2 files changed, 523 insertions, 0 deletions
diff --git a/vendor/github.com/hashicorp/terraform/svchost/disco/disco.go b/vendor/github.com/hashicorp/terraform/svchost/disco/disco.go
new file mode 100644
index 0000000..1963cbd
--- /dev/null
+++ b/vendor/github.com/hashicorp/terraform/svchost/disco/disco.go
@@ -0,0 +1,259 @@
+// Package disco handles Terraform's remote service discovery protocol.
+//
+// This protocol allows mapping from a service hostname, as produced by the
+// svchost package, to a set of services supported by that host and the
+// endpoint information for each supported service.
+package disco
+import (
+        "encoding/json"
+        "errors"
+        "fmt"
+        "io"
+        "io/ioutil"
+        "log"
+        "mime"
+        "net/http"
+        "net/url"
+        "time"
+        cleanhttp "github.com/hashicorp/go-cleanhttp"
+        "github.com/hashicorp/terraform/httpclient"
+        "github.com/hashicorp/terraform/svchost"
+        "github.com/hashicorp/terraform/svchost/auth"
+)
+const (
+        // Fixed path to the discovery manifest.
+        discoPath = "/.well-known/terraform.json"
+        // Arbitrary-but-small number to prevent runaway redirect loops.
+        maxRedirects = 3
+        // Arbitrary-but-small time limit to prevent UI "hangs" during discovery.
+        discoTimeout = 11 * time.Second
+        // 1MB - to prevent abusive services from using loads of our memory.
+        maxDiscoDocBytes = 1 * 1024 * 1024
+)
+// httpTransport is overridden during tests, to skip TLS verification.
+var httpTransport = cleanhttp.DefaultPooledTransport()
+// Disco is the main type in this package, which allows discovery on given
+// hostnames and caches the results by hostname to avoid repeated requests
+// for the same information.
+type Disco struct {
+        hostCache map[svchost.Hostname]*Host
+        credsSrc  auth.CredentialsSource
+        // Transport is a custom http.RoundTripper to use.
+        Transport http.RoundTripper
+}
+// New returns a new initialized discovery object.
+func New() *Disco {
+        return NewWithCredentialsSource(nil)
+}
+// NewWithCredentialsSource returns a new discovery object initialized with
+// the given credentials source.
+func NewWithCredentialsSource(credsSrc auth.CredentialsSource) *Disco {
+        return &Disco{
+                hostCache: make(map[svchost.Hostname]*Host),
+                credsSrc:  credsSrc,
+                Transport: httpTransport,
+        }
+}
+// SetCredentialsSource provides a credentials source that will be used to
+// add credentials to outgoing discovery requests, where available.
+//
+// If this method is never called, no outgoing discovery requests will have
+// credentials.
+func (d *Disco) SetCredentialsSource(src auth.CredentialsSource) {
+        d.credsSrc = src
+}
+// CredentialsForHost returns a non-nil HostCredentials if the embedded source has
+// credentials available for the host, and a nil HostCredentials if it does not.
+func (d *Disco) CredentialsForHost(hostname svchost.Hostname) (auth.HostCredentials, error) {
+        if d.credsSrc == nil {
+                return nil, nil
+        }
+        return d.credsSrc.ForHost(hostname)
+}
+// ForceHostServices provides a pre-defined set of services for a given
+// host, which prevents the receiver from attempting network-based discovery
+// for the given host. Instead, the given services map will be returned
+// verbatim.
+//
+// When providing "forced" services, any relative URLs are resolved against
+// the initial discovery URL that would have been used for network-based
+// discovery, yielding the same results as if the given map were published
+// at the host's default discovery URL, though using absolute URLs is strongly
+// recommended to make the configured behavior more explicit.
+func (d *Disco) ForceHostServices(hostname svchost.Hostname, services map[string]interface{}) {
+        if services == nil {
+                services = map[string]interface{}{}
+        }
+        d.hostCache[hostname] = &Host{
+                discoURL: &url.URL{
+                        Scheme: "https",
+                        Host:   string(hostname),
+                        Path:   discoPath,
+                },
+                hostname:  hostname.ForDisplay(),
+                services:  services,
+                transport: d.Transport,
+        }
+}
+// Discover runs the discovery protocol against the given hostname (which must
+// already have been validated and prepared with svchost.ForComparison) and
+// returns an object describing the services available at that host.
+//
+// If a given hostname supports no Terraform services at all, a non-nil but
+// empty Host object is returned. When giving feedback to the end user about
+// such situations, we say "host <name> does not provide a <service> service",
+// regardless of whether that is due to that service specifically being absent
+// or due to the host not providing Terraform services at all, since we don't
+// wish to expose the detail of whole-host discovery to an end-user.
