openstack: Stop generating configuration for legacy cloud provider

The legacy cloud provider read its configuration from the 'cloud.conf'
key of the 'kube-system / openstack-credentials' secret. The out-of-tree
one uses 'cloud.conf' key of the 'openshift-cloud-controller-manager /
cloud-conf' config map. We can therefore remove the former.

Signed-off-by: Stephen Finucane <[email protected]>

Author: stephenfin

Diff for: data/data/manifests/openshift/cloud-creds-secret.yaml.template

@@ -17,7 +17,6 @@ data:
   ibmcloud_api_key: {{.CloudCreds.IBMCloud.Base64encodeAPIKey}}
 {{- else if .CloudCreds.OpenStack}}
   clouds.yaml: {{.CloudCreds.OpenStack.Base64encodeCloudsYAML}}
-  clouds.conf: {{.CloudCreds.OpenStack.Base64encodeCloudsConf}}
 {{- if .CloudCreds.OpenStack.Base64encodeCACert}}
   cacert: {{.CloudCreds.OpenStack.Base64encodeCACert}}
 {{- end}}

Diff for: pkg/asset/manifests/openshift.go

@@ -22,7 +22,6 @@ import (
 	"github.com/openshift/installer/pkg/asset/installconfig/ovirt"
 	"github.com/openshift/installer/pkg/asset/machines"
 	osmachine "github.com/openshift/installer/pkg/asset/machines/openstack"
-	openstackmanifests "github.com/openshift/installer/pkg/asset/manifests/openstack"
 	"github.com/openshift/installer/pkg/asset/openshiftinstall"
 	"github.com/openshift/installer/pkg/asset/password"
 	"github.com/openshift/installer/pkg/asset/rhcos"
@@ -189,18 +188,11 @@ func (o *Openshift) Generate(ctx context.Context, dependencies asset.Parents) er
 			return err
 		}
 
-		cloudProviderConf, err := openstackmanifests.CloudProviderConfigSecret(cloud)
-		if err != nil {
-			return err
-		}
-
 		credsEncoded := base64.StdEncoding.EncodeToString(marshalled)
-		cloudProviderConfEncoded := base64.StdEncoding.EncodeToString(cloudProviderConf)
 		caCertEncoded := base64.StdEncoding.EncodeToString(caCert)
 		cloudCreds = cloudCredsSecretData{
 			OpenStack: &OpenStackCredsSecretData{
 				Base64encodeCloudsYAML: credsEncoded,
-				Base64encodeCloudsConf: cloudProviderConfEncoded,
 				Base64encodeCACert:     caCertEncoded,
 			},
 		}

Diff for: pkg/asset/manifests/openstack/cloudproviderconfig.go

@@ -3,8 +3,6 @@ package openstack
 import (
 	"context"
 	"os"
-	"strconv"
-	"strings"
 
 	"github.com/gophercloud/gophercloud/v2"
 	"github.com/gophercloud/utils/v2/openstack/clientconfig"
@@ -25,59 +23,6 @@ type Error struct {
 func (e Error) Error() string { return e.msg + ": " + e.err.Error() }
 func (e Error) Unwrap() error { return e.err }
 
-// CloudProviderConfigSecret generates the cloud provider config for the OpenStack
-// platform, that will be stored in the system secret.
-// TODO: I think this is crud for the legacy cloud-provider and is no longer needed. Burn it with fire?
-func CloudProviderConfigSecret(cloud *clientconfig.Cloud) ([]byte, error) {
-	domainID := cloud.AuthInfo.DomainID
-	if domainID == "" {
-		domainID = cloud.AuthInfo.UserDomainID
-	}
-
-	domainName := cloud.AuthInfo.DomainName
-	if domainName == "" {
-		domainName = cloud.AuthInfo.UserDomainName
-	}
-
-	// We have to generate this config manually without "go-ini" library, because its
-	// output data is incompatible with "gcfg".
-	// For instance, if there is a string with a # character, then "go-ini" wraps it in bacticks,
-	// like `aaa#bbb`, but gcfg doesn't recognize it and  parses the data as `aaa, skipping
-	// everything after the #.
-	// For more information: https://bugzilla.redhat.com/show_bug.cgi?id=1771358
-	var res strings.Builder
-	res.WriteString("[Global]\n")
-	if cloud.AuthInfo.AuthURL != "" {
-		res.WriteString("auth-url = " + strconv.Quote(cloud.AuthInfo.AuthURL) + "\n")
-	}
-	if cloud.AuthInfo.Username != "" {
-		res.WriteString("username = " + strconv.Quote(cloud.AuthInfo.Username) + "\n")
-	}
-	if cloud.AuthInfo.Password != "" {
-		res.WriteString("password = " + strconv.Quote(cloud.AuthInfo.Password) + "\n")
-	}
-	if cloud.AuthInfo.ProjectID != "" {
-		res.WriteString("tenant-id = " + strconv.Quote(cloud.AuthInfo.ProjectID) + "\n")
-	}
-	if cloud.AuthInfo.ProjectName != "" {
-		res.WriteString("tenant-name = " + strconv.Quote(cloud.AuthInfo.ProjectName) + "\n")
-	}
-	if domainID != "" {
-		res.WriteString("domain-id = " + strconv.Quote(domainID) + "\n")
-	}
-	if domainName != "" {
-		res.WriteString("domain-name = " + strconv.Quote(domainName) + "\n")
-	}
-	if cloud.RegionName != "" {
-		res.WriteString("region = " + strconv.Quote(cloud.RegionName) + "\n")
-	}
-	if cloud.CACertFile != "" {
-		res.WriteString("ca-file = /etc/kubernetes/static-pod-resources/configmaps/cloud-config/ca-bundle.pem\n")
-	}
-
-	return []byte(res.String()), nil
-}
-
 func generateCloudProviderConfig(ctx context.Context, networkClient *gophercloud.ServiceClient, cloudConfig *clientconfig.Cloud, installConfig types.InstallConfig) (cloudProviderConfigData, cloudProviderConfigCABundleData string, err error) {
 	cloudProviderConfigData = `[Global]
 secret-name = openstack-credentials

