migrating from 2019 to 2021 for storage

pkg/cluster/deploybaseresources_additional.go

@@ -88,19 +88,19 @@ func (m *manager) storageAccount(name, region string, ocpSubnets []string, encry
 	virtualNetworkRules := []mgmtstorage.VirtualNetworkRule{
 		{
 			VirtualNetworkResourceID: to.StringPtr("/subscriptions/" + m.env.SubscriptionID() + "/resourceGroups/" + m.env.ResourceGroup() + "/providers/Microsoft.Network/virtualNetworks/rp-pe-vnet-001/subnets/rp-pe-subnet"),
-			Action:                   mgmtstorage.Allow,
+			Action:                   mgmtstorage.ActionAllow,
 		},
 		{
 			VirtualNetworkResourceID: to.StringPtr("/subscriptions/" + m.env.SubscriptionID() + "/resourceGroups/" + m.env.ResourceGroup() + "/providers/Microsoft.Network/virtualNetworks/rp-vnet/subnets/rp-subnet"),
-			Action:                   mgmtstorage.Allow,
+			Action:                   mgmtstorage.ActionAllow,
 		},
 	}
 
 	// add OCP subnets which have Microsoft.Storage service endpoint enabled
 	for _, subnet := range ocpSubnets {
 		virtualNetworkRules = append(virtualNetworkRules, mgmtstorage.VirtualNetworkRule{
 			VirtualNetworkResourceID: to.StringPtr(subnet),
-			Action:                   mgmtstorage.Allow,
+			Action:                   mgmtstorage.ActionAllow,
 		})
 	}
 
@@ -110,7 +110,7 @@ func (m *manager) storageAccount(name, region string, ocpSubnets []string, encry
 	if m.installViaHive && strings.Index(name, "cluster") == 0 {
 		virtualNetworkRules = append(virtualNetworkRules, mgmtstorage.VirtualNetworkRule{
 			VirtualNetworkResourceID: to.StringPtr(fmt.Sprintf("/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Network/virtualNetworks/aks-net/subnets/PodSubnet-%03d", m.env.SubscriptionID(), m.env.ResourceGroup(), hiveShard)),
-			Action:                   mgmtstorage.Allow,
+			Action:                   mgmtstorage.ActionAllow,
 		})
 	}
 
@@ -120,21 +120,21 @@ func (m *manager) storageAccount(name, region string, ocpSubnets []string, encry
 	if !m.env.IsLocalDevelopmentMode() {
 		virtualNetworkRules = append(virtualNetworkRules, mgmtstorage.VirtualNetworkRule{
 			VirtualNetworkResourceID: to.StringPtr("/subscriptions/" + m.env.SubscriptionID() + "/resourceGroups/" + m.env.GatewayResourceGroup() + "/providers/Microsoft.Network/virtualNetworks/gateway-vnet/subnets/gateway-subnet"),
-			Action:                   mgmtstorage.Allow,
+			Action:                   mgmtstorage.ActionAllow,
 		})
 	}
 
 	sa := &mgmtstorage.Account{
-		Kind: mgmtstorage.StorageV2,
+		Kind: mgmtstorage.KindStorageV2,
 		Sku: &mgmtstorage.Sku{
 			Name: "Standard_LRS",
 		},
 		AccountProperties: &mgmtstorage.AccountProperties{
 			AllowBlobPublicAccess:  to.BoolPtr(false),
 			EnableHTTPSTrafficOnly: to.BoolPtr(true),
-			MinimumTLSVersion:      mgmtstorage.TLS12,
+			MinimumTLSVersion:      mgmtstorage.MinimumTLSVersionTLS12,
 			NetworkRuleSet: &mgmtstorage.NetworkRuleSet{
-				Bypass:              mgmtstorage.AzureServices,
+				Bypass:              mgmtstorage.BypassAzureServices,
 				VirtualNetworkRules: &virtualNetworkRules,
 				DefaultAction:       "Deny",
 			},

