From b8a3fc6694e4d22dcffc6e5df6a6987271768f6d Mon Sep 17 00:00:00 2001 From: Mevan Samaratunga Date: Sat, 1 Apr 2017 17:46:14 +0400 Subject: [PATCH 1/3] added user and tenant domain swift connection parameters to support v3 authentication --- physical/swift.go | 21 ++++++++++++++++----- physical/swift_test.go | 26 ++++++++++++++++---------- 2 files changed, 32 insertions(+), 15 deletions(-) diff --git a/physical/swift.go b/physical/swift.go index b3940c69d252..7815831f5b0f 100644 --- a/physical/swift.go +++ b/physical/swift.go @@ -63,12 +63,23 @@ func newSwiftBackend(conf map[string]string, logger log.Logger) (Backend, error) tenant = conf["tenant"] } + domain := os.Getenv("OS_USER_DOMAIN_NAME") + if domain == "" { + domain = conf["domain"] + } + tenantDomain := os.Getenv("OS_PROJECT_DOMAIN_NAME") + if tenantDomain == "" { + tenantDomain = conf["tenant-domain"] + } + c := swift.Connection{ - UserName: username, - ApiKey: password, - AuthUrl: authUrl, - Tenant: tenant, - Transport: cleanhttp.DefaultPooledTransport(), + Domain: domain, + UserName: username, + ApiKey: password, + AuthUrl: authUrl, + Tenant: tenant, + TenantDomain: tenantDomain, + Transport: cleanhttp.DefaultPooledTransport(), } err := c.Authenticate() diff --git a/physical/swift_test.go b/physical/swift_test.go index e56acaee2519..f012ad2a923c 100644 --- a/physical/swift_test.go +++ b/physical/swift_test.go @@ -22,16 +22,20 @@ func TestSwiftBackend(t *testing.T) { password := os.Getenv("OS_PASSWORD") authUrl := os.Getenv("OS_AUTH_URL") tenant := os.Getenv("OS_TENANT_NAME") + domain := os.Getenv("OS_USER_DOMAIN_NAME") + tenantDomain := os.Getenv("OS_PROJECT_DOMAIN_NAME") ts := time.Now().UnixNano() container := fmt.Sprintf("vault-test-%d", ts) cleaner := swift.Connection{ - UserName: username, - ApiKey: password, - AuthUrl: authUrl, - Tenant: tenant, - Transport: cleanhttp.DefaultPooledTransport(), + Domain: domain, + UserName: username, + ApiKey: password, + AuthUrl: authUrl, + Tenant: tenant, + TenantDomain: tenantDomain, + Transport: cleanhttp.DefaultPooledTransport(), } err := cleaner.Authenticate() @@ -63,11 +67,13 @@ func TestSwiftBackend(t *testing.T) { logger := logformat.NewVaultLogger(log.LevelTrace) b, err := NewBackend("swift", logger, map[string]string{ - "username": username, - "password": password, - "container": container, - "auth_url": authUrl, - "tenant": tenant, + "username": username, + "password": password, + "container": container, + "auth_url": authUrl, + "tenant": tenant, + "domain": domain, + "tenant-domain": tenantDomain, }) if err != nil { t.Fatalf("err: %s", err) From 525891ed3e284ddd16983f3ccb84d404745bd794 Mon Sep 17 00:00:00 2001 From: Mevan Samaratunga Date: Sun, 16 Apr 2017 14:17:05 +0400 Subject: [PATCH 2/3] added checks to look for OpenStack environment variables for project and its domain and at the same time maintain backward compatibility with the nomenclature prior to KeyStone v3. --- physical/swift.go | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/physical/swift.go b/physical/swift.go index 7815831f5b0f..0ed4fe61cf6a 100644 --- a/physical/swift.go +++ b/physical/swift.go @@ -58,18 +58,26 @@ func newSwiftBackend(conf map[string]string, logger log.Logger) (Backend, error) return nil, fmt.Errorf("missing container") } } - tenant := os.Getenv("OS_TENANT_NAME") - if tenant == "" { - tenant = conf["tenant"] + project := os.Getenv("OS_PROJECT_NAME") + if project == "" { + project = conf["project"] + + if project == "" { + // Check for KeyStone naming prior to V3 + project := os.Getenv("OS_TENANT_NAME") + if project == "" { + project = conf["tenant"] + } + } } domain := os.Getenv("OS_USER_DOMAIN_NAME") if domain == "" { domain = conf["domain"] } - tenantDomain := os.Getenv("OS_PROJECT_DOMAIN_NAME") - if tenantDomain == "" { - tenantDomain = conf["tenant-domain"] + projectDomain := os.Getenv("OS_PROJECT_DOMAIN_NAME") + if projectDomain == "" { + projectDomain = conf["project-domain"] } c := swift.Connection{ @@ -77,8 +85,8 @@ func newSwiftBackend(conf map[string]string, logger log.Logger) (Backend, error) UserName: username, ApiKey: password, AuthUrl: authUrl, - Tenant: tenant, - TenantDomain: tenantDomain, + Tenant: project, + TenantDomain: projectDomain, Transport: cleanhttp.DefaultPooledTransport(), } From 936245bf6bf1f5313b97c5cc7487a1dc419eb37d Mon Sep 17 00:00:00 2001 From: Mevan Samaratunga Date: Sun, 16 Apr 2017 14:28:26 +0400 Subject: [PATCH 3/3] changed project nomenclature from pre-V3 KeyStone to current, --- physical/swift_test.go | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/physical/swift_test.go b/physical/swift_test.go index f012ad2a923c..2da37f043e1d 100644 --- a/physical/swift_test.go +++ b/physical/swift_test.go @@ -21,9 +21,9 @@ func TestSwiftBackend(t *testing.T) { username := os.Getenv("OS_USERNAME") password := os.Getenv("OS_PASSWORD") authUrl := os.Getenv("OS_AUTH_URL") - tenant := os.Getenv("OS_TENANT_NAME") + project := os.Getenv("OS_PROJECT_NAME") domain := os.Getenv("OS_USER_DOMAIN_NAME") - tenantDomain := os.Getenv("OS_PROJECT_DOMAIN_NAME") + projectDomain := os.Getenv("OS_PROJECT_DOMAIN_NAME") ts := time.Now().UnixNano() container := fmt.Sprintf("vault-test-%d", ts) @@ -33,8 +33,8 @@ func TestSwiftBackend(t *testing.T) { UserName: username, ApiKey: password, AuthUrl: authUrl, - Tenant: tenant, - TenantDomain: tenantDomain, + Tenant: project, + TenantDomain: projectDomain, Transport: cleanhttp.DefaultPooledTransport(), } @@ -67,13 +67,13 @@ func TestSwiftBackend(t *testing.T) { logger := logformat.NewVaultLogger(log.LevelTrace) b, err := NewBackend("swift", logger, map[string]string{ - "username": username, - "password": password, - "container": container, - "auth_url": authUrl, - "tenant": tenant, - "domain": domain, - "tenant-domain": tenantDomain, + "username": username, + "password": password, + "container": container, + "auth_url": authUrl, + "project": project, + "domain": domain, + "project-domain": projectDomain, }) if err != nil { t.Fatalf("err: %s", err)