Documentation
¶
Overview ¶
package clouds provides a parser for OpenStack credentials stored in a clouds.yaml file.
Example use:
ctx := context.Background()
ao, eo, tlsConfig, err := clouds.Parse()
if err != nil {
panic(err)
}
providerClient, err := config.NewProviderClient(ctx, ao, config.WithTLSConfig(tlsConfig))
if err != nil {
panic(err)
}
networkClient, err := openstack.NewNetworkV2(providerClient, eo)
if err != nil {
panic(err)
}
Index ¶
- func Parse(opts ...ParseOption) (gophercloud.AuthOptions, gophercloud.EndpointOpts, *tls.Config, error)
- type AuthInfo
- type AuthType
- type Cloud
- type Clouds
- type ParseOption
- func WithApplicationCredentialID(applicationCredentialID string) ParseOption
- func WithApplicationCredentialName(applicationCredentialName string) ParseOption
- func WithApplicationCredentialSecret(applicationCredentialSecret string) ParseOption
- func WithCACertPath(caCertPath string) ParseOption
- func WithClientCertPath(clientCertPath string) ParseOption
- func WithClientKeyPath(clientKeyPath string) ParseOption
- func WithCloudName(osCloud string) ParseOption
- func WithCloudsYAML(clouds io.Reader) ParseOption
- func WithDomainID(domainID string) ParseOption
- func WithDomainName(domainName string) ParseOption
- func WithEndpointType(endpointType string) ParseOption
- func WithIdentityEndpoint(authURL string) ParseOption
- func WithInsecure(insecure bool) ParseOption
- func WithLocations(locations ...string) ParseOption
- func WithPassword(password string) ParseOption
- func WithProjectID(projectID string) ParseOption
- func WithProjectName(projectName string) ParseOption
- func WithRegion(region string) ParseOption
- func WithScope(scope *gophercloud.AuthScope) ParseOption
- func WithSecureYAML(secure io.Reader) ParseOption
- func WithToken(token string) ParseOption
- func WithUserID(userID string) ParseOption
- func WithUsername(username string) ParseOption
- type Region
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Parse ¶
func Parse(opts ...ParseOption) (gophercloud.AuthOptions, gophercloud.EndpointOpts, *tls.Config, error)
Parse fetches a clouds.yaml file from disk and returns the parsed credentials.
By default this function mimics the behaviour of python-openstackclient, which is:
- if the environment variable `OS_CLIENT_CONFIG_FILE` is set and points to a clouds.yaml, use that location as the only search location for `clouds.yaml` and `secure.yaml`;
- otherwise, the search locations for `clouds.yaml` and `secure.yaml` are: 1. the current working directory (on Linux: `./`) 2. the directory `openstack` under the standatd user config location for the operating system (on Linux: `${XDG_CONFIG_HOME:-$HOME/.config}/openstack/`) 3. on Linux, `/etc/openstack/`
Once `clouds.yaml` is found in a search location, the same location is used to search for `secure.yaml`.
Like in python-openstackclient, relative paths in the `clouds.yaml` section `cacert` are interpreted as relative the the current directory, and not to the `clouds.yaml` location.
Search locations, as well as individual `clouds.yaml` properties, can be overwritten with functional options.
Types ¶
type AuthInfo ¶
type AuthInfo struct {
// AuthURL is the keystone/identity endpoint URL.
AuthURL string `yaml:"auth_url,omitempty" json:"auth_url,omitempty"`
// Token is a pre-generated authentication token.
Token string `yaml:"token,omitempty" json:"token,omitempty"`
// Username is the username of the user.
Username string `yaml:"username,omitempty" json:"username,omitempty"`
// UserID is the unique ID of a user.
UserID string `yaml:"user_id,omitempty" json:"user_id,omitempty"`
// Password is the password of the user.
Password string `yaml:"password,omitempty" json:"password,omitempty"`
// Application Credential ID to login with.
