++++++- cmd/provider/s3/zz_main.go | 35 ++++++++++++++++++- cmd/provider/s3control/zz_main.go | 35 ++++++++++++++++++- cmd/provider/sagemaker/zz_main.go | 35 ++++++++++++++++++- cmd/provider/scheduler/zz_main.go | 35 ++++++++++++++++++- cmd/provider/schemas/zz_main.go | 35 ++++++++++++++++++- cmd/provider/secretsmanager/zz_main.go | 35 ++++++++++++++++++- cmd/provider/securityhub/zz_main.go | 35 ++++++++++++++++++- cmd/provider/serverlessrepo/zz_main.go | 35 ++++++++++++++++++- cmd/provider/servicecatalog/zz_main.go | 35 ++++++++++++++++++- cmd/provider/servicediscovery/zz_main.go | 35 ++++++++++++++++++- cmd/provider/servicequotas/zz_main.go | 35 ++++++++++++++++++- cmd/provider/ses/zz_main.go | 35 ++++++++++++++++++- cmd/provider/sesv2/zz_main.go | 35 ++++++++++++++++++- cmd/provider/sfn/zz_main.go | 35 ++++++++++++++++++- cmd/provider/signer/zz_main.go | 35 ++++++++++++++++++- cmd/provider/simpledb/zz_main.go | 35 ++++++++++++++++++- cmd/provider/sns/zz_main.go | 35 ++++++++++++++++++- cmd/provider/sqs/zz_main.go | 35 ++++++++++++++++++- cmd/provider/ssm/zz_main.go | 35 ++++++++++++++++++- cmd/provider/ssoadmin/zz_main.go | 35 ++++++++++++++++++- cmd/provider/swf/zz_main.go | 35 ++++++++++++++++++- cmd/provider/timestreamwrite/zz_main.go | 35 ++++++++++++++++++- cmd/provider/transcribe/zz_main.go | 35 ++++++++++++++++++- cmd/provider/transfer/zz_main.go | 35 ++++++++++++++++++- cmd/provider/vpc/zz_main.go | 35 ++++++++++++++++++- cmd/provider/waf/zz_main.go | 35 ++++++++++++++++++- cmd/provider/wafregional/zz_main.go | 35 ++++++++++++++++++- cmd/provider/wafv2/zz_main.go | 35 ++++++++++++++++++- cmd/provider/workspaces/zz_main.go | 35 ++++++++++++++++++- cmd/provider/xray/zz_main.go | 35 ++++++++++++++++++- hack/main.go.tmpl | 35 ++++++++++++++++++- 161 files changed, 5474 insertions(+), 161 deletions(-) diff --git a/cmd/provider/accessanalyzer/zz_main.go b/cmd/provider/accessanalyzer/zz_main.go index 72620e8d95..7826c372ba 100644 --- a/cmd/provider/accessanalyzer/zz_main.go +++ b/cmd/provider/accessanalyzer/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-accessanalyzer", diff --git a/cmd/provider/account/zz_main.go b/cmd/provider/account/zz_main.go index e9a54097fd..c2cece68bd 100644 --- a/cmd/provider/account/zz_main.go +++ b/cmd/provider/account/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-account", diff --git a/cmd/provider/acm/zz_main.go b/cmd/provider/acm/zz_main.go index 2c82dfd083..1650af3e6b 100644 --- a/cmd/provider/acm/zz_main.go +++ b/cmd/provider/acm/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-acm", diff --git a/cmd/provider/acmpca/zz_main.go b/cmd/provider/acmpca/zz_main.go index f888afa5b0..55b20109ff 100644 --- a/cmd/provider/acmpca/zz_main.go +++ b/cmd/provider/acmpca/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-acmpca", diff --git a/cmd/provider/amp/zz_main.go b/cmd/provider/amp/zz_main.go index 23905325d8..62e018b1cd 100644 --- a/cmd/provider/amp/zz_main.go +++ b/cmd/provider/amp/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-amp", diff --git a/cmd/provider/amplify/zz_main.go b/cmd/provider/amplify/zz_main.go index 5a8ea150e9..a710bf8703 100644 --- a/cmd/provider/amplify/zz_main.go +++ b/cmd/provider/amplify/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-amplify", diff --git a/cmd/provider/apigateway/zz_main.go b/cmd/provider/apigateway/zz_main.go index cf43bcf3f9..69c5d9b0b6 100644 --- a/cmd/provider/apigateway/zz_main.go +++ b/cmd/provider/apigateway/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-apigateway", diff --git a/cmd/provider/apigatewayv2/zz_main.go b/cmd/provider/apigatewayv2/zz_main.go index c9cc48d75e..2ce38667e9 100644 --- a/cmd/provider/apigatewayv2/zz_main.go +++ b/cmd/provider/apigatewayv2/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-apigatewayv2", diff --git a/cmd/provider/appautoscaling/zz_main.go b/cmd/provider/appautoscaling/zz_main.go index 643cc45360..017afca7c5 100644 --- a/cmd/provider/appautoscaling/zz_main.go +++ b/cmd/provider/appautoscaling/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-appautoscaling", diff --git a/cmd/provider/appconfig/zz_main.go b/cmd/provider/appconfig/zz_main.go index 486a93301a..cde047a3d9 100644 --- a/cmd/provider/appconfig/zz_main.go +++ b/cmd/provider/appconfig/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-appconfig", diff --git a/cmd/provider/appflow/zz_main.go b/cmd/provider/appflow/zz_main.go index 83a69c419c..d3f9cbf814 100644 --- a/cmd/provider/appflow/zz_main.go +++ b/cmd/provider/appflow/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-appflow", diff --git a/cmd/provider/appintegrations/zz_main.go b/cmd/provider/appintegrations/zz_main.go index 0a8d424784..5570dabc83 100644 --- a/cmd/provider/appintegrations/zz_main.go +++ b/cmd/provider/appintegrations/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-appintegrations", diff --git a/cmd/provider/applicationinsights/zz_main.go b/cmd/provider/applicationinsights/zz_main.go index b1cbab5664..9e53e19933 100644 --- a/cmd/provider/applicationinsights/zz_main.go +++ b/cmd/provider/applicationinsights/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-applicationinsights", diff --git a/cmd/provider/appmesh/zz_main.go b/cmd/provider/appmesh/zz_main.go index c0cdfb306c..8e369b6033 100644 --- a/cmd/provider/appmesh/zz_main.go +++ b/cmd/provider/appmesh/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-appmesh", diff --git a/cmd/provider/apprunner/zz_main.go b/cmd/provider/apprunner/zz_main.go index 4bee6cf16a..c0d4857593 100644 --- a/cmd/provider/apprunner/zz_main.go +++ b/cmd/provider/apprunner/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-apprunner", diff --git a/cmd/provider/appstream/zz_main.go b/cmd/provider/appstream/zz_main.go index 17e427c0bc..2271ceaeba 100644 --- a/cmd/provider/appstream/zz_main.go +++ b/cmd/provider/appstream/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-appstream", diff --git a/cmd/provider/appsync/zz_main.go b/cmd/provider/appsync/zz_main.go index d3f7181692..082b72bbb6 100644 --- a/cmd/provider/appsync/zz_main.go +++ b/cmd/provider/appsync/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-appsync", diff --git a/cmd/provider/athena/zz_main.go b/cmd/provider/athena/zz_main.go index 90295976f8..b9905357cb 100644 --- a/cmd/provider/athena/zz_main.go +++ b/cmd/provider/athena/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-athena", diff --git a/cmd/provider/autoscaling/zz_main.go b/cmd/provider/autoscaling/zz_main.go index da969dbb30..b76a63efbf 100644 --- a/cmd/provider/autoscaling/zz_main.go +++ b/cmd/provider/autoscaling/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-autoscaling", diff --git a/cmd/provider/autoscalingplans/zz_main.go b/cmd/provider/autoscalingplans/zz_main.go index e70b7abcae..1d3a67de6e 100644 --- a/cmd/provider/autoscalingplans/zz_main.go +++ b/cmd/provider/autoscalingplans/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-autoscalingplans", diff --git a/cmd/provider/backup/zz_main.go b/cmd/provider/backup/zz_main.go index c81750bd93..5ba336e0d1 100644 --- a/cmd/provider/backup/zz_main.go +++ b/cmd/provider/backup/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-backup", diff --git a/cmd/provider/batch/zz_main.go b/cmd/provider/batch/zz_main.go index ab630f8f7b..5152f47d50 100644 --- a/cmd/provider/batch/zz_main.go +++ b/cmd/provider/batch/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-batch", diff --git a/cmd/provider/budgets/zz_main.go b/cmd/provider/budgets/zz_main.go index f55759f967..b89df3f7a0 100644 --- a/cmd/provider/budgets/zz_main.go +++ b/cmd/provider/budgets/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-budgets", diff --git a/cmd/provider/ce/zz_main.go b/cmd/provider/ce/zz_main.go index 42e503a168..99b7374a8b 100644 --- a/cmd/provider/ce/zz_main.go +++ b/cmd/provider/ce/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-ce", diff --git a/cmd/provider/chime/zz_main.go b/cmd/provider/chime/zz_main.go index d406126425..0b81357385 100644 --- a/cmd/provider/chime/zz_main.go +++ b/cmd/provider/chime/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-chime", diff --git a/cmd/provider/cloud9/zz_main.go b/cmd/provider/cloud9/zz_main.go index 9589dfc903..73a3c11062 100644 --- a/cmd/provider/cloud9/zz_main.go +++ b/cmd/provider/cloud9/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-cloud9", diff --git a/cmd/provider/cloudcontrol/zz_main.go b/cmd/provider/cloudcontrol/zz_main.go index 26390c3f48..21f18a42a7 100644 --- a/cmd/provider/cloudcontrol/zz_main.go +++ b/cmd/provider/cloudcontrol/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-cloudcontrol", diff --git a/cmd/provider/cloudformation/zz_main.go b/cmd/provider/cloudformation/zz_main.go index 94921329d6..3d6c8f4f61 100644 --- a/cmd/provider/cloudformation/zz_main.go +++ b/cmd/provider/cloudformation/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-cloudformation", diff --git a/cmd/provider/cloudfront/zz_main.go b/cmd/provider/cloudfront/zz_main.go index ed3f121ce5..1145a35891 100644 --- a/cmd/provider/cloudfront/zz_main.go +++ b/cmd/provider/cloudfront/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-cloudfront", diff --git a/cmd/provider/cloudsearch/zz_main.go b/cmd/provider/cloudsearch/zz_main.go index e5813beabe..642215dc71 100644 --- a/cmd/provider/cloudsearch/zz_main.go +++ b/cmd/provider/cloudsearch/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-cloudsearch", diff --git a/cmd/provider/cloudtrail/zz_main.go b/cmd/provider/cloudtrail/zz_main.go index 264008a53f..e59b9cb50d 100644 --- a/cmd/provider/cloudtrail/zz_main.go +++ b/cmd/provider/cloudtrail/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-cloudtrail", diff --git a/cmd/provider/cloudwatch/zz_main.go b/cmd/provider/cloudwatch/zz_main.go index c118e1939d..fde0cd9edb 100644 --- a/cmd/provider/cloudwatch/zz_main.go +++ b/cmd/provider/cloudwatch/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-cloudwatch", diff --git a/cmd/provider/cloudwatchevents/zz_main.go b/cmd/provider/cloudwatchevents/zz_main.go index fc7da32183..c59b138a8a 100644 --- a/cmd/provider/cloudwatchevents/zz_main.go +++ b/cmd/provider/cloudwatchevents/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-cloudwatchevents", diff --git a/cmd/provider/cloudwatchlogs/zz_main.go b/cmd/provider/cloudwatchlogs/zz_main.go index f50fdb94a8..a9c7d2ce81 100644 --- a/cmd/provider/cloudwatchlogs/zz_main.go +++ b/cmd/provider/cloudwatchlogs/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-cloudwatchlogs", diff --git a/cmd/provider/codecommit/zz_main.go b/cmd/provider/codecommit/zz_main.go index 72fd0e3368..ee3759de77 100644 --- a/cmd/provider/codecommit/zz_main.go +++ b/cmd/provider/codecommit/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-codecommit", diff --git a/cmd/provider/codepipeline/zz_main.go b/cmd/provider/codepipeline/zz_main.go index 916a020539..9e1fa991c2 100644 --- a/cmd/provider/codepipeline/zz_main.go +++ b/cmd/provider/codepipeline/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-codepipeline", diff --git a/cmd/provider/codestarconnections/zz_main.go b/cmd/provider/codestarconnections/zz_main.go index b80c8fd5c9..dbf59b6168 100644 --- a/cmd/provider/codestarconnections/zz_main.go +++ b/cmd/provider/codestarconnections/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-codestarconnections", diff --git a/cmd/provider/codestarnotifications/zz_main.go b/cmd/provider/codestarnotifications/zz_main.go index 5458efe7b7..eff3d11c7b 100644 --- a/cmd/provider/codestarnotifications/zz_main.go +++ b/cmd/provider/codestarnotifications/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-codestarnotifications", diff --git a/cmd/provider/cognitoidentity/zz_main.go b/cmd/provider/cognitoidentity/zz_main.go index 9fccc6b906..6f0b30612c 100644 --- a/cmd/provider/cognitoidentity/zz_main.go +++ b/cmd/provider/cognitoidentity/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-cognitoidentity", diff --git a/cmd/provider/cognitoidp/zz_main.go b/cmd/provider/cognitoidp/zz_main.go index c4ed2c0d5a..b3610f33ef 100644 --- a/cmd/provider/cognitoidp/zz_main.go +++ b/cmd/provider/cognitoidp/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-cognitoidp", diff --git a/cmd/provider/config/zz_main.go b/cmd/provider/config/zz_main.go index 4aa91aac9d..0739ee3506 100644 --- a/cmd/provider/config/zz_main.go +++ b/cmd/provider/config/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-config", diff --git a/cmd/provider/configservice/zz_main.go b/cmd/provider/configservice/zz_main.go index b7d2ddb9de..fac20d22de 100644 --- a/cmd/provider/configservice/zz_main.go +++ b/cmd/provider/configservice/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-configservice", diff --git a/cmd/provider/connect/zz_main.go b/cmd/provider/connect/zz_main.go index 40c400ed4f..57a533005f 100644 --- a/cmd/provider/connect/zz_main.go +++ b/cmd/provider/connect/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-connect", diff --git a/cmd/provider/cur/zz_main.go b/cmd/provider/cur/zz_main.go index 2d381f40ef..229e4729aa 100644 --- a/cmd/provider/cur/zz_main.go +++ b/cmd/provider/cur/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-cur", diff --git a/cmd/provider/dataexchange/zz_main.go b/cmd/provider/dataexchange/zz_main.go index f31bdc444b..2799ec196c 100644 --- a/cmd/provider/dataexchange/zz_main.go +++ b/cmd/provider/dataexchange/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-dataexchange", diff --git a/cmd/provider/datapipeline/zz_main.go b/cmd/provider/datapipeline/zz_main.go index 51e21eeb07..a52b5ee3ec 100644 --- a/cmd/provider/datapipeline/zz_main.go +++ b/cmd/provider/datapipeline/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-datapipeline", diff --git a/cmd/provider/datasync/zz_main.go b/cmd/provider/datasync/zz_main.go index dcc6f511cc..5d4fff53aa 100644 --- a/cmd/provider/datasync/zz_main.go +++ b/cmd/provider/datasync/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-datasync", diff --git a/cmd/provider/dax/zz_main.go b/cmd/provider/dax/zz_main.go index 7c8fe9ad38..7ef3b534d4 100644 --- a/cmd/provider/dax/zz_main.go +++ b/cmd/provider/dax/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-dax", diff --git a/cmd/provider/deploy/zz_main.go b/cmd/provider/deploy/zz_main.go index 3fcb7ed99c..d6fa93d92b 100644 --- a/cmd/provider/deploy/zz_main.go +++ b/cmd/provider/deploy/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-deploy", diff --git a/cmd/provider/detective/zz_main.go b/cmd/provider/detective/zz_main.go index 52026fefa3..a4d613001d 100644 --- a/cmd/provider/detective/zz_main.go +++ b/cmd/provider/detective/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-detective", diff --git a/cmd/provider/devicefarm/zz_main.go b/cmd/provider/devicefarm/zz_main.go index 24c1361769..3b75431205 100644 --- a/cmd/provider/devicefarm/zz_main.go +++ b/cmd/provider/devicefarm/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-devicefarm", diff --git a/cmd/provider/directconnect/zz_main.go b/cmd/provider/directconnect/zz_main.go index b1c9976d13..b5952363b1 100644 --- a/cmd/provider/directconnect/zz_main.go +++ b/cmd/provider/directconnect/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-directconnect", diff --git a/cmd/provider/dlm/zz_main.go b/cmd/provider/dlm/zz_main.go index d8e08d0484..95c3b7fdf2 100644 --- a/cmd/provider/dlm/zz_main.go +++ b/cmd/provider/dlm/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-dlm", diff --git a/cmd/provider/dms/zz_main.go b/cmd/provider/dms/zz_main.go index 85565fc1df..2b8fba24ba 100644 --- a/cmd/provider/dms/zz_main.go +++ b/cmd/provider/dms/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-dms", diff --git a/cmd/provider/docdb/zz_main.go b/cmd/provider/docdb/zz_main.go index d39265fa56..ee90c4fde7 100644 --- a/cmd/provider/docdb/zz_main.go +++ b/cmd/provider/docdb/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-docdb", diff --git a/cmd/provider/ds/zz_main.go b/cmd/provider/ds/zz_main.go index 0eec10491a..ef775fa90d 100644 --- a/cmd/provider/ds/zz_main.go +++ b/cmd/provider/ds/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-ds", diff --git a/cmd/provider/dynamodb/zz_main.go b/cmd/provider/dynamodb/zz_main.go index 85b35b44e6..48bbac37ad 100644 --- a/cmd/provider/dynamodb/zz_main.go +++ b/cmd/provider/dynamodb/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-dynamodb", diff --git a/cmd/provider/ec2/zz_main.go b/cmd/provider/ec2/zz_main.go index b8c189c63a..0ff7c9a6d0 100644 --- a/cmd/provider/ec2/zz_main.go +++ b/cmd/provider/ec2/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-ec2", diff --git a/cmd/provider/ecr/zz_main.go b/cmd/provider/ecr/zz_main.go index 43f6ea91d0..20295fef05 100644 --- a/cmd/provider/ecr/zz_main.go +++ b/cmd/provider/ecr/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-ecr", diff --git a/cmd/provider/ecrpublic/zz_main.go b/cmd/provider/ecrpublic/zz_main.go index b576d30f6e..da5dd0442c 100644 --- a/cmd/provider/ecrpublic/zz_main.go +++ b/cmd/provider/ecrpublic/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-ecrpublic", diff --git a/cmd/provider/ecs/zz_main.go b/cmd/provider/ecs/zz_main.go index 86c41d09ab..6b47178d44 100644 --- a/cmd/provider/ecs/zz_main.go +++ b/cmd/provider/ecs/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-ecs", diff --git a/cmd/provider/efs/zz_main.go b/cmd/provider/efs/zz_main.go index 6b537727bb..c571e22378 100644 --- a/cmd/provider/efs/zz_main.go +++ b/cmd/provider/efs/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-efs", diff --git a/cmd/provider/eks/zz_main.go b/cmd/provider/eks/zz_main.go index c06fb1103e..0d809531fc 100644 --- a/cmd/provider/eks/zz_main.go +++ b/cmd/provider/eks/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-eks", diff --git a/cmd/provider/elasticache/zz_main.go b/cmd/provider/elasticache/zz_main.go index 3e1e8ed433..3272ac947f 100644 --- a/cmd/provider/elasticache/zz_main.go +++ b/cmd/provider/elasticache/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-elasticache", diff --git a/cmd/provider/elasticbeanstalk/zz_main.go b/cmd/provider/elasticbeanstalk/zz_main.go index 018e4694a2..88b57b66f6 100644 --- a/cmd/provider/elasticbeanstalk/zz_main.go +++ b/cmd/provider/elasticbeanstalk/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-elasticbeanstalk", diff --git a/cmd/provider/elasticsearch/zz_main.go b/cmd/provider/elasticsearch/zz_main.go index 96cfcf7e93..545cb81788 100644 --- a/cmd/provider/elasticsearch/zz_main.go +++ b/cmd/provider/elasticsearch/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-elasticsearch", diff --git a/cmd/provider/elastictranscoder/zz_main.go b/cmd/provider/elastictranscoder/zz_main.go index 1b29eee6fd..08b56cd0db 100644 --- a/cmd/provider/elastictranscoder/zz_main.go +++ b/cmd/provider/elastictranscoder/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-elastictranscoder", diff --git a/cmd/provider/elb/zz_main.go b/cmd/provider/elb/zz_main.go index 882895713e..0303a75780 100644 --- a/cmd/provider/elb/zz_main.go +++ b/cmd/provider/elb/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-elb", diff --git a/cmd/provider/elbv2/zz_main.go b/cmd/provider/elbv2/zz_main.go index 520208e93d..62c74b6268 100644 --- a/cmd/provider/elbv2/zz_main.go +++ b/cmd/provider/elbv2/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-elbv2", diff --git a/cmd/provider/emr/zz_main.go b/cmd/provider/emr/zz_main.go index cdccda3804..3abfd55e5c 100644 --- a/cmd/provider/emr/zz_main.go +++ b/cmd/provider/emr/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-emr", diff --git a/cmd/provider/emrserverless/zz_main.go b/cmd/provider/emrserverless/zz_main.go index fb3bdaddc3..c27e230ccf 100644 --- a/cmd/provider/emrserverless/zz_main.go +++ b/cmd/provider/emrserverless/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-emrserverless", diff --git a/cmd/provider/evidently/zz_main.go b/cmd/provider/evidently/zz_main.go index 60f60e088e..ad94575b37 100644 --- a/cmd/provider/evidently/zz_main.go +++ b/cmd/provider/evidently/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-evidently", diff --git a/cmd/provider/firehose/zz_main.go b/cmd/provider/firehose/zz_main.go index 42499fed16..9f72f3aacc 100644 --- a/cmd/provider/firehose/zz_main.go +++ b/cmd/provider/firehose/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-firehose", diff --git a/cmd/provider/fis/zz_main.go b/cmd/provider/fis/zz_main.go index d4330a251b..f6fd7c2c8f 100644 --- a/cmd/provider/fis/zz_main.go +++ b/cmd/provider/fis/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-fis", diff --git a/cmd/provider/fsx/zz_main.go b/cmd/provider/fsx/zz_main.go index 9ff5a929d6..a234cda4c9 100644 --- a/cmd/provider/fsx/zz_main.go +++ b/cmd/provider/fsx/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-fsx", diff --git a/cmd/provider/gamelift/zz_main.go b/cmd/provider/gamelift/zz_main.go index 7bc6a4d16d..15be4b1dbb 100644 --- a/cmd/provider/gamelift/zz_main.go +++ b/cmd/provider/gamelift/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-gamelift", diff --git a/cmd/provider/glacier/zz_main.go b/cmd/provider/glacier/zz_main.go index 909aefc134..4e5b46547f 100644 --- a/cmd/provider/glacier/zz_main.go +++ b/cmd/provider/glacier/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-glacier", diff --git a/cmd/provider/globalaccelerator/zz_main.go b/cmd/provider/globalaccelerator/zz_main.go index dd9d534a39..b37c16e41d 100644 --- a/cmd/provider/globalaccelerator/zz_main.go +++ b/cmd/provider/globalaccelerator/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-globalaccelerator", diff --git a/cmd/provider/glue/zz_main.go b/cmd/provider/glue/zz_main.go index b8166eedd2..d839e190dc 100644 --- a/cmd/provider/glue/zz_main.go +++ b/cmd/provider/glue/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-glue", diff --git a/cmd/provider/grafana/zz_main.go b/cmd/provider/grafana/zz_main.go index 368f8b46dc..4802553ea2 100644 --- a/cmd/provider/grafana/zz_main.go +++ b/cmd/provider/grafana/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-grafana", diff --git a/cmd/provider/guardduty/zz_main.go b/cmd/provider/guardduty/zz_main.go index 69f99de07e..637c966864 100644 --- a/cmd/provider/guardduty/zz_main.go +++ b/cmd/provider/guardduty/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-guardduty", diff --git a/cmd/provider/iam/zz_main.go b/cmd/provider/iam/zz_main.go index 7a27054130..041d0a67c4 100644 --- a/cmd/provider/iam/zz_main.go +++ b/cmd/provider/iam/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-iam", diff --git a/cmd/provider/identitystore/zz_main.go b/cmd/provider/identitystore/zz_main.go index aedcaad0aa..6ffef9c75e 100644 --- a/cmd/provider/identitystore/zz_main.go +++ b/cmd/provider/identitystore/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-identitystore", diff --git a/cmd/provider/imagebuilder/zz_main.go b/cmd/provider/imagebuilder/zz_main.go index 1d2d2f8bb4..1666d59703 100644 --- a/cmd/provider/imagebuilder/zz_main.go +++ b/cmd/provider/imagebuilder/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-imagebuilder", diff --git a/cmd/provider/inspector/zz_main.go b/cmd/provider/inspector/zz_main.go index f33bb52205..b61d5dad84 100644 --- a/cmd/provider/inspector/zz_main.go +++ b/cmd/provider/inspector/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-inspector", diff --git a/cmd/provider/inspector2/zz_main.go b/cmd/provider/inspector2/zz_main.go index e01132a840..50eb920b3f 100644 --- a/cmd/provider/inspector2/zz_main.go +++ b/cmd/provider/inspector2/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-inspector2", diff --git a/cmd/provider/iot/zz_main.go b/cmd/provider/iot/zz_main.go index a38d628dc1..539b4ee00a 100644 --- a/cmd/provider/iot/zz_main.go +++ b/cmd/provider/iot/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-iot", diff --git a/cmd/provider/ivs/zz_main.go b/cmd/provider/ivs/zz_main.go index adb0c25eeb..9da0dae4e8 100644 --- a/cmd/provider/ivs/zz_main.go +++ b/cmd/provider/ivs/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-ivs", diff --git a/cmd/provider/kafka/zz_main.go b/cmd/provider/kafka/zz_main.go index 0b6e6f63b6..f1b269ba25 100644 --- a/cmd/provider/kafka/zz_main.go +++ b/cmd/provider/kafka/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-kafka", diff --git a/cmd/provider/kendra/zz_main.go b/cmd/provider/kendra/zz_main.go index 7a21e91a89..bcae21cc36 100644 --- a/cmd/provider/kendra/zz_main.go +++ b/cmd/provider/kendra/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-kendra", diff --git a/cmd/provider/keyspaces/zz_main.go b/cmd/provider/keyspaces/zz_main.go index b3b8a8dc93..116902a037 100644 --- a/cmd/provider/keyspaces/zz_main.go +++ b/cmd/provider/keyspaces/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-keyspaces", diff --git a/cmd/provider/kinesis/zz_main.go b/cmd/provider/kinesis/zz_main.go index c91300f487..b65cd009bf 100644 --- a/cmd/provider/kinesis/zz_main.go +++ b/cmd/provider/kinesis/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-kinesis", diff --git a/cmd/provider/kinesisanalytics/zz_main.go b/cmd/provider/kinesisanalytics/zz_main.go index da24c03663..06ee9fe5c1 100644 --- a/cmd/provider/kinesisanalytics/zz_main.go +++ b/cmd/provider/kinesisanalytics/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-kinesisanalytics", diff --git a/cmd/provider/kinesisanalyticsv2/zz_main.go b/cmd/provider/kinesisanalyticsv2/zz_main.go index defabe48ef..b271070bc4 100644 --- a/cmd/provider/kinesisanalyticsv2/zz_main.go +++ b/cmd/provider/kinesisanalyticsv2/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-kinesisanalyticsv2", diff --git a/cmd/provider/kinesisvideo/zz_main.go b/cmd/provider/kinesisvideo/zz_main.go index 7a99fbd90b..5a5a5336d5 100644 --- a/cmd/provider/kinesisvideo/zz_main.go +++ b/cmd/provider/kinesisvideo/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-kinesisvideo", diff --git a/cmd/provider/kms/zz_main.go b/cmd/provider/kms/zz_main.go index 01d3c5eb48..3217892c0d 100644 --- a/cmd/provider/kms/zz_main.go +++ b/cmd/provider/kms/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-kms", diff --git a/cmd/provider/lakeformation/zz_main.go b/cmd/provider/lakeformation/zz_main.go index f7fbc36e94..9f0cfa379f 100644 --- a/cmd/provider/lakeformation/zz_main.go +++ b/cmd/provider/lakeformation/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-lakeformation", diff --git a/cmd/provider/lambda/zz_main.go b/cmd/provider/lambda/zz_main.go index 53473e94b3..4f3661b58b 100644 --- a/cmd/provider/lambda/zz_main.go +++ b/cmd/provider/lambda/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-lambda", diff --git a/cmd/provider/lexmodels/zz_main.go b/cmd/provider/lexmodels/zz_main.go index 5eb4b353c0..66ee9e88ca 100644 --- a/cmd/provider/lexmodels/zz_main.go +++ b/cmd/provider/lexmodels/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-lexmodels", diff --git a/cmd/provider/licensemanager/zz_main.go b/cmd/provider/licensemanager/zz_main.go index 4f266a4ab8..69baaf8a29 100644 --- a/cmd/provider/licensemanager/zz_main.go +++ b/cmd/provider/licensemanager/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-licensemanager", diff --git a/cmd/provider/lightsail/zz_main.go b/cmd/provider/lightsail/zz_main.go index 839a0b4ae7..9bb517a2cb 100644 --- a/cmd/provider/lightsail/zz_main.go +++ b/cmd/provider/lightsail/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-lightsail", diff --git a/cmd/provider/location/zz_main.go b/cmd/provider/location/zz_main.go index 4154719923..91cc91e0e9 100644 --- a/cmd/provider/location/zz_main.go +++ b/cmd/provider/location/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-location", diff --git a/cmd/provider/macie2/zz_main.go b/cmd/provider/macie2/zz_main.go index c9935909ae..9e919e317e 100644 --- a/cmd/provider/macie2/zz_main.go +++ b/cmd/provider/macie2/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-macie2", diff --git a/cmd/provider/mediaconvert/zz_main.go b/cmd/provider/mediaconvert/zz_main.go index a3c47074ed..320aeea7e2 100644 --- a/cmd/provider/mediaconvert/zz_main.go +++ b/cmd/provider/mediaconvert/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-mediaconvert", diff --git a/cmd/provider/medialive/zz_main.go b/cmd/provider/medialive/zz_main.go index 3bf7895f0b..7bc2ac1153 100644 --- a/cmd/provider/medialive/zz_main.go +++ b/cmd/provider/medialive/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-medialive", diff --git a/cmd/provider/mediapackage/zz_main.go b/cmd/provider/mediapackage/zz_main.go index 198c295105..3695cdf6d5 100644 --- a/cmd/provider/mediapackage/zz_main.go +++ b/cmd/provider/mediapackage/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-mediapackage", diff --git a/cmd/provider/mediastore/zz_main.go b/cmd/provider/mediastore/zz_main.go index 13cc306b56..29b19828d8 100644 --- a/cmd/provider/mediastore/zz_main.go +++ b/cmd/provider/mediastore/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-mediastore", diff --git a/cmd/provider/memorydb/zz_main.go b/cmd/provider/memorydb/zz_main.go index 3faacf6e6e..d9fdcbd9ff 100644 --- a/cmd/provider/memorydb/zz_main.go +++ b/cmd/provider/memorydb/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-memorydb", diff --git a/cmd/provider/monolith/zz_main.go b/cmd/provider/monolith/zz_main.go index c43485a478..b918ae5aa3 100644 --- a/cmd/provider/monolith/zz_main.go +++ b/cmd/provider/monolith/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws", diff --git a/cmd/provider/mq/zz_main.go b/cmd/provider/mq/zz_main.go index 257f408e88..e0f3a73f46 100644 --- a/cmd/provider/mq/zz_main.go +++ b/cmd/provider/mq/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-mq", diff --git a/cmd/provider/neptune/zz_main.go b/cmd/provider/neptune/zz_main.go index e347bf0220..88acb4eaaf 100644 --- a/cmd/provider/neptune/zz_main.go +++ b/cmd/provider/neptune/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-neptune", diff --git a/cmd/provider/networkfirewall/zz_main.go b/cmd/provider/networkfirewall/zz_main.go index 0aeb0e9bef..986d94bc1a 100644 --- a/cmd/provider/networkfirewall/zz_main.go +++ b/cmd/provider/networkfirewall/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-networkfirewall", diff --git a/cmd/provider/networkmanager/zz_main.go b/cmd/provider/networkmanager/zz_main.go index 9c472bf952..fda2b39ecc 100644 --- a/cmd/provider/networkmanager/zz_main.go +++ b/cmd/provider/networkmanager/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-networkmanager", diff --git a/cmd/provider/opensearch/zz_main.go b/cmd/provider/opensearch/zz_main.go index d91be04b03..2d99b7e88c 100644 --- a/cmd/provider/opensearch/zz_main.go +++ b/cmd/provider/opensearch/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-opensearch", diff --git a/cmd/provider/opsworks/zz_main.go b/cmd/provider/opsworks/zz_main.go index e31209d706..db2de86c1f 100644 --- a/cmd/provider/opsworks/zz_main.go +++ b/cmd/provider/opsworks/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-opsworks", diff --git a/cmd/provider/organizations/zz_main.go b/cmd/provider/organizations/zz_main.go index 33b0b3bd7b..7f71815107 100644 --- a/cmd/provider/organizations/zz_main.go +++ b/cmd/provider/organizations/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-organizations", diff --git a/cmd/provider/pinpoint/zz_main.go b/cmd/provider/pinpoint/zz_main.go index 00ce94306d..7cb62a7faa 100644 --- a/cmd/provider/pinpoint/zz_main.go +++ b/cmd/provider/pinpoint/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-pinpoint", diff --git a/cmd/provider/qldb/zz_main.go b/cmd/provider/qldb/zz_main.go index f739918b33..eb794ee4e6 100644 --- a/cmd/provider/qldb/zz_main.go +++ b/cmd/provider/qldb/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-qldb", diff --git a/cmd/provider/quicksight/zz_main.go b/cmd/provider/quicksight/zz_main.go index 88234c40cf..222d09180b 100644 --- a/cmd/provider/quicksight/zz_main.go +++ b/cmd/provider/quicksight/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-quicksight", diff --git a/cmd/provider/ram/zz_main.go b/cmd/provider/ram/zz_main.go index f2a8e92236..bb3c3f2c4b 100644 --- a/cmd/provider/ram/zz_main.go +++ b/cmd/provider/ram/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-ram", diff --git a/cmd/provider/rds/zz_main.go b/cmd/provider/rds/zz_main.go index d0f61d3605..9f5faa2afa 100644 --- a/cmd/provider/rds/zz_main.go +++ b/cmd/provider/rds/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-rds", diff --git a/cmd/provider/redshift/zz_main.go b/cmd/provider/redshift/zz_main.go index 1b6b8806e0..10970daa23 100644 --- a/cmd/provider/redshift/zz_main.go +++ b/cmd/provider/redshift/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-redshift", diff --git a/cmd/provider/redshiftserverless/zz_main.go b/cmd/provider/redshiftserverless/zz_main.go index ff537a54b7..29edbf52fc 100644 --- a/cmd/provider/redshiftserverless/zz_main.go +++ b/cmd/provider/redshiftserverless/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-redshiftserverless", diff --git a/cmd/provider/resourcegroups/zz_main.go b/cmd/provider/resourcegroups/zz_main.go