Remove credentials from obs_bucket and obs_bucket_object

Revert #732

Existing implementation is no more useful after implementing #745
As it's implemented in during the same release, so no deprecation needs to be done

docs/resources/obs_bucket.md

@@ -139,23 +139,6 @@ resource "opentelekomcloud_obs_bucket" "bucket" {
 }
 ```
 
-### Using ak/sk defined in the resource
-
-```hcl
-variable ak {}
-variable sk {}
-
-resource "opentelekomcloud_obs_bucket" "bucket" {
-  bucket        = "my-bucket"
-  storage_class = "STANDARD"
-  acl           = "private"
-  credentials {
-    access_key = var.ak
-    secret_key = var.sk
-  }
-}
-```
-
 ## Argument Reference
 
 The following arguments are supported:
@@ -190,8 +173,6 @@ The following arguments are supported:
 
 * `region` - (Optional) If specified, the region this bucket should reside in. Otherwise, the region used by the provider.
 
-* `credentials` - (Optional) Access key information for a single bucket only.
-
 The `logging` object supports the following:
 
 * `target_bucket` - (Required) The name of the bucket that will receive the log objects.
@@ -275,12 +256,6 @@ The `noncurrent_version_transition` object supports the following
 
 * `storage_class` - (Required) The class of storage used to store the object. Only `WARM` and `COLD` are supported.
 
-The `credentials` object supports the following:
-
-* `access_key` - (Required) Access key ID.
-
-* `secret_key` - (Required) Access key secret.
-
 ## Attributes Reference
 
 The following attributes are exported:

docs/resources/obs_bucket_object.md

@@ -45,33 +45,6 @@ resource "opentelekomcloud_obs_bucket_object" "examplebucket_object" {
 }
 ```
 
-### Using ak/sk defined in the resource
-
-```hcl
-variable ak {}
-variable sk {}
-
-resource "opentelekomcloud_obs_bucket" "object_bucket" {
-  bucket        = "my-bucket"
-  storage_class = "STANDARD"
-  acl           = "private"
-  credentials {
-    access_key = var.ak
-    secret_key = var.sk
-  }
-}
-
-resource "opentelekomcloud_obs_bucket_object" "object" {
-  bucket  = opentelekomcloud_obs_bucket.object_bucket.bucket
-  key     = "test-key"
-  content = "some_bucket_content"
-  credentials {
-    access_key = var.ak
-    secret_key = var.sk
-  }
-}
-```
-
 ## Argument Reference
 
 The following arguments are supported:
@@ -98,12 +71,6 @@ The following arguments are supported:
 * `etag` - (Optional) Specifies the unique identifier of the object content. It can be used to trigger updates.
   The only meaningful value is `md5(file("path_to_file"))`.
 
-* `credentials` - (Optional) Access key information for a single bucket object.
-
-    * `access_key` - (Required) Access key ID.
-
-    * `secret_key` - (Required) Access key secret.
-
 Either `source` or `content` must be provided to specify the bucket content.
 These two arguments are mutually-exclusive.
 

opentelekomcloud/resource_opentelekomcloud_obs_bucket.go

@@ -10,8 +10,6 @@ import (
 	"github.com/hashicorp/go-multierror"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
-	golangsdk "github.com/opentelekomcloud/gophertelekomcloud"
-	"github.com/opentelekomcloud/gophertelekomcloud/openstack"
 	"github.com/opentelekomcloud/gophertelekomcloud/openstack/obs"
 )
 
@@ -251,71 +249,15 @@ func resourceObsBucket() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
-
-			"credentials": {
-				Type:     schema.TypeList,
-				Optional: true,
-				MaxItems: 1,
-				Elem: &schema.Resource{
-					Schema: map[string]*schema.Schema{
-						"access_key": {
-							Type:     schema.TypeString,
-							Required: true,
-						},
-						"secret_key": {
-							Type:      schema.TypeString,
-							Required:  true,
-							Sensitive: true,
-						},
-					},
-				},
-			},
 		},
 	}
 }
 