ApplicationCredentialID string `yaml:"application_credential_id,omitempty" json:"application_credential_id,omitempty"`
// Application Credential name to login with.
ApplicationCredentialName string `yaml:"application_credential_name,omitempty" json:"application_credential_name,omitempty"`
// Application Credential secret to login with.
ApplicationCredentialSecret string `yaml:"application_credential_secret,omitempty" json:"application_credential_secret,omitempty"`
// SystemScope is a system information to scope to.
SystemScope string `yaml:"system_scope,omitempty" json:"system_scope,omitempty"`
// ProjectName is the common/human-readable name of a project.
// Users can be scoped to a project.
// ProjectName on its own is not enough to ensure a unique scope. It must
// also be combined with either a ProjectDomainName or ProjectDomainID.
// ProjectName cannot be combined with ProjectID in a scope.
ProjectName string `yaml:"project_name,omitempty" json:"project_name,omitempty"`
// ProjectID is the unique ID of a project.
// It can be used to scope a user to a specific project.
ProjectID string `yaml:"project_id,omitempty" json:"project_id,omitempty"`
// UserDomainName is the name of the domain where a user resides.
// It is used to identify the source domain of a user.
UserDomainName string `yaml:"user_domain_name,omitempty" json:"user_domain_name,omitempty"`
// UserDomainID is the unique ID of the domain where a user resides.
// It is used to identify the source domain of a user.
UserDomainID string `yaml:"user_domain_id,omitempty" json:"user_domain_id,omitempty"`
// ProjectDomainName is the name of the domain where a project resides.
// It is used to identify the source domain of a project.
// ProjectDomainName can be used in addition to a ProjectName when scoping
// a user to a specific project.
ProjectDomainName string `yaml:"project_domain_name,omitempty" json:"project_domain_name,omitempty"`
// ProjectDomainID is the name of the domain where a project resides.
// It is used to identify the source domain of a project.
// ProjectDomainID can be used in addition to a ProjectName when scoping
// a user to a specific project.
ProjectDomainID string `yaml:"project_domain_id,omitempty" json:"project_domain_id,omitempty"`
// DomainName is the name of a domain which can be used to identify the
// source domain of either a user or a project.
// If UserDomainName and ProjectDomainName are not specified, then DomainName
// is used as a default choice.
// It can also be used be used to specify a domain-only scope.
DomainName string `yaml:"domain_name,omitempty" json:"domain_name,omitempty"`
// DomainID is the unique ID of a domain which can be used to identify the
// source domain of eitehr a user or a project.
// If UserDomainID and ProjectDomainID are not specified, then DomainID is
// used as a default choice.
// It can also be used be used to specify a domain-only scope.
DomainID string `yaml:"domain_id,omitempty" json:"domain_id,omitempty"`
// DefaultDomain is the domain ID to fall back on if no other domain has
// been specified and a domain is required for scope.
DefaultDomain string `yaml:"default_domain,omitempty" json:"default_domain,omitempty"`
// TrustID is the ID of the trust to use as a trustee.
TrustID string `yaml:"trust_id,omitempty" json:"trust_id,omitempty"`
// AllowReauth should be set to true if you grant permission for Gophercloud to
// cache your credentials in memory, and to allow Gophercloud to attempt to
// re-authenticate automatically if/when your token expires. If you set it to
// false, it will not cache these settings, but re-authentication will not be
// possible. This setting defaults to false.
