mirror of
https://github.com/octoleo/restic.git
synced 2024-12-22 10:58:55 +00:00
swift: Add support for id based keystone v3 auth parameters
This adds support for the following environment variables, which were previously missing: OS_USER_ID User ID for keystone v3 authentication OS_USER_DOMAIN_ID User domain ID for keystone v3 authentication OS_PROJECT_DOMAIN_ID Project domain ID for keystone v3 authentication OS_TRUST_ID Trust ID for keystone v3 authentication
This commit is contained in:
parent
7facc8ccc1
commit
1d69341e88
11
changelog/unreleased/issue-3147
Normal file
11
changelog/unreleased/issue-3147
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
Enhancement: Support further environment variables for swift authentication
|
||||||
|
|
||||||
|
The swift backend now supports the following additional environment variables
|
||||||
|
to pass authentication details to restic: `OS_USER_ID`, `OS_USER_DOMAIN_ID`,
|
||||||
|
`OS_PROJECT_DOMAIN_ID` and `OS_TRUST_ID`.
|
||||||
|
|
||||||
|
Depending on the openrc configuration file these might be required when the
|
||||||
|
user and project domains differ.
|
||||||
|
|
||||||
|
https://github.com/restic/restic/issues/3147
|
||||||
|
https://github.com/restic/restic/pull/3158
|
@ -375,10 +375,14 @@ the naming convention of those variables follows the official Python Swift clien
|
|||||||
$ export OS_AUTH_URL=<MY_AUTH_URL>
|
$ export OS_AUTH_URL=<MY_AUTH_URL>
|
||||||
$ export OS_REGION_NAME=<MY_REGION_NAME>
|
$ export OS_REGION_NAME=<MY_REGION_NAME>
|
||||||
$ export OS_USERNAME=<MY_USERNAME>
|
$ export OS_USERNAME=<MY_USERNAME>
|
||||||
|
$ export OS_USER_ID=<MY_USER_ID>
|
||||||
$ export OS_PASSWORD=<MY_PASSWORD>
|
$ export OS_PASSWORD=<MY_PASSWORD>
|
||||||
$ export OS_USER_DOMAIN_NAME=<MY_DOMAIN_NAME>
|
$ export OS_USER_DOMAIN_NAME=<MY_DOMAIN_NAME>
|
||||||
|
$ export OS_USER_DOMAIN_ID=<MY_DOMAIN_ID>
|
||||||
$ export OS_PROJECT_NAME=<MY_PROJECT_NAME>
|
$ export OS_PROJECT_NAME=<MY_PROJECT_NAME>
|
||||||
$ export OS_PROJECT_DOMAIN_NAME=<MY_PROJECT_DOMAIN_NAME>
|
$ export OS_PROJECT_DOMAIN_NAME=<MY_PROJECT_DOMAIN_NAME>
|
||||||
|
$ export OS_PROJECT_DOMAIN_ID=<MY_PROJECT_DOMAIN_ID>
|
||||||
|
$ export OS_TRUST_ID=<MY_TRUST_ID>
|
||||||
|
|
||||||
# For keystone v3 application credential authentication (application credential id)
|
# For keystone v3 application credential authentication (application credential id)
|
||||||
$ export OS_AUTH_URL=<MY_AUTH_URL>
|
$ export OS_AUTH_URL=<MY_AUTH_URL>
|
||||||
|
@ -466,13 +466,17 @@ environment variables. The following lists these environment variables:
|
|||||||
OS_AUTH_URL Auth URL for keystone authentication
|
OS_AUTH_URL Auth URL for keystone authentication
|
||||||
OS_REGION_NAME Region name for keystone authentication
|
OS_REGION_NAME Region name for keystone authentication
|
||||||
OS_USERNAME Username for keystone authentication
|
OS_USERNAME Username for keystone authentication
|
||||||
|
OS_USER_ID User ID for keystone v3 authentication
|
||||||
OS_PASSWORD Password for keystone authentication
|
OS_PASSWORD Password for keystone authentication
|
||||||
OS_TENANT_ID Tenant ID for keystone v2 authentication
|
OS_TENANT_ID Tenant ID for keystone v2 authentication
|
||||||
OS_TENANT_NAME Tenant name for keystone v2 authentication
|
OS_TENANT_NAME Tenant name for keystone v2 authentication
|
||||||
|
|
||||||
OS_USER_DOMAIN_NAME User domain name for keystone authentication
|
OS_USER_DOMAIN_NAME User domain name for keystone authentication
|
||||||
|