pkg/deploy/assets/gateway-production.json

@@ -113,7 +113,7 @@
             "location": "[resourceGroup().location]",
             "name": "[substring(parameters('gatewayStorageAccountDomain'), 0, indexOf(parameters('gatewayStorageAccountDomain'), '.'))]",
             "type": "Microsoft.Storage/storageAccounts",
-            "apiVersion": "2019-06-01"
+            "apiVersion": "2021-09-01"
         },
         {
             "sku": {

pkg/deploy/assets/rp-oic.json

@@ -27,7 +27,7 @@
             "location": "[resourceGroup().location]",
             "name": "[concat(take(substring(parameters('storageAccountDomain'), 0, indexOf(parameters('storageAccountDomain'), '.')), 21), 'oic')]",
             "type": "Microsoft.Storage/storageAccounts",
-            "apiVersion": "2019-06-01"
+            "apiVersion": "2021-09-01"
         },
         {
             "name": "[concat(concat(take(substring(parameters('storageAccountDomain'), 0, indexOf(parameters('storageAccountDomain'), '.')), 21), 'oic'), '/Microsoft.Authorization/', guid(resourceId('Microsoft.Storage/storageAccounts', concat(take(substring(parameters('storageAccountDomain'), 0, indexOf(parameters('storageAccountDomain'), '.')), 21), 'oic'))))]",

pkg/deploy/assets/rp-production-global.json

@@ -110,7 +110,7 @@
             "location": "[resourceGroup().location]",
             "name": "[parameters('rpVersionStorageAccountName')]",
             "type": "Microsoft.Storage/storageAccounts",
-            "apiVersion": "2019-06-01"
+            "apiVersion": "2021-09-01"
         },
         {
             "properties": {
@@ -119,7 +119,7 @@
             },
             "name": "[concat(parameters('rpVersionStorageAccountName'), '/default/rpversion')]",
             "type": "Microsoft.Storage/storageAccounts/blobServices/containers",
-            "apiVersion": "2019-06-01",
+            "apiVersion": "2021-09-01",
             "dependsOn": [
                 "[resourceId('Microsoft.Storage/storageAccounts', parameters('rpVersionStorageAccountName'))]"
             ]
@@ -131,7 +131,7 @@
             },
             "name": "[concat(parameters('rpVersionStorageAccountName'), '/default/ocpversions')]",
             "type": "Microsoft.Storage/storageAccounts/blobServices/containers",
-            "apiVersion": "2019-06-01",
+            "apiVersion": "2021-09-01",
             "dependsOn": [
                 "[resourceId('Microsoft.Storage/storageAccounts', parameters('rpVersionStorageAccountName'))]"
             ]

pkg/deploy/assets/rp-production.json

@@ -542,7 +542,7 @@
             "location": "[resourceGroup().location]",
             "name": "[substring(parameters('storageAccountDomain'), 0, indexOf(parameters('storageAccountDomain'), '.'))]",
             "type": "Microsoft.Storage/storageAccounts",
-            "apiVersion": "2019-06-01"
+            "apiVersion": "2021-09-01"
         },
         {
             "properties": {

pkg/deploy/generator/resources_oic.go

@@ -23,15 +23,15 @@ var (
 
 func (g *generator) oicStorageAccount() *arm.Resource {
 	storageAccount := &mgmtstorage.Account{
-		Kind: mgmtstorage.StorageV2,
+		Kind: mgmtstorage.KindStorageV2,
 		Sku: &mgmtstorage.Sku{
 			Name: "Standard_LRS",
 		},
 		AccountProperties: &mgmtstorage.AccountProperties{
 			AllowBlobPublicAccess:  to.BoolPtr(true),
 			EnableHTTPSTrafficOnly: to.BoolPtr(true),
-			MinimumTLSVersion:      mgmtstorage.TLS12,
-			AccessTier:             mgmtstorage.Hot,
+			MinimumTLSVersion:      mgmtstorage.MinimumTLSVersionTLS12,
+			AccessTier:             mgmtstorage.AccessTierHot,
 		},
 		Name:     to.StringPtr(fmt.Sprintf("[%s]", storageAccountName)),
 		Location: to.StringPtr("[resourceGroup().location]"),

