Merge pull request #60200 from dixudx/clientgo_openstack_config

Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. read openstack auth config from client config **What this PR does / why we need it**: > // TODO: read/persist client configuration(OS_XXX env vars) in config /sig openstack **Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: Fixes # **Special notes for your reviewer**: /assign @dims **Release note**: ```release-note read openstack auth config from client config ``` Kubernetes-commit: 9dcbdc3d459ec6b2bb149a9f4f3c0d1348113e4a
2025-06-26 07:02:01 +00:00 · 2018-05-10 08:15:45 -07:00 · 2018-05-10 08:15:45 -07:00 · b2243688f8
commit b2243688f8
parent 638bb430f4 a258223ae4
3 changed files with 144 additions and 61 deletions
--- a/Godeps/Godeps.json
+++ b/Godeps/Godeps.json
@ -1,6 +1,6 @@
 {
 	"ImportPath": "k8s.io/client-go",
-	"GoVersion": "go1.9",
+	"GoVersion": "go1.10",
 	"GodepVersion": "v80",
 	"Packages": [
 		"./..."
@ -368,203 +368,203 @@
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/api/equality",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/api/errors",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/api/meta",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/api/resource",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/api/testing",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/api/testing/fuzzer",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/api/testing/roundtrip",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/apis/meta/fuzzer",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/apis/meta/internalversion",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/apis/meta/v1",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/apis/meta/v1beta1",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/conversion",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/conversion/queryparams",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/fields",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/labels",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/runtime",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/runtime/schema",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/json",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/protobuf",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/recognizer",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/streaming",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/versioning",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/selection",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/types",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/cache",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/clock",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/diff",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/errors",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/framer",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/httpstream",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/httpstream/spdy",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/intstr",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/json",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/mergepatch",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/net",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/remotecommand",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/runtime",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/sets",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/strategicpatch",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/validation",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/validation/field",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/wait",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/util/yaml",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/version",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/pkg/watch",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/third_party/forked/golang/json",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/third_party/forked/golang/netutil",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/apimachinery/third_party/forked/golang/reflect",
-			"Rev": "13b73596e4b63e03203e86f6d9c7bcc1b937c62f"
+			"Rev": "53d615ae3f440f957cb9989d989d597f047262d9"
 		},
 		{
 			"ImportPath": "k8s.io/kube-openapi/pkg/util/proto",
--- a/plugin/pkg/client/auth/openstack/openstack.go
+++ b/plugin/pkg/client/auth/openstack/openstack.go
@ -23,6 +23,7 @@ import (
 	"time"

 	"github.com/golang/glog"
+	"github.com/gophercloud/gophercloud"
 	"github.com/gophercloud/gophercloud/openstack"

 	"k8s.io/apimachinery/pkg/util/net"
@ -42,8 +43,7 @@ const DefaultTTLDuration = 10 * time.Minute
 // the environment variables to determine the client identity, and generates a
 // token which will be inserted into the request header later.
 type openstackAuthProvider struct {
-	ttl time.Duration
-
+	ttl         time.Duration
 	tokenGetter TokenGetter
 }

@ -52,13 +52,23 @@ type TokenGetter interface {
 	Token() (string, error)
 }

-type tokenGetter struct{}
+type tokenGetter struct {
+	authOpt *gophercloud.AuthOptions
+}

 // Token creates a token by authenticate with keystone.
-func (*tokenGetter) Token() (string, error) {
-	options, err := openstack.AuthOptionsFromEnv()
-	if err != nil {
-		return "", fmt.Errorf("failed to read openstack env vars: %s", err)
+func (t *tokenGetter) Token() (string, error) {
+	var options gophercloud.AuthOptions
+	var err error
+	if t.authOpt == nil {
+		// reads the config from the environment
+		glog.V(4).Info("reading openstack config from the environment variables")
+		options, err = openstack.AuthOptionsFromEnv()
+		if err != nil {
+			return "", fmt.Errorf("failed to read openstack env vars: %s", err)
+		}
+	} else {
+		options = *t.authOpt
 	}
 	client, err := openstack.AuthenticatedClient(options)
 	if err != nil {
@ -126,7 +136,7 @@ func (t *tokenRoundTripper) WrappedRoundTripper() http.RoundTripper { return t.R

 // newOpenstackAuthProvider creates an auth provider which works with openstack
 // environment.
-func newOpenstackAuthProvider(clusterAddress string, config map[string]string, persister restclient.AuthProviderConfigPersister) (restclient.AuthProvider, error) {
+func newOpenstackAuthProvider(_ string, config map[string]string, persister restclient.AuthProviderConfigPersister) (restclient.AuthProvider, error) {
 	var ttlDuration time.Duration
 	var err error

@ -145,11 +155,27 @@ func newOpenstackAuthProvider(clusterAddress string, config map[string]string, p
 		}
 	}

-	// TODO: read/persist client configuration(OS_XXX env vars) in config
+	authOpt := gophercloud.AuthOptions{
+		IdentityEndpoint: config["identityEndpoint"],
+		Username:         config["username"],
+		Password:         config["password"],
+		DomainName:       config["name"],
+		TenantID:         config["tenantId"],
+		TenantName:       config["tenantName"],
+	}
+
+	getter := tokenGetter{}
+	// not empty
+	if (authOpt != gophercloud.AuthOptions{}) {
+		if len(authOpt.IdentityEndpoint) == 0 {
+			return nil, fmt.Errorf("empty %q in the config for openstack auth provider", "identityEndpoint")
+		}
+		getter.authOpt = &authOpt
+	}

 	return &openstackAuthProvider{
 		ttl:         ttlDuration,
-		tokenGetter: &tokenGetter{},
+		tokenGetter: &getter,
 	}, nil
 }

--- a/plugin/pkg/client/auth/openstack/openstack_test.go
+++ b/plugin/pkg/client/auth/openstack/openstack_test.go
@ -114,3 +114,60 @@ func TestOpenstackAuthProvider(t *testing.T) {
 	}

 }
+
+type fakePersister struct{}
+
+func (i *fakePersister) Persist(map[string]string) error {
+	return nil
+}
+
+func TestNewOpenstackAuthProvider(t *testing.T) {
+	tests := []struct {
+		name        string
+		config      map[string]string
+		expectError bool
+	}{
+		{
+			name: "normal config without openstack configurations",
+			config: map[string]string{
+				"ttl": "1s",
+				"foo": "bar",
+			},
+		},
+		{
+			name: "openstack auth provider: missing identityEndpoint",
+			config: map[string]string{
+				"ttl":        "1s",
+				"foo":        "bar",
+				"username":   "xyz",
+				"password":   "123",
+				"tenantName": "admin",
+			},
+			expectError: true,
+		},
+		{
+			name: "openstack auth provider",
+			config: map[string]string{
+				"ttl":              "1s",
+				"foo":              "bar",
+				"identityEndpoint": "http://controller:35357/v3",
+				"username":         "xyz",
+				"password":         "123",
+				"tenantName":       "admin",
+			},
+		},
+	}
+
+	for _, test := range tests {
+		_, err := newOpenstackAuthProvider("test", test.config, &fakePersister{})
+		if err != nil {
+			if !test.expectError {
+				t.Errorf("unexpected error: %v", err)
+			}
+		} else {
+			if test.expectError {
+				t.Error("expect error, but nil")
+			}
+		}
+	}
+}