set allowReauth and code cleanup

gardener · Sep 17, 2019 · 88eeb96 · 88eeb96
1 parent 61ccbbb
commit 88eeb96
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 49 deletions.
diff --git a/pkg/controller/provider/openstack/designateclient.go b/pkg/controller/provider/openstack/designateclient.go
@@ -64,41 +64,22 @@ type designateClient struct {
 
 var _ designateClientInterface = &designateClient{}
 
-type authConfig struct {
-	AuthURL     string
-	Username    string
-	DomainName  string
-	DomainID    string
-	Password    string
-	ProjectName string
-	ProjectID   string
-	// UserDomainName/ID are optional
-	UserDomainID   string
-	UserDomainName string
-	// RegionName is optional
+type clientAuthConfig struct {
+	clientconfig.AuthInfo
 	RegionName string
 }
 
 // authenticate in OpenStack and obtain Designate service endpoint
-func createDesignateServiceClient(logger logger.LogContext, authConfig *authConfig) (*gophercloud.ServiceClient, error) {
+func createDesignateServiceClient(logger logger.LogContext, clientAuthConfig *clientAuthConfig) (*gophercloud.ServiceClient, error) {
 	clientOpts := new(clientconfig.ClientOpts)
-	authInfo := &clientconfig.AuthInfo{
-		AuthURL:        authConfig.AuthURL,
-		Username:       authConfig.Username,
-		Password:       authConfig.Password,
-		DomainName:     authConfig.DomainName,
-		DomainID:       authConfig.DomainID,
-		ProjectName:    authConfig.ProjectName,
-		ProjectID:      authConfig.ProjectID,
-		UserDomainName: authConfig.UserDomainName,
-		UserDomainID:   authConfig.UserDomainID,
-	}
-	clientOpts.AuthInfo = authInfo
+	clientOpts.AuthInfo = &clientAuthConfig.AuthInfo
+	clientOpts.EnvPrefix = "_NEVER_OVERWRITE_FROM_ENV_"
 
 	ao, err := clientconfig.AuthOptions(clientOpts)
 	if err != nil {
 		return nil, fmt.Errorf("failed to create client auth options: %+v", err)
 	}
+	ao.AllowReauth = true
 
 	logger.Infof("Using OpenStack Keystone at %s", ao.IdentityEndpoint)
 	providerClient, err := openstack.NewClient(ao.IdentityEndpoint)
@@ -123,7 +104,7 @@ func createDesignateServiceClient(logger logger.LogContext, authConfig *authConf
 	}
 
 	eo := gophercloud.EndpointOpts{
-		Region: authConfig.RegionName,
+		Region: clientAuthConfig.RegionName,
 	}
 
 	client, err := openstack.NewDNSV2(providerClient, eo)

diff --git a/pkg/controller/provider/openstack/handler.go b/pkg/controller/provider/openstack/handler.go
@@ -19,6 +19,7 @@ package openstack
 import (
 	"context"
 	"fmt"
+	"github.com/gophercloud/utils/openstack/clientconfig"
 
 	"github.com/gardener/controller-manager-library/pkg/logger"
 	"github.com/gardener/external-dns-management/pkg/dns"
@@ -66,7 +67,7 @@ func NewHandler(config *provider.DNSHandlerConfig) (provider.DNSHandler, error)
 	return &h, nil
 }
 
-func readAuthConfig(c *provider.DNSHandlerConfig) (*authConfig, error) {
+func readAuthConfig(c *provider.DNSHandlerConfig) (*clientAuthConfig, error) {
 	authURL, err := c.GetRequiredProperty("OS_AUTH_URL")
 	if err != nil {
 		return nil, err
@@ -75,40 +76,36 @@ func readAuthConfig(c *provider.DNSHandlerConfig) (*authConfig, error) {
 	if err != nil {
 		return nil, err
 	}
-	domainName := c.GetProperty("OS_DOMAIN_NAME", "domainName")
-	domainID := c.GetProperty("OS_DOMAIN_ID", "domainID")
-
 	password, err := c.GetRequiredProperty("OS_PASSWORD", "password")
 	if err != nil {
 		return nil, err
 	}
+
+	domainName := c.GetProperty("OS_DOMAIN_NAME", "domainName")
+	domainID := c.GetProperty("OS_DOMAIN_ID", "domainID")
 	projectName := c.GetProperty("OS_PROJECT_NAME", "tenantName")
 	projectID := c.GetProperty("OS_PROJECT_ID", "tenantID")
+	userDomainName := c.GetProperty("OS_USER_DOMAIN_NAME", "userDomainName")
+	userDomainID := c.GetProperty("OS_USER_DOMAIN_ID", "userDomainID")
 
 	// optional restriction to region
 	regionName := c.GetProperty("OS_REGION_NAME")
-	userDomainName := c.GetProperty("OS_USER_DOMAIN_NAME", "userDomainName")
-	userDomainID := c.GetProperty("OS_USER_DOMAIN_ID", "userDomainID")
 
-	if domainID != "" && userDomainName != "" {
-		return nil, fmt.Errorf("userDomainName can't be used together with domainID")
-	}
-	if domainName != "" && userDomainID != "" {
-		return nil, fmt.Errorf("userDomainID can't be used together with domainName")
+	authConfig := clientAuthConfig{
+		AuthInfo: clientconfig.AuthInfo{
+			AuthURL:        authURL,
+			Username:       username,
+			Password:       password,
+			DomainName:     domainName,
+			DomainID:       domainID,
+			ProjectName:    projectName,
+			ProjectID:      projectID,
+			UserDomainID:   userDomainID,
+			UserDomainName: userDomainName,
+		},
+		RegionName: regionName,
 	}
 
-	authConfig := authConfig{
-		AuthURL:        authURL,
-		Username:       username,
-		Password:       password,
-		DomainName:     domainName,
-		DomainID:       domainID,
-		ProjectName:    projectName,
-		ProjectID:      projectID,
-		UserDomainID:   userDomainID,
-		UserDomainName: userDomainName,
-		RegionName:     regionName}
-
 	return &authConfig, nil
 }