github.com/gophercloud/gophercloud@v1.11.0/openstack/auth_env.go (about)

     1  package openstack
     2  
     3  import (
     4  	"os"
     5  
     6  	"github.com/gophercloud/gophercloud"
     7  )
     8  
     9  var nilOptions = gophercloud.AuthOptions{}
    10  
    11  /*
    12  AuthOptionsFromEnv fills out an identity.AuthOptions structure with the
    13  settings found on the various OpenStack OS_* environment variables.
    14  
    15  The following variables provide sources of truth: OS_AUTH_URL, OS_USERNAME,
    16  OS_PASSWORD and OS_PROJECT_ID.
    17  
    18  Of these, OS_USERNAME, OS_PASSWORD, and OS_AUTH_URL must have settings,
    19  or an error will result.  OS_PROJECT_ID, is optional.
    20  
    21  OS_TENANT_ID and OS_TENANT_NAME are deprecated forms of OS_PROJECT_ID and
    22  OS_PROJECT_NAME and the latter are expected against a v3 auth api.
    23  
    24  If OS_PROJECT_ID and OS_PROJECT_NAME are set, they will still be referred
    25  as "tenant" in Gophercloud.
    26  
    27  If OS_PROJECT_NAME is set, it requires OS_PROJECT_ID to be set as well to
    28  handle projects not on the default domain.
    29  
    30  To use this function, first set the OS_* environment variables (for example,
    31  by sourcing an `openrc` file), then:
    32  
    33  	opts, err := openstack.AuthOptionsFromEnv()
    34  	provider, err := openstack.AuthenticatedClient(opts)
    35  */
    36  func AuthOptionsFromEnv() (gophercloud.AuthOptions, error) {
    37  	authURL := os.Getenv("OS_AUTH_URL")
    38  	username := os.Getenv("OS_USERNAME")
    39  	userID := os.Getenv("OS_USERID")
    40  	password := os.Getenv("OS_PASSWORD")
    41  	passcode := os.Getenv("OS_PASSCODE")
    42  	tenantID := os.Getenv("OS_TENANT_ID")
    43  	tenantName := os.Getenv("OS_TENANT_NAME")
    44  	domainID := os.Getenv("OS_DOMAIN_ID")
    45  	domainName := os.Getenv("OS_DOMAIN_NAME")
    46  	applicationCredentialID := os.Getenv("OS_APPLICATION_CREDENTIAL_ID")
    47  	applicationCredentialName := os.Getenv("OS_APPLICATION_CREDENTIAL_NAME")
    48  	applicationCredentialSecret := os.Getenv("OS_APPLICATION_CREDENTIAL_SECRET")
    49  	systemScope := os.Getenv("OS_SYSTEM_SCOPE")
    50  
    51  	// If OS_PROJECT_ID is set, overwrite tenantID with the value.
    52  	if v := os.Getenv("OS_PROJECT_ID"); v != "" {
    53  		tenantID = v
    54  	}
    55  
    56  	// If OS_PROJECT_NAME is set, overwrite tenantName with the value.
    57  	if v := os.Getenv("OS_PROJECT_NAME"); v != "" {
    58  		tenantName = v
    59  	}
    60  
    61  	if authURL == "" {
    62  		err := gophercloud.ErrMissingEnvironmentVariable{
    63  			EnvironmentVariable: "OS_AUTH_URL",
    64  		}
    65  		return nilOptions, err
    66  	}
    67  
    68  	if userID == "" && username == "" {
    69  		// Empty username and userID could be ignored, when applicationCredentialID and applicationCredentialSecret are set
    70  		if applicationCredentialID == "" && applicationCredentialSecret == "" {
    71  			err := gophercloud.ErrMissingAnyoneOfEnvironmentVariables{
    72  				EnvironmentVariables: []string{"OS_USERID", "OS_USERNAME"},
    73  			}
    74  			return nilOptions, err
    75  		}
    76  	}
    77  
    78  	if password == "" && passcode == "" && applicationCredentialID == "" && applicationCredentialName == "" {
    79  		err := gophercloud.ErrMissingEnvironmentVariable{
    80  			// silently ignore TOTP passcode warning, since it is not a common auth method
    81  			EnvironmentVariable: "OS_PASSWORD",
    82  		}
    83  		return nilOptions, err
    84  	}
    85  
    86  	if (applicationCredentialID != "" || applicationCredentialName != "") && applicationCredentialSecret == "" {
    87  		err := gophercloud.ErrMissingEnvironmentVariable{
    88  			EnvironmentVariable: "OS_APPLICATION_CREDENTIAL_SECRET",
    89  		}
    90  		return nilOptions, err
    91  	}
    92  
    93  	if domainID == "" && domainName == "" && tenantID == "" && tenantName != "" {
    94  		err := gophercloud.ErrMissingEnvironmentVariable{
    95  			EnvironmentVariable: "OS_PROJECT_ID",
    96  		}
    97  		return nilOptions, err
    98  	}
    99  
   100  	if applicationCredentialID == "" && applicationCredentialName != "" && applicationCredentialSecret != "" {
   101  		if userID == "" && username == "" {
   102  			return nilOptions, gophercloud.ErrMissingAnyoneOfEnvironmentVariables{
   103  				EnvironmentVariables: []string{"OS_USERID", "OS_USERNAME"},
   104  			}
   105  		}
   106  		if username != "" && domainID == "" && domainName == "" {
   107  			return nilOptions, gophercloud.ErrMissingAnyoneOfEnvironmentVariables{
   108  				EnvironmentVariables: []string{"OS_DOMAIN_ID", "OS_DOMAIN_NAME"},
   109  			}
   110  		}
   111  	}
   112  
   113  	var scope *gophercloud.AuthScope
   114  	if systemScope == "all" {
   115  		scope = &gophercloud.AuthScope{
   116  			System: true,
   117  		}
   118  	}
   119  
   120  	ao := gophercloud.AuthOptions{
   121  		IdentityEndpoint:            authURL,
   122  		UserID:                      userID,
   123  		Username:                    username,
   124  		Password:                    password,
   125  		Passcode:                    passcode,
   126  		TenantID:                    tenantID,
   127  		TenantName:                  tenantName,
   128  		DomainID:                    domainID,
   129  		DomainName:                  domainName,
   130  		ApplicationCredentialID:     applicationCredentialID,
   131  		ApplicationCredentialName:   applicationCredentialName,
   132  		ApplicationCredentialSecret: applicationCredentialSecret,
   133  		Scope:                       scope,
   134  	}
   135  
   136  	return ao, nil
   137  }