Merge pull request #3158 from MichaelEischer/support-swift-auth-id-variables

swift: Add support for id based keystone v3 auth parameters
This commit is contained in:
Alexander Neumann 2020-12-12 16:27:38 +01:00 committed by GitHub
commit e96677cafb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 38 additions and 9 deletions

View file

@ -0,0 +1,11 @@
Enhancement: Support further environment variables for swift authentication
The swift backend now supports the following additional environment variables
to pass authentication details to restic: `OS_USER_ID`, `OS_USER_DOMAIN_ID`,
`OS_PROJECT_DOMAIN_ID` and `OS_TRUST_ID`.
Depending on the openrc configuration file these might be required when the
user and project domains differ.
https://github.com/restic/restic/issues/3147
https://github.com/restic/restic/pull/3158

View file

@ -375,10 +375,14 @@ the naming convention of those variables follows the official Python Swift clien
$ export OS_AUTH_URL=<MY_AUTH_URL> $ export OS_AUTH_URL=<MY_AUTH_URL>
$ export OS_REGION_NAME=<MY_REGION_NAME> $ export OS_REGION_NAME=<MY_REGION_NAME>
$ export OS_USERNAME=<MY_USERNAME> $ export OS_USERNAME=<MY_USERNAME>
$ export OS_USER_ID=<MY_USER_ID>
$ export OS_PASSWORD=<MY_PASSWORD> $ export OS_PASSWORD=<MY_PASSWORD>
$ export OS_USER_DOMAIN_NAME=<MY_DOMAIN_NAME> $ export OS_USER_DOMAIN_NAME=<MY_DOMAIN_NAME>
$ export OS_USER_DOMAIN_ID=<MY_DOMAIN_ID>
$ export OS_PROJECT_NAME=<MY_PROJECT_NAME> $ export OS_PROJECT_NAME=<MY_PROJECT_NAME>
$ export OS_PROJECT_DOMAIN_NAME=<MY_PROJECT_DOMAIN_NAME> $ export OS_PROJECT_DOMAIN_NAME=<MY_PROJECT_DOMAIN_NAME>
$ export OS_PROJECT_DOMAIN_ID=<MY_PROJECT_DOMAIN_ID>
$ export OS_TRUST_ID=<MY_TRUST_ID>
# For keystone v3 application credential authentication (application credential id) # For keystone v3 application credential authentication (application credential id)
$ export OS_AUTH_URL=<MY_AUTH_URL> $ export OS_AUTH_URL=<MY_AUTH_URL>

View file

@ -466,13 +466,17 @@ environment variables. The following lists these environment variables:
OS_AUTH_URL Auth URL for keystone authentication OS_AUTH_URL Auth URL for keystone authentication
OS_REGION_NAME Region name for keystone authentication OS_REGION_NAME Region name for keystone authentication
OS_USERNAME Username for keystone authentication OS_USERNAME Username for keystone authentication
OS_USER_ID User ID for keystone v3 authentication
OS_PASSWORD Password for keystone authentication OS_PASSWORD Password for keystone authentication
OS_TENANT_ID Tenant ID for keystone v2 authentication OS_TENANT_ID Tenant ID for keystone v2 authentication
OS_TENANT_NAME Tenant name for keystone v2 authentication OS_TENANT_NAME Tenant name for keystone v2 authentication
OS_USER_DOMAIN_NAME User domain name for keystone authentication OS_USER_DOMAIN_NAME User domain name for keystone authentication
OS_USER_DOMAIN_ID User domain ID for keystone v3 authentication
OS_PROJECT_NAME Project name for keystone authentication OS_PROJECT_NAME Project name for keystone authentication
OS_PROJECT_DOMAIN_NAME Project domain name for keystone authentication OS_PROJECT_DOMAIN_NAME Project domain name for keystone authentication
OS_PROJECT_DOMAIN_ID Project domain ID for keystone v3 authentication
OS_TRUST_ID Trust ID for keystone v3 authentication
OS_APPLICATION_CREDENTIAL_ID Application Credential ID (keystone v3) OS_APPLICATION_CREDENTIAL_ID Application Credential ID (keystone v3)
OS_APPLICATION_CREDENTIAL_NAME Application Credential Name (keystone v3) OS_APPLICATION_CREDENTIAL_NAME Application Credential Name (keystone v3)

View file

@ -10,15 +10,18 @@ import (
// Config contains basic configuration needed to specify swift location for a swift server // Config contains basic configuration needed to specify swift location for a swift server
type Config struct { type Config struct {
UserName string UserName string
Domain string UserID string
APIKey string Domain string
AuthURL string DomainID string
Region string APIKey string
Tenant string AuthURL string
TenantID string Region string
TenantDomain string Tenant string
TrustID string TenantID string
TenantDomain string
TenantDomainID string
TrustID string
StorageURL string StorageURL string
AuthToken string AuthToken string
@ -88,9 +91,13 @@ func ApplyEnvironment(prefix string, cfg interface{}) error {
{&c.AuthURL, prefix + "OS_AUTH_URL"}, {&c.AuthURL, prefix + "OS_AUTH_URL"},
// v3 specific // v3 specific
{&c.UserID, prefix + "OS_USER_ID"},
{&c.Domain, prefix + "OS_USER_DOMAIN_NAME"}, {&c.Domain, prefix + "OS_USER_DOMAIN_NAME"},
{&c.DomainID, prefix + "OS_USER_DOMAIN_ID"},
{&c.Tenant, prefix + "OS_PROJECT_NAME"}, {&c.Tenant, prefix + "OS_PROJECT_NAME"},
{&c.TenantDomain, prefix + "OS_PROJECT_DOMAIN_NAME"}, {&c.TenantDomain, prefix + "OS_PROJECT_DOMAIN_NAME"},
{&c.TenantDomainID, prefix + "OS_PROJECT_DOMAIN_ID"},
{&c.TrustID, prefix + "OS_TRUST_ID"},
// v2 specific // v2 specific
{&c.TenantID, prefix + "OS_TENANT_ID"}, {&c.TenantID, prefix + "OS_TENANT_ID"},

View file

@ -42,13 +42,16 @@ func Open(cfg Config, rt http.RoundTripper) (restic.Backend, error) {
be := &beSwift{ be := &beSwift{
conn: &swift.Connection{ conn: &swift.Connection{
UserName: cfg.UserName, UserName: cfg.UserName,
UserId: cfg.UserID,
Domain: cfg.Domain, Domain: cfg.Domain,
DomainId: cfg.DomainID,
ApiKey: cfg.APIKey, ApiKey: cfg.APIKey,
AuthUrl: cfg.AuthURL, AuthUrl: cfg.AuthURL,
Region: cfg.Region, Region: cfg.Region,
Tenant: cfg.Tenant, Tenant: cfg.Tenant,
TenantId: cfg.TenantID, TenantId: cfg.TenantID,
TenantDomain: cfg.TenantDomain, TenantDomain: cfg.TenantDomain,
TenantDomainId: cfg.TenantDomainID,
TrustId: cfg.TrustID, TrustId: cfg.TrustID,
StorageUrl: cfg.StorageURL, StorageUrl: cfg.StorageURL,
AuthToken: cfg.AuthToken, AuthToken: cfg.AuthToken,