index 12b720d46e..28fc9288f7 100644 --- a/cmd/provider/resourcegroups/zz_main.go +++ b/cmd/provider/resourcegroups/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-resourcegroups", diff --git a/cmd/provider/rolesanywhere/zz_main.go b/cmd/provider/rolesanywhere/zz_main.go index 872fd19ceb..1b1044ba11 100644 --- a/cmd/provider/rolesanywhere/zz_main.go +++ b/cmd/provider/rolesanywhere/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-rolesanywhere", diff --git a/cmd/provider/route53/zz_main.go b/cmd/provider/route53/zz_main.go index ec99182fd1..4f70f14712 100644 --- a/cmd/provider/route53/zz_main.go +++ b/cmd/provider/route53/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-route53", diff --git a/cmd/provider/route53recoverycontrolconfig/zz_main.go b/cmd/provider/route53recoverycontrolconfig/zz_main.go index 5272a6934b..aa0a36fd43 100644 --- a/cmd/provider/route53recoverycontrolconfig/zz_main.go +++ b/cmd/provider/route53recoverycontrolconfig/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-route53recoverycontrolconfig", diff --git a/cmd/provider/route53recoveryreadiness/zz_main.go b/cmd/provider/route53recoveryreadiness/zz_main.go index 418e1117db..258f70575a 100644 --- a/cmd/provider/route53recoveryreadiness/zz_main.go +++ b/cmd/provider/route53recoveryreadiness/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-route53recoveryreadiness", diff --git a/cmd/provider/route53resolver/zz_main.go b/cmd/provider/route53resolver/zz_main.go index 3b6a29e996..1c608ce5c5 100644 --- a/cmd/provider/route53resolver/zz_main.go +++ b/cmd/provider/route53resolver/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-route53resolver", diff --git a/cmd/provider/rum/zz_main.go b/cmd/provider/rum/zz_main.go index e2fcf88990..3f18ed4cb6 100644 --- a/cmd/provider/rum/zz_main.go +++ b/cmd/provider/rum/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-rum", diff --git a/cmd/provider/s3/zz_main.go b/cmd/provider/s3/zz_main.go index dc27b5a29f..1d1eb17c90 100644 --- a/cmd/provider/s3/zz_main.go +++ b/cmd/provider/s3/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-s3", diff --git a/cmd/provider/s3control/zz_main.go b/cmd/provider/s3control/zz_main.go index 8ebda3b817..dc3607ebdf 100644 --- a/cmd/provider/s3control/zz_main.go +++ b/cmd/provider/s3control/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-s3control", diff --git a/cmd/provider/sagemaker/zz_main.go b/cmd/provider/sagemaker/zz_main.go index b337337f49..ff183065bf 100644 --- a/cmd/provider/sagemaker/zz_main.go +++ b/cmd/provider/sagemaker/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-sagemaker", diff --git a/cmd/provider/scheduler/zz_main.go b/cmd/provider/scheduler/zz_main.go index 0618c378b6..fa6aca3862 100644 --- a/cmd/provider/scheduler/zz_main.go +++ b/cmd/provider/scheduler/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-scheduler", diff --git a/cmd/provider/schemas/zz_main.go b/cmd/provider/schemas/zz_main.go index 301ff09b7a..3284ec9dcc 100644 --- a/cmd/provider/schemas/zz_main.go +++ b/cmd/provider/schemas/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-schemas", diff --git a/cmd/provider/secretsmanager/zz_main.go b/cmd/provider/secretsmanager/zz_main.go index 6566cfe3d0..38eed14038 100644 --- a/cmd/provider/secretsmanager/zz_main.go +++ b/cmd/provider/secretsmanager/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-secretsmanager", diff --git a/cmd/provider/securityhub/zz_main.go b/cmd/provider/securityhub/zz_main.go index d68a6fe6fc..03c17a9572 100644 --- a/cmd/provider/securityhub/zz_main.go +++ b/cmd/provider/securityhub/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-securityhub", diff --git a/cmd/provider/serverlessrepo/zz_main.go b/cmd/provider/serverlessrepo/zz_main.go index f80cd52047..bc5597e6c7 100644 --- a/cmd/provider/serverlessrepo/zz_main.go +++ b/cmd/provider/serverlessrepo/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-serverlessrepo", diff --git a/cmd/provider/servicecatalog/zz_main.go b/cmd/provider/servicecatalog/zz_main.go index e2b343c408..27ba764009 100644 --- a/cmd/provider/servicecatalog/zz_main.go +++ b/cmd/provider/servicecatalog/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-servicecatalog", diff --git a/cmd/provider/servicediscovery/zz_main.go b/cmd/provider/servicediscovery/zz_main.go index 59c37aefbc..700e47993e 100644 --- a/cmd/provider/servicediscovery/zz_main.go +++ b/cmd/provider/servicediscovery/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-servicediscovery", diff --git a/cmd/provider/servicequotas/zz_main.go b/cmd/provider/servicequotas/zz_main.go index afd90aab8f..6fb1313f4d 100644 --- a/cmd/provider/servicequotas/zz_main.go +++ b/cmd/provider/servicequotas/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-servicequotas", diff --git a/cmd/provider/ses/zz_main.go b/cmd/provider/ses/zz_main.go index 27a675135b..120f92221e 100644 --- a/cmd/provider/ses/zz_main.go +++ b/cmd/provider/ses/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-ses", diff --git a/cmd/provider/sesv2/zz_main.go b/cmd/provider/sesv2/zz_main.go index da98e2af31..957b36c548 100644 --- a/cmd/provider/sesv2/zz_main.go +++ b/cmd/provider/sesv2/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-sesv2", diff --git a/cmd/provider/sfn/zz_main.go b/cmd/provider/sfn/zz_main.go index bc3f5492fa..6d68bfb78e 100644 --- a/cmd/provider/sfn/zz_main.go +++ b/cmd/provider/sfn/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-sfn", diff --git a/cmd/provider/signer/zz_main.go b/cmd/provider/signer/zz_main.go index f5bd100852..e6b3705185 100644 --- a/cmd/provider/signer/zz_main.go +++ b/cmd/provider/signer/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-signer", diff --git a/cmd/provider/simpledb/zz_main.go b/cmd/provider/simpledb/zz_main.go index 5aeab95bf2..f0772f3c79 100644 --- a/cmd/provider/simpledb/zz_main.go +++ b/cmd/provider/simpledb/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-simpledb", diff --git a/cmd/provider/sns/zz_main.go b/cmd/provider/sns/zz_main.go index c713a02bd6..4ce50d3877 100644 --- a/cmd/provider/sns/zz_main.go +++ b/cmd/provider/sns/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-sns", diff --git a/cmd/provider/sqs/zz_main.go b/cmd/provider/sqs/zz_main.go index 5934026051..8187216503 100644 --- a/cmd/provider/sqs/zz_main.go +++ b/cmd/provider/sqs/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-sqs", diff --git a/cmd/provider/ssm/zz_main.go b/cmd/provider/ssm/zz_main.go index f641eb2a9e..324630b6be 100644 --- a/cmd/provider/ssm/zz_main.go +++ b/cmd/provider/ssm/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-ssm", diff --git a/cmd/provider/ssoadmin/zz_main.go b/cmd/provider/ssoadmin/zz_main.go index 3252a868df..be98b604ac 100644 --- a/cmd/provider/ssoadmin/zz_main.go +++ b/cmd/provider/ssoadmin/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-ssoadmin", diff --git a/cmd/provider/swf/zz_main.go b/cmd/provider/swf/zz_main.go index c11d3f1193..f248cc7443 100644 --- a/cmd/provider/swf/zz_main.go +++ b/cmd/provider/swf/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-swf", diff --git a/cmd/provider/timestreamwrite/zz_main.go b/cmd/provider/timestreamwrite/zz_main.go index d04caa98f9..82d5020f33 100644 --- a/cmd/provider/timestreamwrite/zz_main.go +++ b/cmd/provider/timestreamwrite/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-timestreamwrite", diff --git a/cmd/provider/transcribe/zz_main.go b/cmd/provider/transcribe/zz_main.go index 9aaee8d223..33657e81ec 100644 --- a/cmd/provider/transcribe/zz_main.go +++ b/cmd/provider/transcribe/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-transcribe", diff --git a/cmd/provider/transfer/zz_main.go b/cmd/provider/transfer/zz_main.go index ddb3ae3302..cc4293a7ae 100644 --- a/cmd/provider/transfer/zz_main.go +++ b/cmd/provider/transfer/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-transfer", diff --git a/cmd/provider/vpc/zz_main.go b/cmd/provider/vpc/zz_main.go index 59496dbd41..f8694e3512 100644 --- a/cmd/provider/vpc/zz_main.go +++ b/cmd/provider/vpc/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-vpc", diff --git a/cmd/provider/waf/zz_main.go b/cmd/provider/waf/zz_main.go index 2fab051b1d..61ab1d8133 100644 --- a/cmd/provider/waf/zz_main.go +++ b/cmd/provider/waf/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-waf", diff --git a/cmd/provider/wafregional/zz_main.go b/cmd/provider/wafregional/zz_main.go index dc6733f135..ca0322d65f 100644 --- a/cmd/provider/wafregional/zz_main.go +++ b/cmd/provider/wafregional/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-wafregional", diff --git a/cmd/provider/wafv2/zz_main.go b/cmd/provider/wafv2/zz_main.go index 4fc64899be..cb91b1b606 100644 --- a/cmd/provider/wafv2/zz_main.go +++ b/cmd/provider/wafv2/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-wafv2", diff --git a/cmd/provider/workspaces/zz_main.go b/cmd/provider/workspaces/zz_main.go index e1bc7b82f3..26fc9becc1 100644 --- a/cmd/provider/workspaces/zz_main.go +++ b/cmd/provider/workspaces/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-workspaces", diff --git a/cmd/provider/xray/zz_main.go b/cmd/provider/xray/zz_main.go index 81684b7a6a..b8a4a64079 100644 --- a/cmd/provider/xray/zz_main.go +++ b/cmd/provider/xray/zz_main.go @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws-xray", diff --git a/hack/main.go.tmpl b/hack/main.go.tmpl index 7987b5cce5..03b09c92c2 100644 --- a/hack/main.go.tmpl +++ b/hack/main.go.tmpl @@ -38,6 +38,13 @@ import ( "github.com/upbound/provider-aws/internal/features" ) +const ( + webhookTLSCertDirEnvVar = "WEBHOOK_TLS_CERT_DIR" + tlsServerCertDirEnvVar = "TLS_SERVER_CERTS_DIR" + certsDirEnvVar = "CERTS_DIR" + tlsServerCertDir = "/tls/server" +) + func deprecationAction(flagName string) kingpin.Action { return func(c *kingpin.ParseContext) error { _, err := fmt.Fprintf(os.Stderr, "warning: Command-line flag %q is deprecated and no longer used. It will be removed in a future release. Please remove it from all of your configurations (ControllerConfigs, etc.).