feat(AzureEnvironments): use upstream func for validation

by removing the hard-coded maps for Azure environments and calling the EnvironmentFromName function from the go-autorest/azure library we can use the existing tools to validate Azure Environments while also enabling the initial ability to specify custom endpoints for AzureStackCloud by using the Environment 'AzureStackCloud' and specifying AZURE_ENVIRONMENT_FILEPATH and providing an AzureEnvironment json file Closes Issue vmware-tanzu#3162 Signed-off-by: Jeff Davis <[email protected]>
JefeDavis · Apr 20, 2023 · 84ba37e · 84ba37e
1 parent 7081502
commit 84ba37e
Show file tree

Hide file tree

Showing 5 changed files with 93 additions and 25 deletions.
diff --git a/providers/config_default.yaml b/providers/config_default.yaml
@@ -361,7 +361,7 @@ CONTROL_PLANE_NODE_LABELS:
 #! Azure account configurations
 
 #! The Azure cloud to deploy to, supported clouds are :
-#! AzurePublicCloud, AzureChinaCloud, AzureGermanCloud, AzureUSGovernmentCloud
+#! AzurePublicCloud, AzureChinaCloud, AzureGermanCloud, AzureUSGovernmentCloud, AzureStackCloud
 AZURE_ENVIRONMENT: "AzurePublicCloud"
 #! The tenant ID is the ID of the AAD directory in which the app for Tanzu Kubernetes Grid is created
 #! A Tenant is representative of an organization within Azure Active Directory.

diff --git a/providers/infrastructure-azure/v1.6.3/infrastructure-components.yaml b/providers/infrastructure-azure/v1.6.3/infrastructure-components.yaml
@@ -780,7 +780,7 @@ spec:
                 description: AdditionalTags is an optional set of tags to add to Azure resources managed by the Azure provider, in addition to the ones added by default.
                 type: object
               azureEnvironment:
-                description: 'AzureEnvironment is the name of the AzureCloud to be used. The default value that would be used by most users is "AzurePublicCloud", other values are: - ChinaCloud: "AzureChinaCloud" - GermanCloud: "AzureGermanCloud" - PublicCloud: "AzurePublicCloud" - USGovernmentCloud: "AzureUSGovernmentCloud"'
+                description: 'AzureEnvironment is the name of the AzureCloud to be used. The default value that would be used by most users is "AzurePublicCloud", other values are: - ChinaCloud: "AzureChinaCloud" - GermanCloud: "AzureGermanCloud" - PublicCloud: "AzurePublicCloud" - USGovernmentCloud: "AzureUSGovernmentCloud" - StackCloud: "AzureStackCloud" - StackCloud: "AzureStackCloud"'
                 type: string
               bastionSpec:
                 description: BastionSpec encapsulates all things related to the Bastions in the cluster.
@@ -1444,7 +1444,7 @@ spec:
                 description: AdditionalTags is an optional set of tags to add to Azure resources managed by the Azure provider, in addition to the ones added by default.
                 type: object
               azureEnvironment:
-                description: 'AzureEnvironment is the name of the AzureCloud to be used. The default value that would be used by most users is "AzurePublicCloud", other values are: - ChinaCloud: "AzureChinaCloud" - GermanCloud: "AzureGermanCloud" - PublicCloud: "AzurePublicCloud" - USGovernmentCloud: "AzureUSGovernmentCloud"'
+                description: 'AzureEnvironment is the name of the AzureCloud to be used. The default value that would be used by most users is "AzurePublicCloud", other values are: - ChinaCloud: "AzureChinaCloud" - GermanCloud: "AzureGermanCloud" - PublicCloud: "AzurePublicCloud" - USGovernmentCloud: "AzureUSGovernmentCloud" - StackCloud: "AzureStackCloud" - StackCloud: "AzureStackCloud"'
                 type: string
               bastionSpec:
                 description: BastionSpec encapsulates all things related to the Bastions in the cluster.
@@ -2303,7 +2303,7 @@ spec:
                         description: AdditionalTags is an optional set of tags to add to Azure resources managed by the Azure provider, in addition to the ones added by default.
                         type: object
                       azureEnvironment:
-                        description: 'AzureEnvironment is the name of the AzureCloud to be used. The default value that would be used by most users is "AzurePublicCloud", other values are: - ChinaCloud: "AzureChinaCloud" - GermanCloud: "AzureGermanCloud" - PublicCloud: "AzurePublicCloud" - USGovernmentCloud: "AzureUSGovernmentCloud"'
+                        description: 'AzureEnvironment is the name of the AzureCloud to be used. The default value that would be used by most users is "AzurePublicCloud", other values are: - ChinaCloud: "AzureChinaCloud" - GermanCloud: "AzureGermanCloud" - PublicCloud: "AzurePublicCloud" - USGovernmentCloud: "AzureUSGovernmentCloud" - StackCloud: "AzureStackCloud" - StackCloud: "AzureStackCloud"'
                         type: string
                       bastionSpec:
                         description: BastionSpec encapsulates all things related to the Bastions in the cluster.

