AB#1877 Set location in azure cloud config

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

cli/azure/client/activedirectory.go

@@ -51,6 +51,7 @@ func (c *Client) CreateServicePrincipal(ctx context.Context) (string, error) {
 		TenantID:     c.tenantID,
 		ClientID:     createAppRes.AppID,
 		ClientSecret: clientSecret,
+		Location:     c.location,
 	}.ConvertToCloudServiceAccountURI(), nil
 }
 
@@ -169,6 +170,7 @@ type ApplicationCredentials struct {
 	TenantID     string
 	ClientID     string
 	ClientSecret string
+	Location     string
 }
 
 // ConvertToCloudServiceAccountURI converts the ApplicationCredentials into a cloud service account URI.
@@ -177,6 +179,7 @@ func (c ApplicationCredentials) ConvertToCloudServiceAccountURI() string {
 	query.Add("tenant_id", c.TenantID)
 	query.Add("client_id", c.ClientID)
 	query.Add("client_secret", c.ClientSecret)
+	query.Add("location", c.Location)
 	uri := url.URL{
 		Scheme:   "serviceaccount",
 		Host:     "azure",

cli/azure/client/activedirectory_test.go

@@ -366,6 +366,7 @@ func TestConvertToCloudServiceAccountURI(t *testing.T) {
 		TenantID:     "tenant-id",
 		ClientID:     "client-id",
 		ClientSecret: "client-secret",
+		Location:     "location",
 	}
 
 	cloudServiceAccountURI := key.ConvertToCloudServiceAccountURI()
@@ -378,5 +379,6 @@ func TestConvertToCloudServiceAccountURI(t *testing.T) {
 		"tenant_id":     []string{"tenant-id"},
 		"client_id":     []string{"client-id"},
 		"client_secret": []string{"client-secret"},
+		"location":      []string{"location"},
 	}, query)
 }

coordinator/cloudprovider/azure/ccm.go

@@ -69,6 +69,7 @@ func (c *CloudControllerManager) Secrets(instance core.Instance, cloudServiceAcc
 		ResourceGroup:       resourceGroup,
 		UseInstanceMetadata: true,
 		VmType:              vmType,
+		Location:            creds.Location,
 		AADClientID:         creds.ClientID,
 		AADClientSecret:     creds.ClientSecret,
 	}

coordinator/cloudprovider/azure/ccm_test.go

@@ -20,7 +20,7 @@ func TestSecrets(t *testing.T) {
 	}{
 		"Secrets works": {
 			instance:               core.Instance{ProviderID: "azure:///subscriptions/subscription-id/resourceGroups/resource-group/providers/Microsoft.Compute/virtualMachines/instance-name"},
-			cloudServiceAccountURI: "serviceaccount://azure?tenant_id=tenant-id&client_id=client-id&client_secret=client-secret",
+			cloudServiceAccountURI: "serviceaccount://azure?tenant_id=tenant-id&client_id=client-id&client_secret=client-secret&location=location",
 			expectedSecrets: resources.Secrets{
 				&k8s.Secret{
 					TypeMeta: meta.TypeMeta{
@@ -32,14 +32,14 @@ func TestSecrets(t *testing.T) {
 						Namespace: "kube-system",
 					},
 					Data: map[string][]byte{
-						"azure.json": []byte(`{"cloud":"AzurePublicCloud","tenantId":"tenant-id","subscriptionId":"subscription-id","resourceGroup":"resource-group","useInstanceMetadata":true,"vmType":"standard","aadClientId":"client-id","aadClientSecret":"client-secret"}`),
+						"azure.json": []byte(`{"cloud":"AzurePublicCloud","tenantId":"tenant-id","subscriptionId":"subscription-id","resourceGroup":"resource-group","location":"location","useInstanceMetadata":true,"vmType":"standard","aadClientId":"client-id","aadClientSecret":"client-secret"}`),
 					},
 				},
 			},
 		},
 		"Secrets works for scale sets": {
 			instance:               core.Instance{ProviderID: "azure:///subscriptions/subscription-id/resourceGroups/resource-group/providers/Microsoft.Compute/virtualMachineScaleSets/scale-set-name/virtualMachines/instance-id"},
-			cloudServiceAccountURI: "serviceaccount://azure?tenant_id=tenant-id&client_id=client-id&client_secret=client-secret",
+			cloudServiceAccountURI: "serviceaccount://azure?tenant_id=tenant-id&client_id=client-id&client_secret=client-secret&location=location",
 			expectedSecrets: resources.Secrets{
 				&k8s.Secret{
 					TypeMeta: meta.TypeMeta{
@@ -51,7 +51,7 @@ func TestSecrets(t *testing.T) {
 						Namespace: "kube-system",
 					},
 					Data: map[string][]byte{
-						"azure.json": []byte(`{"cloud":"AzurePublicCloud","tenantId":"tenant-id","subscriptionId":"subscription-id","resourceGroup":"resource-group","useInstanceMetadata":true,"vmType":"vmss","aadClientId":"client-id","aadClientSecret":"client-secret"}`),
+						"azure.json": []byte(`{"cloud":"AzurePublicCloud","tenantId":"tenant-id","subscriptionId":"subscription-id","resourceGroup":"resource-group","location":"location","useInstanceMetadata":true,"vmType":"vmss","aadClientId":"client-id","aadClientSecret":"client-secret"}`),
 					},
 				},
 			},

coordinator/cloudprovider/azure/serviceaccounturi.go

@@ -24,5 +24,6 @@ func getApplicationCredentials(cloudServiceAccountURI string) (client.Applicatio
 		TenantID:     query.Get("tenant_id"),
 		ClientID:     query.Get("client_id"),
 		ClientSecret: query.Get("client_secret"),
+		Location:     query.Get("location"),
 	}, nil
 }

coordinator/cloudprovider/azure/serviceaccounturi_test.go

@@ -13,6 +13,7 @@ func TestGetApplicationCredentials(t *testing.T) {
 		TenantID:     "tenant-id",
 		ClientID:     "client-id",
 		ClientSecret: "client-secret",
+		Location:     "location",
 	}
 	testCases := map[string]struct {
 		cloudServiceAccountURI string
@@ -20,7 +21,7 @@ func TestGetApplicationCredentials(t *testing.T) {
 		expectErr              bool
 	}{
 		"getApplicationCredentials works": {
-			cloudServiceAccountURI: "serviceaccount://azure?tenant_id=tenant-id&client_id=client-id&client_secret=client-secret",
+			cloudServiceAccountURI: "serviceaccount://azure?tenant_id=tenant-id&client_id=client-id&client_secret=client-secret&location=location",
 			expectedCreds:          creds,
 		},
 		"invalid URI fails": {