+func (d *Disco) Discover(hostname svchost.Hostname) (*Host, error) {
+        if host, cached := d.hostCache[hostname]; cached {
+                return host, nil
+        }
+        host, err := d.discover(hostname)
+        if err != nil {
+                return nil, err
+        }
+        d.hostCache[hostname] = host
+        return host, nil
+}
+// DiscoverServiceURL is a convenience wrapper for discovery on a given
+// hostname and then looking up a particular service in the result.
+func (d *Disco) DiscoverServiceURL(hostname svchost.Hostname, serviceID string) (*url.URL, error) {
+        host, err := d.Discover(hostname)
+        if err != nil {
+                return nil, err
+        }
+        return host.ServiceURL(serviceID)
+}
+// discover implements the actual discovery process, with its result cached
+// by the public-facing Discover method.
+func (d *Disco) discover(hostname svchost.Hostname) (*Host, error) {
+        discoURL := &url.URL{
+                Scheme: "https",
+                Host:   hostname.String(),
+                Path:   discoPath,
+        }
+        client := &http.Client{
+                Transport: d.Transport,
+                Timeout:   discoTimeout,
+                CheckRedirect: func(req *http.Request, via []*http.Request) error {
+                        log.Printf("[DEBUG] Service discovery redirected to %s", req.URL)
+                        if len(via) > maxRedirects {
+                                return errors.New("too many redirects") // this error will never actually be seen
+                        }
+                        return nil
+                },
+        }
+        req := &http.Request{
+                Header: make(http.Header),
+                Method: "GET",
+                URL:    discoURL,
+        }
+        req.Header.Set("Accept", "application/json")
+        req.Header.Set("User-Agent", httpclient.UserAgentString())
+        creds, err := d.CredentialsForHost(hostname)
+        if err != nil {
+                log.Printf("[WARN] Failed to get credentials for %s: %s (ignoring)", hostname, err)
+        }
+        if creds != nil {
+                // Update the request to include credentials.
+                creds.PrepareRequest(req)
+        }
+        log.Printf("[DEBUG] Service discovery for %s at %s", hostname, discoURL)
+        resp, err := client.Do(req)
+        if err != nil {
+                return nil, fmt.Errorf("Failed to request discovery document: %v", err)
+        }
+        defer resp.Body.Close()
+        host := &Host{
+                // Use the discovery URL from resp.Request in
+                // case the client followed any redirects.
+                discoURL:  resp.Request.URL,
+                hostname:  hostname.ForDisplay(),
+                transport: d.Transport,
+        }
+        // Return the host without any services.
+        if resp.StatusCode == 404 {
+                return host, nil
+        }
+        if resp.StatusCode != 200 {
+                return nil, fmt.Errorf("Failed to request discovery document: %s", resp.Status)
+        }
+        contentType := resp.Header.Get("Content-Type")
+        mediaType, _, err := mime.ParseMediaType(contentType)
+        if err != nil {
+                return nil, fmt.Errorf("Discovery URL has a malformed Content-Type %q", contentType)
+        }
+        if mediaType != "application/json" {
+                return nil, fmt.Errorf("Discovery URL returned an unsupported Content-Type %q", mediaType)
+        }
+        // This doesn't catch chunked encoding, because ContentLength is -1 in that case.
+        if resp.ContentLength > maxDiscoDocBytes {
+                // Size limit here is not a contractual requirement and so we may
+                // adjust it over time if we find a different limit is warranted.
+                return nil, fmt.Errorf(
+                        "Discovery doc response is too large (got %d bytes; limit %d)",
+                        resp.ContentLength, maxDiscoDocBytes,
+                )
+        }
+        // If the response is using chunked encoding then we can't predict its
+        // size, but we'll at least prevent reading the entire thing into memory.
+        lr := io.LimitReader(resp.Body, maxDiscoDocBytes)
+        servicesBytes, err := ioutil.ReadAll(lr)
+        if err != nil {
+                return nil, fmt.Errorf("Error reading discovery document body: %v", err)
+        }
+        var services map[string]interface{}
+        err = json.Unmarshal(servicesBytes, &services)
+        if err != nil {
+                return nil, fmt.Errorf("Failed to decode discovery document as a JSON object: %v", err)
+        }
+        host.services = services
+        return host, nil
+}
+// Forget invalidates any cached record of the given hostname. If the host
+// has no cache entry then this is a no-op.
+func (d *Disco) Forget(hostname svchost.Hostname) {
+        delete(d.hostCache, hostname)
+}
+// ForgetAll is like Forget, but for all of the hostnames that have cache entries.