diff --git a/tkg/azure/client.go b/tkg/azure/client.go
@@ -31,14 +31,8 @@ const (
 )
 
 const (
-	// ChinaCloud defines China cloud
-	ChinaCloud = "AzureChinaCloud"
-	// GermanCloud defines German cloud
-	GermanCloud = "AzureGermanCloud"
 	// PublicCloud defines Public cloud
 	PublicCloud = "AzurePublicCloud"
-	// USGovernmentCloud defines US Government cloud
-	USGovernmentCloud = "AzureUSGovernmentCloud"
 )
 
 // Supported Azure VM family types
@@ -108,22 +102,14 @@ func New(creds *Credentials) (Client, error) {
 }
 
 func setActiveDirectoryEndpoint(config *auth.ClientCredentialsConfig, azureCloud string) error {
-	switch azureCloud {
-	case USGovernmentCloud:
-		config.Resource = azure.USGovernmentCloud.ResourceManagerEndpoint
-		config.AADEndpoint = azure.USGovernmentCloud.ActiveDirectoryEndpoint
-	case ChinaCloud:
-		config.Resource = azure.ChinaCloud.ResourceManagerEndpoint
-		config.AADEndpoint = azure.ChinaCloud.ActiveDirectoryEndpoint
-	case GermanCloud:
-		config.Resource = azure.GermanCloud.ResourceManagerEndpoint
-		config.AADEndpoint = azure.GermanCloud.ActiveDirectoryEndpoint
-	case PublicCloud:
-		config.Resource = azure.PublicCloud.ResourceManagerEndpoint
-		config.AADEndpoint = azure.PublicCloud.ActiveDirectoryEndpoint
-	default:
-		return errors.Errorf("%q is not a supported cloud in Azure. Supported clouds are AzurePublicCloud, AzureUSGovernmentCloud, AzureGermanCloud, AzureChinaCloud", azureCloud)
+	environment, err := azure.EnvironmentFromName(azureCloud)
+	if err != nil {
+		return err
 	}
+
+	config.Resource = environment.ResourceManagerEndpoint
+	config.AADEndpoint = environment.ActiveDirectoryEndpoint
+
 	return nil
 }
 

diff --git a/tkg/azure/client_test.go b/tkg/azure/client_test.go
@@ -7,6 +7,10 @@ package azure
 import (
 	"context"
 	"errors"
+	"os"
+	"path"
+	"path/filepath"
+	"runtime"
 	"testing"
 
 	"github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2019-12-01/compute"
@@ -170,6 +174,48 @@ var _ = Describe("Azure client", func() {
 			})
 		})
 