-func obsClient(d *schema.ResourceData, config *Config) (*obs.ObsClient, error) {
-	errMsg := "error creating OpenTelekomCloud OBS client: %s"
-
-	credentials, ok := d.GetOk("credentials")
-	if !ok {
-		client, err := config.newObjectStorageClient(GetRegion(d, config))
-		if err != nil {
-			err = fmt.Errorf(errMsg, err)
-		}
-		return client, err
-	}
-
-	// if credentials are set in the resource, mimics config.newObjectStorageClient
-
-	c, err := openstack.NewOBSService(config.HwClient, golangsdk.EndpointOpts{
-		Region:       GetRegion(d, config),
-		Availability: config.getHwEndpointType(),
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	// init log
-	setUpOBSLogging()
-
-	credentialsSlice := credentials.([]interface{})
-	if len(credentialsSlice) == 0 {
-		return nil, fmt.Errorf("credentials are missing")
-	}
-	credMap := credentialsSlice[0].(map[string]interface{})
-	client, err := obs.New(credMap["access_key"].(string), credMap["secret_key"].(string), c.Endpoint)
-	if err != nil {
-		return nil, fmt.Errorf(errMsg, err)
-	}
-	return client, nil
-}
-
 func resourceObsBucketCreate(d *schema.ResourceData, meta interface{}) error {
 	config := meta.(*Config)
-	client, err := obsClient(d, config)
+	client, err := config.newObjectStorageClient(GetRegion(d, config))
 	if err != nil {
-		return err
+		return fmt.Errorf("error creating OBS client: %s", err)
 	}
 
 	bucket := d.Get("bucket").(string)
@@ -341,9 +283,9 @@ func resourceObsBucketCreate(d *schema.ResourceData, meta interface{}) error {
 
 func resourceObsBucketUpdate(d *schema.ResourceData, meta interface{}) error {
 	config := meta.(*Config)
-	obsClient, err := obsClient(d, config)
+	obsClient, err := config.newObjectStorageClient(GetRegion(d, config))
 	if err != nil {
-		return err
+		return fmt.Errorf("error creating OBS client: %s", err)
 	}
 
 	log.Printf("[DEBUG] Update OBS bucket %s", d.Id())
@@ -401,9 +343,9 @@ func resourceObsBucketUpdate(d *schema.ResourceData, meta interface{}) error {
 func resourceObsBucketRead(d *schema.ResourceData, meta interface{}) error {
 	config := meta.(*Config)
 	region := GetRegion(d, config)
-	obsClient, err := obsClient(d, config)
+	obsClient, err := config.newObjectStorageClient(GetRegion(d, config))
 	if err != nil {
-		return err
+		return fmt.Errorf("error creating OBS client: %s", err)
 	}
 
 	log.Printf("[DEBUG] Read OBS bucket: %s", d.Id())
@@ -473,9 +415,9 @@ func resourceObsBucketRead(d *schema.ResourceData, meta interface{}) error {
 
 func resourceObsBucketDelete(d *schema.ResourceData, meta interface{}) error {
 	config := meta.(*Config)
-	obsClient, err := obsClient(d, config)
+	obsClient, err := config.newObjectStorageClient(GetRegion(d, config))
 	if err != nil {
-		return err
+		return fmt.Errorf("error creating OBS client: %s", err)
 	}
 
 	bucket := d.Id()
@@ -1177,7 +1119,7 @@ func deleteAllBucketObjects(obsClient *obs.ObsClient, bucket string) error {
 	log.Printf("[DEBUG] objects of %s will be deleted: %v", bucket, objects)
 	output, err := obsClient.DeleteObjects(deleteOpts)
 	if err != nil {
-		return getObsError("Error deleting all objects of OBS bucket", bucket, err)
+		return getObsError("error deleting all objects of OBS bucket", bucket, err)
 	} else {
 		if len(output.Errors) > 0 {
 			return fmt.Errorf("error some objects are still exist in %s: %#v", bucket, output.Errors)
@@ -1189,9 +1131,8 @@ func deleteAllBucketObjects(obsClient *obs.ObsClient, bucket string) error {
 func getObsError(action string, bucket string, err error) error {
 	if obsError, ok := err.(obs.ObsError); ok {
 		return fmt.Errorf("%s %s: %s,\n Reason: %s", action, bucket, obsError.Code, obsError.Message)
-	} else {
-		return err
 	}
+	return err
 }
 
 // normalize format of storage class

opentelekomcloud/resource_opentelekomcloud_obs_bucket_object.go

@@ -121,11 +121,10 @@ func resourceObsBucketObjectPut(d *schema.ResourceData, meta interface{}) error
 	var err error
 
 	config := meta.(*Config)
-	client, err := obsClient(d, config)
+	client, err := config.newObjectStorageClient(GetRegion(d, config))
 	if err != nil {
-		return err
+		return fmt.Errorf("error creating OBS client: %s", err)
 	}
-
 	source := d.Get("source").(string)
 	content := d.Get("content").(string)
 	if source == "" && content == "" {
@@ -238,9 +237,9 @@ func putFileToObject(obsClient *obs.ObsClient, d *schema.ResourceData) (*obs.Put
 
