Updating mgmt/storage package version for rpStorageAccount() so that we can set SAS key permission to false #3596
Conversation
| @@ -539,6 +539,9 @@ | |||
| "sku": { | |||
| "name": "Standard_LRS" | |||
| }, | |||
| "properties": { | |||
| "allowSharedKeyAccess": false | |||
| }, | |||
| "location": "[resourceGroup().location]", | |||
| "name": "[substring(parameters('storageAccountDomain'), 0, indexOf(parameters('storageAccountDomain'), '.'))]", | |||
| "type": "Microsoft.Storage/storageAccounts", | |||
There was a problem hiding this comment.
should we update the apiVersion in L548 as well?
There was a problem hiding this comment.
Yes! Now that I took a better look at apiVersions, I understood that it must be updated.
| @@ -8,7 +8,7 @@ import ( | |||
| mgmtkeyvault "github.com/Azure/azure-sdk-for-go/services/keyvault/mgmt/2019-09-01/keyvault" | |||
| mgmtnetwork "github.com/Azure/azure-sdk-for-go/services/network/mgmt/2020-08-01/network" | |||
| mgmtinsights "github.com/Azure/azure-sdk-for-go/services/preview/monitor/mgmt/2018-03-01/insights" | |||
| mgmtstorage "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2019-06-01/storage" | |||
| mgmtstorage "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2021-09-01/storage" | |||
There was a problem hiding this comment.
L29 needs to be update as well
There was a problem hiding this comment.
I'm migrating the whole repo to the 2021 version of mgmtstorage. I'm also updating the entry on the apiVersions map for Microsoft.Storage now that we have a new version (2021-09-01) of it.
L29 is about Microsoft.Insights. I didn't use it directly during this task, so it sounds curious to me why I should change L29.
Do you mean you'd like me to upgrade the package mgmtinsights for the whole repo too, and then change the apiVersions map to list the new version?
It's currently on 2018-03-01 version in the imports, and the apiVersions map states 2018-03-01 too.
There was a problem hiding this comment.
Sorry, I meant the line with Microsoft.Storage
There was a problem hiding this comment.
Ok, thanks! Then it's done.
I created a new PR to do the whole migration thing as I was scared to break things:
#3603
Will cleanup this PR later.
|
The api version of the generated arm template is still the old one. |
Which issue this PR addresses:
Fixes https://issues.redhat.com/browse/ARO-7791 in an alternative (probably better) way than this previous draft PR.
What this PR does / why we need it:
The PR updates from a 2019 to a 2021 version of the
mgmt/storagepackage of Azure SDK for Go, so that we can have a new field available in the API (allowSharedKeyAccess) and set it tofalsefor the RP storage account struct, so that when the ARM template is generated (rp_production.json) it has the property set tofalseaccordingly.Test plan for issue:
Test steps for local, INT and VMSS related validation available on the Jira issue.
Is there any documentation that needs to be updated for this PR?
Not sure, I suppose not.
How do you know this will function as expected in production?
Answered this on this PR description, will paste here once I know more about this or once one of the PRs is chosen, as they're both proposed fixes for the same thing: #3595