\n", flagName) @@ -60,7 +67,11 @@ func main() { essTLSCertsPath = app.Flag("ess-tls-cert-dir", "Path of ESS TLS certificates.").Envar("ESS_TLS_CERTS_DIR").String() enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default("/tls/server").Envar("CERTS_DIR").String() + certsDirSet = false + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + certsDirSet = true + return nil + }).String() // now deprecated command-line arguments with the Terraform SDK-based upjet architecture _ = app.Flag("provider-ttl", "[DEPRECATED: This option is no longer used and it will be removed in a future release.] TTL for the native plugin processes before they are replaced. Changing the default may increase memory consumption.").Hidden().Action(deprecationAction("provider-ttl")).Int() @@ -89,6 +100,28 @@ func main() { cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") + // Get the TLS certs directory from the environment variables set by + // Crossplane if they're available. + // In older XP versions we used WEBHOOK_TLS_CERT_DIR, in newer versions + // we use TLS_SERVER_CERTS_DIR. If an explicit certs dir is not supplied + // via the command-line options, then these environment variables are used + // instead. + if !certsDirSet { + // backwards-compatibility concerns + xpCertsDir := os.Getenv(certsDirEnvVar) + if xpCertsDir == "" { + xpCertsDir = os.Getenv(tlsServerCertDirEnvVar) + } + if xpCertsDir == "" { + xpCertsDir = os.Getenv(webhookTLSCertDirEnvVar) + } + // we probably don't need this condition but just to be on the + // safe side, if we are missing any kingpin machinery details... + if xpCertsDir != "" { + *certsDir = xpCertsDir + } + } + mgr, err := ctrl.NewManager(ratelimiter.LimitRESTConfig(cfg, *maxReconcileRate), ctrl.Options{ LeaderElection: *leaderElection, LeaderElectionID: "crossplane-leader-election-provider-aws{{ if ne .Group "monolith" }}-{{ .Group }}{{ end }}", From 6279a766d3dce638e5e2d52274f2629d34063843 Mon Sep 17 00:00:00 2001 From: Alper Rifat Ulucinar Date: Thu, 15 Feb 2024 16:33:20 +0300 Subject: [PATCH 2/2] Fix the API version of RouteTable.ec2 in the example manifest examples/ec2/v1beta2/route.yaml Add the uptest.upbound.io/disable-import annotation for Route.ec2 due to an uptest limitation. - Document the PreAction usage for the command-line flag "--certs-dir" Signed-off-by: Alper Rifat Ulucinar --- cmd/provider/accessanalyzer/zz_main.go | 4 +++- cmd/provider/account/zz_main.go | 4 +++- cmd/provider/acm/zz_main.go | 4 +++- cmd/provider/acmpca/zz_main.go | 4 +++- cmd/provider/amp/zz_main.go | 4 +++- cmd/provider/amplify/zz_main.go | 4 +++- cmd/provider/apigateway/zz_main.go | 4 +++- cmd/provider/apigatewayv2/zz_main.go | 4 +++- cmd/provider/appautoscaling/zz_main.go | 4 +++- cmd/provider/appconfig/zz_main.go | 4 +++- cmd/provider/appflow/zz_main.go | 4 +++- cmd/provider/appintegrations/zz_main.go | 4 +++- cmd/provider/applicationinsights/zz_main.go | 4 +++- cmd/provider/appmesh/zz_main.go | 4 +++- cmd/provider/apprunner/zz_main.go | 4 +++- cmd/provider/appstream/zz_main.go | 4 +++- cmd/provider/appsync/zz_main.go | 4 +++- cmd/provider/athena/zz_main.go | 4 +++- cmd/provider/autoscaling/zz_main.go | 4 +++- cmd/provider/autoscalingplans/zz_main.go | 4 +++- cmd/provider/backup/zz_main.go | 4 +++- cmd/provider/batch/zz_main.go | 4 +++- cmd/provider/budgets/zz_main.go | 4 +++- cmd/provider/ce/zz_main.go | 4 +++- cmd/provider/chime/zz_main.go | 4 +++- cmd/provider/cloud9/zz_main.go | 4 +++- cmd/provider/cloudcontrol/zz_main.go | 4 +++- cmd/provider/cloudformation/zz_main.go | 4 +++- cmd/provider/cloudfront/zz_main.go | 4 +++- cmd/provider/cloudsearch/zz_main.go | 4 +++- cmd/provider/cloudtrail/zz_main.go | 4 +++- cmd/provider/cloudwatch/zz_main.go | 4 +++- cmd/provider/cloudwatchevents/zz_main.go | 4 +++- cmd/provider/cloudwatchlogs/zz_main.go | 4 +++- cmd/provider/codecommit/zz_main.go | 4 +++- cmd/provider/codepipeline/zz_main.go | 4 +++- cmd/provider/codestarconnections/zz_main.go | 4 +++- cmd/provider/codestarnotifications/zz_main.go | 4 +++- cmd/provider/cognitoidentity/zz_main.go | 4 +++- cmd/provider/cognitoidp/zz_main.go | 4 +++- cmd/provider/config/zz_main.go | 4 +++- cmd/provider/configservice/zz_main.go | 4 +++- cmd/provider/connect/zz_main.go | 4 +++- cmd/provider/cur/zz_main.go | 4 +++- cmd/provider/dataexchange/zz_main.go | 4 +++- cmd/provider/datapipeline/zz_main.go | 4 +++- cmd/provider/datasync/zz_main.go | 4 +++- cmd/provider/dax/zz_main.go | 4 +++- cmd/provider/deploy/zz_main.go | 4 +++- cmd/provider/detective/zz_main.go | 4 +++- cmd/provider/devicefarm/zz_main.go | 4 +++- cmd/provider/directconnect/zz_main.go | 4 +++- cmd/provider/dlm/zz_main.go | 4 +++- cmd/provider/dms/zz_main.go | 4 +++- cmd/provider/docdb/zz_main.go | 4 +++- cmd/provider/ds/zz_main.go | 4 +++- cmd/provider/dynamodb/zz_main.go | 4 +++- cmd/provider/ec2/zz_main.go | 4 +++- cmd/provider/ecr/zz_main.go | 4 +++- cmd/provider/ecrpublic/zz_main.go | 4 +++- cmd/provider/ecs/zz_main.go | 4 +++- cmd/provider/efs/zz_main.go | 4 +++- cmd/provider/eks/zz_main.go | 4 +++- cmd/provider/elasticache/zz_main.go | 4 +++- cmd/provider/elasticbeanstalk/zz_main.go | 4 +++- cmd/provider/elasticsearch/zz_main.go | 4 +++- cmd/provider/elastictranscoder/zz_main.go | 4 +++- cmd/provider/elb/zz_main.go | 4 +++- cmd/provider/elbv2/zz_main.go | 4 +++- cmd/provider/emr/zz_main.go | 4 +++- cmd/provider/emrserverless/zz_main.go | 4 +++- cmd/provider/evidently/zz_main.go | 4 +++- cmd/provider/firehose/zz_main.go | 4 +++- cmd/provider/fis/zz_main.go | 4 +++- cmd/provider/fsx/zz_main.go | 4 +++- cmd/provider/gamelift/zz_main.go | 4 +++- cmd/provider/glacier/zz_main.go | 4 +++- cmd/provider/globalaccelerator/zz_main.go | 4 +++- cmd/provider/glue/zz_main.go | 4 +++- cmd/provider/grafana/zz_main.go | 4 +++- cmd/provider/guardduty/zz_main.go | 4 +++- cmd/provider/iam/zz_main.go | 4 +++- cmd/provider/identitystore/zz_main.go | 4 +++- cmd/provider/imagebuilder/zz_main.go | 4 +++- cmd/provider/inspector/zz_main.go | 4 +++- cmd/provider/inspector2/zz_main.go | 4 +++- cmd/provider/iot/zz_main.go | 4 +++- cmd/provider/ivs/zz_main.go | 4 +++- cmd/provider/kafka/zz_main.go | 4 +++- cmd/provider/kendra/zz_main.go | 4 +++- cmd/provider/keyspaces/zz_main.go | 4 +++- cmd/provider/kinesis/zz_main.go | 4 +++- cmd/provider/kinesisanalytics/zz_main.go | 4 +++- cmd/provider/kinesisanalyticsv2/zz_main.go | 4 +++- cmd/provider/kinesisvideo/zz_main.go | 4 +++- cmd/provider/kms/zz_main.go | 4 +++- cmd/provider/lakeformation/zz_main.go | 4 +++- cmd/provider/lambda/zz_main.go | 4 +++- cmd/provider/lexmodels/zz_main.go | 4 +++- cmd/provider/licensemanager/zz_main.go | 4 +++- cmd/provider/lightsail/zz_main.go | 4 +++- cmd/provider/location/zz_main.go | 4 +++- cmd/provider/macie2/zz_main.go | 4 +++- cmd/provider/mediaconvert/zz_main.go | 4 +++- cmd/provider/medialive/zz_main.go | 4 +++- cmd/provider/mediapackage/zz_main.go | 4 +++- cmd/provider/mediastore/zz_main.go | 4 +++- cmd/provider/memorydb/zz_main.go | 4 +++- cmd/provider/monolith/zz_main.go | 4 +++- cmd/provider/mq/zz_main.go | 4 +++- cmd/provider/neptune/zz_main.go | 4 +++- cmd/provider/networkfirewall/zz_main.go | 4 +++- cmd/provider/networkmanager/zz_main.go | 4 +++- cmd/provider/opensearch/zz_main.go | 4 +++- cmd/provider/opsworks/zz_main.go | 4 +++- cmd/provider/organizations/zz_main.go | 4 +++- cmd/provider/pinpoint/zz_main.go | 4 +++- cmd/provider/qldb/zz_main.go | 4 +++- cmd/provider/quicksight/zz_main.go | 4 +++- cmd/provider/ram/zz_main.go | 4 +++- cmd/provider/rds/zz_main.go | 4 +++- cmd/provider/redshift/zz_main.go | 4 +++- cmd/provider/redshiftserverless/zz_main.go | 4 +++- cmd/provider/resourcegroups/zz_main.go | 4 +++- cmd/provider/rolesanywhere/zz_main.go | 4 +++- cmd/provider/route53/zz_main.go | 4 +++- cmd/provider/route53recoverycontrolconfig/zz_main.go | 4 +++- cmd/provider/route53recoveryreadiness/zz_main.go | 4 +++- cmd/provider/route53resolver/zz_main.go | 4 +++- cmd/provider/rum/zz_main.go | 4 +++- cmd/provider/s3/zz_main.go | 4 +++- cmd/provider/s3control/zz_main.go | 4 +++- cmd/provider/sagemaker/zz_main.go | 4 +++- cmd/provider/scheduler/zz_main.go | 4 +++- cmd/provider/schemas/zz_main.go | 4 +++- cmd/provider/secretsmanager/zz_main.go | 4 +++- cmd/provider/securityhub/zz_main.go | 4 +++- cmd/provider/serverlessrepo/zz_main.go | 4 +++- cmd/provider/servicecatalog/zz_main.go | 4 +++- cmd/provider/servicediscovery/zz_main.go | 4 +++- cmd/provider/servicequotas/zz_main.go | 4 +++- cmd/provider/ses/zz_main.go | 4 +++- cmd/provider/sesv2/zz_main.go | 4 +++- cmd/provider/sfn/zz_main.go | 4 +++- cmd/provider/signer/zz_main.go | 4 +++- cmd/provider/simpledb/zz_main.go | 4 +++- cmd/provider/sns/zz_main.go | 4 +++- cmd/provider/sqs/zz_main.go | 4 +++- cmd/provider/ssm/zz_main.go | 4 +++- cmd/provider/ssoadmin/zz_main.go | 4 +++- cmd/provider/swf/zz_main.go | 4 +++- cmd/provider/timestreamwrite/zz_main.go | 4 +++- cmd/provider/transcribe/zz_main.go | 4 +++- cmd/provider/transfer/zz_main.go | 4 +++- cmd/provider/vpc/zz_main.go | 4 +++- cmd/provider/waf/zz_main.go | 4 +++- cmd/provider/wafregional/zz_main.go | 4 +++- cmd/provider/wafv2/zz_main.go | 4 +++- cmd/provider/workspaces/zz_main.go | 4 +++- cmd/provider/xray/zz_main.go | 4 +++- examples/ec2/v1beta2/route.yaml | 4 +++- hack/main.go.tmpl | 4 +++- 162 files changed, 486 insertions(+), 162 deletions(-) diff --git a/cmd/provider/accessanalyzer/zz_main.go b/cmd/provider/accessanalyzer/zz_main.go index 7826c372ba..4ba1891bb9 100644 --- a/cmd/provider/accessanalyzer/zz_main.go +++ b/cmd/provider/accessanalyzer/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/account/zz_main.go b/cmd/provider/account/zz_main.go index c2cece68bd..533118d326 100644 --- a/cmd/provider/account/zz_main.go +++ b/cmd/provider/account/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/acm/zz_main.go b/cmd/provider/acm/zz_main.go index 1650af3e6b..252d909f65 100644 --- a/cmd/provider/acm/zz_main.go +++ b/cmd/provider/acm/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/acmpca/zz_main.go b/cmd/provider/acmpca/zz_main.go index 55b20109ff..931f4efce1 100644 --- a/cmd/provider/acmpca/zz_main.go +++ b/cmd/provider/acmpca/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/amp/zz_main.go b/cmd/provider/amp/zz_main.go index 62e018b1cd..b9c3a367a8 100644 --- a/cmd/provider/amp/zz_main.go +++ b/cmd/provider/amp/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/amplify/zz_main.go b/cmd/provider/amplify/zz_main.go index a710bf8703..821cb5f295 100644 --- a/cmd/provider/amplify/zz_main.go +++ b/cmd/provider/amplify/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/apigateway/zz_main.go b/cmd/provider/apigateway/zz_main.go index 69c5d9b0b6..0d4191b11b 100644 --- a/cmd/provider/apigateway/zz_main.go +++ b/cmd/provider/apigateway/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/apigatewayv2/zz_main.go b/cmd/provider/apigatewayv2/zz_main.go index 2ce38667e9..0f07395bf0 100644 --- a/cmd/provider/apigatewayv2/zz_main.go +++ b/cmd/provider/apigatewayv2/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/appautoscaling/zz_main.go b/cmd/provider/appautoscaling/zz_main.go index 017afca7c5..9f30a7ce90 100644 --- a/cmd/provider/appautoscaling/zz_main.go +++ b/cmd/provider/appautoscaling/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/appconfig/zz_main.go b/cmd/provider/appconfig/zz_main.go index cde047a3d9..026d1d32d4 100644 --- a/cmd/provider/appconfig/zz_main.go +++ b/cmd/provider/appconfig/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/appflow/zz_main.go b/cmd/provider/appflow/zz_main.go index d3f9cbf814..89eff8eaaa 100644 --- a/cmd/provider/appflow/zz_main.go +++ b/cmd/provider/appflow/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/appintegrations/zz_main.go b/cmd/provider/appintegrations/zz_main.go index 5570dabc83..ab188623ad 100644 --- a/cmd/provider/appintegrations/zz_main.go +++ b/cmd/provider/appintegrations/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/applicationinsights/zz_main.go