+func (d *Disco) ForgetAll() {
+        d.hostCache = make(map[svchost.Hostname]*Host)
+}
diff --git a/vendor/github.com/hashicorp/terraform/svchost/disco/host.go b/vendor/github.com/hashicorp/terraform/svchost/disco/host.go
new file mode 100644
index 0000000..ab9514c
--- /dev/null
+++ b/vendor/github.com/hashicorp/terraform/svchost/disco/host.go
@@ -0,0 +1,264 @@
+package disco
+import (
+        "encoding/json"
+        "fmt"
+        "log"
+        "net/http"
+        "net/url"
+        "os"
+        "strconv"
+        "strings"
+        "time"
+        "github.com/hashicorp/go-version"
+        "github.com/hashicorp/terraform/httpclient"
+)
+const versionServiceID = "versions.v1"
+// Host represents a service discovered host.
+type Host struct {
+        discoURL  *url.URL
+        hostname  string
+        services  map[string]interface{}
+        transport http.RoundTripper
+}
+// Constraints represents the version constraints of a service.
+type Constraints struct {
+        Service   string   `json:"service"`
+        Product   string   `json:"product"`
+        Minimum   string   `json:"minimum"`
+        Maximum   string   `json:"maximum"`
+        Excluding []string `json:"excluding"`
+}
+// ErrServiceNotProvided is returned when the service is not provided.
+type ErrServiceNotProvided struct {
+        hostname string
+        service  string
+}
+// Error returns a customized error message.
+func (e *ErrServiceNotProvided) Error() string {
+        if e.hostname == "" {
+                return fmt.Sprintf("host does not provide a %s service", e.service)
+        }
+        return fmt.Sprintf("host %s does not provide a %s service", e.hostname, e.service)
+}
+// ErrVersionNotSupported is returned when the version is not supported.
+type ErrVersionNotSupported struct {
+        hostname string
+        service  string
+        version  string
+}
+// Error returns a customized error message.
+func (e *ErrVersionNotSupported) Error() string {
+        if e.hostname == "" {
+                return fmt.Sprintf("host does not support %s version %s", e.service, e.version)
+        }
+        return fmt.Sprintf("host %s does not support %s version %s", e.hostname, e.service, e.version)
+}
+// ErrNoVersionConstraints is returned when checkpoint was disabled
+// or the endpoint to query for version constraints was unavailable.
+type ErrNoVersionConstraints struct {
+        disabled bool
+}
+// Error returns a customized error message.
+func (e *ErrNoVersionConstraints) Error() string {
+        if e.disabled {
+                return "checkpoint disabled"
+        }
+        return "unable to contact versions service"
+}
+// ServiceURL returns the URL associated with the given service identifier,
+// which should be of the form "servicename.vN".
+//
+// A non-nil result is always an absolute URL with a scheme of either HTTPS
+// or HTTP.
+func (h *Host) ServiceURL(id string) (*url.URL, error) {
+        svc, ver, err := parseServiceID(id)
+        if err != nil {
+                return nil, err
+        }
+        // No services supported for an empty Host.
+        if h == nil || h.services == nil {
+                return nil, &ErrServiceNotProvided{service: svc}
+        }
+        urlStr, ok := h.services[id].(string)
+        if !ok {
+                // See if we have a matching service as that would indicate
+                // the service is supported, but not the requested version.
+                for serviceID := range h.services {
+                        if strings.HasPrefix(serviceID, svc+".") {
+                                return nil, &ErrVersionNotSupported{
+                                        hostname: h.hostname,
+                                        service:  svc,
+                                        version:  ver.Original(),
+                                }
+                        }
+                }
+                // No discovered services match the requested service.
+                return nil, &ErrServiceNotProvided{hostname: h.hostname, service: svc}
+        }
+        u, err := url.Parse(urlStr)
+        if err != nil {
+                return nil, fmt.Errorf("Failed to parse service URL: %v", err)
+        }
+        // Make relative URLs absolute using our discovery URL.
+        if !u.IsAbs() {
+                u = h.discoURL.ResolveReference(u)
+        }
+        if u.Scheme != "https" && u.Scheme != "http" {
+                return nil, fmt.Errorf("Service URL is using an unsupported scheme: %s", u.Scheme)
+        }
+        if u.User != nil {
+                return nil, fmt.Errorf("Embedded username/password information is not permitted")
+        }
+        // Fragment part is irrelevant, since we're not a browser.
+        u.Fragment = ""
+        return h.discoURL.ResolveReference(u), nil
+}
+// VersionConstraints returns the contraints for a given service identifier
+// (which should be of the form "servicename.vN") and product.
+//
+// When an exact (service and version) match is found, the constraints for
+// that service are returned.
+//
+// When the requested version is not provided but the service is, we will
+// search for all alternative versions. If mutliple alternative versions
+// are found, the contrains of the latest available version are returned.
+//
+// When a service is not provided at all an error will be returned instead.