pkg/deploy/saveversion.go

@@ -20,10 +20,10 @@ func (d *deployer) SaveVersion(ctx context.Context) error {
 	t := time.Now().UTC().Truncate(time.Second)
 	res, err := d.globalaccounts.ListAccountSAS(
 		ctx, *d.config.Configuration.GlobalResourceGroupName, *d.config.Configuration.RPVersionStorageAccountName, mgmtstorage.AccountSasParameters{
-			Services:               mgmtstorage.B,
+			Services:               mgmtstorage.ServicesB,
 			ResourceTypes:          mgmtstorage.SignedResourceTypesO,
 			Permissions:            "cw", // create and write
-			Protocols:              mgmtstorage.HTTPS,
+			Protocols:              mgmtstorage.HTTPProtocolHTTPS,
 			SharedAccessStartTime:  &date.Time{Time: t},
 			SharedAccessExpiryTime: &date.Time{Time: t.Add(24 * time.Hour)},
 		})

pkg/frontend/adminactions/vmserialconsole.go

@@ -46,10 +46,10 @@ func (a *azureActions) VMSerialConsole(ctx context.Context, w http.ResponseWrite
 	t := time.Now().UTC().Truncate(time.Second)
 	res, err := a.storageAccounts.ListAccountSAS(
 		ctx, clusterRGName, "cluster"+a.oc.Properties.StorageSuffix, mgmtstorage.AccountSasParameters{
-			Services:               mgmtstorage.B,
+			Services:               mgmtstorage.ServicesB,
 			ResourceTypes:          mgmtstorage.SignedResourceTypesO,
-			Permissions:            mgmtstorage.R,
-			Protocols:              mgmtstorage.HTTPS,
+			Permissions:            mgmtstorage.PermissionsR,
+			Protocols:              mgmtstorage.HTTPProtocolHTTPS,
 			SharedAccessStartTime:  &date.Time{Time: t},
 			SharedAccessExpiryTime: &date.Time{Time: t.Add(24 * time.Hour)},
 		})

pkg/operator/controllers/storageaccounts/storageaccounts.go

@@ -102,7 +102,7 @@ func (r *reconcileManager) reconcileAccounts(ctx context.Context) error {
 			if !found {
 				*account.AccountProperties.NetworkRuleSet.VirtualNetworkRules = append(*account.AccountProperties.NetworkRuleSet.VirtualNetworkRules, mgmtstorage.VirtualNetworkRule{
 					VirtualNetworkResourceID: to.StringPtr(subnet),
-					Action:                   mgmtstorage.Allow,
+					Action:                   mgmtstorage.ActionAllow,
 				})
 				changed = true
 			}

pkg/operator/controllers/storageaccounts/storageaccounts_test.go

@@ -74,7 +74,7 @@ func getValidAccount(virtualNetworkResourceIDs []string) *mgmtstorage.Account {
 	for _, rule := range virtualNetworkResourceIDs {
 		*account.AccountProperties.NetworkRuleSet.VirtualNetworkRules = append(*account.AccountProperties.NetworkRuleSet.VirtualNetworkRules, mgmtstorage.VirtualNetworkRule{
 			VirtualNetworkResourceID: to.StringPtr(rule),
-			Action:                   mgmtstorage.Allow,
+			Action:                   mgmtstorage.ActionAllow,
 		})
 	}
 	return account

pkg/util/azureclient/apiversions.go

@@ -27,7 +27,7 @@ var apiVersions = map[string]string{
 	"microsoft.network":                        "2020-08-01",
 	"microsoft.network/dnszones":               "2018-05-01",
 	"microsoft.network/privatednszones":        "2018-09-01",
-	"microsoft.storage":                        "2019-06-01",
+	"microsoft.storage":                        "2021-09-01",
 }
 
 // APIVersion gets the APIVersion from a full resource type