b/cmd/provider/applicationinsights/zz_main.go index 9e53e19933..aeb8d59c2b 100644 --- a/cmd/provider/applicationinsights/zz_main.go +++ b/cmd/provider/applicationinsights/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/appmesh/zz_main.go b/cmd/provider/appmesh/zz_main.go index 8e369b6033..64c6b140b2 100644 --- a/cmd/provider/appmesh/zz_main.go +++ b/cmd/provider/appmesh/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/apprunner/zz_main.go b/cmd/provider/apprunner/zz_main.go index c0d4857593..87182d94c8 100644 --- a/cmd/provider/apprunner/zz_main.go +++ b/cmd/provider/apprunner/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/appstream/zz_main.go b/cmd/provider/appstream/zz_main.go index 2271ceaeba..dac9002b3e 100644 --- a/cmd/provider/appstream/zz_main.go +++ b/cmd/provider/appstream/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/appsync/zz_main.go b/cmd/provider/appsync/zz_main.go index 082b72bbb6..c6de718aee 100644 --- a/cmd/provider/appsync/zz_main.go +++ b/cmd/provider/appsync/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/athena/zz_main.go b/cmd/provider/athena/zz_main.go index b9905357cb..57d227824a 100644 --- a/cmd/provider/athena/zz_main.go +++ b/cmd/provider/athena/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/autoscaling/zz_main.go b/cmd/provider/autoscaling/zz_main.go index b76a63efbf..b7aff87f49 100644 --- a/cmd/provider/autoscaling/zz_main.go +++ b/cmd/provider/autoscaling/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/autoscalingplans/zz_main.go b/cmd/provider/autoscalingplans/zz_main.go index 1d3a67de6e..b40fbf69d7 100644 --- a/cmd/provider/autoscalingplans/zz_main.go +++ b/cmd/provider/autoscalingplans/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/backup/zz_main.go b/cmd/provider/backup/zz_main.go index 5ba336e0d1..4e853a6bf6 100644 --- a/cmd/provider/backup/zz_main.go +++ b/cmd/provider/backup/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/batch/zz_main.go b/cmd/provider/batch/zz_main.go index 5152f47d50..efc27c5287 100644 --- a/cmd/provider/batch/zz_main.go +++ b/cmd/provider/batch/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/budgets/zz_main.go b/cmd/provider/budgets/zz_main.go index b89df3f7a0..9370692eeb 100644 --- a/cmd/provider/budgets/zz_main.go +++ b/cmd/provider/budgets/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/ce/zz_main.go b/cmd/provider/ce/zz_main.go index 99b7374a8b..9490bbb988 100644 --- a/cmd/provider/ce/zz_main.go +++ b/cmd/provider/ce/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/chime/zz_main.go b/cmd/provider/chime/zz_main.go index 0b81357385..fa0c7752a1 100644 --- a/cmd/provider/chime/zz_main.go +++ b/cmd/provider/chime/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/cloud9/zz_main.go b/cmd/provider/cloud9/zz_main.go index 73a3c11062..144cf7d1dd 100644 --- a/cmd/provider/cloud9/zz_main.go +++ b/cmd/provider/cloud9/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/cloudcontrol/zz_main.go b/cmd/provider/cloudcontrol/zz_main.go index 21f18a42a7..4aeac4bc19 100644 --- a/cmd/provider/cloudcontrol/zz_main.go +++ b/cmd/provider/cloudcontrol/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/cloudformation/zz_main.go b/cmd/provider/cloudformation/zz_main.go index 3d6c8f4f61..f78c2c4529 100644 --- a/cmd/provider/cloudformation/zz_main.go +++ b/cmd/provider/cloudformation/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/cloudfront/zz_main.go b/cmd/provider/cloudfront/zz_main.go index 1145a35891..dd87be5830 100644 --- a/cmd/provider/cloudfront/zz_main.go +++ b/cmd/provider/cloudfront/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/cloudsearch/zz_main.go b/cmd/provider/cloudsearch/zz_main.go index 642215dc71..c9427a4fbc 100644 --- a/cmd/provider/cloudsearch/zz_main.go +++ b/cmd/provider/cloudsearch/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/cloudtrail/zz_main.go b/cmd/provider/cloudtrail/zz_main.go index e59b9cb50d..b866130a02 100644 --- a/cmd/provider/cloudtrail/zz_main.go +++ b/cmd/provider/cloudtrail/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/cloudwatch/zz_main.go b/cmd/provider/cloudwatch/zz_main.go index fde0cd9edb..bc25595002 100644 --- a/cmd/provider/cloudwatch/zz_main.go +++ b/cmd/provider/cloudwatch/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/cloudwatchevents/zz_main.go b/cmd/provider/cloudwatchevents/zz_main.go index c59b138a8a..1f7055903e 100644 --- a/cmd/provider/cloudwatchevents/zz_main.go +++ b/cmd/provider/cloudwatchevents/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/cloudwatchlogs/zz_main.go b/cmd/provider/cloudwatchlogs/zz_main.go index a9c7d2ce81..d20ed8979c 100644 --- a/cmd/provider/cloudwatchlogs/zz_main.go +++ b/cmd/provider/cloudwatchlogs/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/codecommit/zz_main.go b/cmd/provider/codecommit/zz_main.go index ee3759de77..ef687f1d22 100644 --- a/cmd/provider/codecommit/zz_main.go +++ b/cmd/provider/codecommit/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/codepipeline/zz_main.go b/cmd/provider/codepipeline/zz_main.go index 9e1fa991c2..3d7a18b905 100644 --- a/cmd/provider/codepipeline/zz_main.go +++ b/cmd/provider/codepipeline/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/codestarconnections/zz_main.go b/cmd/provider/codestarconnections/zz_main.go index dbf59b6168..3dedf71a53 100644 --- a/cmd/provider/codestarconnections/zz_main.go +++ b/cmd/provider/codestarconnections/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/codestarnotifications/zz_main.go b/cmd/provider/codestarnotifications/zz_main.go index eff3d11c7b..979fd16467 100644 --- a/cmd/provider/codestarnotifications/zz_main.go +++ b/cmd/provider/codestarnotifications/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/cognitoidentity/zz_main.go b/cmd/provider/cognitoidentity/zz_main.go index 6f0b30612c..2a1251b570 100644 --- a/cmd/provider/cognitoidentity/zz_main.go +++ b/cmd/provider/cognitoidentity/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/cognitoidp/zz_main.go b/cmd/provider/cognitoidp/zz_main.go index b3610f33ef..cefd0bc728 100644 --- a/cmd/provider/cognitoidp/zz_main.go +++ b/cmd/provider/cognitoidp/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/config/zz_main.go b/cmd/provider/config/zz_main.go index 0739ee3506..c49d2e0493 100644 --- a/cmd/provider/config/zz_main.go +++ b/cmd/provider/config/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/configservice/zz_main.go b/cmd/provider/configservice/zz_main.go index fac20d22de..21c4f07e13 100644 --- a/cmd/provider/configservice/zz_main.go +++ b/cmd/provider/configservice/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/connect/zz_main.go b/cmd/provider/connect/zz_main.go index 57a533005f..cecdf399c4 100644 --- a/cmd/provider/connect/zz_main.go +++ b/cmd/provider/connect/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/cur/zz_main.go b/cmd/provider/cur/zz_main.go index 229e4729aa..a49ee730ae 100644 --- a/cmd/provider/cur/zz_main.go +++ b/cmd/provider/cur/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/dataexchange/zz_main.go b/cmd/provider/dataexchange/zz_main.go index 2799ec196c..c7863f13be 100644 --- a/cmd/provider/dataexchange/zz_main.go +++ b/cmd/provider/dataexchange/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/datapipeline/zz_main.go b/cmd/provider/datapipeline/zz_main.go index a52b5ee3ec..52c6ebca6d 100644 --- a/cmd/provider/datapipeline/zz_main.go +++ b/cmd/provider/datapipeline/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/datasync/zz_main.go b/cmd/provider/datasync/zz_main.go index 5d4fff53aa..617609cba2 100644 --- a/cmd/provider/datasync/zz_main.go +++ b/cmd/provider/datasync/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/dax/zz_main.go b/cmd/provider/dax/zz_main.go index 7ef3b534d4..d844cf0bff 100644 --- a/cmd/provider/dax/zz_main.go +++ b/cmd/provider/dax/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/deploy/zz_main.go b/cmd/provider/deploy/zz_main.go index d6fa93d92b..69279bb20f 100644 --- a/cmd/provider/deploy/zz_main.go +++ b/cmd/provider/deploy/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/detective/zz_main.go b/cmd/provider/detective/zz_main.go index a4d613001d..d7e235fd77 100644 --- a/cmd/provider/detective/zz_main.go +++ b/cmd/provider/detective/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/devicefarm/zz_main.go b/cmd/provider/devicefarm/zz_main.go index 3b75431205..6359365a08 100644 --- a/cmd/provider/devicefarm/zz_main.go +++ b/cmd/provider/devicefarm/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/directconnect/zz_main.go b/cmd/provider/directconnect/zz_main.go index b5952363b1..75b63a7bc5 100644 --- a/cmd/provider/directconnect/zz_main.go +++ b/cmd/provider/directconnect/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/dlm/zz_main.go b/cmd/provider/dlm/zz_main.go index 95c3b7fdf2..6a6dc0cb48 100644 --- a/cmd/provider/dlm/zz_main.go +++ b/cmd/provider/dlm/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/dms/zz_main.go b/cmd/provider/dms/zz_main.go index 2b8fba24ba..934a2ce79b 100644 --- a/cmd/provider/dms/zz_main.go +++ b/cmd/provider/dms/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/docdb/zz_main.go b/cmd/provider/docdb/zz_main.go index ee90c4fde7..92f8b9f71a 100644 --- a/cmd/provider/docdb/zz_main.go +++ b/cmd/provider/docdb/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/ds/zz_main.go b/cmd/provider/ds/zz_main.go index ef775fa90d..26582f8753 100644 --- a/cmd/provider/ds/zz_main.go +++ b/cmd/provider/ds/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/dynamodb/zz_main.go b/cmd/provider/dynamodb/zz_main.go index 48bbac37ad..db9aa4f3c2 100644 --- a/cmd/provider/dynamodb/zz_main.go +++ b/cmd/provider/dynamodb/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/ec2/zz_main.go b/cmd/provider/ec2/zz_main.go index 0ff7c9a6d0..e77a504d6b 100644 --- a/cmd/provider/ec2/zz_main.go +++ b/cmd/provider/ec2/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/ecr/zz_main.go b/cmd/provider/ecr/zz_main.go index 20295fef05..ddda31ba90 100644 --- a/cmd/provider/ecr/zz_main.go +++ b/cmd/provider/ecr/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/ecrpublic/zz_main.go b/cmd/provider/ecrpublic/zz_main.go index da5dd0442c..b825ec1ca1 100644 --- a/cmd/provider/ecrpublic/zz_main.go +++ b/cmd/provider/ecrpublic/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/ecs/zz_main.go b/cmd/provider/ecs/zz_main.go index 6b47178d44..b414f69cd6 100644 --- a/cmd/provider/ecs/zz_main.go +++ b/cmd/provider/ecs/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/efs/zz_main.go b/cmd/provider/efs/zz_main.go index c571e22378..c8d1995c09 100644 --- a/cmd/provider/efs/zz_main.go +++ b/cmd/provider/efs/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/eks/zz_main.go b/cmd/provider/eks/zz_main.go index 0d809531fc..afc4428b6b 100644 --- a/cmd/provider/eks/zz_main.go +++ b/cmd/provider/eks/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/elasticache/zz_main.go b/cmd/provider/elasticache/zz_main.go index 3272ac947f..bf74611c96 