+//
+// When checkpoint is disabled or when a 404 is returned after making the
+// HTTP call, an ErrNoVersionConstraints error will be returned.
+func (h *Host) VersionConstraints(id, product string) (*Constraints, error) {
+        svc, _, err := parseServiceID(id)
+        if err != nil {
+                return nil, err
+        }
+        // Return early if checkpoint is disabled.
+        if disabled := os.Getenv("CHECKPOINT_DISABLE"); disabled != "" {
+                return nil, &ErrNoVersionConstraints{disabled: true}
+        }
+        // No services supported for an empty Host.
+        if h == nil || h.services == nil {
+                return nil, &ErrServiceNotProvided{service: svc}
+        }
+        // Try to get the service URL for the version service and
+        // return early if the service isn't provided by the host.
+        u, err := h.ServiceURL(versionServiceID)
+        if err != nil {
+                return nil, err
+        }
+        // Check if we have an exact (service and version) match.
+        if _, ok := h.services[id].(string); !ok {
+                // If we don't have an exact match, we search for all matching
+                // services and then use the service ID of the latest version.
+                var services []string
+                for serviceID := range h.services {
+                        if strings.HasPrefix(serviceID, svc+".") {
+                                services = append(services, serviceID)
+                        }
+                }
+                if len(services) == 0 {
+                        // No discovered services match the requested service.
+                        return nil, &ErrServiceNotProvided{hostname: h.hostname, service: svc}
+                }
+                // Set id to the latest service ID we found.
+                var latest *version.Version
+                for _, serviceID := range services {
+                        if _, ver, err := parseServiceID(serviceID); err == nil {
+                                if latest == nil || latest.LessThan(ver) {
+                                        id = serviceID
+                                        latest = ver
+                                }
+                        }
+                }
+        }
+        // Set a default timeout of 1 sec for the versions request (in milliseconds)
+        timeout := 1000
+        if v, err := strconv.Atoi(os.Getenv("CHECKPOINT_TIMEOUT")); err == nil {
+                timeout = v
+        }
+        client := &http.Client{
+                Transport: h.transport,
+                Timeout:   time.Duration(timeout) * time.Millisecond,
+        }
+        // Prepare the service URL by setting the service and product.
+        v := u.Query()
+        v.Set("product", product)
+        u.Path += id
+        u.RawQuery = v.Encode()
+        // Create a new request.
+        req, err := http.NewRequest("GET", u.String(), nil)
+        if err != nil {
+                return nil, fmt.Errorf("Failed to create version constraints request: %v", err)
+        }
+        req.Header.Set("Accept", "application/json")
+        req.Header.Set("User-Agent", httpclient.UserAgentString())
+        log.Printf("[DEBUG] Retrieve version constraints for service %s and product %s", id, product)
+        resp, err := client.Do(req)
+        if err != nil {
+                return nil, fmt.Errorf("Failed to request version constraints: %v", err)
+        }
+        defer resp.Body.Close()
+        if resp.StatusCode == 404 {
+                return nil, &ErrNoVersionConstraints{disabled: false}
+        }
+        if resp.StatusCode != 200 {
+                return nil, fmt.Errorf("Failed to request version constraints: %s", resp.Status)
+        }
+        // Parse the constraints from the response body.
+        result := &Constraints{}
+        if err := json.NewDecoder(resp.Body).Decode(result); err != nil {
+                return nil, fmt.Errorf("Error parsing version constraints: %v", err)
+        }
+        return result, nil
+}
+func parseServiceID(id string) (string, *version.Version, error) {
+        parts := strings.SplitN(id, ".", 2)
+        if len(parts) != 2 {
+                return "", nil, fmt.Errorf("Invalid service ID format (i.e. service.vN): %s", id)
+        }
+        version, err := version.NewVersion(parts[1])
+        if err != nil {
+                return "", nil, fmt.Errorf("Invalid service version: %v", err)
+        }
+        return parts[0], version, nil
+}

diff --git a/vendor/github.com/hashicorp/terraform/svchost/disco/disco.go b/vendor/github.com/hashicorp/terraform/svchost/disco/disco.go new file mode 100644 index 0000000..1963cbd --- /dev/null +++ b/vendor/github.com/hashicorp/terraform/svchost/disco/disco.go
@@ -0,0 +1,259 @@
	1	// Package disco handles Terraform's remote service discovery protocol.
	2	//
	3	// This protocol allows mapping from a service hostname, as produced by the
	4	// svchost package, to a set of services supported by that host and the
	5	// endpoint information for each supported service.
