Skip to content

Commit

Permalink
Update the ARO operator to set and use DefaultAzureCredential via env…
Browse files Browse the repository at this point in the history 
… vars
  • Loading branch information
@kimorris27
kimorris27 committed Nov 8, 2023
1 parent f7951eb commit edccb1e
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 12 deletions.
13 changes: 2 additions & 11 deletions pkg/operator/controllers/checkers/serviceprincipalchecker/checker.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,18 +22,14 @@ type servicePrincipalChecker interface {
type checker struct {
log *logrus.Entry

credentials func(ctx context.Context) (*clusterauthorizer.Credentials, error)
getTokenCredential func(azEnv *azureclient.AROEnvironment, credentials *clusterauthorizer.Credentials) (azcore.TokenCredential, error)
getTokenCredential func(azEnv *azureclient.AROEnvironment) (azcore.TokenCredential, error)
newSPValidator func(azEnv *azureclient.AROEnvironment) dynamic.ServicePrincipalValidator
}

func newServicePrincipalChecker(log *logrus.Entry, client client.Client) *checker {
return &checker{
log: log,

credentials: func(ctx context.Context) (*clusterauthorizer.Credentials, error) {
return clusterauthorizer.AzCredentials(ctx, client)
},
getTokenCredential: clusterauthorizer.GetTokenCredential,
newSPValidator: func(azEnv *azureclient.AROEnvironment) dynamic.ServicePrincipalValidator {
return dynamic.NewServicePrincipalValidator(log, azEnv, dynamic.AuthorizerClusterServicePrincipal)
Expand All @@ -47,14 +43,9 @@ func (r *checker) Check(ctx context.Context, AZEnvironment string) error {
return err
}

azCred, err := r.credentials(ctx)
if err != nil {
return err
}

spDynamic := r.newSPValidator(&azEnv)

spTokenCredential, err := r.getTokenCredential(&azEnv, azCred)
spTokenCredential, err := r.getTokenCredential(&azEnv)
if err != nil {
return err
}
Expand Down
17 changes: 16 additions & 1 deletion pkg/operator/deploy/staticresources/master/deployment.yaml.tmpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,23 @@ spec:
- master
image: "{{ .Image }}"
name: aro-operator
{{ if .IsLocalDevelopment}}
env:
- name: AZURE_CLIENT_ID
valueFrom:
secretKeyRef:
name: azure-cloud-credentials
key: azure_client_id
- name: AZURE_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: azure-cloud-credentials
key: azure_client_secret
- name: AZURE_TENANT_ID
valueFrom:
secretKeyRef:
name: azure-cloud-credentials
key: azure_tenant_id
{{ if .IsLocalDevelopment}}
- name: "RP_MODE"
value: "development"
{{ end }}
Expand Down

0 comments on commit edccb1e

Please sign in to comment.