openstack: read credentials from clouds.yaml

2025-08-18 19:47:54 -04:00 · 2024-03-11 14:20:19 +01:00 · 2024-03-11 14:20:19 +01:00 · c23f17de41
commit c23f17de41
parent d69673fab7
17 changed files with 169 additions and 160 deletions
--- a/terraform/infrastructure/openstack/main.tf
+++ b/terraform/infrastructure/openstack/main.tf
@ -56,6 +56,9 @@ locals {
    endpoint if(endpoint.interface == "public")
  ][0]
  identity_internal_url = local.identity_endpoint.url
+  cloudsyaml_path       = length(var.openstack_clouds_yaml_path) > 0 ? var.openstack_clouds_yaml_path : "~/.config/openstack/clouds.yaml"
+  cloudsyaml            = yamldecode(file(pathexpand(local.cloudsyaml_path)))
+  cloudyaml             = local.cloudsyaml.clouds[var.cloud]
 }

 resource "random_id" "uid" {
@ -236,9 +239,9 @@ module "instance_group" {
  subnet_id                        = openstack_networking_subnet_v2.vpc_subnetwork.id
  init_secret_hash                 = local.init_secret_hash
  identity_internal_url            = local.identity_internal_url
-  openstack_username               = var.openstack_username
-  openstack_password               = var.openstack_password
-  openstack_user_domain_name       = var.openstack_user_domain_name
+  openstack_username               = local.cloudyaml["auth"]["username"]
+  openstack_password               = local.cloudyaml["auth"]["password"]
+  openstack_user_domain_name       = local.cloudyaml["auth"]["user_domain_name"]
  openstack_load_balancer_endpoint = openstack_networking_floatingip_v2.public_ip.address
 }

--- a/terraform/infrastructure/openstack/variables.tf
+++ b/terraform/infrastructure/openstack/variables.tf
@ -48,26 +48,17 @@ variable "cloud" {
  description = "Cloud to use within the OpenStack \"clouds.yaml\" file. Optional. If not set, environment variables are used."
 }

+variable "openstack_clouds_yaml_path" {
+  type        = string
+  default     = "~/.config/openstack/clouds.yaml"
+  description = "Path to OpenStack clouds.yaml file"
+}
+
 variable "floating_ip_pool_id" {
  type        = string
  description = "Pool (network name) to use for floating IPs."
 }

-variable "openstack_user_domain_name" {
-  type        = string
-  description = "OpenStack user domain name."
-}
-
-variable "openstack_username" {
-  type        = string
-  description = "OpenStack user name."
-}
-
-variable "openstack_password" {
-  type        = string
-  description = "OpenStack password."
-}
-
 # STACKIT-specific variables

 variable "stackit_project_id" {