	6	package disco
	7
	8	import (
	9	"encoding/json"
	10	"errors"
	11	"fmt"
	12	"io"
	13	"io/ioutil"
	14	"log"
	15	"mime"
	16	"net/http"
	17	"net/url"
	18	"time"
	19
	20	cleanhttp "github.com/hashicorp/go-cleanhttp"
	21	"github.com/hashicorp/terraform/httpclient"
	22	"github.com/hashicorp/terraform/svchost"
	23	"github.com/hashicorp/terraform/svchost/auth"
	24	)
	25
	26	const (
	27	// Fixed path to the discovery manifest.
	28	discoPath = "/.well-known/terraform.json"
	29
	30	// Arbitrary-but-small number to prevent runaway redirect loops.
	31	maxRedirects = 3
	32
	33	// Arbitrary-but-small time limit to prevent UI "hangs" during discovery.
	34	discoTimeout = 11 * time.Second
	35
	36	// 1MB - to prevent abusive services from using loads of our memory.
	37	maxDiscoDocBytes = 1 * 1024 * 1024
	38	)
	39
	40	// httpTransport is overridden during tests, to skip TLS verification.
	41	var httpTransport = cleanhttp.DefaultPooledTransport()
	42
	43	// Disco is the main type in this package, which allows discovery on given
	44	// hostnames and caches the results by hostname to avoid repeated requests
	45	// for the same information.
	46	type Disco struct {
	47	hostCache map[svchost.Hostname]*Host
	48	credsSrc auth.CredentialsSource
	49
	50	// Transport is a custom http.RoundTripper to use.
	51	Transport http.RoundTripper
	52	}
	53
	54	// New returns a new initialized discovery object.
	55	func New() *Disco {
	56	return NewWithCredentialsSource(nil)
	57	}
	58
	59	// NewWithCredentialsSource returns a new discovery object initialized with
	60	// the given credentials source.
	61	func NewWithCredentialsSource(credsSrc auth.CredentialsSource) *Disco {
	62	return &Disco{
	63	hostCache: make(map[svchost.Hostname]*Host),
	64	credsSrc: credsSrc,
	65	Transport: httpTransport,
	66	}
	67	}
	68
	69	// SetCredentialsSource provides a credentials source that will be used to
	70	// add credentials to outgoing discovery requests, where available.
	71	//
	72	// If this method is never called, no outgoing discovery requests will have
	73	// credentials.
	74	func (d *Disco) SetCredentialsSource(src auth.CredentialsSource) {
	75	d.credsSrc = src
	76	}
	77
	78	// CredentialsForHost returns a non-nil HostCredentials if the embedded source has
	79	// credentials available for the host, and a nil HostCredentials if it does not.
	80	func (d *Disco) CredentialsForHost(hostname svchost.Hostname) (auth.HostCredentials, error) {
	81	if d.credsSrc == nil {
	82	return nil, nil
	83	}
	84	return d.credsSrc.ForHost(hostname)
	85	}
	86
	87	// ForceHostServices provides a pre-defined set of services for a given
	88	// host, which prevents the receiver from attempting network-based discovery
	89	// for the given host. Instead, the given services map will be returned
	90	// verbatim.
	91	//
	92	// When providing "forced" services, any relative URLs are resolved against
	93	// the initial discovery URL that would have been used for network-based
	94	// discovery, yielding the same results as if the given map were published
	95	// at the host's default discovery URL, though using absolute URLs is strongly
	96	// recommended to make the configured behavior more explicit.
	97	func (d *Disco) ForceHostServices(hostname svchost.Hostname, services map[string]interface{}) {
	98	if services == nil {
	99	services = map[string]interface{}{}
	100	}
	101
	102	d.hostCache[hostname] = &Host{
	103	discoURL: &url.URL{
	104	Scheme: "https",
	105	Host: string(hostname),
	106	Path: discoPath,
	107	},
	108	hostname: hostname.ForDisplay(),
	109	services: services,
	110	transport: d.Transport,
	111	}
	112	}
	113
	114	// Discover runs the discovery protocol against the given hostname (which must
	115	// already have been validated and prepared with svchost.ForComparison) and
	116	// returns an object describing the services available at that host.
	117	//
	118	// If a given hostname supports no Terraform services at all, a non-nil but
	119	// empty Host object is returned. When giving feedback to the end user about
	120	// such situations, we say "host <name> does not provide a <service> service",
	121	// regardless of whether that is due to that service specifically being absent
	122	// or due to the host not providing Terraform services at all, since we don't
	123	// wish to expose the detail of whole-host discovery to an end-user.
	124	func (d Disco) Discover(hostname svchost.Hostname) (Host, error) {
	125	if host, cached := d.hostCache[hostname]; cached {
	126	return host, nil
	127	}
	128
	129	host, err := d.discover(hostname)
	130	if err != nil {
	131	return nil, err
	132	}
	133	d.hostCache[hostname] = host
	134
	135	return host, nil
	136	}
	137
	138	// DiscoverServiceURL is a convenience wrapper for discovery on a given
	139	// hostname and then looking up a particular service in the result.
