Allow authentication through environment variables #41
Conversation
provider.go
Outdated
|
|
||
| var err error | ||
| endpointOps = gophercloud.EndpointOpts{Region: os.Getenv("OS_REGION_NAME")} | ||
| authOptions, err = openstack.AuthOptionsFromEnv() |
There was a problem hiding this comment.
It not the best, as it more identity v2 compatible than v3. In one of utilities i had to reinvent the wheel to have proper operation, like with python lib.
There was a problem hiding this comment.
What would be the v3 version of it? 🤔 Currently this is the documented way shown in the gophercloud README.md.
There was a problem hiding this comment.
Whatever they say, it's incompatible with openrc generated for v3. And even more, it breaks python agents, when they see OS_DOMAIN for example.
Here few parts of code, which do a proper support for v3:
https://gist.github.com/vooon/911c13af31c4aff53477536d8d6afe65
There was a problem hiding this comment.
Well I think it depends on what environment variables you configure. If you're supposed to talk to a v3 API, it could be very well be that configuring OS_DOMAIN breaks the tooling, because it's not supported. Which is definitely wrong, but I hesitate to add >100 lines of code just to catch those cases. How about you open a bug for gophercloud? Or would you prefer me to add those code lines from you Gist?
There was a problem hiding this comment.
I think GC would not break existing calls, as v2-rc time passed... Easier if you add similar code here. Not necessary the same way.
I've used interface because i reuse that common code in a lot of places, and it's helpful to embed into Kong cli...
There was a problem hiding this comment.
github.com/caarlos0/env/v10 works (almost) the same.
There was a problem hiding this comment.
I don't see an option for dom there 🤔 Did I miss something?
There was a problem hiding this comment.
I think it's not necessary to support xor on env parsing, you may do the check later.
It just handy to error-exit early during cli opt validation.
There was a problem hiding this comment.
https://github.com/alecthomas/kong/blob/master/README.md#supported-tags
xor just declares exclusive groups
There was a problem hiding this comment.
Alright, implemented something similar. Hope that's fine! :)
Yes, but only the |
baurmatt
force-pushed
the
allow-env-auth
branch
from
283694c to
6159409
Compare
This allows the usage of standardized OS_* variables to authenticate against OpenStack. It's helpful when running the plugin in Kubernetes, because you "only" need to inject environment variables into the pod, not a full YAML file.
baurmatt
force-pushed
the
allow-env-auth
branch
from
6159409 to
01234f4
Compare
baurmatt
force-pushed
the
allow-env-auth
branch
from
a701bb8 to
169e6a6
Compare
baurmatt
force-pushed
the
allow-env-auth
branch
from
169e6a6 to
97ed917
Compare
This allows the usage of standardized OS_* variables to authenticate against OpenStack. It's helpful when running the plugin in Kubernetes, because you "only" need to inject environment variables into the pod, not a full YAML file.