mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
AB#1877 Set location in azure cloud config
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
parent
719b6d5f6f
commit
3282995bda
@ -51,6 +51,7 @@ func (c *Client) CreateServicePrincipal(ctx context.Context) (string, error) {
|
||||
TenantID: c.tenantID,
|
||||
ClientID: createAppRes.AppID,
|
||||
ClientSecret: clientSecret,
|
||||
Location: c.location,
|
||||
}.ConvertToCloudServiceAccountURI(), nil
|
||||
}
|
||||
|
||||
@ -169,6 +170,7 @@ type ApplicationCredentials struct {
|
||||
TenantID string
|
||||
ClientID string
|
||||
ClientSecret string
|
||||
Location string
|
||||
}
|
||||
|
||||
// ConvertToCloudServiceAccountURI converts the ApplicationCredentials into a cloud service account URI.
|
||||
@ -177,6 +179,7 @@ func (c ApplicationCredentials) ConvertToCloudServiceAccountURI() string {
|
||||
query.Add("tenant_id", c.TenantID)
|
||||
query.Add("client_id", c.ClientID)
|
||||
query.Add("client_secret", c.ClientSecret)
|
||||
query.Add("location", c.Location)
|
||||
uri := url.URL{
|
||||
Scheme: "serviceaccount",
|
||||
Host: "azure",
|
||||
|
@ -366,6 +366,7 @@ func TestConvertToCloudServiceAccountURI(t *testing.T) {
|
||||
TenantID: "tenant-id",
|
||||
ClientID: "client-id",
|
||||
ClientSecret: "client-secret",
|
||||
Location: "location",
|
||||
}
|
||||
|
||||
cloudServiceAccountURI := key.ConvertToCloudServiceAccountURI()
|
||||
@ -378,5 +379,6 @@ func TestConvertToCloudServiceAccountURI(t *testing.T) {
|
||||
"tenant_id": []string{"tenant-id"},
|
||||
"client_id": []string{"client-id"},
|
||||
"client_secret": []string{"client-secret"},
|
||||
"location": []string{"location"},
|
||||
}, query)
|
||||
}
|
||||
|
@ -69,6 +69,7 @@ func (c *CloudControllerManager) Secrets(instance core.Instance, cloudServiceAcc
|
||||
ResourceGroup: resourceGroup,
|
||||
UseInstanceMetadata: true,
|
||||
VmType: vmType,
|
||||
Location: creds.Location,
|
||||
AADClientID: creds.ClientID,
|
||||
AADClientSecret: creds.ClientSecret,
|
||||
}
|
||||
|
@ -20,7 +20,7 @@ func TestSecrets(t *testing.T) {
|
||||
}{
|
||||
"Secrets works": {
|
||||
instance: core.Instance{ProviderID: "azure:///subscriptions/subscription-id/resourceGroups/resource-group/providers/Microsoft.Compute/virtualMachines/instance-name"},
|
||||
cloudServiceAccountURI: "serviceaccount://azure?tenant_id=tenant-id&client_id=client-id&client_secret=client-secret",
|
||||
cloudServiceAccountURI: "serviceaccount://azure?tenant_id=tenant-id&client_id=client-id&client_secret=client-secret&location=location",
|
||||
expectedSecrets: resources.Secrets{
|
||||
&k8s.Secret{
|
||||
TypeMeta: meta.TypeMeta{
|
||||
@ -32,14 +32,14 @@ func TestSecrets(t *testing.T) {
|
||||
Namespace: "kube-system",
|
||||
},
|
||||
Data: map[string][]byte{
|
||||
"azure.json": []byte(`{"cloud":"AzurePublicCloud","tenantId":"tenant-id","subscriptionId":"subscription-id","resourceGroup":"resource-group","useInstanceMetadata":true,"vmType":"standard","aadClientId":"client-id","aadClientSecret":"client-secret"}`),
|
||||
"azure.json": []byte(`{"cloud":"AzurePublicCloud","tenantId":"tenant-id","subscriptionId":"subscription-id","resourceGroup":"resource-group","location":"location","useInstanceMetadata":true,"vmType":"standard","aadClientId":"client-id","aadClientSecret":"client-secret"}`),
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
"Secrets works for scale sets": {
|
||||
instance: core.Instance{ProviderID: "azure:///subscriptions/subscription-id/resourceGroups/resource-group/providers/Microsoft.Compute/virtualMachineScaleSets/scale-set-name/virtualMachines/instance-id"},
|
||||
cloudServiceAccountURI: "serviceaccount://azure?tenant_id=tenant-id&client_id=client-id&client_secret=client-secret",
|
||||
cloudServiceAccountURI: "serviceaccount://azure?tenant_id=tenant-id&client_id=client-id&client_secret=client-secret&location=location",
|
||||
expectedSecrets: resources.Secrets{
|
||||
&k8s.Secret{
|
||||
TypeMeta: meta.TypeMeta{
|
||||
@ -51,7 +51,7 @@ func TestSecrets(t *testing.T) {
|
||||
Namespace: "kube-system",
|
||||
},
|
||||
Data: map[string][]byte{
|
||||
"azure.json": []byte(`{"cloud":"AzurePublicCloud","tenantId":"tenant-id","subscriptionId":"subscription-id","resourceGroup":"resource-group","useInstanceMetadata":true,"vmType":"vmss","aadClientId":"client-id","aadClientSecret":"client-secret"}`),
|
||||
"azure.json": []byte(`{"cloud":"AzurePublicCloud","tenantId":"tenant-id","subscriptionId":"subscription-id","resourceGroup":"resource-group","location":"location","useInstanceMetadata":true,"vmType":"vmss","aadClientId":"client-id","aadClientSecret":"client-secret"}`),
|
||||
},
|
||||
},
|
||||
},
|
||||
|
@ -24,5 +24,6 @@ func getApplicationCredentials(cloudServiceAccountURI string) (client.Applicatio
|
||||
TenantID: query.Get("tenant_id"),
|
||||
ClientID: query.Get("client_id"),
|
||||
ClientSecret: query.Get("client_secret"),
|
||||
Location: query.Get("location"),
|
||||
}, nil
|
||||
}
|
||||
|
@ -13,6 +13,7 @@ func TestGetApplicationCredentials(t *testing.T) {
|
||||
TenantID: "tenant-id",
|
||||
ClientID: "client-id",
|
||||
ClientSecret: "client-secret",
|
||||
Location: "location",
|
||||
}
|
||||
testCases := map[string]struct {
|
||||
cloudServiceAccountURI string
|
||||
@ -20,7 +21,7 @@ func TestGetApplicationCredentials(t *testing.T) {
|
||||
expectErr bool
|
||||
}{
|
||||
"getApplicationCredentials works": {
|
||||
cloudServiceAccountURI: "serviceaccount://azure?tenant_id=tenant-id&client_id=client-id&client_secret=client-secret",
|
||||
cloudServiceAccountURI: "serviceaccount://azure?tenant_id=tenant-id&client_id=client-id&client_secret=client-secret&location=location",
|
||||
expectedCreds: creds,
|
||||
},
|
||||
"invalid URI fails": {
|
||||
|
Loading…
Reference in New Issue
Block a user