kubernetes-sigs
diff --git a/‎api/v1alpha6/conversion_test.go
Lines changed: 7 additions & 0 deletions b/‎api/v1alpha6/conversion_test.go
Lines changed: 7 additions & 0 deletions
diff --git a/‎api/v1alpha6/zz_generated.conversion.go
Lines changed: 1 addition & 0 deletions b/‎api/v1alpha6/zz_generated.conversion.go
Lines changed: 1 addition & 0 deletions
diff --git a/‎api/v1alpha7/conversion_test.go
Lines changed: 7 additions & 0 deletions b/‎api/v1alpha7/conversion_test.go
Lines changed: 7 additions & 0 deletions
diff --git a/‎api/v1alpha7/zz_generated.conversion.go
Lines changed: 1 addition & 0 deletions b/‎api/v1alpha7/zz_generated.conversion.go
Lines changed: 1 addition & 0 deletions
diff --git a/‎api/v1beta1/identity_types.go
Lines changed: 7 additions & 0 deletions b/‎api/v1beta1/identity_types.go
Lines changed: 7 additions & 0 deletions
diff --git a/‎config/crd/bases/infrastructure.cluster.x-k8s.io_openstackclusters.yaml
Lines changed: 20 additions & 0 deletions b/‎config/crd/bases/infrastructure.cluster.x-k8s.io_openstackclusters.yaml
Lines changed: 20 additions & 0 deletions
diff --git a/‎config/crd/bases/infrastructure.cluster.x-k8s.io_openstackclustertemplates.yaml
Lines changed: 20 additions & 0 deletions b/‎config/crd/bases/infrastructure.cluster.x-k8s.io_openstackclustertemplates.yaml
Lines changed: 20 additions & 0 deletions
diff --git a/‎config/crd/bases/infrastructure.cluster.x-k8s.io_openstackfloatingippools.yaml
Lines changed: 10 additions & 0 deletions b/‎config/crd/bases/infrastructure.cluster.x-k8s.io_openstackfloatingippools.yaml
Lines changed: 10 additions & 0 deletions
diff --git a/‎config/crd/bases/infrastructure.cluster.x-k8s.io_openstackmachines.yaml
Lines changed: 10 additions & 0 deletions b/‎config/crd/bases/infrastructure.cluster.x-k8s.io_openstackmachines.yaml
Lines changed: 10 additions & 0 deletions
diff --git a/‎config/crd/bases/infrastructure.cluster.x-k8s.io_openstackmachinetemplates.yaml
Lines changed: 10 additions & 0 deletions b/‎config/crd/bases/infrastructure.cluster.x-k8s.io_openstackmachinetemplates.yaml
Lines changed: 10 additions & 0 deletions
diff --git a/‎config/crd/bases/infrastructure.cluster.x-k8s.io_openstackservers.yaml
Lines changed: 10 additions & 0 deletions b/‎config/crd/bases/infrastructure.cluster.x-k8s.io_openstackservers.yaml
Lines changed: 10 additions & 0 deletions
diff --git a/‎controllers/openstackmachine_controller.go
Lines changed: 5 additions & 1 deletion b/‎controllers/openstackmachine_controller.go
Lines changed: 5 additions & 1 deletion
diff --git a/‎docs/book/src/api/v1beta1/api.md
Lines changed: 14 additions & 0 deletions b/‎docs/book/src/api/v1beta1/api.md
Lines changed: 14 additions & 0 deletions
diff --git a/‎hack/codegen/openapi/zz_generated.openapi.go
Lines changed: 7 additions & 0 deletions b/‎hack/codegen/openapi/zz_generated.openapi.go
Lines changed: 7 additions & 0 deletions
diff --git a/‎pkg/generated/applyconfiguration/api/v1beta1/openstackidentityreference.go
Lines changed: 9 additions & 0 deletions b/‎pkg/generated/applyconfiguration/api/v1beta1/openstackidentityreference.go
Lines changed: 9 additions & 0 deletions
diff --git a/‎pkg/generated/applyconfiguration/internal/internal.go
Lines changed: 3 additions & 0 deletions b/‎pkg/generated/applyconfiguration/internal/internal.go
Lines changed: 3 additions & 0 deletions
diff --git a/‎pkg/scope/provider.go
Lines changed: 11 additions & 9 deletions b/‎pkg/scope/provider.go
Lines changed: 11 additions & 9 deletions
diff --git a/‎test/e2e/shared/openstack.go
Lines changed: 1 addition & 1 deletion b/‎test/e2e/shared/openstack.go
Lines changed: 1 addition & 1 deletion
@@ -91,6 +91,13 @@ func TestFuzzyConversion(t *testing.T) {
 				}
 			},
 
