read openstack auth config from client config

[dixudx]

What this PR does / why we need it:

// TODO: read/persist client configuration(OS_XXX env vars) in config

/sig openstack

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #

Special notes for your reviewer:
/assign @dims
Release note:

try to read openstack auth config from client config and fall back to read from the environment variables if not available

[dixudx]

/assign @liggitt

PTAL. Thanks.

[liggitt]

no error handling here?

[liggitt]

needs a test, and an example in doc (link to PR against 1.10 doc branch)

[liggitt]

looks like some options are not serialized in the AuthOptions struct. IdentityEndpoint in particular seems to be ignored. How would the Token() method know what server to contact?

[dixudx]

How would the Token() method know what server to contact?

L62 func (t *tokenGetter) Token() will use this authOpt to get an authenticated client, where IdentityEndpoint will be used.

[dixudx]

looks like some options are not serialized in the AuthOptions struct. IdentityEndpoint in particular seems to be ignored.

Good catch. AuthOptions omits this filed. We need to retrieve this value explicitly.

[liggitt]

might be able to just compare straight: authOpt != gophercloud.AuthOptions{}

[dixudx]

@liggitt Updated. PTAL. Thanks.

[dixudx]

an example in doc (link to PR against 1.10 doc branch)

@dims has already got an in-progress PR kubernetes/website#7304 on this.

[dims]

@dixudx please do take that over if you can :)

[dims]

/retest

[liggitt]

it's not good treat a single config struct as a mix of two API types (we expect a "ttl" key above, and this checks if they happened to specify keys that match the gophercloud.AuthOptions struct). what would happen if the gophercloud.AuthOptions struct added a ttl field that was an int?

[liggitt]

this is another sign that this probably isn't the right approach.

if you want to populate options from inline config, I'd suggest doing it explicitly, like this:

gophercloud.AuthOptions{
	IdentityEndpoint: config["identityEndpoint"],
	Username: config["username"],
	Password: config["password"],
	DomainName: config["name"],
	TenantID: config["tenantId"],
	TenantName: config["tenantName"],
}

by accepting "identityEndpoint", you are already diverging from a standard auth options json blob, so being explicit doesn't seem bad.

[dixudx]

you are already diverging from a standard auth options json blob, so being explicit doesn't seem bad.

Make sense.

[dixudx]

@liggitt Updated. PTAL. Thanks.

[dims]

@liggitt ok with the changes based on your comments?

[dixudx]

ping @liggitt for another look. Thanks.

[dims]

/lgtm

[dixudx]

/test pull-kubernetes-e2e-gce

[dims]

/assign @sttts

@sttts @liggitt can you please take a look? this seems ready.

[liggitt]

/lgtm

needs a better release note and PR with updated documentation on the accepted parameters

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dims, dixudx, liggitt

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• staging/src/k8s.io/client-go/OWNERS [liggitt]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[k8s-github-robot]

/test all [submit-queue is verifying that this PR is safe to merge]

[k8s-github-robot]

Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions here.