OS_USER_DOMAIN_ID User domain ID for keystone v3 authentication
|
||||||
OS_PROJECT_NAME Project name for keystone authentication
|
OS_PROJECT_NAME Project name for keystone authentication
|
||||||
OS_PROJECT_DOMAIN_NAME Project domain name for keystone authentication
|
OS_PROJECT_DOMAIN_NAME Project domain name for keystone authentication
|
||||||
|
OS_PROJECT_DOMAIN_ID Project domain ID for keystone v3 authentication
|
||||||
|
OS_TRUST_ID Trust ID for keystone v3 authentication
|
||||||
|
|
||||||
OS_APPLICATION_CREDENTIAL_ID Application Credential ID (keystone v3)
|
OS_APPLICATION_CREDENTIAL_ID Application Credential ID (keystone v3)
|
||||||
OS_APPLICATION_CREDENTIAL_NAME Application Credential Name (keystone v3)
|
OS_APPLICATION_CREDENTIAL_NAME Application Credential Name (keystone v3)
|
||||||
|
@ -10,15 +10,18 @@ import (
|
|||||||
|
|
||||||
// Config contains basic configuration needed to specify swift location for a swift server
|
// Config contains basic configuration needed to specify swift location for a swift server
|
||||||
type Config struct {
|
type Config struct {
|
||||||
UserName string
|
UserName string
|
||||||
Domain string
|
UserID string
|
||||||
APIKey string
|
Domain string
|
||||||
AuthURL string
|
DomainID string
|
||||||
Region string
|
APIKey string
|
||||||
Tenant string
|
AuthURL string
|
||||||
TenantID string
|
Region string
|
||||||
TenantDomain string
|
Tenant string
|
||||||
TrustID string
|
TenantID string
|
||||||
|
TenantDomain string
|
||||||
|
TenantDomainID string
|
||||||
|
TrustID string
|
||||||
|
|
||||||
StorageURL string
|
StorageURL string
|
||||||
AuthToken string
|
AuthToken string
|
||||||
@ -88,9 +91,13 @@ func ApplyEnvironment(prefix string, cfg interface{}) error {
|
|||||||
{&c.AuthURL, prefix + "OS_AUTH_URL"},
|
{&c.AuthURL, prefix + "OS_AUTH_URL"},
|
||||||
|
|
||||||
// v3 specific
|
// v3 specific
|
||||||
|
{&c.UserID, prefix + "OS_USER_ID"},
|
||||||
{&c.Domain, prefix + "OS_USER_DOMAIN_NAME"},
|
{&c.Domain, prefix + "OS_USER_DOMAIN_NAME"},
|
||||||
|
{&c.DomainID, prefix + "OS_USER_DOMAIN_ID"},
|
||||||
{&c.Tenant, prefix + "OS_PROJECT_NAME"},
|
{&c.Tenant, prefix + "OS_PROJECT_NAME"},
|
||||||
{&c.TenantDomain, prefix + "OS_PROJECT_DOMAIN_NAME"},
|
{&c.TenantDomain, prefix + "OS_PROJECT_DOMAIN_NAME"},
|
||||||
|
{&c.TenantDomainID, prefix + "OS_PROJECT_DOMAIN_ID"},
|
||||||
|
{&c.TrustID, prefix + "OS_TRUST_ID"},
|
||||||
|
|
||||||
// v2 specific
|
// v2 specific
|
||||||
{&c.TenantID, prefix + "OS_TENANT_ID"},
|
{&c.TenantID, prefix + "OS_TENANT_ID"},
|
||||||
|
@ -42,13 +42,16 @@ func Open(cfg Config, rt http.RoundTripper) (restic.Backend, error) {
|
|||||||
be := &beSwift{
|
be := &beSwift{
|
||||||
conn: &swift.Connection{
|
conn: &swift.Connection{
|
||||||
UserName: cfg.UserName,
|
UserName: cfg.UserName,
|
||||||
|
UserId: cfg.UserID,
|
||||||
Domain: cfg.Domain,
|
Domain: cfg.Domain,
|
||||||
|
DomainId: cfg.DomainID,
|
||||||
ApiKey: cfg.APIKey,
|
ApiKey: cfg.APIKey,
|
||||||
AuthUrl: cfg.AuthURL,
|
AuthUrl: cfg.AuthURL,
|
||||||
Region: cfg.Region,
|
Region: cfg.Region,
|
||||||
Tenant: cfg.Tenant,
|
Tenant: cfg.Tenant,
|
||||||
TenantId: cfg.TenantID,
|
TenantId: cfg.TenantID,
|
||||||
TenantDomain: cfg.TenantDomain,
|
TenantDomain: cfg.TenantDomain,
|
||||||
|
TenantDomainId: cfg.TenantDomainID,
|
||||||
TrustId: cfg.TrustID,
|
TrustId: cfg.TrustID,
|
||||||
StorageUrl: cfg.StorageURL,
|
StorageUrl: cfg.StorageURL,
|
||||||
AuthToken: cfg.AuthToken,
|
AuthToken: cfg.AuthToken,
|
||||||
|
Loading…
Reference in New Issue
Block a user