(cluster *kops.Cluster, ig *kops.InstanceGroup)
| 347 | } |
| 348 | |
| 349 | func buildEnvironmentVariables(cluster *kops.Cluster, ig *kops.InstanceGroup) (map[string]string, error) { |
| 350 | env := make(map[string]string) |
| 351 | |
| 352 | if os.Getenv("GOSSIP_DNS_CONN_LIMIT") != "" { |
| 353 | env["GOSSIP_DNS_CONN_LIMIT"] = os.Getenv("GOSSIP_DNS_CONN_LIMIT") |
| 354 | } |
| 355 | |
| 356 | if os.Getenv("S3_ENDPOINT") != "" { |
| 357 | if ig.IsControlPlane() { |
| 358 | env["S3_ENDPOINT"] = os.Getenv("S3_ENDPOINT") |
| 359 | env["S3_REGION"] = os.Getenv("S3_REGION") |
| 360 | env["S3_ACCESS_KEY_ID"] = os.Getenv("S3_ACCESS_KEY_ID") |
| 361 | env["S3_SECRET_ACCESS_KEY"] = os.Getenv("S3_SECRET_ACCESS_KEY") |
| 362 | } |
| 363 | } |
| 364 | |
| 365 | if cluster.GetCloudProvider() == kops.CloudProviderOpenstack { |
| 366 | |
| 367 | osEnvs := []string{ |
| 368 | "OS_TENANT_ID", "OS_TENANT_NAME", "OS_PROJECT_ID", "OS_PROJECT_NAME", |
| 369 | "OS_PROJECT_DOMAIN_NAME", "OS_PROJECT_DOMAIN_ID", |
| 370 | "OS_DOMAIN_NAME", "OS_DOMAIN_ID", |
| 371 | "OS_AUTH_URL", |
| 372 | "OS_REGION_NAME", |
| 373 | } |
| 374 | |
| 375 | appCreds := os.Getenv("OS_APPLICATION_CREDENTIAL_ID") != "" && os.Getenv("OS_APPLICATION_CREDENTIAL_SECRET") != "" |
| 376 | if appCreds { |
| 377 | osEnvs = append(osEnvs, |
| 378 | "OS_APPLICATION_CREDENTIAL_ID", |
| 379 | "OS_APPLICATION_CREDENTIAL_SECRET", |
| 380 | ) |
| 381 | } else { |
| 382 | klog.Warning("exporting username and password. Consider using application credentials instead.") |
| 383 | osEnvs = append(osEnvs, |
| 384 | "OS_USERNAME", |
| 385 | "OS_PASSWORD", |
| 386 | ) |
| 387 | } |
| 388 | |
| 389 | // Map our Insecure Skip Verify setting |
| 390 | if cluster.Spec.CloudProvider.Openstack != nil && fi.ValueOf(cluster.Spec.CloudProvider.Openstack.InsecureSkipVerify) { |
| 391 | os.Setenv(openstackconfig.EnvKeyOpenstackTLSInsecureSkipVerify, "true") |
| 392 | } |
| 393 | |
| 394 | // credentials needed always in control-plane and when using gossip also in nodes |
| 395 | passEnvs := false |
| 396 | if ig.IsControlPlane() || cluster.UsesLegacyGossip() { |
| 397 | passEnvs = true |
| 398 | } |
| 399 | // Pass in required credentials when using user-defined swift endpoint |
| 400 | if os.Getenv("OS_AUTH_URL") != "" && passEnvs { |
| 401 | for _, envVar := range osEnvs { |
| 402 | env[envVar] = fmt.Sprintf("'%s'", os.Getenv(envVar)) |
| 403 | } |
| 404 | } |
| 405 | } |
| 406 |
no test coverage detected