Merge pull request rancher#95 from rawmind0/auth

Fix auth issue when using access_key and secret_key
hashicorp · Aug 16, 2019 · 2694564 · 2694564
2 parents ffe0f89 + fd3f23d
commit 2694564
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 15 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,4 +1,13 @@
 ## 1.4.1 (Unreleased)
+
+FEATURES:
+
+ENHANCEMENTS:
+
+BUG FIXES:
+
+* Fix: auth issue when using `access_key` and `secret_key`
+
 ## 1.4.0 (August 15, 2019)
 
 FEATURES:

diff --git a/rancher2/00_provider_test.go b/rancher2/00_provider_test.go
@@ -71,14 +71,16 @@ func testAccCheck() error {
 			return fmt.Errorf("RANCHER_URL must be set for acceptance tests")
 		}
 
-		if tokenKey == "" && (accessKey == "" || secretKey == "") {
+		if tokenKey == "" && accessKey != "" && secretKey != "" {
+			tokenKey = accessKey + ":" + secretKey
+		}
+
+		if tokenKey == "" {
 			return fmt.Errorf("RANCHER_TOKEN_KEY or RANCHER_ACCESS_KEY and RANCHER_SECRET_KEY must be set for acceptance tests")
 		}
 
 		config := &Config{
 			URL:       apiURL,
-			AccessKey: accessKey,
-			SecretKey: secretKey,
 			TokenKey:  tokenKey,
 			CACerts:   caCerts,
 			Insecure:  insecure,

diff --git a/rancher2/config.go b/rancher2/config.go
@@ -21,8 +21,6 @@ type Client struct {
 
 // Config is the configuration parameters for a Rancher v3 API
 type Config struct {
-	AccessKey string `json:"accessKey"`
-	SecretKey string `json:"secretKey"`
 	TokenKey  string `json:"tokenKey"`
 	URL       string `json:"url"`
 	CACerts   string `json:"cacert"`
@@ -153,12 +151,10 @@ func (c *Config) CreateClientOpts() *clientbase.ClientOpts {
 	c.NormalizeURL()
 
 	options := &clientbase.ClientOpts{
-		URL:       c.URL,
-		AccessKey: c.AccessKey,
-		SecretKey: c.SecretKey,
-		TokenKey:  c.TokenKey,
-		CACerts:   c.CACerts,
-		Insecure:  c.Insecure,
+		URL:      c.URL,
+		TokenKey: c.TokenKey,
+		CACerts:  c.CACerts,
+		Insecure: c.Insecure,
 	}
 
 	return options

diff --git a/rancher2/provider.go b/rancher2/provider.go
@@ -157,10 +157,13 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
 	insecure := d.Get("insecure").(bool)
 	bootstrap := d.Get("bootstrap").(bool)
 
+	// Set tokenKey based on accessKey and secretKey if needed
+	if tokenKey == providerDefaulEmptyString && accessKey != providerDefaulEmptyString && secretKey != providerDefaulEmptyString {
+		tokenKey = accessKey + ":" + secretKey
+	}
+
 	config := &Config{
 		URL:       apiURL,
-		AccessKey: accessKey,
-		SecretKey: secretKey,
 		TokenKey:  tokenKey,
 		CACerts:   caCerts,
 		Insecure:  insecure,
@@ -179,12 +182,12 @@ func providerValidateConfig(config *Config) (*Config, error) {
 
 	if config.Bootstrap {
 		// If bootstrap tokenkey accesskey nor secretkey can be provided
-		if config.TokenKey != providerDefaulEmptyString || config.AccessKey != providerDefaulEmptyString || config.SecretKey != providerDefaulEmptyString {
+		if config.TokenKey != providerDefaulEmptyString {
 			return &Config{}, fmt.Errorf("[ERROR] Bootsrap mode activated. Token_key or access_key and secret_key can not be provided")
 		}
 	} else {
 		// Else token or access key and secret key should be provided
-		if config.TokenKey == providerDefaulEmptyString && (config.AccessKey == providerDefaulEmptyString || config.SecretKey == providerDefaulEmptyString) {
+		if config.TokenKey == providerDefaulEmptyString {
 			return &Config{}, fmt.Errorf("[ERROR] No token_key nor access_key and secret_key are provided")
 		}
 	}