Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

provider/openstack: Add Swauth/Swift Authentication #9943

Merged
merged 2 commits into from
Nov 22, 2016
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 16 additions & 3 deletions builtin/providers/openstack/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (

"github.com/gophercloud/gophercloud"
"github.com/gophercloud/gophercloud/openstack"
"github.com/gophercloud/gophercloud/openstack/objectstorage/v1/swauth"
)

type Config struct {
Expand All @@ -21,6 +22,7 @@ type Config struct {
IdentityEndpoint string
Insecure bool
Password string
Swauth bool
TenantID string
TenantName string
Token string
Expand Down Expand Up @@ -95,9 +97,12 @@ func (c *Config) loadAndValidate() error {
transport := &http.Transport{Proxy: http.ProxyFromEnvironment, TLSClientConfig: config}
client.HTTPClient.Transport = transport

err = openstack.Authenticate(client, ao)
if err != nil {
return err
// If using Swift Authentication, there's no need to validate authentication normally.
if !c.Swauth {
err = openstack.Authenticate(client, ao)
if err != nil {
return err
}
}

c.osClient = client
Expand Down Expand Up @@ -134,6 +139,14 @@ func (c *Config) networkingV2Client(region string) (*gophercloud.ServiceClient,
}

func (c *Config) objectStorageV1Client(region string) (*gophercloud.ServiceClient, error) {
// If Swift Authentication is being used, return a swauth client.
if c.Swauth {
return swauth.NewObjectStorageV1(c.osClient, swauth.AuthOpts{
User: c.Username,
Key: c.Password,
})
}

return openstack.NewObjectStorageV1(c.osClient, gophercloud.EndpointOpts{
Region: region,
Availability: c.getEndpointType(),
Expand Down
11 changes: 11 additions & 0 deletions builtin/providers/openstack/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,13 @@ func Provider() terraform.ResourceProvider {
DefaultFunc: schema.EnvDefaultFunc("OS_KEY", ""),
Description: descriptions["key"],
},

"swauth": &schema.Schema{
Type: schema.TypeBool,
Optional: true,
DefaultFunc: schema.EnvDefaultFunc("OS_SWAUTH", ""),
Description: descriptions["swauth"],
},
},

ResourcesMap: map[string]*schema.Resource{
Expand Down Expand Up @@ -196,6 +203,9 @@ func init() {
"cert": "A client certificate to authenticate with.",

"key": "A client private key to authenticate with.",

"swauth": "Use Swift's authentication system instead of Keystone. Only used for\n" +
"interaction with Swift.",
}
}

Expand All @@ -210,6 +220,7 @@ func configureProvider(d *schema.ResourceData) (interface{}, error) {
IdentityEndpoint: d.Get("auth_url").(string),
Insecure: d.Get("insecure").(bool),
Password: d.Get("password").(string),
Swauth: d.Get("swauth").(bool),
Token: d.Get("token").(string),
TenantID: d.Get("tenant_id").(string),
TenantName: d.Get("tenant_name").(string),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -56,22 +56,20 @@ func testAccCheckObjectStorageV1ContainerDestroy(s *terraform.State) error {

var testAccObjectStorageV1Container_basic = fmt.Sprintf(`
resource "openstack_objectstorage_container_v1" "container_1" {
region = "%s"
name = "tf-test-container"
metadata {
test = "true"
}
content_type = "application/json"
}`,
OS_REGION_NAME)
}
`)

var testAccObjectStorageV1Container_update = fmt.Sprintf(`
resource "openstack_objectstorage_container_v1" "container_1" {
region = "%s"
name = "tf-test-container"
metadata {
test = "true"
}
content_type = "text/plain"
}`,
OS_REGION_NAME)
}
`)

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 6 additions & 0 deletions vendor/vendor.json
Original file line number Diff line number Diff line change
Expand Up @@ -1377,6 +1377,12 @@
"revision": "45720eeefeeeba03b2d7da500297ec68eeee51af",
"revisionTime": "2016-10-31T15:28:56Z"
},
{
"checksumSHA1": "roxPPVwS2CjJhf0CApHNQxAX7EA=",
"path": "github.com/gophercloud/gophercloud/openstack/objectstorage/v1/swauth",
"revision": "d5eda9707e146108e4d424062b602fd97a71c2e6",
"revisionTime": "2016-11-14T18:28:31Z"
},
{
"checksumSHA1": "TDOZnaS0TO0NirpxV1QwPerAQTY=",
"path": "github.com/gophercloud/gophercloud/openstack/utils",
Expand Down
7 changes: 7 additions & 0 deletions website/source/docs/providers/openstack/index.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,13 @@ The following arguments are supported:
service catalog. It can be set using the OS_ENDPOINT_TYPE environment
variable. If not set, public endpoints is used.

* `swauth` - (Optional) Set to `true` to authenticate against Swauth, a
Swift-native authentication system. If omitted, the `OS_SWAUTH` environment
variable is used. You must also set `username` to the Swauth/Swift username
such as `username:project`. Set the `password` to the Swauth/Swift key.
Finally, set `auth_url` as the location of the Swift service. Note that this
will only work when used with the OpenStack Object Storage resources.

## Rackspace Compatibility

Using this OpenStack provider with Rackspace is not supported and not
Expand Down