 func resourceObsBucketObjectRead(d *schema.ResourceData, meta interface{}) error {
 	config := meta.(*Config)
-	client, err := obsClient(d, config)
+	client, err := config.newObjectStorageClient(GetRegion(d, config))
 	if err != nil {
-		return err
+		return fmt.Errorf("error creating OBS client: %s", err)
 	}
 
 	bucket := d.Get("bucket").(string)
@@ -289,9 +288,9 @@ func resourceObsBucketObjectRead(d *schema.ResourceData, meta interface{}) error
 
 func resourceObsBucketObjectDelete(d *schema.ResourceData, meta interface{}) error {
 	config := meta.(*Config)
-	client, err := obsClient(d, config)
+	client, err := config.newObjectStorageClient(GetRegion(d, config))
 	if err != nil {
-		return err
+		return fmt.Errorf("error creating OBS client: %s", err)
 	}
 
 	bucket := d.Get("bucket").(string)

opentelekomcloud/resource_opentelekomcloud_obs_bucket_object_test.go

@@ -78,25 +78,6 @@ func TestAccObsBucketObject_content(t *testing.T) {
 	})
 }
 
-func TestAccObsBucketObject_contentAKSK(t *testing.T) {
-	rInt := acctest.RandInt()
-
-	resource.Test(t, resource.TestCase{
-		PreCheck:     func() { testAccPreCheckS3(t) },
-		Providers:    testAccProviders,
-		CheckDestroy: testAccCheckObsBucketObjectDestroy,
-		Steps: []resource.TestStep{
-			{
-				PreConfig: func() {},
-				Config:    testAccObsBucketObjectConfigContent_aksk(rInt),
-				Check: resource.ComposeTestCheckFunc(
-					testAccCheckObsBucketObjectExists("opentelekomcloud_obs_bucket_object.object"),
-				),
-			},
-		},
-	})
-}
-
 func testAccCheckObsBucketObjectDestroy(s *terraform.State) error {
 	config := testAccProvider.Meta().(*Config)
 	obsClient, err := config.newObjectStorageClient(OS_REGION_NAME)
@@ -181,31 +162,6 @@ func testAccCheckObsBucketObjectExists(n string) resource.TestCheckFunc {
 	}
 }
 
-func testAccObsBucketObjectConfigContent_aksk(randInt int) string {
-	return fmt.Sprintf(`
-resource "opentelekomcloud_obs_bucket" "object_bucket" {
-  bucket        = "tf-test-bucket-%d"
-  storage_class = "STANDARD"
-  acl           = "private"
-  credentials {
-    access_key = "%[2]s"
-    secret_key = "%[3]s"
-  }
-}
-
-resource "opentelekomcloud_obs_bucket_object" "object" {
-  bucket  = opentelekomcloud_obs_bucket.object_bucket.bucket
-  key     = "test-key"
-  content = "some_bucket_content"
-  credentials {
-    access_key = "%[2]s"
-    secret_key = "%[3]s"
-  }
-}
-
-`, randInt, OS_ACCESS_KEY, OS_SECRET_KEY)
-}
-
 func testAccObsBucketObjectConfigSource(randInt int, source string) string {
 	return fmt.Sprintf(`
 resource "opentelekomcloud_obs_bucket" "object_bucket" {

opentelekomcloud/resource_opentelekomcloud_obs_bucket_test.go

@@ -48,21 +48,6 @@ func TestAccObsBucket_basic(t *testing.T) {
 	})
 }
 
-func TestAccObsBucket_aksk(t *testing.T) {
-	rInt := acctest.RandInt()
-
-	resource.Test(t, resource.TestCase{
-		PreCheck:     func() { testAccPreCheckS3(t) },
-		Providers:    testAccProviders,
-		CheckDestroy: testAccCheckObsBucketDestroy,
-		Steps: []resource.TestStep{
-			{
-				Config: testAccObsBucket_aksk(rInt),
-			},
-		},
-	})
-}
-
 func TestAccObsBucket_tags(t *testing.T) {
 	rInt := acctest.RandInt()
 	resourceName := "opentelekomcloud_obs_bucket.bucket"
@@ -321,19 +306,6 @@ resource "opentelekomcloud_obs_bucket" "bucket" {
 }
 `, randInt)
 }
-func testAccObsBucket_aksk(randInt int) string {
-	return fmt.Sprintf(`
-resource "opentelekomcloud_obs_bucket" "bucket" {
-  bucket        = "tf-test-bucket-%d"
-  storage_class = "STANDARD"
-  acl           = "private"
-  credentials {
-    access_key = "%s"
-    secret_key = "%s"
-  }
-}
-`, randInt, OS_ACCESS_KEY, OS_SECRET_KEY)
-}
 
 func testAccObsBucket_basic_update(randInt int) string {
 	return fmt.Sprintf(`