Diff for: pkg/asset/manifests/openstack/cloudproviderconfig_test.go

@@ -11,89 +11,6 @@ import (
 	"github.com/openshift/installer/pkg/types/openstack"
 )
 
-func TestCloudProviderConfigSecret(t *testing.T) {
-	cloud := clientconfig.Cloud{
-		AuthInfo: &clientconfig.AuthInfo{
-			Username:   "my_user",
-			Password:   "my_secret_password",
-			AuthURL:    "https://my_auth_url.com/v3/",
-			ProjectID:  "f12f928576ae4d21bdb984da5dd1d3bf",
-			DomainID:   "default",
-			DomainName: "Default",
-		},
-		RegionName: "my_region",
-	}
-
-	expectedConfig := `[Global]
-auth-url = "https://my_auth_url.com/v3/"
-username = "my_user"
-password = "my_secret_password"
-tenant-id = "f12f928576ae4d21bdb984da5dd1d3bf"
-domain-id = "default"
-domain-name = "Default"
-region = "my_region"
-`
-	actualConfig, err := CloudProviderConfigSecret(&cloud)
-	assert.NoError(t, err, "failed to create cloud provider config")
-	assert.Equal(t, expectedConfig, string(actualConfig), "unexpected cloud provider config")
-}
-
-func TestCloudProviderConfigSecretUserDomain(t *testing.T) {
-	cloud := clientconfig.Cloud{
-		AuthInfo: &clientconfig.AuthInfo{
-			Username:       "my_user",
-			Password:       "my_secret_password",
-			AuthURL:        "https://my_auth_url.com/v3/",
-			ProjectID:      "f12f928576ae4d21bdb984da5dd1d3bf",
-			UserDomainID:   "default",
-			UserDomainName: "Default",
-		},
-		RegionName: "my_region",
-	}
-
-	expectedConfig := `[Global]
-auth-url = "https://my_auth_url.com/v3/"
-username = "my_user"
-password = "my_secret_password"
-tenant-id = "f12f928576ae4d21bdb984da5dd1d3bf"
-domain-id = "default"
-domain-name = "Default"
-region = "my_region"
-`
-	actualConfig, err := CloudProviderConfigSecret(&cloud)
-	assert.NoError(t, err, "failed to create cloud provider config")
-	assert.Equal(t, expectedConfig, string(actualConfig), "unexpected cloud provider config")
-}
-
-func TestCloudProviderConfigSecretQuoting(t *testing.T) {
-	passwords := map[string]string{
-		"regular":        "regular",
-		"with\\n":        "with\\\\n",
-		"with#":          "with#",
-		"with$":          "with$",
-		"with;":          "with;",
-		"with \n \" \\ ": "with \\n \\\" \\\\ ",
-		"with!":          "with!",
-		"with?":          "with?",
-		"with`":          "with`",
-	}
-
-	for k, v := range passwords {
-		cloud := clientconfig.Cloud{
-			AuthInfo: &clientconfig.AuthInfo{
-				Password: k,
-			},
-		}
-
-		expectedConfig := `[Global]
-password = "` + v + `"
-`
-		actualConfig, err := CloudProviderConfigSecret(&cloud)
-		assert.NoError(t, err, "failed to create cloud provider config")
-		assert.Equal(t, expectedConfig, string(actualConfig), "unexpected cloud provider config")
-	}
-}
-
 func TestCloudProviderConfig(t *testing.T) {
 	cases := []struct {
 		name           string

Diff for: pkg/asset/manifests/template.go

@@ -35,7 +35,6 @@ type IBMCloudCredsSecretData struct {
 // OpenStackCredsSecretData holds encoded credentials and is used to generate cloud-creds secret
 type OpenStackCredsSecretData struct {
 	Base64encodeCloudsYAML string
-	Base64encodeCloudsConf string
 	Base64encodeCACert     string
 }