June 20-22 Announcing HashiConf Europe full schedule: keynotes, sessions, labs & more Register Now
  • Infrastructure
    • terraform
    • packer
  • Networking
    • consul
  • Security
    • vault
    • boundary
  • Applications
    • nomad
    • waypoint
    • vagrant
  • HashiCorp Cloud Platform

    A fully managed platform to automate infrastructure on any cloud with HashiCorp products.

    • consul
    • terraform
    • vault
    • packerbeta
    Visit cloud.hashicorp.com
  • Overview
  • Tutorials
  • Docs
  • CLI
  • Plugins
  • Community
GitHub
Download
    • v0.8.x (latest)
    • v0.7.x
    • v0.6.x
    • v0.5.x
    • v0.4.x
    • v0.3.x
    • v0.2.x
    • v0.1.x
    • Overview
      • Overview
      • Helm
      • Heroku, Vercel, etc.
      • Kubernetes
  • Getting Started
    • Overview
    • Compatibility Promise
    • Protocol Version Table
    • Release Notifications
      • Overview
      • Upgrade to 0.2.0

    • Install
    • Externally Built Images
    • Building Container Images
    • Helm Deployment
    • YAML-Free Deployment
    • YAML Directory Deployment
    • Resource Status
    • ConfigMaps and Secrets

    • Overview
    • Git Integration
    • Remote Operations
    • Overview
    • Build
    • Deploy
    • Release
    • Hooks
    • Labels
    • Workspace and Label Scoping
    • Overview
      • Overview
      • Input Variables
      • External Data
      • artifact
      • deploy
      • entrypoint
      • labels
      • path
      • workspace
      • Overview
      • Full Reference
      • Templating
      • Overview
      • Expressions
      • JSON Syntax
    • app
    • build
    • config
    • deploy
    • hook
    • plugin
    • registry
    • release
    • runner
    • url
    • use
    • variable
  • URL Service
  • Logs
  • Exec
    • Overview
    • Dynamic Values
    • Files
    • Internal Values
    • Workspace and Label Scoping
    • Overview
      • Overview
      • OIDC
      • Overview
      • Maintenance
      • Production
      • Security
    • Express Server Install
    • Overview
    • Configuration
    • Profiles
    • On-Demand Runner
    • Additional Runners
  • Workspaces
  • Plugins
  • Triggers

    • Overview
      • Overview
      • Registering Plugin Components
      • Handling Configuration
      • Implementing the Builder Interface
      • Compiling the Plugin
      • Creating an Example Application
      • Testing the Plugin
    • Initializing the SDK
    • Passing Values Between Components
      • Overview
      • Authenticator
      • Configurable
      • ConfigurableNotify
      • Builder
      • Registry
      • Platform
      • ReleaseManager
      • Destroy
      • Status
      • Default Parameters
      • Overview
    • Overview
    • Disable
    • Overview
    • GitHub Actions
    • GitLab CI/CD
    • CircleCI
    • Jenkins
  • Troubleshooting
  • Glossary

    • Overview
    • Architecture
    • Operation Execution
  • Roadmap
Type '/' to Search

»Authenticator

https://pkg.go.dev/github.com/hashicorp/waypoint-plugin-sdk/component#Authenticator

The Authenticator component is executed when the waypoint init command is called, Authenticator is enabled by implementing two interfaces, ValidateAuthFunc and AuthFunc. Typically you implement Authenticator along with another Component, for example you have a Platform component which deploys a waypoint application to Google Cloud Run. You could implement the Authenticator component to check that the GCP credentials are valid.

Authenticator

The interface definition which you implement is shown below.

// Authenticator is responsible for authenticating different types of plugins.
type Authenticator interface {
  // AuthFunc should return the method for getting credentials for a
  // plugin. This should return AuthResult.
  AuthFunc() interface{}
  // ValidateAuthFunc should return the method for validating authentication
  // credentials for the plugin
  ValidateAuthFunc() interface{}
}
// Authenticator is responsible for authenticating different types of plugins.
type Authenticator interface {
  // AuthFunc should return the method for getting credentials for a
  // plugin. This should return AuthResult.
  AuthFunc() interface{}
  // ValidateAuthFunc should return the method for validating authentication
  // credentials for the plugin
  ValidateAuthFunc() interface{}
}

ValidateAuthFunc is called when you run waypoint init, this is where you would implement logic which checks that the plugin has the correct requirements in order to perform its work.

The signature for the function you return from AuthFunc has a single output parameter which is an error. If a non-nil error is returned then Waypoint calls the AuthFunc method. An example implementation of VaultAuthFunc can be found in the example below.

func (p *Deploy) ValidateAuthFunc() interface{} {
  return p.validateAuth
}

func (p *Deploy) validateAuth(
  ctx context.Context,
  log hclog.Logger,
  ui terminal.UI,
) error {
  s := ui.Status()
  defer s.Close()

  s.Update("Validate authentication")

  // checkLogin returns an error when user is not
  // authenticated
  err := checkLogin()

  // returning an error from ValidateAuthFunc causes Waypoint
  // to call AuthFunc
  return err
}
func (p *Deploy) ValidateAuthFunc() interface{} {
  return p.validateAuth
}

func (p *Deploy) validateAuth(
  ctx context.Context,
  log hclog.Logger,
  ui terminal.UI,
) error {
  s := ui.Status()
  defer s.Close()

  s.Update("Validate authentication")

  // checkLogin returns an error when user is not
  // authenticated
  err := checkLogin()

  // returning an error from ValidateAuthFunc causes Waypoint
  // to call AuthFunc
  return err
}

AuthFunc is only called when ValidateAuthFunc returns an error, this is where you would implement any prompts to the user to authenticate or where you can attempt to authenticate.

The signature for an AuthFunc has two output parameters, *component.AuthResult and an error. If authentication succeeds you return an AuthResult message which has Authenticated set to true &component.AuthResult{Authenticated: true}, and for failed authentication set this to false. If an error occurs during the authentication process you can return this as the second output parameter.

A simple example of an AuthFunc implementation can be seen below.

func (p *Deploy) AuthFunc() interface{} {
  return p.authenticate
}

func (p *Deploy) authenticate(
  ctx context.Context,
  log hclog.Logger,
  ui terminal.UI,
) (*component.AuthResult, error) {
  ui.Output("Describe the manual authentication steps here")
  return &component.AuthResult{false}, nil
}
func (p *Deploy) AuthFunc() interface{} {
  return p.authenticate
}

func (p *Deploy) authenticate(
  ctx context.Context,
  log hclog.Logger,
  ui terminal.UI,
) (*component.AuthResult, error) {
  ui.Output("Describe the manual authentication steps here")
  return &component.AuthResult{false}, nil
}
github logoEdit this page

Using Waypoint

The best way to understand what Waypoint can enable for your projects is to give it a try.

Waypoint tutorials
Waypoint documentation
Tutorial

Get Started - Kubernetes

Build, deploy, and release applications to a Kubernetes cluster.

View
Tutorial

Introduction to Waypoint

Waypoint enables you to publish any application to any platform with a single file and a single command.

View

Waypoint is maintained by HashiCorp, Inc.

View Code of Conduct
DocumentationCLI ReferenceTutorialsIntegrations
All systems normal