AllowReauth bool `yaml:"allow_reauth,omitempty" json:"allow_reauth,omitempty"`
}
AuthInfo represents the auth section of a cloud entry or auth options entered explicitly in ClientOpts.
type AuthType ¶
type AuthType string
AuthType respresents a valid method of authentication.
const ( // AuthPassword defines an unknown version of the password AuthPassword AuthType = "password" // AuthToken defined an unknown version of the token AuthToken AuthType = "token" // AuthV2Password defines version 2 of the password AuthV2Password AuthType = "v2password" // AuthV2Token defines version 2 of the token AuthV2Token AuthType = "v2token" // AuthV3Password defines version 3 of the password AuthV3Password AuthType = "v3password" // AuthV3Token defines version 3 of the token AuthV3Token AuthType = "v3token" // AuthV3ApplicationCredential defines version 3 of the application credential AuthV3ApplicationCredential AuthType = "v3applicationcredential" )
type Cloud ¶
type Cloud struct {
Cloud string `yaml:"cloud,omitempty" json:"cloud,omitempty"`
Profile string `yaml:"profile,omitempty" json:"profile,omitempty"`
AuthInfo *AuthInfo `yaml:"auth,omitempty" json:"auth,omitempty"`
AuthType AuthType `yaml:"auth_type,omitempty" json:"auth_type,omitempty"`
RegionName string `yaml:"region_name,omitempty" json:"region_name,omitempty"`
Regions []Region `yaml:"regions,omitempty" json:"regions,omitempty"`
// EndpointType and Interface both specify whether to use the public, internal,
// or admin interface of a service. They should be considered synonymous, but
// EndpointType will take precedence when both are specified.
EndpointType string `yaml:"endpoint_type,omitempty" json:"endpoint_type,omitempty"`
Interface string `yaml:"interface,omitempty" json:"interface,omitempty"`
// API Version overrides.
IdentityAPIVersion string `yaml:"identity_api_version,omitempty" json:"identity_api_version,omitempty"`
VolumeAPIVersion string `yaml:"volume_api_version,omitempty" json:"volume_api_version,omitempty"`
// Verify whether or not SSL API requests should be verified.
Verify *bool `yaml:"verify,omitempty" json:"verify,omitempty"`
// CACertFile a path to a CA Cert bundle that can be used as part of
// verifying SSL API requests.
CACertFile string `yaml:"cacert,omitempty" json:"cacert,omitempty"`
// ClientCertFile a path to a client certificate to use as part of the SSL
// transaction.
ClientCertFile string `yaml:"cert,omitempty" json:"cert,omitempty"`
// ClientKeyFile a path to a client key to use as part of the SSL
// transaction.
ClientKeyFile string `yaml:"key,omitempty" json:"key,omitempty"`
}
Cloud represents an entry in a clouds.yaml/public-clouds.yaml/secure.yaml file.
type Clouds ¶
Clouds represents a collection of Cloud entries in a clouds.yaml file. The format of clouds.yaml is documented at https://docs.openstack.org/os-client-config/latest/user/configuration.html.
type ParseOption ¶
type ParseOption = func(*cloudOpts)
ParseOption one of parse configuration returned by With* modifier
func WithApplicationCredentialID ¶
func WithApplicationCredentialID(applicationCredentialID string) ParseOption
func WithApplicationCredentialName ¶
func WithApplicationCredentialName(applicationCredentialName string) ParseOption
func WithApplicationCredentialSecret ¶
func WithApplicationCredentialSecret(applicationCredentialSecret string) ParseOption
func WithCACertPath ¶
func WithCACertPath(caCertPath string) ParseOption
func WithClientCertPath ¶
func WithClientCertPath(clientCertPath string) ParseOption
func WithClientKeyPath ¶
func WithClientKeyPath(clientKeyPath string) ParseOption
func WithCloudName ¶
func WithCloudName(osCloud string) ParseOption
WithCloudName allows to override the environment variable `OS_CLOUD`.