+			func(identityRef *infrav1.OpenStackIdentityReference, c fuzz.Continue) {
+				c.FuzzNoCustom(identityRef)
+
+				// None of the following identityRef fields have ever been set in v1alpha6
+				identityRef.Region = ""
+			},
+
 			func(spec *OpenStackMachineSpec, c fuzz.Continue) {
 				c.FuzzNoCustom(spec)
 
 
@@ -89,6 +89,13 @@ func TestFuzzyConversion(t *testing.T) {
 					}
 				}
 			},
+
+			func(identityRef *infrav1.OpenStackIdentityReference, c fuzz.Continue) {
+				c.FuzzNoCustom(identityRef)
+
+				// None of the following identityRef fields have ever been set in v1alpha7
+				identityRef.Region = ""
+			},
 		}
 
 		return slices.Concat(v1alpha7FuzzerFuncs, testhelpers.InfraV1FuzzerFuncs())
 
@@ -18,6 +18,7 @@ package v1beta1
 
 // OpenStackIdentityReference is a reference to an infrastructure
 // provider identity to be used to provision cluster resources.
+// +kubebuilder:validation:XValidation:rule="(!has(self.region) && !has(oldSelf.region)) || self.region == oldSelf.region",message="region is immutable"
 type OpenStackIdentityReference struct {
 	// Name is the name of a secret in the same namespace as the resource being provisioned.
 	// The secret must contain a key named `clouds.yaml` which contains an OpenStack clouds.yaml file.
@@ -28,6 +29,12 @@ type OpenStackIdentityReference struct {
 	// CloudName specifies the name of the entry in the clouds.yaml file to use.
 	// +kubebuilder:validation:Required
 	CloudName string `json:"cloudName"`
+
+	// Region specifies an OpenStack region to use. If specified, it overrides
+	// any value in clouds.yaml. If specified for an OpenStackMachine, its
+	// value will be included in providerID.
+	// +optional
+	Region string `json:"region,omitempty"`
 }
 
 // IdentityRefProvider is an interface for obtaining OpenStack credentials from an API object
 
@@ -422,7 +422,11 @@ func (r *OpenStackMachineReconciler) reconcileMachineState(scope *scope.WithLogg
 		conditions.MarkTrue(openStackMachine, infrav1.InstanceReadyCondition)
 
 		// Set properties required by CAPI machine controller
-		openStackMachine.Spec.ProviderID = ptr.To(fmt.Sprintf("openstack:///%s", *openStackServer.Status.InstanceID))
+		var region string
+		if openStackMachine.Spec.IdentityRef != nil {
+			region = openStackMachine.Spec.IdentityRef.Region
+		}
+		openStackMachine.Spec.ProviderID = ptr.To(fmt.Sprintf("openstack://%s/%s", region, *openStackServer.Status.InstanceID))
 		openStackMachine.Status.InstanceID = openStackServer.Status.InstanceID
 		openStackMachine.Status.Ready = true
 	case infrav1.InstanceStateError:
 
@@ -81,10 +81,10 @@ func (f *providerScopeFactory) NewClientScopeFromObject(ctx context.Context, ctr
 	}
 
 	if f.clientCache == nil {
-		return NewProviderScope(cloud, caCert, logger)
+		return NewProviderScope(cloud, identityRef.Region, caCert, logger)
 	}
 
-	return NewCachedProviderScope(f.clientCache, cloud, caCert, logger)
+	return NewCachedProviderScope(f.clientCache, cloud, identityRef.Region, caCert, logger)
 }
 
 func getScopeCacheKey(cloud clientconfig.Cloud) (string, error) {
@@ -102,8 +102,8 @@ type providerScope struct {
 	projectID          string
 }
 
-func NewProviderScope(cloud clientconfig.Cloud, caCert []byte, logger logr.Logger) (Scope, error) {
-	providerClient, clientOpts, projectID, err := NewProviderClient(cloud, caCert, logger)
+func NewProviderScope(cloud clientconfig.Cloud, regionName string, caCert []byte, logger logr.Logger) (Scope, error) {
+	providerClient, clientOpts, projectID, err := NewProviderClient(cloud, regionName, caCert, logger)
 	if err != nil {
 		return nil, err
 	}
@@ -115,7 +115,7 @@ func NewProviderScope(cloud clientconfig.Cloud, caCert []byte, logger logr.Logge
 	}, nil
 }
 
