ResiLien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

provider/openstack: Add Swauth/Swift Authentication 

This commit adds the ability to authenticate with Swauth/Swift. This can
be used in Swift-only environments that do not have a Keystone service
for authentication.
This commit is contained in:
Joe Topjian 2016-11-08 05:30:55 +00:00
parent f0a5deae83
commit 74189c5211
4 changed files with 38 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
builtin/providers/openstack/config.go
View File

@ -9,6 +9,7 @@ import (
"github.com/gophercloud/gophercloud" "github.com/gophercloud/gophercloud"
"github.com/gophercloud/gophercloud/openstack" "github.com/gophercloud/gophercloud/openstack"
"github.com/gophercloud/gophercloud/openstack/objectstorage/v1/swauth"
) )
type Config struct { type Config struct {
@ -21,6 +22,7 @@ type Config struct {
IdentityEndpoint string IdentityEndpoint string
Insecure bool Insecure bool
Password string Password string
Swauth bool
TenantID string TenantID string
TenantName string TenantName string
Token string Token string
@ -95,9 +97,12 @@ func (c *Config) loadAndValidate() error {
transport := &http.Transport{Proxy: http.ProxyFromEnvironment, TLSClientConfig: config} transport := &http.Transport{Proxy: http.ProxyFromEnvironment, TLSClientConfig: config}
client.HTTPClient.Transport = transport client.HTTPClient.Transport = transport
err = openstack.Authenticate(client, ao) // If using Swift Authentication, there's no need to validate authentication normally.
if err != nil { if !c.Swauth {
return err err = openstack.Authenticate(client, ao)
if err != nil {
return err
}
} }
c.osClient = client c.osClient = client
@ -134,6 +139,14 @@ func (c *Config) networkingV2Client(region string) (*gophercloud.ServiceClient,
} }
func (c *Config) objectStorageV1Client(region string) (*gophercloud.ServiceClient, error) { func (c *Config) objectStorageV1Client(region string) (*gophercloud.ServiceClient, error) {
// If Swift Authentication is being used, return a swauth client.
if c.Swauth {
return swauth.NewObjectStorageV1(c.osClient, swauth.AuthOpts{
User: c.Username,
Key: c.Password,
})
}
return openstack.NewObjectStorageV1(c.osClient, gophercloud.EndpointOpts{ return openstack.NewObjectStorageV1(c.osClient, gophercloud.EndpointOpts{
Region: region, Region: region,
Availability: c.getEndpointType(), Availability: c.getEndpointType(),

11
builtin/providers/openstack/provider.go
View File

@ -125,6 +125,13 @@ func Provider() terraform.ResourceProvider {
DefaultFunc: schema.EnvDefaultFunc("OS_KEY", ""), DefaultFunc: schema.EnvDefaultFunc("OS_KEY", ""),
Description: descriptions["key"], Description: descriptions["key"],
}, },
"swauth": &schema.Schema{
Type: schema.TypeBool,
Optional: true,
DefaultFunc: schema.EnvDefaultFunc("OS_SWAUTH", ""),
Description: descriptions["swauth"],
},
}, },
ResourcesMap: map[string]*schema.Resource{ ResourcesMap: map[string]*schema.Resource{
@ -196,6 +203,9 @@ func init() {
"cert": "A client certificate to authenticate with.", "cert": "A client certificate to authenticate with.",
"key": "A client private key to authenticate with.", "key": "A client private key to authenticate with.",
"swauth": "Use Swift's authentication system instead of Keystone. Only used for\n" +
"interaction with Swift.",
} }
} }
@ -210,6 +220,7 @@ func configureProvider(d *schema.ResourceData) (interface{}, error) {
IdentityEndpoint: d.Get("auth_url").(string), IdentityEndpoint: d.Get("auth_url").(string),
Insecure: d.Get("insecure").(bool), Insecure: d.Get("insecure").(bool),
Password: d.Get("password").(string), Password: d.Get("password").(string),
Swauth: d.Get("swauth").(bool),
Token: d.Get("token").(string), Token: d.Get("token").(string),
TenantID: d.Get("tenant_id").(string), TenantID: d.Get("tenant_id").(string),
TenantName: d.Get("tenant_name").(string), TenantName: d.Get("tenant_name").(string),

10
builtin/providers/openstack/resource_openstack_objectstorage_container_v1_test.go
View File

@ -56,22 +56,20 @@ func testAccCheckObjectStorageV1ContainerDestroy(s *terraform.State) error {
var testAccObjectStorageV1Container_basic = fmt.Sprintf(` var testAccObjectStorageV1Container_basic = fmt.Sprintf(`
resource "openstack_objectstorage_container_v1" "container_1" { resource "openstack_objectstorage_container_v1" "container_1" {
region = "%s"
name = "tf-test-container" name = "tf-test-container"
metadata { metadata {
test = "true" test = "true"
} }
content_type = "application/json" content_type = "application/json"
}`, }
OS_REGION_NAME) `)
var testAccObjectStorageV1Container_update = fmt.Sprintf(` var testAccObjectStorageV1Container_update = fmt.Sprintf(`
resource "openstack_objectstorage_container_v1" "container_1" { resource "openstack_objectstorage_container_v1" "container_1" {
region = "%s"
name = "tf-test-container" name = "tf-test-container"
metadata { metadata {
test = "true" test = "true"
} }
content_type = "text/plain" content_type = "text/plain"
}`, }
OS_REGION_NAME) `)

7
website/source/docs/providers/openstack/index.html.markdown
View File

@ -86,6 +86,13 @@ The following arguments are supported:
service catalog. It can be set using the OS_ENDPOINT_TYPE environment service catalog. It can be set using the OS_ENDPOINT_TYPE environment
variable. If not set, public endpoints is used. variable. If not set, public endpoints is used.
* `swauth` - (Optional) Set to `true` to authenticate against Swauth, a
Swift-native authentication system. If omitted, the `OS_SWAUTH` environment
variable is used. You must also set `username` to the Swauth/Swift username
such as `username:project`. Set the `password` to the Swauth/Swift key.
Finally, set `auth_url` as the location of the Swift service. Note that this
will only work when used with the OpenStack Object Storage resources.
## Rackspace Compatibility ## Rackspace Compatibility
Using this OpenStack provider with Rackspace is not supported and not Using this OpenStack provider with Rackspace is not supported and not