100644 --- a/cmd/provider/elasticache/zz_main.go +++ b/cmd/provider/elasticache/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/elasticbeanstalk/zz_main.go b/cmd/provider/elasticbeanstalk/zz_main.go index 88b57b66f6..b021d68aee 100644 --- a/cmd/provider/elasticbeanstalk/zz_main.go +++ b/cmd/provider/elasticbeanstalk/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/elasticsearch/zz_main.go b/cmd/provider/elasticsearch/zz_main.go index 545cb81788..732d9537ba 100644 --- a/cmd/provider/elasticsearch/zz_main.go +++ b/cmd/provider/elasticsearch/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/elastictranscoder/zz_main.go b/cmd/provider/elastictranscoder/zz_main.go index 08b56cd0db..93654a784d 100644 --- a/cmd/provider/elastictranscoder/zz_main.go +++ b/cmd/provider/elastictranscoder/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/elb/zz_main.go b/cmd/provider/elb/zz_main.go index 0303a75780..34e165aa0d 100644 --- a/cmd/provider/elb/zz_main.go +++ b/cmd/provider/elb/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/elbv2/zz_main.go b/cmd/provider/elbv2/zz_main.go index 62c74b6268..be0da62dee 100644 --- a/cmd/provider/elbv2/zz_main.go +++ b/cmd/provider/elbv2/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/emr/zz_main.go b/cmd/provider/emr/zz_main.go index 3abfd55e5c..d9fda9256f 100644 --- a/cmd/provider/emr/zz_main.go +++ b/cmd/provider/emr/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/emrserverless/zz_main.go b/cmd/provider/emrserverless/zz_main.go index c27e230ccf..b5f1776161 100644 --- a/cmd/provider/emrserverless/zz_main.go +++ b/cmd/provider/emrserverless/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/evidently/zz_main.go b/cmd/provider/evidently/zz_main.go index ad94575b37..8337dcdded 100644 --- a/cmd/provider/evidently/zz_main.go +++ b/cmd/provider/evidently/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/firehose/zz_main.go b/cmd/provider/firehose/zz_main.go index 9f72f3aacc..cd4f47ff93 100644 --- a/cmd/provider/firehose/zz_main.go +++ b/cmd/provider/firehose/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/fis/zz_main.go b/cmd/provider/fis/zz_main.go index f6fd7c2c8f..7d369560d9 100644 --- a/cmd/provider/fis/zz_main.go +++ b/cmd/provider/fis/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/fsx/zz_main.go b/cmd/provider/fsx/zz_main.go index a234cda4c9..bdcc82e041 100644 --- a/cmd/provider/fsx/zz_main.go +++ b/cmd/provider/fsx/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/gamelift/zz_main.go b/cmd/provider/gamelift/zz_main.go index 15be4b1dbb..e10e9ed078 100644 --- a/cmd/provider/gamelift/zz_main.go +++ b/cmd/provider/gamelift/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/glacier/zz_main.go b/cmd/provider/glacier/zz_main.go index 4e5b46547f..9bc6687f2c 100644 --- a/cmd/provider/glacier/zz_main.go +++ b/cmd/provider/glacier/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/globalaccelerator/zz_main.go b/cmd/provider/globalaccelerator/zz_main.go index b37c16e41d..c17c2d9571 100644 --- a/cmd/provider/globalaccelerator/zz_main.go +++ b/cmd/provider/globalaccelerator/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/glue/zz_main.go b/cmd/provider/glue/zz_main.go index d839e190dc..cb2d76c441 100644 --- a/cmd/provider/glue/zz_main.go +++ b/cmd/provider/glue/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/grafana/zz_main.go b/cmd/provider/grafana/zz_main.go index 4802553ea2..f12d4a29db 100644 --- a/cmd/provider/grafana/zz_main.go +++ b/cmd/provider/grafana/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/guardduty/zz_main.go b/cmd/provider/guardduty/zz_main.go index 637c966864..e04ef87a99 100644 --- a/cmd/provider/guardduty/zz_main.go +++ b/cmd/provider/guardduty/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/iam/zz_main.go b/cmd/provider/iam/zz_main.go index 041d0a67c4..aef4a85e70 100644 --- a/cmd/provider/iam/zz_main.go +++ b/cmd/provider/iam/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/identitystore/zz_main.go b/cmd/provider/identitystore/zz_main.go index 6ffef9c75e..5c2e4afa02 100644 --- a/cmd/provider/identitystore/zz_main.go +++ b/cmd/provider/identitystore/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/imagebuilder/zz_main.go b/cmd/provider/imagebuilder/zz_main.go index 1666d59703..78b01484ee 100644 --- a/cmd/provider/imagebuilder/zz_main.go +++ b/cmd/provider/imagebuilder/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/inspector/zz_main.go b/cmd/provider/inspector/zz_main.go index b61d5dad84..1aba5136d7 100644 --- a/cmd/provider/inspector/zz_main.go +++ b/cmd/provider/inspector/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/inspector2/zz_main.go b/cmd/provider/inspector2/zz_main.go index 50eb920b3f..13b7caba5f 100644 --- a/cmd/provider/inspector2/zz_main.go +++ b/cmd/provider/inspector2/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/iot/zz_main.go b/cmd/provider/iot/zz_main.go index 539b4ee00a..08529c43f4 100644 --- a/cmd/provider/iot/zz_main.go +++ b/cmd/provider/iot/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/ivs/zz_main.go b/cmd/provider/ivs/zz_main.go index 9da0dae4e8..dea822426a 100644 --- a/cmd/provider/ivs/zz_main.go +++ b/cmd/provider/ivs/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/kafka/zz_main.go b/cmd/provider/kafka/zz_main.go index f1b269ba25..d3f0433b86 100644 --- a/cmd/provider/kafka/zz_main.go +++ b/cmd/provider/kafka/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/kendra/zz_main.go b/cmd/provider/kendra/zz_main.go index bcae21cc36..d18c5802a7 100644 --- a/cmd/provider/kendra/zz_main.go +++ b/cmd/provider/kendra/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/keyspaces/zz_main.go b/cmd/provider/keyspaces/zz_main.go index 116902a037..73b7255d15 100644 --- a/cmd/provider/keyspaces/zz_main.go +++ b/cmd/provider/keyspaces/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/kinesis/zz_main.go b/cmd/provider/kinesis/zz_main.go index b65cd009bf..ccb20d21ba 100644 --- a/cmd/provider/kinesis/zz_main.go +++ b/cmd/provider/kinesis/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/kinesisanalytics/zz_main.go b/cmd/provider/kinesisanalytics/zz_main.go index 06ee9fe5c1..c4b281aa8f 100644 --- a/cmd/provider/kinesisanalytics/zz_main.go +++ b/cmd/provider/kinesisanalytics/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/kinesisanalyticsv2/zz_main.go b/cmd/provider/kinesisanalyticsv2/zz_main.go index b271070bc4..aa40a50fbf 100644 --- a/cmd/provider/kinesisanalyticsv2/zz_main.go +++ b/cmd/provider/kinesisanalyticsv2/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/kinesisvideo/zz_main.go b/cmd/provider/kinesisvideo/zz_main.go index 5a5a5336d5..a7c12c1999 100644 --- a/cmd/provider/kinesisvideo/zz_main.go +++ b/cmd/provider/kinesisvideo/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/kms/zz_main.go b/cmd/provider/kms/zz_main.go index 3217892c0d..314f3579bb 100644 --- a/cmd/provider/kms/zz_main.go +++ b/cmd/provider/kms/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/lakeformation/zz_main.go b/cmd/provider/lakeformation/zz_main.go index 9f0cfa379f..8d946068f5 100644 --- a/cmd/provider/lakeformation/zz_main.go +++ b/cmd/provider/lakeformation/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/lambda/zz_main.go b/cmd/provider/lambda/zz_main.go index 4f3661b58b..c88412c30a 100644 --- a/cmd/provider/lambda/zz_main.go +++ b/cmd/provider/lambda/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/lexmodels/zz_main.go b/cmd/provider/lexmodels/zz_main.go index 66ee9e88ca..c0d5156cbd 100644 --- a/cmd/provider/lexmodels/zz_main.go +++ b/cmd/provider/lexmodels/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/licensemanager/zz_main.go b/cmd/provider/licensemanager/zz_main.go index 69baaf8a29..586e4e2981 100644 --- a/cmd/provider/licensemanager/zz_main.go +++ b/cmd/provider/licensemanager/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/lightsail/zz_main.go b/cmd/provider/lightsail/zz_main.go index 9bb517a2cb..74b9660665 100644 --- a/cmd/provider/lightsail/zz_main.go +++ b/cmd/provider/lightsail/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/location/zz_main.go b/cmd/provider/location/zz_main.go index 91cc91e0e9..204c0c6d1a 100644 --- a/cmd/provider/location/zz_main.go +++ b/cmd/provider/location/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/macie2/zz_main.go b/cmd/provider/macie2/zz_main.go index 9e919e317e..61b68cc53a 100644 --- a/cmd/provider/macie2/zz_main.go +++ b/cmd/provider/macie2/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/mediaconvert/zz_main.go b/cmd/provider/mediaconvert/zz_main.go index 320aeea7e2..3f4e435693 100644 --- a/cmd/provider/mediaconvert/zz_main.go +++ b/cmd/provider/mediaconvert/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/medialive/zz_main.go b/cmd/provider/medialive/zz_main.go index 7bc2ac1153..b59d3bd8bf 100644 --- a/cmd/provider/medialive/zz_main.go +++ b/cmd/provider/medialive/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/mediapackage/zz_main.go b/cmd/provider/mediapackage/zz_main.go index 3695cdf6d5..dc6158fe42 100644 --- a/cmd/provider/mediapackage/zz_main.go +++ b/cmd/provider/mediapackage/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/mediastore/zz_main.go b/cmd/provider/mediastore/zz_main.go index 29b19828d8..a12f1a3977 100644 --- a/cmd/provider/mediastore/zz_main.go +++ b/cmd/provider/mediastore/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/memorydb/zz_main.go b/cmd/provider/memorydb/zz_main.go index d9fdcbd9ff..0ce8bf387e 100644 --- a/cmd/provider/memorydb/zz_main.go +++ b/cmd/provider/memorydb/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/monolith/zz_main.go b/cmd/provider/monolith/zz_main.go index b918ae5aa3..b2d95531df 100644 --- a/cmd/provider/monolith/zz_main.go +++ b/cmd/provider/monolith/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/mq/zz_main.go b/cmd/provider/mq/zz_main.go index e0f3a73f46..feec5c81ab 100644 --- a/cmd/provider/mq/zz_main.go +++ b/cmd/provider/mq/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/neptune/zz_main.go b/cmd/provider/neptune/zz_main.go index 88acb4eaaf..6e83dd60c5 100644 --- a/cmd/provider/neptune/zz_main.go +++ b/cmd/provider/neptune/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/networkfirewall/zz_main.go b/cmd/provider/networkfirewall/zz_main.go index 986d94bc1a..3f934a3cf6 100644 --- a/cmd/provider/networkfirewall/zz_main.go +++ b/cmd/provider/networkfirewall/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/networkmanager/zz_main.go b/cmd/provider/networkmanager/zz_main.go index fda2b39ecc..2319e6f314 100644 --- a/cmd/provider/networkmanager/zz_main.go +++ b/cmd/provider/networkmanager/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/opensearch/zz_main.go b/cmd/provider/opensearch/zz_main.go index 2d99b7e88c..04aafb8f37 100644 --- a/cmd/provider/opensearch/zz_main.go +++ b/cmd/provider/opensearch/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/opsworks/zz_main.go b/cmd/provider/opsworks/zz_main.go index db2de86c1f..86ebca17af 100644 --- a/cmd/provider/opsworks/zz_main.go +++ b/cmd/provider/opsworks/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/organizations/zz_main.go b/cmd/provider/organizations/zz_main.go index 7f71815107..b3ee6c0c05 100644 --- a/cmd/provider/organizations/zz_main.go +++ b/cmd/provider/organizations/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/pinpoint/zz_main.go b/cmd/provider/pinpoint/zz_main.go index 7cb62a7faa..960a3904f9 100644 --- a/cmd/provider/pinpoint/zz_main.go +++ b/cmd/provider/pinpoint/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/qldb/zz_main.go b/cmd/provider/qldb/zz_main.go index eb794ee4e6..f1293ce8a0 100644 --- a/cmd/provider/qldb/zz_main.go +++ b/cmd/provider/qldb/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/quicksight/zz_main.go b/cmd/provider/quicksight/zz_main.go index 222d09180b..f4e6ebdad1 100644 --- a/cmd/provider/quicksight/zz_main.go +++ b/cmd/provider/quicksight/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/ram/zz_main.go b/cmd/provider/ram/zz_main.go index bb3c3f2c4b..e9998c185b 100644 --- a/cmd/provider/ram/zz_main.go +++ b/cmd/provider/ram/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/rds/zz_main.go b/cmd/provider/rds/zz_main.go index 9f5faa2afa..adb7f3bd5d 100644 --- a/cmd/provider/rds/zz_main.go +++ b/cmd/provider/rds/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/redshift/zz_main.go b/cmd/provider/redshift/zz_main.go index 10970daa23..55362543df 100644 --- a/cmd/provider/redshift/zz_main.go +++ b/cmd/provider/redshift/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/redshiftserverless/zz_main.go b/cmd/provider/redshiftserverless/zz_main.go index 29edbf52fc..fa1008f105 100644 --- a/cmd/provider/redshiftserverless/zz_main.go +++ b/cmd/provider/redshiftserverless/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/resourcegroups/zz_main.go b/cmd/provider/resourcegroups/zz_main.go index 28fc9288f7..6f74955d7a 100644 --- a/cmd/provider/resourcegroups/zz_main.go +++ b/cmd/provider/resourcegroups/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/rolesanywhere/zz_main.go b/cmd/provider/rolesanywhere/zz_main.go index 1b1044ba11..d8792bf841 100644 --- a/cmd/provider/rolesanywhere/zz_main.go +++ b/cmd/provider/rolesanywhere/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/route53/zz_main.go b/cmd/provider/route53/zz_main.go index 4f70f14712..19647123de 100644 --- a/cmd/provider/route53/zz_main.go +++ b/cmd/provider/route53/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/route53recoverycontrolconfig/zz_main.go b/cmd/provider/route53recoverycontrolconfig/zz_main.go index aa0a36fd43..a8644179dd 100644 --- a/cmd/provider/route53recoverycontrolconfig/zz_main.go +++ b/cmd/provider/route53recoverycontrolconfig/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/route53recoveryreadiness/zz_main.go b/cmd/provider/route53recoveryreadiness/zz_main.go index 258f70575a..944b9a3cae 100644 --- a/cmd/provider/route53recoveryreadiness/zz_main.go +++ b/cmd/provider/route53recoveryreadiness/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/route53resolver/zz_main.go b/cmd/provider/route53resolver/zz_main.go index 1c608ce5c5..83eaf2c5ed 100644 --- a/cmd/provider/route53resolver/zz_main.go +++ b/cmd/provider/route53resolver/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/rum/zz_main.go b/cmd/provider/rum/zz_main.go index 3f18ed4cb6..b04738cba1 100644 --- a/cmd/provider/rum/zz_main.go +++ b/cmd/provider/rum/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/s3/zz_main.go b/cmd/provider/s3/zz_main.go index 1d1eb17c90..c4af1fb6a4 100644 --- a/cmd/provider/s3/zz_main.go +++ b/cmd/provider/s3/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/s3control/zz_main.go b/cmd/provider/s3control/zz_main.go index dc3607ebdf..513ebbd3cb 100644 --- a/cmd/provider/s3control/zz_main.go +++ b/cmd/provider/s3control/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/sagemaker/zz_main.go b/cmd/provider/sagemaker/zz_main.go index ff183065bf..71e19b26c5 100644 --- a/cmd/provider/sagemaker/zz_main.go +++ b/cmd/provider/sagemaker/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/scheduler/zz_main.go b/cmd/provider/scheduler/zz_main.go index fa6aca3862..34d57bb9dc 100644 --- a/cmd/provider/scheduler/zz_main.go +++ b/cmd/provider/scheduler/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/schemas/zz_main.go b/cmd/provider/schemas/zz_main.go index 3284ec9dcc..83598aaf71 100644 --- a/cmd/provider/schemas/zz_main.go +++ b/cmd/provider/schemas/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/secretsmanager/zz_main.go b/cmd/provider/secretsmanager/zz_main.go index 38eed14038..15e83eb171 100644 --- a/cmd/provider/secretsmanager/zz_main.go +++ b/cmd/provider/secretsmanager/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/securityhub/zz_main.go b/cmd/provider/securityhub/zz_main.go index 03c17a9572..f5d32c6b61 100644 --- a/cmd/provider/securityhub/zz_main.go +++ b/cmd/provider/securityhub/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/serverlessrepo/zz_main.go b/cmd/provider/serverlessrepo/zz_main.go index bc5597e6c7..6055e9722d 100644 --- a/cmd/provider/serverlessrepo/zz_main.go +++ b/cmd/provider/serverlessrepo/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/servicecatalog/zz_main.go b/cmd/provider/servicecatalog/zz_main.go index 27ba764009..545f9f321d 100644 --- a/cmd/provider/servicecatalog/zz_main.go +++ b/cmd/provider/servicecatalog/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/servicediscovery/zz_main.go b/cmd/provider/servicediscovery/zz_main.go index 700e47993e..f942c150f0 100644 --- a/cmd/provider/servicediscovery/zz_main.go +++ b/cmd/provider/servicediscovery/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/servicequotas/zz_main.go b/cmd/provider/servicequotas/zz_main.go index 6fb1313f4d..01207d42c3 100644 --- a/cmd/provider/servicequotas/zz_main.go +++ b/cmd/provider/servicequotas/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/ses/zz_main.go b/cmd/provider/ses/zz_main.go index 120f92221e..df7e9cf16e 100644 --- a/cmd/provider/ses/zz_main.go +++ b/cmd/provider/ses/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/sesv2/zz_main.go b/cmd/provider/sesv2/zz_main.go index 957b36c548..92634a9b19 100644 --- a/cmd/provider/sesv2/zz_main.go +++ b/cmd/provider/sesv2/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/sfn/zz_main.go b/cmd/provider/sfn/zz_main.go index 6d68bfb78e..c0657987d0 100644 --- a/cmd/provider/sfn/zz_main.go +++ b/cmd/provider/sfn/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/signer/zz_main.go b/cmd/provider/signer/zz_main.go index e6b3705185..b31134cb3b 100644 --- a/cmd/provider/signer/zz_main.go +++ b/cmd/provider/signer/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/simpledb/zz_main.go b/cmd/provider/simpledb/zz_main.go index f0772f3c79..7d01988f0d 100644 --- a/cmd/provider/simpledb/zz_main.go +++ b/cmd/provider/simpledb/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/sns/zz_main.go b/cmd/provider/sns/zz_main.go index 4ce50d3877..9fbf847cac 100644 --- a/cmd/provider/sns/zz_main.go +++ b/cmd/provider/sns/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/sqs/zz_main.go b/cmd/provider/sqs/zz_main.go index 8187216503..4a9ee6fa4a 100644 --- a/cmd/provider/sqs/zz_main.go +++ b/cmd/provider/sqs/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/ssm/zz_main.go b/cmd/provider/ssm/zz_main.go index 324630b6be..a81abfcb41 100644 --- a/cmd/provider/ssm/zz_main.go +++ b/cmd/provider/ssm/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/ssoadmin/zz_main.go b/cmd/provider/ssoadmin/zz_main.go index be98b604ac..8c852d46c6 100644 --- a/cmd/provider/ssoadmin/zz_main.go +++ b/cmd/provider/ssoadmin/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/swf/zz_main.go b/cmd/provider/swf/zz_main.go index f248cc7443..7eaac39c0b 100644 --- a/cmd/provider/swf/zz_main.go +++ b/cmd/provider/swf/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/timestreamwrite/zz_main.go b/cmd/provider/timestreamwrite/zz_main.go index 82d5020f33..2a0483f5f5 100644 --- a/cmd/provider/timestreamwrite/zz_main.go +++ b/cmd/provider/timestreamwrite/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/transcribe/zz_main.go b/cmd/provider/transcribe/zz_main.go index 33657e81ec..0c922e5eb8 100644 --- a/cmd/provider/transcribe/zz_main.go +++ b/cmd/provider/transcribe/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/transfer/zz_main.go b/cmd/provider/transfer/zz_main.go index cc4293a7ae..7d2234a929 100644 --- a/cmd/provider/transfer/zz_main.go +++ b/cmd/provider/transfer/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/vpc/zz_main.go b/cmd/provider/vpc/zz_main.go index f8694e3512..a11e5a3c85 100644 --- a/cmd/provider/vpc/zz_main.go +++ b/cmd/provider/vpc/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/waf/zz_main.go b/cmd/provider/waf/zz_main.go index 61ab1d8133..2e126c630b 100644 --- a/cmd/provider/waf/zz_main.go +++ b/cmd/provider/waf/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/wafregional/zz_main.go b/cmd/provider/wafregional/zz_main.go index ca0322d65f..9618790583 100644 --- a/cmd/provider/wafregional/zz_main.go +++ b/cmd/provider/wafregional/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/wafv2/zz_main.go b/cmd/provider/wafv2/zz_main.go index cb91b1b606..a178d12d46 100644 --- a/cmd/provider/wafv2/zz_main.go +++ b/cmd/provider/wafv2/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/workspaces/zz_main.go b/cmd/provider/workspaces/zz_main.go index 26fc9becc1..6d708b6275 100644 --- a/cmd/provider/workspaces/zz_main.go +++ b/cmd/provider/workspaces/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/cmd/provider/xray/zz_main.go b/cmd/provider/xray/zz_main.go index b8a4a64079..49d16389bc 100644 --- a/cmd/provider/xray/zz_main.go +++ b/cmd/provider/xray/zz_main.go @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String() diff --git a/examples/ec2/v1beta2/route.yaml b/examples/ec2/v1beta2/route.yaml index 9fc99879f3..4c8e5c90af 100644 --- a/examples/ec2/v1beta2/route.yaml +++ b/examples/ec2/v1beta2/route.yaml @@ -1,6 +1,8 @@ apiVersion: ec2.aws.upbound.io/v1beta2 kind: Route metadata: + annotations: + uptest.upbound.io/disable-import: "true" name: route spec: forProvider: @@ -13,7 +15,7 @@ spec: --- -apiVersion: ec2.aws.upbound.io/v1beta2 +apiVersion: ec2.aws.upbound.io/v1beta1 kind: RouteTable metadata: name: table diff --git a/hack/main.go.tmpl b/hack/main.go.tmpl index 03b09c92c2..c4942ed041 100644 --- a/hack/main.go.tmpl +++ b/hack/main.go.tmpl @@ -68,7 +68,9 @@ func main() { enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() certsDirSet = false - certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { + // we record whether the command-line option "--certs-dir" was supplied + // in the registered PreAction for the flag. + certsDir = app.Flag("certs-dir", "The directory that contains the server key and certificate.").Default(tlsServerCertDir).Envar(certsDirEnvVar).PreAction(func(_ *kingpin.ParseContext) error { certsDirSet = true return nil }).String()