-func NewCachedProviderScope(cache *cache.LRUExpireCache, cloud clientconfig.Cloud, caCert []byte, logger logr.Logger) (Scope, error) {
+func NewCachedProviderScope(cache *cache.LRUExpireCache, cloud clientconfig.Cloud, regionName string, caCert []byte, logger logr.Logger) (Scope, error) {
 	key, err := getScopeCacheKey(cloud)
 	if err != nil {
 		return nil, fmt.Errorf("compute cloud config cache key: %w", err)
@@ -126,7 +126,7 @@ func NewCachedProviderScope(cache *cache.LRUExpireCache, cloud clientconfig.Clou
 		return scope.(Scope), nil
 	}
 
-	scope, err := NewProviderScope(cloud, caCert, logger)
+	scope, err := NewProviderScope(cloud, regionName, caCert, logger)
 	if err != nil {
 		return nil, err
 	}
@@ -175,18 +175,20 @@ func (s *providerScope) ExtractToken() (*tokens.Token, error) {
 	return tokens.Get(context.TODO(), client, s.providerClient.Token()).ExtractToken()
 }
 
-func NewProviderClient(cloud clientconfig.Cloud, caCert []byte, logger logr.Logger) (*gophercloud.ProviderClient, *clientconfig.ClientOpts, string, error) {
+func NewProviderClient(cloud clientconfig.Cloud, regionName string, caCert []byte, logger logr.Logger) (*gophercloud.ProviderClient, *clientconfig.ClientOpts, string, error) {
 	clientOpts := new(clientconfig.ClientOpts)
 
 	// We explicitly disable reading auth data from env variables by setting an invalid EnvPrefix.
 	// By doing this, we make sure that the data from clouds.yaml is enough to authenticate.
 	// For more information: https://github.com/gophercloud/utils/v2/blob/8677e053dcf1f05d0fa0a616094aace04690eb94/openstack/clientconfig/requests.go#L508
 	clientOpts.EnvPrefix = "NO_ENV_VARIABLES_"
-
+	if regionName == "" {
+		regionName = cloud.RegionName
+	}
 	if cloud.AuthInfo != nil {
 		clientOpts.AuthInfo = cloud.AuthInfo
 		clientOpts.AuthType = cloud.AuthType
-		clientOpts.RegionName = cloud.RegionName
+		clientOpts.RegionName = regionName
 		clientOpts.EndpointType = cloud.EndpointType
 	}
 
 
@@ -667,7 +667,7 @@ func getProviderClient(e2eCtx *E2EContext, openstackCloud string) (*gophercloud.
 	clouds := getParsedOpenStackCloudYAML(openStackCloudYAMLFile)
 	cloud := clouds.Clouds[openstackCloud]
 
