// newState returns a new State that uses the given environment.
// The environment must have already been bootstrapped.
func newState(environ environs.Environ, mongoInfo *mongo.MongoInfo) (*state.State, error) {
config := environ.Config()
password := config.AdminSecret()
if password == "" {
return nil, fmt.Errorf("cannot connect without admin-secret")
}
modelTag := names.NewModelTag(config.UUID())
mongoInfo.Password = password
opts := mongo.DefaultDialOpts()
st, err := state.Open(modelTag, mongoInfo, opts, environs.NewStatePolicy())
if errors.IsUnauthorized(errors.Cause(err)) {
// We try for a while because we might succeed in
// connecting to mongo before the state has been
// initialized and the initial password set.
for a := redialStrategy.Start(); a.Next(); {
st, err = state.Open(modelTag, mongoInfo, opts, environs.NewStatePolicy())
if !errors.IsUnauthorized(errors.Cause(err)) {
break
}
}
if err != nil {
return nil, err
}
} else if err != nil {
return nil, err
}
if err := updateSecrets(environ, st); err != nil {
st.Close()
return nil, fmt.Errorf("unable to push secrets: %v", err)
}
return st, nil
}
func environAPIInfo(environ environs.Environ, user names.UserTag) (*api.Info, error) {
config := environ.Config()
password := config.AdminSecret()
if password == "" {
return nil, fmt.Errorf("cannot connect to API servers without admin-secret")
}
info, err := environs.APIInfo(environ)
if err != nil {
return nil, err
}
info.Tag = user
info.Password = password
return info, nil
}
func environAPIInfo(environ environs.Environ, user names.Tag) (*api.Info, error) {
config := environ.Config()
password := config.AdminSecret()
info, err := environs.APIInfo(environ)
if err != nil {
return nil, err
}
info.Tag = user
info.Password = password
if info.Tag == nil {
info.UseMacaroons = true
}
return info, nil
}