coreos · andyliuliming · Oct 5, 2019
diff --git a/pkg/apis/etcd/v1beta2/backup_types.go b/pkg/apis/etcd/v1beta2/backup_types.go
@@ -28,6 +28,7 @@ const (
 	BackupStorageTypeABS      BackupStorageType = "ABS"
 	AzureSecretStorageAccount                   = "storage-account"
 	AzureSecretStorageKey                       = "storage-key"
+	AzureSecretSASURI                           = "storage-sas-uri"
 	AzureCloudKey                               = "cloud"
 
 	// Google GCS related consts

diff --git a/pkg/backup/backup_manager.go b/pkg/backup/backup_manager.go
@@ -98,6 +98,7 @@ func (bm *BackupManager) EnsureMaxBackup(ctx context.Context, basePath string, m
 		if err != nil {
 			return fmt.Errorf("failed to delete snapshot: %v", err)
 		}
+		logrus.Infof("Successfully deleted snapshot: (%s)", snapshotPath)
 	}
 	return nil
 }

diff --git a/pkg/backup/util/util.go b/pkg/backup/util/util.go
@@ -28,7 +28,8 @@ func MakeBackupName(ver string, rev int64) string {
 func ParseBucketAndKey(path string) (string, string, error) {
 	toks := strings.SplitN(path, "/", 2)
 	if len(toks) != 2 || len(toks[0]) == 0 || len(toks[1]) == 0 {
-		return "", "", fmt.Errorf("Invalid S3 path (%v)", path)
+		// this is used by gcs/oss/abs/s3
+		return "", "", fmt.Errorf("Invalid path (%v)", path)
 	}
 	return toks[0], toks[1], nil
 }
diff --git a/pkg/util/azureutil/absfactory/client.go b/pkg/util/azureutil/absfactory/client.go
@@ -55,18 +55,34 @@ func NewClientFromSecret(kubecli kubernetes.Interface, namespace, absSecret stri
 	storageAccount := se.Data[api.AzureSecretStorageAccount]
 	storageKey := se.Data[api.AzureSecretStorageKey]
 	cloudName := se.Data[api.AzureCloudKey]
+	sasURI := se.Data[api.AzureSecretSASURI]
 
 	cloud, err := parseAzureEnvironment(string(cloudName))
 	if err != nil {
 		return nil, err
 	}
+	var bc storage.Client
+	if len(sasURI) != 0 {
+		qIndex := strings.IndexAny(sasURI, "?")
+		if qIndex != -1 {
+			baseURL := sasURI[0:qIndex]
+			sasToken := sasURI[qIndex+1:]
 
-	bc, err := storage.NewBasicClientOnSovereignCloud(
-		string(storageAccount),
-		string(storageKey),
-		cloud)
-	if err != nil {
-		return nil, fmt.Errorf("failed to create Azure storage client: %v", err)
+			bc, err := storage.NewAccountSASClientFromEndpointToken(baseURL, sasToken)
+			if err != nil {
+				return nil, fmt.Errorf("create ABS client (from SAS token) failed: %v", err)
+			}
+		} else {
+			return nil, fmt.Errorf("No '?' in the URI, invalid sas token uri")
+		}
+	} else {
+		bc, err := storage.NewBasicClientOnSovereignCloud(
+			string(storageAccount),
+			string(storageKey),
+			cloud)
+		if err != nil {
+			return nil, fmt.Errorf("failed to create Azure storage client: %v", err)
+		}
 	}
 
 	abs := bc.GetBlobService()