Example ¶
package main
import (
"fmt"
"strings"
"github.com/gophercloud/gophercloud/v2/openstack/config/clouds"
)
func main() {
const exampleClouds = `clouds:
openstack:
auth:
auth_url: https://example.com:13000`
ao, _, _, err := clouds.Parse(
clouds.WithCloudsYAML(strings.NewReader(exampleClouds)),
clouds.WithCloudName("openstack"),
)
if err != nil {
panic(err)
}
fmt.Println(ao.IdentityEndpoint)
}
Output: https://example.com:13000
func WithCloudsYAML ¶
func WithCloudsYAML(clouds io.Reader) ParseOption
WithCloudsYAML is a functional option that lets you pass a clouds.yaml file as an io.Reader interface. When this option is passed, FromCloudsYaml will not attempt to fetch any file from the file system. To add a secure.yaml, use in conjunction with WithSecureYAML.
func WithDomainID ¶
func WithDomainID(domainID string) ParseOption
func WithDomainName ¶
func WithDomainName(domainName string) ParseOption
func WithEndpointType ¶
func WithEndpointType(endpointType string) ParseOption
WithRegion allows to override the endpoint type set in clouds.yaml or in the environment variable `OS_INTERFACE`.
func WithIdentityEndpoint ¶
func WithIdentityEndpoint(authURL string) ParseOption
func WithInsecure ¶
func WithInsecure(insecure bool) ParseOption
func WithLocations ¶
func WithLocations(locations ...string) ParseOption
WithLocations is a functional option that sets the search locations for the clouds.yaml file (and its optional companion secure.yaml). Each location is a file path pointing to a possible `clouds.yaml`.
func WithPassword ¶
func WithPassword(password string) ParseOption
func WithProjectID ¶
func WithProjectID(projectID string) ParseOption
func WithProjectName ¶
func WithProjectName(projectName string) ParseOption
func WithRegion ¶
func WithRegion(region string) ParseOption
WithRegion allows to override the region set in clouds.yaml or in the environment variable `OS_REGION_NAME`
Example ¶
package main
import (
"fmt"
"strings"
"github.com/gophercloud/gophercloud/v2/openstack/config/clouds"
)
func main() {
const exampleClouds = `clouds:
openstack:
auth:
auth_url: https://example.com:13000`
_, eo, _, err := clouds.Parse(
clouds.WithCloudsYAML(strings.NewReader(exampleClouds)),
clouds.WithCloudName("openstack"),
clouds.WithRegion("mars"),
)
if err != nil {
panic(err)
}
fmt.Println(eo.Region)
}
Output: mars
func WithScope ¶
func WithScope(scope *gophercloud.AuthScope) ParseOption
func WithSecureYAML ¶
func WithSecureYAML(secure io.Reader) ParseOption
WithSecureYAML is a functional option that lets you pass a secure.yaml file as an io.Reader interface, to complement the clouds.yaml that is either fetched from the filesystem, or passed with WithCloudsYAML.
func WithToken ¶
func WithToken(token string) ParseOption
func WithUserID ¶
func WithUserID(userID string) ParseOption
Example ¶
package main
import (
"fmt"
"strings"
"github.com/gophercloud/gophercloud/v2/openstack/config/clouds"
)
func main() {
const exampleClouds = `clouds:
openstack:
auth:
auth_url: https://example.com:13000`
ao, _, _, err := clouds.Parse(
clouds.WithCloudsYAML(strings.NewReader(exampleClouds)),
clouds.WithCloudName("openstack"),
clouds.WithUsername("Kris"),
)
if err != nil {
panic(err)
}
fmt.Println(ao.Username)
}
Output: Kris
func WithUsername ¶
func WithUsername(username string) ParseOption
type Region ¶
type Region struct {
Name string `yaml:"name,omitempty" json:"name,omitempty"`
Values Cloud `yaml:"values,omitempty" json:"values,omitempty"`
}
Region represents a region included as part of cloud in clouds.yaml According to Python-based openstacksdk, this can be either a struct (as defined) or a plain string. Custom unmarshallers handle both cases.
func (*Region) UnmarshalJSON ¶
UnmarshalJSON handles either a plain string acting as the Name property or a struct, mimicking the Python-based openstacksdk.
Source Files
Click to show internal directories.
Click to hide internal directories.