Merge pull request #60200 from dixudx/clientgo_openstack_config

Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. read openstack auth config from client config **What this PR does / why we need it**: > // TODO: read/persist client configuration(OS_XXX env vars) in config /sig openstack **Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: Fixes # **Special notes for your reviewer**: /assign @dims **Release note**: ```release-note read openstack auth config from client config ``` Kubernetes-commit: 9dcbdc3d459ec6b2bb149a9f4f3c0d1348113e4a
mohamed-rafraf · May 10, 2018 · b224368 · b224368
2 parents 638bb43 + a258223
commit b224368
Show file tree

Hide file tree

Showing 3 changed files with 144 additions and 61 deletions.
diff --git a/Godeps/Godeps.json b/Godeps/Godeps.json
diff --git a/plugin/pkg/client/auth/openstack/openstack.go b/plugin/pkg/client/auth/openstack/openstack.go
@@ -23,6 +23,7 @@ import (
 	"time"
 
 	"github.com/golang/glog"
+	"github.com/gophercloud/gophercloud"
 	"github.com/gophercloud/gophercloud/openstack"
 
 	"k8s.io/apimachinery/pkg/util/net"
@@ -42,8 +43,7 @@ const DefaultTTLDuration = 10 * time.Minute
 // the environment variables to determine the client identity, and generates a
 // token which will be inserted into the request header later.
 type openstackAuthProvider struct {
-	ttl time.Duration
-
+	ttl         time.Duration
 	tokenGetter TokenGetter
 }
 
@@ -52,13 +52,23 @@ type TokenGetter interface {
 	Token() (string, error)
 }
 
-type tokenGetter struct{}
+type tokenGetter struct {
+	authOpt *gophercloud.AuthOptions
+}
 
 // Token creates a token by authenticate with keystone.
-func (*tokenGetter) Token() (string, error) {
-	options, err := openstack.AuthOptionsFromEnv()
-	if err != nil {
-		return "", fmt.Errorf("failed to read openstack env vars: %s", err)
+func (t *tokenGetter) Token() (string, error) {
+	var options gophercloud.AuthOptions
+	var err error
+	if t.authOpt == nil {
+		// reads the config from the environment
+		glog.V(4).Info("reading openstack config from the environment variables")
+		options, err = openstack.AuthOptionsFromEnv()
+		if err != nil {
+			return "", fmt.Errorf("failed to read openstack env vars: %s", err)
+		}
+	} else {
+		options = *t.authOpt
 	}
 	client, err := openstack.AuthenticatedClient(options)
 	if err != nil {
@@ -126,7 +136,7 @@ func (t *tokenRoundTripper) WrappedRoundTripper() http.RoundTripper { return t.R
 
 // newOpenstackAuthProvider creates an auth provider which works with openstack
 // environment.
-func newOpenstackAuthProvider(clusterAddress string, config map[string]string, persister restclient.AuthProviderConfigPersister) (restclient.AuthProvider, error) {
+func newOpenstackAuthProvider(_ string, config map[string]string, persister restclient.AuthProviderConfigPersister) (restclient.AuthProvider, error) {
 	var ttlDuration time.Duration
 	var err error
 
@@ -145,11 +155,27 @@ func newOpenstackAuthProvider(clusterAddress string, config map[string]string, p
 		}
 	}
 
-	// TODO: read/persist client configuration(OS_XXX env vars) in config
+	authOpt := gophercloud.AuthOptions{
+		IdentityEndpoint: config["identityEndpoint"],
+		Username:         config["username"],
+		Password:         config["password"],
+		DomainName:       config["name"],
+		TenantID:         config["tenantId"],
+		TenantName:       config["tenantName"],
+	}
+
+	getter := tokenGetter{}
+	// not empty
+	if (authOpt != gophercloud.AuthOptions{}) {
+		if len(authOpt.IdentityEndpoint) == 0 {
+			return nil, fmt.Errorf("empty %q in the config for openstack auth provider", "identityEndpoint")
+		}
+		getter.authOpt = &authOpt
+	}
 
 	return &openstackAuthProvider{
 		ttl:         ttlDuration,
-		tokenGetter: &tokenGetter{},
+		tokenGetter: &getter,
 	}, nil
 }