	140	func (d Disco) DiscoverServiceURL(hostname svchost.Hostname, serviceID string) (url.URL, error) {
	141	host, err := d.Discover(hostname)
	142	if err != nil {
	143	return nil, err
	144	}
	145	return host.ServiceURL(serviceID)
	146	}
	147
	148	// discover implements the actual discovery process, with its result cached
	149	// by the public-facing Discover method.
	150	func (d Disco) discover(hostname svchost.Hostname) (Host, error) {
	151	discoURL := &url.URL{
	152	Scheme: "https",
	153	Host: hostname.String(),
	154	Path: discoPath,
	155	}
	156
	157	client := &http.Client{
	158	Transport: d.Transport,
	159	Timeout: discoTimeout,
	160
	161	CheckRedirect: func(req http.Request, via []http.Request) error {
	162	log.Printf("[DEBUG] Service discovery redirected to %s", req.URL)
	163	if len(via) > maxRedirects {
	164	return errors.New("too many redirects") // this error will never actually be seen
	165	}
	166	return nil
	167	},
	168	}
	169
	170	req := &http.Request{
	171	Header: make(http.Header),
	172	Method: "GET",
	173	URL: discoURL,
	174	}
	175	req.Header.Set("Accept", "application/json")
	176	req.Header.Set("User-Agent", httpclient.UserAgentString())
	177
	178	creds, err := d.CredentialsForHost(hostname)
	179	if err != nil {
	180	log.Printf("[WARN] Failed to get credentials for %s: %s (ignoring)", hostname, err)
	181	}
	182	if creds != nil {
	183	// Update the request to include credentials.
	184	creds.PrepareRequest(req)
	185	}
	186
	187	log.Printf("[DEBUG] Service discovery for %s at %s", hostname, discoURL)
	188
	189	resp, err := client.Do(req)
	190	if err != nil {
	191	return nil, fmt.Errorf("Failed to request discovery document: %v", err)
	192	}
	193	defer resp.Body.Close()
	194
	195	host := &Host{
	196	// Use the discovery URL from resp.Request in
	197	// case the client followed any redirects.
	198	discoURL: resp.Request.URL,
	199	hostname: hostname.ForDisplay(),
	200	transport: d.Transport,
	201	}
	202
	203	// Return the host without any services.
	204	if resp.StatusCode == 404 {
	205	return host, nil
	206	}
	207
	208	if resp.StatusCode != 200 {
	209	return nil, fmt.Errorf("Failed to request discovery document: %s", resp.Status)
	210	}
	211
	212	contentType := resp.Header.Get("Content-Type")
	213	mediaType, _, err := mime.ParseMediaType(contentType)
	214	if err != nil {
	215	return nil, fmt.Errorf("Discovery URL has a malformed Content-Type %q", contentType)
	216	}
	217	if mediaType != "application/json" {
	218	return nil, fmt.Errorf("Discovery URL returned an unsupported Content-Type %q", mediaType)
	219	}
	220
	221	// This doesn't catch chunked encoding, because ContentLength is -1 in that case.
	222	if resp.ContentLength > maxDiscoDocBytes {
	223	// Size limit here is not a contractual requirement and so we may
	224	// adjust it over time if we find a different limit is warranted.
	225	return nil, fmt.Errorf(
	226	"Discovery doc response is too large (got %d bytes; limit %d)",
	227	resp.ContentLength, maxDiscoDocBytes,
	228	)
	229	}
	230
	231	// If the response is using chunked encoding then we can't predict its
	232	// size, but we'll at least prevent reading the entire thing into memory.
	233	lr := io.LimitReader(resp.Body, maxDiscoDocBytes)
	234
	235	servicesBytes, err := ioutil.ReadAll(lr)
	236	if err != nil {
	237	return nil, fmt.Errorf("Error reading discovery document body: %v", err)
	238	}
	239
	240	var services map[string]interface{}
	241	err = json.Unmarshal(servicesBytes, &services)
	242	if err != nil {
	243	return nil, fmt.Errorf("Failed to decode discovery document as a JSON object: %v", err)
	244	}
	245	host.services = services
	246
	247	return host, nil
	248	}
	249
	250	// Forget invalidates any cached record of the given hostname. If the host
	251	// has no cache entry then this is a no-op.
	252	func (d *Disco) Forget(hostname svchost.Hostname) {
	253	delete(d.hostCache, hostname)
	254	}
	255
	256	// ForgetAll is like Forget, but for all of the hostnames that have cache entries.
