use os user credentials for dynamic app credentials

syseleven · Jul 4, 2024 · d30b7d2 · d30b7d2
1 parent 686c897
commit d30b7d2
Show file tree

Hide file tree

Showing 3 changed files with 57 additions and 31 deletions.
diff --git a/metakube/provider_test.go b/metakube/provider_test.go
@@ -27,7 +27,9 @@ const (
 	testEnvOpenstackNodeDC                       = "METAKUBE_OPENSTACK_NODE_DC"
 	testEnvOpenstackApplicationCredentialsID     = "METAKUBE_OPENSTACK_APPLICATION_CREDENTIALS_ID"
 	testEnvOpenstackApplicationCredentialsSecret = "METAKUBE_OPENSTACK_APPLICATION_CREDENTIALS_SECRET"
+	testEnvOpenstackUsername                     = "METAKUBE_OPENSTACK_USERNAME"
 	testEnvOpenstackAuthURL                      = "METAKUBE_OPENSTACK_AUTH_URL"
+	testEnvOpenstackPassword                     = "METAKUBE_OPENSTACK_PASSWORD"
 	testEnvOpenstackProjectID                    = "METAKUBE_OPENSTACK_PROJECT_ID"
 	testEnvOpenstackProjectName                  = "METAKUBE_OPENSTACK_PROJECT_NAME"
 	testEnvOpenstackRegion                       = "METAKUBE_OPENSTACK_REGION"

diff --git a/metakube/resource_cluster.go b/metakube/resource_cluster.go
@@ -748,18 +748,37 @@ func metakubeResourceClusterWaitForReady(ctx context.Context, k *metakubeProvide
 		p.SetProjectID(projectID)
 		p.SetClusterID(clusterID)
 
-		r, err := k.client.Project.GetClusterV2(p, k.auth)
+		cluster, err := k.client.Project.GetClusterV2(p, k.auth)
 		if err != nil {
 			return retry.RetryableError(fmt.Errorf("unable to get cluster '%s': %s", clusterID, stringifyResponseError(err)))
 		}
 
-		if configuredVersion == "" {
-			return nil
-		} else if r.Payload.Status.Version == models.Semver(configuredVersion) {
-			return nil
+		p1 := project.NewGetClusterHealthV2Params()
+		p1.SetContext(ctx)
+		p1.SetProjectID(projectID)
+		p1.SetClusterID(clusterID)
+
+		clusterHealth, err := k.client.Project.GetClusterHealthV2(p1, k.auth)
+		if err != nil {
+			return retry.RetryableError(fmt.Errorf("unable to get cluster '%s' health: %s", clusterID, stringifyResponseError(err)))
+		}
+
+		const up models.HealthStatus = 1
+		if clusterHealth.Payload.Apiserver == up &&
+			clusterHealth.Payload.CloudProviderInfrastructure == up &&
+			clusterHealth.Payload.Controller == up &&
+			clusterHealth.Payload.Etcd == up &&
+			clusterHealth.Payload.MachineController == up &&
+			clusterHealth.Payload.Scheduler == up &&
+			clusterHealth.Payload.UserClusterControllerManager == up {
+			if configuredVersion == "" {
+				return nil
+			} else if cluster.Payload.Status.Version == models.Semver(configuredVersion) {
+				return nil
+			}
 		}
 
-		k.log.Debugf("waiting for cluster '%s' to be ready, %+v", clusterID, r.Payload)
+		k.log.Debugf("waiting for cluster '%s' to be ready, %+v", clusterID, clusterHealth.Payload)
 		return retry.RetryableError(fmt.Errorf("waiting for cluster '%s' to be ready", clusterID))
 	})
 }

diff --git a/metakube/resource_cluster_test.go b/metakube/resource_cluster_test.go
@@ -51,7 +51,7 @@ func TestAccMetakubeCluster_Openstack_Basic(t *testing.T) {
 
