Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add login command #74

Draft
wants to merge 4 commits into
base: main
Choose a base branch
from
Draft

Add login command #74

wants to merge 4 commits into from

Conversation

lbergnehr
Copy link

@lbergnehr lbergnehr commented Dec 17, 2024

Closes #33.

  1. Check for the existence of ~/.azure, which signals we're already
    logged in using some means.
  2. Check the environment for a service principal as defined by the
    environment variables AZURE_CLIENT_ID, AZURE_TENANT_ID, and
    AZURE_CLIENT_SECRET.
  3. Check the AZURE_CLIENT_ID environment variable for the client ID of
    a user-assigned managed identity.
  4. Use the system-assigned managed identity for the Azure resource if
    it's enabled.
  • Add documentation.
  • Make sure all output is JSON.
  • Use a good default command/flags for when mounting .azure directory.

@lbergnehr lbergnehr mentioned this pull request Dec 17, 2024
@lbergnehr lbergnehr force-pushed the main branch 3 times, most recently from c259af5 to 25cbf5d Compare December 17, 2024 13:23
@kichristensen
Copy link
Contributor

It think it would be beneficial to add some examples to the documentation showing the different ways to login

pkg/az/login.go Outdated
func (c *LoginCommand) GetFlags() builder.Flags {
flags := builder.Flags{}

if _, err := os.Stat(filepath.Join(os.Getenv("HOME"), ".azure")); err == nil {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be great to document what files is needed, as a lot of file exist in the directory locally

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added documentation to the readme. Let me know what you think.

pkg/az/login.go Outdated
Comment on lines 49 to 51
if _, err := os.Stat(filepath.Join(os.Getenv("HOME"), ".azure")); err == nil {
return flags
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indentation doesn't match the rest of the file

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed!

}

if os.Getenv("AZURE_CLIENT_ID") != "" && os.Getenv("AZURE_CLIENT_SECRET") != "" && os.Getenv("AZURE_TENANT_ID") != "" {
// Add flags for service principal authentication
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The version of the AZ CLI, v2.67.0, I have installed also requires the --service-principal flag when logging in as a service principal, so it might depend on the AZ CLI version what is needed here.
As it is possible to choose the AZ CLI version to install, we should think about what to do with different versions (if they behave differently)

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I simply missed adding it. Good catch!

1. Check for the existence of `~/.azure`, which signals we're already
   logged in using some means.
2. Check the environment for a service principal as defined by the
   environment variables `AZURE_CLIENT_ID`, `AZURE_TENANT_ID`, and
   `AZURE_CLIENT_SECRET`.
3. Check the `AZURE_CLIENT_ID` environment variable for the client ID of
   a user-assigned managed identity.
4. Use the system-assigned managed identity for the Azure resource if
   it's enabled.

Signed-off-by: Leo Bergnéhr <[email protected]>
Signed-off-by: Leo Bergnéhr <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Improved login
2 participants