-	providerClient, clientOpts, projectID, err := scope.NewProviderClient(cloud, nil, logr.Discard())
+	providerClient, clientOpts, projectID, err := scope.NewProviderClient(cloud, "", nil, logr.Discard())
 	if err != nil {
 		return nil, nil, nil, err
 	}
Original file line number	Diff line number	Diff line change
`@@ -89,6 +89,13 @@ func TestFuzzyConversion(t *testing.T) {`
`89`	`89`	`}`
`90`	`90`	`}`
`91`	`91`	`},`
	`92`	`+`
	`93`	`+ func(identityRef *infrav1.OpenStackIdentityReference, c fuzz.Continue) {`
	`94`	`+ c.FuzzNoCustom(identityRef)`
	`95`	`+`
	`96`	`+ // None of the following identityRef fields have ever been set in v1alpha7`
	`97`	`+ identityRef.Region = ""`
	`98`	`+ },`
`92`	`99`	`}`
`93`	`100`
`94`	`101`	`return slices.Concat(v1alpha7FuzzerFuncs, testhelpers.InfraV1FuzzerFuncs())`
Original file line number	Diff line number	Diff line change
`@@ -81,10 +81,10 @@ func (f *providerScopeFactory) NewClientScopeFromObject(ctx context.Context, ctr`
`81`	`81`	`}`
`82`	`82`
`83`	`83`	`if f.clientCache == nil {`
`84`		`- return NewProviderScope(cloud, caCert, logger)`
	`84`	`+ return NewProviderScope(cloud, identityRef.Region, caCert, logger)`
`85`	`85`	`}`
`86`	`86`
`87`		`- return NewCachedProviderScope(f.clientCache, cloud, caCert, logger)`
	`87`	`+ return NewCachedProviderScope(f.clientCache, cloud, identityRef.Region, caCert, logger)`
`88`	`88`	`}`
`89`	`89`
`90`	`90`	`func getScopeCacheKey(cloud clientconfig.Cloud) (string, error) {`
`@@ -102,8 +102,8 @@ type providerScope struct {`
`102`	`102`	`projectID string`
`103`	`103`	`}`
`104`	`104`
`105`		`-func NewProviderScope(cloud clientconfig.Cloud, caCert []byte, logger logr.Logger) (Scope, error) {`
`106`		`- providerClient, clientOpts, projectID, err := NewProviderClient(cloud, caCert, logger)`
	`105`	`+func NewProviderScope(cloud clientconfig.Cloud, regionName string, caCert []byte, logger logr.Logger) (Scope, error) {`
	`106`	`+ providerClient, clientOpts, projectID, err := NewProviderClient(cloud, regionName, caCert, logger)`
`107`	`107`	`if err != nil {`
`108`	`108`	`return nil, err`
`109`	`109`	`}`
`@@ -115,7 +115,7 @@ func NewProviderScope(cloud clientconfig.Cloud, caCert []byte, logger logr.Logge`
`115`	`115`	`}, nil`
`116`	`116`	`}`
`117`	`117`
`118`		`-func NewCachedProviderScope(cache *cache.LRUExpireCache, cloud clientconfig.Cloud, caCert []byte, logger logr.Logger) (Scope, error) {`
	`118`	`+func NewCachedProviderScope(cache *cache.LRUExpireCache, cloud clientconfig.Cloud, regionName string, caCert []byte, logger logr.Logger) (Scope, error) {`
`119`	`119`	`key, err := getScopeCacheKey(cloud)`
`120`	`120`	`if err != nil {`
`121`	`121`	`return nil, fmt.Errorf("compute cloud config cache key: %w", err)`
`@@ -126,7 +126,7 @@ func NewCachedProviderScope(cache *cache.LRUExpireCache, cloud clientconfig.Clou`
`126`	`126`	`return scope.(Scope), nil`
`127`	`127`	`}`
`128`	`128`
`129`		`- scope, err := NewProviderScope(cloud, caCert, logger)`
	`129`	`+ scope, err := NewProviderScope(cloud, regionName, caCert, logger)`
`130`	`130`	`if err != nil {`
`131`	`131`	`return nil, err`
`132`	`132`	`}`
`@@ -175,18 +175,20 @@ func (s providerScope) ExtractToken() (tokens.Token, error) {`
`175`	`175`	`return tokens.Get(context.TODO(), client, s.providerClient.Token()).ExtractToken()`
`176`	`176`	`}`
`177`	`177`
`178`		`-func NewProviderClient(cloud clientconfig.Cloud, caCert []byte, logger logr.Logger) (gophercloud.ProviderClient, clientconfig.ClientOpts, string, error) {`
	`178`	`+func NewProviderClient(cloud clientconfig.Cloud, regionName string, caCert []byte, logger logr.Logger) (gophercloud.ProviderClient, clientconfig.ClientOpts, string, error) {`
`179`	`179`	`clientOpts := new(clientconfig.ClientOpts)`
`180`	`180`
`181`	`181`	`// We explicitly disable reading auth data from env variables by setting an invalid EnvPrefix.`
`182`	`182`	`// By doing this, we make sure that the data from clouds.yaml is enough to authenticate.`
`183`	`183`	`// For more information: https://github.com/gophercloud/utils/v2/blob/8677e053dcf1f05d0fa0a616094aace04690eb94/openstack/clientconfig/requests.go#L508`
`184`	`184`	`clientOpts.EnvPrefix = "NO_ENV_VARIABLES_"`
`185`		`-`
	`185`	`+ if regionName == "" {`
	`186`	`+ regionName = cloud.RegionName`
	`187`	`+ }`
`186`	`188`	`if cloud.AuthInfo != nil {`
`187`	`189`	`clientOpts.AuthInfo = cloud.AuthInfo`
`188`	`190`	`clientOpts.AuthType = cloud.AuthType`
`189`		`- clientOpts.RegionName = cloud.RegionName`
	`191`	`+ clientOpts.RegionName = regionName`
`190`	`192`	`clientOpts.EndpointType = cloud.EndpointType`
`191`	`193`	`}`
`192`	`194`
Original file line number	Diff line number	Diff line change
`@@ -667,7 +667,7 @@ func getProviderClient(e2eCtx E2EContext, openstackCloud string) (gophercloud.`
`667`	`667`	`clouds := getParsedOpenStackCloudYAML(openStackCloudYAMLFile)`
`668`	`668`	`cloud := clouds.Clouds[openstackCloud]`
`669`	`669`
`670`		`- providerClient, clientOpts, projectID, err := scope.NewProviderClient(cloud, nil, logr.Discard())`
	`670`	`+ providerClient, clientOpts, projectID, err := scope.NewProviderClient(cloud, "", nil, logr.Discard())`
`671`	`671`	`if err != nil {`
`672`	`672`	`return nil, nil, nil, err`
`673`	`673`	`}`