	257	func (d *Disco) ForgetAll() {
	258	d.hostCache = make(map[svchost.Hostname]*Host)
	259	}


diff --git a/vendor/github.com/hashicorp/terraform/svchost/disco/host.go b/vendor/github.com/hashicorp/terraform/svchost/disco/host.go new file mode 100644 index 0000000..ab9514c --- /dev/null +++ b/vendor/github.com/hashicorp/terraform/svchost/disco/host.go
@@ -0,0 +1,264 @@
	1	package disco
	2
	3	import (
	4	"encoding/json"
	5	"fmt"
	6	"log"
	7	"net/http"
	8	"net/url"
	9	"os"
	10	"strconv"
	11	"strings"
	12	"time"
	13
	14	"github.com/hashicorp/go-version"
	15	"github.com/hashicorp/terraform/httpclient"
	16	)
	17
	18	const versionServiceID = "versions.v1"
	19
	20	// Host represents a service discovered host.
	21	type Host struct {
	22	discoURL *url.URL
	23	hostname string
	24	services map[string]interface{}
	25	transport http.RoundTripper
	26	}
	27
	28	// Constraints represents the version constraints of a service.
	29	type Constraints struct {
	30	Service string `json:"service"`
	31	Product string `json:"product"`
	32	Minimum string `json:"minimum"`
	33	Maximum string `json:"maximum"`
	34	Excluding []string `json:"excluding"`
	35	}
	36
	37	// ErrServiceNotProvided is returned when the service is not provided.
	38	type ErrServiceNotProvided struct {
	39	hostname string
	40	service string
	41	}
	42
	43	// Error returns a customized error message.
	44	func (e *ErrServiceNotProvided) Error() string {
	45	if e.hostname == "" {
	46	return fmt.Sprintf("host does not provide a %s service", e.service)
	47	}
	48	return fmt.Sprintf("host %s does not provide a %s service", e.hostname, e.service)
	49	}
	50
	51	// ErrVersionNotSupported is returned when the version is not supported.
	52	type ErrVersionNotSupported struct {
	53	hostname string
	54	service string
	55	version string
	56	}
	57
	58	// Error returns a customized error message.
	59	func (e *ErrVersionNotSupported) Error() string {
	60	if e.hostname == "" {
	61	return fmt.Sprintf("host does not support %s version %s", e.service, e.version)
	62	}
	63	return fmt.Sprintf("host %s does not support %s version %s", e.hostname, e.service, e.version)
	64	}
	65
	66	// ErrNoVersionConstraints is returned when checkpoint was disabled
	67	// or the endpoint to query for version constraints was unavailable.
	68	type ErrNoVersionConstraints struct {
	69	disabled bool
	70	}
	71
	72	// Error returns a customized error message.
	73	func (e *ErrNoVersionConstraints) Error() string {
	74	if e.disabled {
	75	return "checkpoint disabled"
	76	}
	77	return "unable to contact versions service"
	78	}
	79
	80	// ServiceURL returns the URL associated with the given service identifier,
	81	// which should be of the form "servicename.vN".
	82	//
	83	// A non-nil result is always an absolute URL with a scheme of either HTTPS
	84	// or HTTP.
	85	func (h Host) ServiceURL(id string) (url.URL, error) {
	86	svc, ver, err := parseServiceID(id)
	87	if err != nil {
	88	return nil, err
	89	}
	90
	91	// No services supported for an empty Host.
	92	if h == nil \|\| h.services == nil {
	93	return nil, &ErrServiceNotProvided{service: svc}
	94	}
	95
	96	urlStr, ok := h.services[id].(string)
	97	if !ok {
	98	// See if we have a matching service as that would indicate
	99	// the service is supported, but not the requested version.
	100	for serviceID := range h.services {
	101	if strings.HasPrefix(serviceID, svc+".") {
	102	return nil, &ErrVersionNotSupported{
	103	hostname: h.hostname,
	104	service: svc,
	105	version: ver.Original(),
	106	}
	107	}
	108	}
	109
	110	// No discovered services match the requested service.
	111	return nil, &ErrServiceNotProvided{hostname: h.hostname, service: svc}
	112	}
	113
	114	u, err := url.Parse(urlStr)
	115	if err != nil {
	116	return nil, fmt.Errorf("Failed to parse service URL: %v", err)
	117	}
	118
	119	// Make relative URLs absolute using our discovery URL.
	120	if !u.IsAbs() {
	121	u = h.discoURL.ResolveReference(u)
	122	}
	123
	124	if u.Scheme != "https" && u.Scheme != "http" {
	125	return nil, fmt.Errorf("Service URL is using an unsupported scheme: %s", u.Scheme)
	126	}
	127	if u.User != nil {
	128	return nil, fmt.Errorf("Embedded username/password information is not permitted")
	129	}
	130
	131	// Fragment part is irrelevant, since we're not a browser.
	132	u.Fragment = ""
	133
	134	return h.discoURL.ResolveReference(u), nil
	135	}
	136
	137	// VersionConstraints returns the contraints for a given service identifier
	138	// (which should be of the form "servicename.vN") and product.