 	resourceName := "metakube_cluster.acctest_cluster"
 	data := &clusterOpenstackBasicData{
-		Name:                                  makeRandomName() + "-basic",
+		Name:                                  makeRandomName() + "-cluster-os-basic",
 		OpenstackAuthURL:                      os.Getenv(testEnvOpenstackAuthURL),
 		OpenstackApplicationCredentialsID:     os.Getenv(testEnvOpenstackApplicationCredentialsID),
 		OpenstackApplicationCredentialsSecret: os.Getenv(testEnvOpenstackApplicationCredentialsSecret),
@@ -159,7 +159,7 @@ func TestAccMetakubeCluster_Openstack_Basic(t *testing.T) {
 				ResourceName:            resourceName,
 				ImportState:             true,
 				ImportStateVerify:       true,
-				ImportStateVerifyIgnore: []string{"spec.0.cloud.0.openstack.0.user_credentials", "kube_login_kube_config", "oidc_kube_config"},
+				ImportStateVerifyIgnore: []string{"spec.0.cloud.0.openstack.0.application_credentials", "kube_login_kube_config", "oidc_kube_config"},
 			},
 			{
 				Config:   config2.String(),
@@ -171,7 +171,7 @@ func TestAccMetakubeCluster_Openstack_Basic(t *testing.T) {
 				ImportState:       true,
 				ImportStateVerify: false,
 				ImportStateId:     "123abc",
-				ExpectError:       regexp.MustCompile(`(Please verify the ID is correct|Cannot import non-existent remote object)`),
+				ExpectError:       regexp.MustCompile(`(no object exists with the given id|Cannot import non-existent remote object)`),
 			},
 		},
 	})
@@ -222,25 +222,29 @@ func TestAccMetakubeCluster_Openstack_ApplicationCredentials_Dynammic(t *testing
 	var cluster models.Cluster
 	resourceName := "metakube_cluster.acctest_cluster"
 	data := &clusterOpenstackApplicationCredentailsData{
-		Name:                                  makeRandomName() + "-appcred-dynamic",
-		OpenstackAuthURL:                      os.Getenv(testEnvOpenstackAuthURL),
-		OpenstackApplicationCredentialsID:     os.Getenv(testEnvOpenstackApplicationCredentialsID),
-		OpenstackApplicationCredentialsSecret: os.Getenv(testEnvOpenstackApplicationCredentialsSecret),
-		OpenstackProjectID:                    os.Getenv(testEnvOpenstackProjectID),
-		OpenstackRegion:                       os.Getenv(testEnvOpenstackRegion),
-		DatacenterName:                        os.Getenv(testEnvOpenstackNodeDC),
-		ProjectID:                             os.Getenv(testEnvProjectID),
-		Version:                               os.Getenv(testEnvK8sVersionOpenstack),
-		OpenstackApplicationCredentialID:      os.Getenv(testEnvOpenstackApplicationCredentialsID),
-		OpenstackApplicationCredentialSecret:  os.Getenv(testEnvOpenstackApplicationCredentialsSecret),
-		Dynamic:                               true,
+		Name:                                 makeRandomName() + "-appcred-dynamic",
+		OpenstackAuthURL:                     os.Getenv(testEnvOpenstackAuthURL),
+		OpenstackUser:                        os.Getenv(testEnvOpenstackUsername),
+		OpenstackPassword:                    os.Getenv(testEnvOpenstackPassword),
+		OpenstackProjectID:                   os.Getenv(testEnvOpenstackProjectID),
+		OpenstackRegion:                      os.Getenv(testEnvOpenstackRegion),
+		DatacenterName:                       os.Getenv(testEnvOpenstackNodeDC),
+		ProjectID:                            os.Getenv(testEnvProjectID),
+		Version:                              os.Getenv(testEnvK8sVersionOpenstack),
+		OpenstackApplicationCredentialID:     os.Getenv(testEnvOpenstackApplicationCredentialsID),
+		OpenstackApplicationCredentialSecret: os.Getenv(testEnvOpenstackApplicationCredentialsSecret),
+		Dynamic:                              true,
 	}
 	var config strings.Builder
 	if err := clusterOpenstackApplicationCredentialsBasicTemplate.Execute(&config, data); err != nil {
 		t.Fatal(err)
 	}
 	resource.Test(t, resource.TestCase{
-		PreCheck:  func() { testAccPreCheckForOpenstack(t) },
+		PreCheck: func() {
+			testAccPreCheckForOpenstack(t)
+			checkEnv(t, testEnvOpenstackUsername)
+			checkEnv(t, testEnvOpenstackPassword)
+		},
 		Providers: testAccProviders,
 		ExternalProviders: map[string]resource.ExternalProvider{
 			"openstack": {
@@ -267,7 +271,7 @@ func TestAccMetakubeCluster_Openstack_UpgradeVersion(t *testing.T) {
 	resourceName := "metakube_cluster.acctest_cluster"
 	versionedConfig := func(version string) string {
 		data := &clusterOpenstackBasicData{
-			Name:                                  makeRandomName() + "-upgrade",
+			Name:                                  makeRandomName() + "-cluster-os-upgrade",
 			Version:                               version,
 			OpenstackAuthURL:                      os.Getenv(testEnvOpenstackAuthURL),
 			OpenstackApplicationCredentialsID:     os.Getenv(testEnvOpenstackApplicationCredentialsID),
@@ -424,11 +428,11 @@ resource "openstack_networking_subnet_v2" "subnet_tf_test" {
 }`)
 
 type clusterOpenstackApplicationCredentailsData struct {
-	OpenstackAuthURL                      string
-	OpenstackApplicationCredentialsID     string
-	OpenstackApplicationCredentialsSecret string
-	OpenstackProjectID                    string
-	OpenstackRegion                       string
+	OpenstackAuthURL   string
+	OpenstackUser      string
+	OpenstackPassword  string
+	OpenstackProjectID string
+	OpenstackRegion    string
 
 	Name                                 string
 	DatacenterName                       string
@@ -451,8 +455,9 @@ terraform {
 {{ if .Dynamic }}
 provider "openstack" {
 	auth_url = "{{ .OpenstackAuthURL }}"
-	application_credential_id = "{{ .OpenstackApplicationCredentialsID }}"
-	application_credential_secret = "{{ .OpenstackApplicationCredentialsSecret }}"
+	user_name = "{{ .OpenstackUser }}"
+	password = "{{ .OpenstackPassword }}"
+	tenant_id = "{{ .OpenstackProjectID }}"
 	region = "{{ .OpenstackRegion }}"
 }
 
@@ -696,7 +701,7 @@ func TestAccMetakubeCluster_AWS_Basic(t *testing.T) {
 	var cluster models.Cluster
 	resourceName := "metakube_cluster.acctest_cluster"
 	data := &clusterAWSBasicData{
-		Name:                 makeRandomName() + "-aws-basic",
+		Name:                 makeRandomName() + "-cluster-aws-basic",
 		ProjectID:            os.Getenv(testEnvProjectID),
 		AccessID:             os.Getenv(testEnvAWSAccessKeyID),
 		AccessSecret:         os.Getenv(testAWSSecretAccessKey),