+		Context("with azureCloud set to 'AzureStackCloud'", func() {
+			Context("with AZURE_ENVIRONMENT_FILEPATH unset", func() {
+				It("should return error", func() {
+					config := &auth.ClientCredentialsConfig{}
+					err := setActiveDirectoryEndpoint(config, "AzureStackCloud")
+					Expect(err).To(HaveOccurred())
+				})
+			})
+
+			Context("with AZURE_ENVIRONMENT_FILEPATH set", func() {
+				It("should not return error with valid file", func() {
+					_, currentFile, _, _ := runtime.Caller(0)
+					os.Setenv("AZURE_ENVIRONMENT_FILEPATH", filepath.Join(path.Dir(currentFile), "testdata", "test_environment_1.json"))
+
+					config := &auth.ClientCredentialsConfig{}
+					err := setActiveDirectoryEndpoint(config, "AzureStackCloud")
+					Expect(err).ToNot(HaveOccurred())
+
+					Expect(config.Resource).To(Equal("--resource-management-endpoint--"))
+					Expect(config.AADEndpoint).To(Equal("--active-directory-endpoint--"))
+				})
+
+				It("should throw error with missing file", func() {
+					_, currentFile, _, _ := runtime.Caller(0)
+					os.Setenv("AZURE_ENVIRONMENT_FILEPATH", filepath.Join(path.Dir(currentFile), "testdata", "test_environment_2.json"))
+
+					config := &auth.ClientCredentialsConfig{}
+					err := setActiveDirectoryEndpoint(config, "AzureStackCloud")
+					Expect(err).To(HaveOccurred())
+				})
+
+				It("should throw error with invalid file", func() {
+					_, currentFile, _, _ := runtime.Caller(0)
+					os.Setenv("AZURE_ENVIRONMENT_FILEPATH", filepath.Join(path.Dir(currentFile), "mocks", "azure_mock.go"))
+
+					config := &auth.ClientCredentialsConfig{}
+					err := setActiveDirectoryEndpoint(config, "AzureStackCloud")
+					Expect(err).To(HaveOccurred())
+				})
+			})
+		})
+
 		Context("with azureCloud set to 'AzurePublicCloud'", func() {
 			It("should not return error", func() {
 				config := &auth.ClientCredentialsConfig{}

diff --git a/tkg/azure/testdata/test_environment_1.json b/tkg/azure/testdata/test_environment_1.json
@@ -0,0 +1,36 @@
+{
+    "name":                         "--unit-test--",
+    "managementPortalURL":          "--management-portal-url",
+    "publishSettingsURL":           "--publish-settings-url--",
+    "serviceManagementEndpoint":    "--service-management-endpoint--",
+    "resourceManagerEndpoint":      "--resource-management-endpoint--",
+    "activeDirectoryEndpoint":      "--active-directory-endpoint--",
+    "galleryEndpoint":              "--gallery-endpoint--",
+    "keyVaultEndpoint":             "--key-vault--endpoint--",
+    "managedHSMEndpoint":           "--managed-hsm-endpoint--",
+    "graphEndpoint":                "--graph-endpoint--",
+    "storageEndpointSuffix":        "--storage-endpoint-suffix--",
+    "cosmosDBDNSSuffix":            "--cosmos-db-dns-suffix--",
+    "mariaDBDNSSuffix":             "--maria-db-dns-suffix--",
+    "mySqlDatabaseDNSSuffix":       "--mysql-database-dns-suffix--",
+    "postgresqlDatabaseDNSSuffix":  "--postgresql-database-dns-suffix--",
+    "sqlDatabaseDNSSuffix":         "--sql-database-dns-suffix--",
+    "trafficManagerDNSSuffix":      "--traffic-manager-dns-suffix--",
+    "keyVaultDNSSuffix":            "--key-vault-dns-suffix--",
+    "managedHSMDNSSuffix":          "--managed-hsm-dns-suffix--",
+    "serviceBusEndpointSuffix":     "--service-bus-endpoint-suffix--",
+    "serviceManagementVMDNSSuffix": "--asm-vm-dns-suffix--",
+    "resourceManagerVMDNSSuffix":   "--arm-vm-dns-suffix--",
+    "containerRegistryDNSSuffix":   "--container-registry-dns-suffix--",
+    "tokenAudience":                "--token-audience",
+    "resourceIdentifiers": {
+        "batch": "--batch-resource-id--",
+        "datalake": "--datalake-resource-id--",
+        "graph": "--graph-resource-id--",
+        "keyVault": "--keyvault-resource-id--",
+        "operationalInsights": "--operational-insights-resource-id--",
+        "ossRDBMS": "--oss-rdbms-resource-id--",
+        "cosmosDB": "--cosmosdb-resource-id--",
+        "managedHSM": "--managed-hsm-resource-id--"
+    }
+}