I have already been in touch with @ashishth09 regarding this issue. OPening now to track it as it will be a requirement for Dedicated Next. Currently user has to pass SL credentials and Bluemix api key when creating SL objects using ibm-cloud-provider. It is possible to pull the SL creds from the bluemix API key ( you can pull out a token as opposed to a username and api key ) Is it possible to get the provider to accept this token instead of the sl username and api key so that I could create vlans, vsi's etc using blumix api key only and not have to pass in SL creds. If needed I can get the curl commands etc to pull the SL token from the bluemix api key - and I will be able to follow up with more info as needed.
Response from @ashishth09
Hi Louise..
we did have that kind of code earlier and we know all the APIs that can help us.. that would in addition required the softlayer account to pin the credentials for that SL account
then there existing SL customers who don’t have a bluemix account yet and we didn’t want to lose those from using terraform (edited)
earlier they used github.com/softlayer/terraform-provider-softlayer/ which required SL api key
so strike the balance we had to include sl username and api key
i guess it is a point in time when eventually a more unified api auth could be provided across the ibm cloud currently it is not
earlier we had https://github.com/IBM-Cloud/terraform/blob/tf-v0.9.3-ibm-provider-v0.1/builtin/providers/ibmcloud/provider.go#L15-L49
hkantare
commented
2 years ago
I have already been in touch with @ashishth09 regarding this issue. OPening now to track it as it will be a requirement for Dedicated Next. Currently user has to pass SL credentials and Bluemix api key when creating SL objects using ibm-cloud-provider. It is possible to pull the SL creds from the bluemix API key ( you can pull out a token as opposed to a username and api key ) Is it possible to get the provider to accept this token instead of the sl username and api key so that I could create vlans, vsi's etc using blumix api key only and not have to pass in SL creds. If needed I can get the curl commands etc to pull the SL token from the bluemix api key - and I will be able to follow up with more info as needed.
Response from @ashishth09 Hi Louise.. we did have that kind of code earlier and we know all the APIs that can help us.. that would in addition required the softlayer account to pin the credentials for that SL account then there existing SL customers who don’t have a bluemix account yet and we didn’t want to lose those from using terraform (edited) earlier they used github.com/softlayer/terraform-provider-softlayer/ which required SL api key so strike the balance we had to include sl username and api key i guess it is a point in time when eventually a more unified api auth could be provided across the ibm cloud currently it is not earlier we had https://github.com/IBM-Cloud/terraform/blob/tf-v0.9.3-ibm-provider-v0.1/builtin/providers/ibmcloud/provider.go#L15-L49
we had the code as well to fetch the API key https://github.com/IBM-Cloud/terraform/blob/tf-v0.9.3-ibm-provider-v0.1/builtin/providers/ibmcloud/auth_helpers.go#L146-L254
but as mentioned we had to ditch that in favor of the above arguments which was discussed in a larger forum
FYI @snayakie