Grcov report - container_credentials

1

#pragma once

2

#include "source/extensions/common/aws/metadata_credentials_provider_base.h"

3

4

namespace Envoy {

5

namespace Extensions {

6

namespace Common {

7

namespace Aws {

8

9

constexpr char AWS_CONTAINER_CREDENTIALS_RELATIVE_URI[] = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";

10

constexpr char AWS_CONTAINER_CREDENTIALS_FULL_URI[] = "AWS_CONTAINER_CREDENTIALS_FULL_URI";

11

constexpr char AWS_CONTAINER_AUTHORIZATION_TOKEN[] = "AWS_CONTAINER_AUTHORIZATION_TOKEN";

12

constexpr char AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE[] = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE";

13

constexpr char CONTAINER_EXPIRATION[] = "Expiration";

14

constexpr char CONTAINER_METADATA_HOST[] = "169.254.170.2:80";

15

constexpr char CONTAINER_METADATA_CLUSTER[] = "ecs_task_metadata_server_internal";

16

17

/**

18

 * Retrieve AWS credentials from the task metadata.

19

20

 * https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html#enable_task_iam_roles

21

*/

22

class ContainerCredentialsProvider : public MetadataCredentialsProviderBase,

23

                                     public Envoy::Singleton::Instance,

24

                                     public MetadataFetcher::MetadataReceiver {

25

public:

26

  ContainerCredentialsProvider(Server::Configuration::ServerFactoryContext& context,

27

                               AwsClusterManagerPtr aws_cluster_manager,

28

                               CreateMetadataFetcherCb create_metadata_fetcher_cb,

29

                               absl::string_view credential_uri,

30

                               MetadataFetcher::MetadataReceiver::RefreshState refresh_state,

31

                               std::chrono::seconds initialization_timer,

32

                               absl::string_view authorization_token,

33

                               absl::string_view cluster_name);

34

35

  // Following functions are for MetadataFetcher::MetadataReceiver interface

36

  void onMetadataSuccess(const std::string&& body) override;

37

  void onMetadataError(Failure reason) override;

38

8

  std::string providerName() override { return "ContainerCredentialsProvider"; };

39

40

private:

41

  const std::string credential_uri_;

42

  const std::string authorization_token_;

43

44

  void refresh() override;

45

  void extractCredentials(const std::string&& credential_document_value);

46

};

47

48

using ContainerCredentialsProviderPtr = std::shared_ptr<ContainerCredentialsProvider>;

49

50

} // namespace Aws

51

} // namespace Common

52

} // namespace Extensions

53

} // namespace Envoy