Skip to content

Commit c8ffce8

Browse files
author
yanggang
committed
Add MSI Support for Azure plugin.
Signed-off-by: yanggang <[email protected]>
1 parent ed441de commit c8ffce8

File tree

3 files changed

+21
-3
lines changed

3 files changed

+21
-3
lines changed

changelogs/unreleased/6938-yanggangtony

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
Add MSI Support for Azure plugin.

pkg/util/azure/credential.go

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ import (
2626
"github.com/pkg/errors"
2727
)
2828

29-
// NewCredential chains the config credential and workload identity credential
29+
// NewCredential chains the config credential , workload identity credential , managed identity credential
3030
func NewCredential(creds map[string]string, options policy.ClientOptions) (azcore.TokenCredential, error) {
3131
var (
3232
credential []azcore.TokenCredential
@@ -60,6 +60,15 @@ func NewCredential(creds map[string]string, options policy.ClientOptions) (azcor
6060
errMsgs = append(errMsgs, err.Error())
6161
}
6262

63+
//managed identity credential
64+
o := &azidentity.ManagedIdentityCredentialOptions{ClientOptions: options, ID: azidentity.ClientID(creds[CredentialKeyClientID])}
65+
msi, err := azidentity.NewManagedIdentityCredential(o)
66+
if err == nil {
67+
credential = append(credential, msi)
68+
} else {
69+
errMsgs = append(errMsgs, err.Error())
70+
}
71+
6372
if len(credential) == 0 {
6473
return nil, errors.Errorf("failed to create Azure credential: %s", strings.Join(errMsgs, "\n\t"))
6574
}

pkg/util/azure/credential_test.go

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,9 @@ limitations under the License.
1717
package azure
1818

1919
import (
20+
"context"
2021
"testing"
22+
"time"
2123

2224
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
2325
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
@@ -26,10 +28,15 @@ import (
2628

2729
func TestNewCredential(t *testing.T) {
2830
options := policy.ClientOptions{}
29-
3031
// no credentials
3132
creds := map[string]string{}
32-
_, err := NewCredential(creds, options)
33+
tokenCredential, _ := NewCredential(creds, options)
34+
35+
var scopes []string
36+
scopes = append(scopes, "https://management.core.windows.net//.default")
37+
38+
ctx, _ := context.WithTimeout(context.Background(), time.Second*2)
39+
_, err := tokenCredential.GetToken(ctx, policy.TokenRequestOptions{Scopes: scopes})
3340
require.NotNil(t, err)
3441

3542
// config credential
@@ -40,6 +47,7 @@ func TestNewCredential(t *testing.T) {
4047
}
4148
_, err = NewCredential(creds, options)
4249
require.Nil(t, err)
50+
4351
}
4452

4553
func Test_newConfigCredential(t *testing.T) {

0 commit comments

Comments
 (0)