openstack: move credentials to instance user data

2025-08-17 11:10:37 -04:00 · 2024-03-08 14:16:34 +01:00 · 2024-03-08 14:16:34 +01:00 · 0bd8c00bda
commit 0bd8c00bda
parent 9c5f231f4a
3 changed files with 79 additions and 41 deletions
--- a/internal/cloud/openstack/imds_test.go
+++ b/internal/cloud/openstack/imds_test.go
@ -26,7 +26,7 @@ func TestProviderID(t *testing.T) {
 	someErr := errors.New("failed")

 	type testCase struct {
-		cache      metadataResponse
+		cache      any
 		cacheTime  time.Time
 		newClient  httpClientJSONCreateFunc
 		wantResult string
@ -34,7 +34,7 @@ func TestProviderID(t *testing.T) {
 		wantErr    bool
 	}

-	newTestCases := func(mResp1, mResp2 metadataResponse, expect1, expect2 string) map[string]testCase {
+	newTestCases := func(mResp1, mResp2 any, expect1, expect2 string) map[string]testCase {
 		return map[string]testCase{
 			"cached": {
 				cache:      mResp1,
@ -120,32 +120,32 @@ func TestProviderID(t *testing.T) {
 		"authURL": {
 			method: (*imdsClient).authURL,
 			testCases: newTestCases(
-				metadataResponse{Tags: metadataTags{AuthURL: "authURL1"}},
-				metadataResponse{Tags: metadataTags{AuthURL: "authURL2"}},
+				userDataResponse{AuthURL: "authURL1"},
+				userDataResponse{AuthURL: "authURL2"},
 				"authURL1", "authURL2",
 			),
 		},
 		"userDomainName": {
 			method: (*imdsClient).userDomainName,
 			testCases: newTestCases(
-				metadataResponse{Tags: metadataTags{UserDomainName: "userDomainName1"}},
-				metadataResponse{Tags: metadataTags{UserDomainName: "userDomainName2"}},
+				userDataResponse{UserDomainName: "userDomainName1"},
+				userDataResponse{UserDomainName: "userDomainName2"},
 				"userDomainName1", "userDomainName2",
 			),
 		},
 		"username": {
 			method: (*imdsClient).username,
 			testCases: newTestCases(
-				metadataResponse{Tags: metadataTags{Username: "username1"}},
-				metadataResponse{Tags: metadataTags{Username: "username2"}},
+				userDataResponse{Username: "username1"},
+				userDataResponse{Username: "username2"},
 				"username1", "username2",
 			),
 		},
 		"password": {
 			method: (*imdsClient).password,
 			testCases: newTestCases(
-				metadataResponse{Tags: metadataTags{Password: "password1"}},
-				metadataResponse{Tags: metadataTags{Password: "password2"}},
+				userDataResponse{Password: "password1"},
+				userDataResponse{Password: "password2"},
 				"password1", "password2",
 			),
 		},
@ -162,10 +162,18 @@ func TestProviderID(t *testing.T) {
 					if tc.newClient != nil {
 						client = tc.newClient(require)
 					}
+					var cache metadataResponse
+					var userDataCache userDataResponse
+					if _, ok := tc.cache.(metadataResponse); ok {
+						cache = tc.cache.(metadataResponse)
+					} else if _, ok := tc.cache.(userDataResponse); ok {
+						userDataCache = tc.cache.(userDataResponse)
+					}
 					imds := &imdsClient{
-						client:    client,
-						cache:     tc.cache,
-						cacheTime: tc.cacheTime,
+						client:        client,
+						cache:         cache,
+						userDataCache: userDataCache,
+						cacheTime:     tc.cacheTime,
 					}

 					result, err := tu.method(imds, context.Background())
@ -373,13 +381,13 @@ type httpClientJSONCreateFunc func(r *require.Assertions) *stubHTTPClientJSON

 type stubHTTPClientJSON struct {
 	require  *require.Assertions
-	response metadataResponse
+	response any
 	code     int
 	err      error
 	called   bool
 }

-func newStubHTTPClientJSONFunc(response metadataResponse, statusCode int, err error) httpClientJSONCreateFunc {
+func newStubHTTPClientJSONFunc(response any, statusCode int, err error) httpClientJSONCreateFunc {
 	return func(r *require.Assertions) *stubHTTPClientJSON {
 		return &stubHTTPClientJSON{
 			response: response,