	139	//
	140	// When an exact (service and version) match is found, the constraints for
	141	// that service are returned.
	142	//
	143	// When the requested version is not provided but the service is, we will
	144	// search for all alternative versions. If mutliple alternative versions
	145	// are found, the contrains of the latest available version are returned.
	146	//
	147	// When a service is not provided at all an error will be returned instead.
	148	//
	149	// When checkpoint is disabled or when a 404 is returned after making the
	150	// HTTP call, an ErrNoVersionConstraints error will be returned.
	151	func (h Host) VersionConstraints(id, product string) (Constraints, error) {
	152	svc, _, err := parseServiceID(id)
	153	if err != nil {
	154	return nil, err
	155	}
	156
	157	// Return early if checkpoint is disabled.
	158	if disabled := os.Getenv("CHECKPOINT_DISABLE"); disabled != "" {
	159	return nil, &ErrNoVersionConstraints{disabled: true}
	160	}
	161
	162	// No services supported for an empty Host.
	163	if h == nil \|\| h.services == nil {
	164	return nil, &ErrServiceNotProvided{service: svc}
	165	}
	166
	167	// Try to get the service URL for the version service and
	168	// return early if the service isn't provided by the host.
	169	u, err := h.ServiceURL(versionServiceID)
	170	if err != nil {
	171	return nil, err
	172	}
	173
	174	// Check if we have an exact (service and version) match.
	175	if _, ok := h.services[id].(string); !ok {
	176	// If we don't have an exact match, we search for all matching
	177	// services and then use the service ID of the latest version.
	178	var services []string
	179	for serviceID := range h.services {
	180	if strings.HasPrefix(serviceID, svc+".") {
	181	services = append(services, serviceID)
	182	}
	183	}
	184
	185	if len(services) == 0 {
	186	// No discovered services match the requested service.
	187	return nil, &ErrServiceNotProvided{hostname: h.hostname, service: svc}
	188	}
	189
	190	// Set id to the latest service ID we found.
	191	var latest *version.Version
	192	for _, serviceID := range services {
	193	if _, ver, err := parseServiceID(serviceID); err == nil {
	194	if latest == nil \|\| latest.LessThan(ver) {
	195	id = serviceID
	196	latest = ver
	197	}
	198	}
	199	}
	200	}
	201
	202	// Set a default timeout of 1 sec for the versions request (in milliseconds)
	203	timeout := 1000
	204	if v, err := strconv.Atoi(os.Getenv("CHECKPOINT_TIMEOUT")); err == nil {
	205	timeout = v
	206	}
	207
	208	client := &http.Client{
	209	Transport: h.transport,
	210	Timeout: time.Duration(timeout) * time.Millisecond,
	211	}
	212
	213	// Prepare the service URL by setting the service and product.
	214	v := u.Query()
	215	v.Set("product", product)
	216	u.Path += id
	217	u.RawQuery = v.Encode()
	218
	219	// Create a new request.
	220	req, err := http.NewRequest("GET", u.String(), nil)
	221	if err != nil {
	222	return nil, fmt.Errorf("Failed to create version constraints request: %v", err)
	223	}
	224	req.Header.Set("Accept", "application/json")
	225	req.Header.Set("User-Agent", httpclient.UserAgentString())
	226
	227	log.Printf("[DEBUG] Retrieve version constraints for service %s and product %s", id, product)
	228
	229	resp, err := client.Do(req)
	230	if err != nil {
	231	return nil, fmt.Errorf("Failed to request version constraints: %v", err)
	232	}
	233	defer resp.Body.Close()
	234
	235	if resp.StatusCode == 404 {
	236	return nil, &ErrNoVersionConstraints{disabled: false}
	237	}
	238
	239	if resp.StatusCode != 200 {
	240	return nil, fmt.Errorf("Failed to request version constraints: %s", resp.Status)
	241	}
	242
	243	// Parse the constraints from the response body.
	244	result := &Constraints{}
	245	if err := json.NewDecoder(resp.Body).Decode(result); err != nil {
	246	return nil, fmt.Errorf("Error parsing version constraints: %v", err)
	247	}
	248
	249	return result, nil
	250	}
	251
	252	func parseServiceID(id string) (string, *version.Version, error) {
	253	parts := strings.SplitN(id, ".", 2)
	254	if len(parts) != 2 {
	255	return "", nil, fmt.Errorf("Invalid service ID format (i.e. service.vN): %s", id)
	256	}
	257
	258	version, err := version.NewVersion(parts[1])
	259	if err != nil {
	260	return "", nil, fmt.Errorf("Invalid service version: %v", err)
	261	}
	262
	263	return parts[0], version, nil
	264	}