Which version of MSAL Go are you using?
Note that to get help, you need to run the latest version.

related to:

can we revert the endpoint for china cloud to login.chinacloudapi.cn?

What happened:

When upgrading cloud provider azure from v1.31.1 to v1.31.2 on azure china environment , the cloud controller manager fails to initialize with the following error msg

E0704 15:23:02.162092       1 azure.go:567] InitializeCloudFromConfig: failed to sync regional zones map for the first time: list zones: ClientSecretCredential: unable to resolve an endpoint: server response error:
 context deadline exceeded
F0704 15:23:02.162138       1 controllermanager.go:356] Cloud provider azure could not be initialized: could not init cloud provider azure: list zones: ClientSecretCredential: unable to resolve an endpoint: server response error:
 context deadline exceeded

What you expected to happen:

We expected that the cloud controller manager would be Ready and not fail during initializing stage

How to reproduce it (as minimally and precisely as possible):

Deploy at least the 1.31.2 version of the cloud provider azure addon with the azure environment AzureChinaCloud

Anything else we need to know?:

We saw that starting from the v1.31.2 revision, the go package responsible for the azure AD authentication AzureAD/microsoft-authentication-library-for-go was bumped to a newer version that updated the trusted azureAD hosts

The problem that we suspect is that the Environment variable for the china cloud was not adapted to target the new azureAD endpoint login.partner.microsoftonline.cn it is always set to login.chinacloudapi.cn

To confirm that, we did a quick test with the cloud provider azure v1.31.2 :

• changed the aadTrustedHostList map to set the old china login endpoint login.chinacloudapi.cn
• build the image only for the cloud controller manager
• Test the cloud provider azure v1.31.2 with our custom cloud controller manager image
  Result: the cloud controller manager was initialized without issues

Environment:

• Kubernetes version (use kubectl version): 1.31
• Cloud provider or hardware configuration: AzureChinaCloud
• OS (e.g: cat /etc/os-release):
• Kernel (e.g. uname -a):
• Install tools:
• Network plugin and version (if this is a network-related bug):
• Others:

Where is the issue?

• Public client
  • Device code flow
  • Username/Password (ROPC grant)
  • Authorization code flow
• Confidential client
  • Authorization code flow
  • Client credentials:
    • client secret
    • client certificate
• Token cache serialization
  • In-memory cache
• Other (please describe)

Is this a new or an existing app?

What version of Go are you using (go version)?

$ go version

What operating system and processor architecture are you using (go env)?

$ go env

Repro

var your = (code) => here;

Expected behavior
A clear and concise description of what you expected to happen (or code).

Actual behavior
A clear and concise description of what happens, e.g. an exception is thrown, UI freezes.

Possible solution

Additional context / logs / screenshots
Add any other context about the problem here, such as logs and screenshots.