Added environment struct for azure soverign cloud

Signed-off-by: mabhi <abhijit.mukherjee@infracloud.io>
kanisterio · Oct 5, 2023 · f6223fc · f6223fc
1 parent a816d02
commit f6223fc
Show file tree

Hide file tree

Showing 4 changed files with 96 additions and 13 deletions.
diff --git a/pkg/blockstorage/azure/client.go b/pkg/blockstorage/azure/client.go
@@ -131,7 +131,7 @@ func NewClient(ctx context.Context, config map[string]string) (*Client, error) {
 	}, nil
 }
 
-func getCredConfig(conf cloud.Configuration, config map[string]string) (ClientCredentialsConfig, error) {
+func getCredConfig(env Environment, config map[string]string) (ClientCredentialsConfig, error) {
 	credConfig, err := getCredConfigForAuth(config)
 	if err != nil {
 		return ClientCredentialsConfig{}, err
@@ -140,12 +140,12 @@ func getCredConfig(conf cloud.Configuration, config map[string]string) (ClientCr
 	//Todo: Find alternatives to azure.Environment
 	var ok bool
 	if credConfig.AADEndpoint, ok = config[blockstorage.AzureActiveDirEndpoint]; !ok || credConfig.AADEndpoint == "" {
-		credConfig.AADEndpoint = conf.ActiveDirectoryAuthorityHost
+		credConfig.AADEndpoint = env.Configuration.ActiveDirectoryAuthorityHost
 		config[blockstorage.AzureActiveDirEndpoint] = credConfig.AADEndpoint
 	}
 
 	if credConfig.Resource, ok = config[blockstorage.AzureActiveDirResourceID]; !ok || credConfig.Resource == "" {
-		credConfig.Resource = conf.Services[cloud.ResourceManager].Endpoint
+		credConfig.Resource = env.Configuration.Services[cloud.ResourceManager].Endpoint
 		config[blockstorage.AzureActiveDirResourceID] = credConfig.Resource
 	}
 

diff --git a/pkg/blockstorage/azure/client_test.go b/pkg/blockstorage/azure/client_test.go
@@ -87,14 +87,14 @@ func (s ClientSuite) TestGetRegions(c *C) {
 func (s *ClientSuite) TestGetCredConfig(c *C) {
 	for _, tc := range []struct {
 		name       string
-		env        cloud.Configuration
+		env        Environment
 		config     map[string]string
 		errChecker Checker
 		expCCC     ClientCredentialsConfig
 	}{
 		{
 			name: "TC1",
-			env:  cloud.AzurePublic,
+			env:  PublicCloud,
 			config: map[string]string{
 				blockstorage.AzureTenantID:            "atid",
 				blockstorage.AzureClientID:            "acid",
@@ -113,7 +113,7 @@ func (s *ClientSuite) TestGetCredConfig(c *C) {
 		},
 		{
 			name: "TC2",
-			env:  cloud.AzurePublic,
+			env:  PublicCloud,
 			config: map[string]string{
 				blockstorage.AzureTenantID:     "atid",
 				blockstorage.AzureClientID:     "acid",
@@ -130,7 +130,7 @@ func (s *ClientSuite) TestGetCredConfig(c *C) {
 		},
 		{
 			name: "TC3",
-			env:  cloud.AzureGovernment,
+			env:  USGovernmentCloud,
 			config: map[string]string{
 				blockstorage.AzureTenantID:            "atid",
 				blockstorage.AzureClientID:            "acid",
@@ -149,7 +149,7 @@ func (s *ClientSuite) TestGetCredConfig(c *C) {
 		},
 		{
 			name: "TC4",
-			env:  cloud.AzureGovernment,
+			env:  USGovernmentCloud,
 			config: map[string]string{
 				blockstorage.AzureTenantID: "atid",
 				blockstorage.AzureClientID: "acid",
@@ -158,15 +158,15 @@ func (s *ClientSuite) TestGetCredConfig(c *C) {
 		},
 		{
 			name: "TC5",
-			env:  cloud.AzureGovernment,
+			env:  USGovernmentCloud,
 			config: map[string]string{
 				blockstorage.AzureTenantID: "atid",
 			},
 			errChecker: NotNil,
 		},
 		{
 			name:       "TC6",
-			env:        cloud.AzureGovernment,
+			env:        USGovernmentCloud,
 			config:     map[string]string{},
 			errChecker: NotNil,
 		},

diff --git a/pkg/blockstorage/azure/environments.go b/pkg/blockstorage/azure/environments.go
@@ -0,0 +1,84 @@
+package azure
+
+import (
+	"fmt"
+	"github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud"
+	"strings"
+)
+
+const (
+	// NotAvailable is used for endpoints and resource IDs that are not available for a given cloud.
+	NotAvailable = "N/A"
+)
+
+var environments = map[string]Environment{
+	"AZURECHINACLOUD":        ChinaCloud,
+	"AZUREGERMANCLOUD":       GermanCloud,
+	"AZURECLOUD":             PublicCloud,
+	"AZUREPUBLICCLOUD":       PublicCloud,
+	"AZUREUSGOVERNMENT":      USGovernmentCloud,
+	"AZUREUSGOVERNMENTCLOUD": USGovernmentCloud,
+}
+
+// Environment represents a set of endpoints for each of Azure's Clouds.
+type Environment struct {
+	Name                    string `json:"name"`
+	ResourceManagerEndpoint string `json:"resourceManagerEndpoint"`
+	ActiveDirectoryEndpoint string `json:"activeDirectoryEndpoint"`
+	StorageEndpointSuffix   string `json:"storageEndpointSuffix"`
+	Configuration           cloud.Configuration
+}
+
+var (
+	// PublicCloud is the default public Azure cloud environment
+	//Ref: https://github.com/Azure/azure-sdk-for-go/blob/sdk/storage/azblob/v0.4.0/eng/common/TestResources/clouds/AzureCloud.json
+	PublicCloud = Environment{
+		Name:                    "AzurePublicCloud",
+		ResourceManagerEndpoint: "https://management.azure.com/",
+		ActiveDirectoryEndpoint: "https://login.microsoftonline.com/",
+		StorageEndpointSuffix:   "core.windows.net",
+		Configuration:           cloud.AzurePublic,
+	}
+
+	// USGovernmentCloud is the cloud environment for the US Government
+	//Ref: https://github.com/Azure/azure-sdk-for-go/blob/sdk/storage/azblob/v0.4.0/eng/common/TestResources/clouds/AzureUSGovernment.json
+	USGovernmentCloud = Environment{
+		Name:                    "AzureUSGovernmentCloud",
+		ResourceManagerEndpoint: "https://management.usgovcloudapi.net/",
+		ActiveDirectoryEndpoint: "https://login.microsoftonline.us/",
+		StorageEndpointSuffix:   "core.usgovcloudapi.net",
+		Configuration:           cloud.AzureGovernment,
+	}
+
+	// ChinaCloud is the cloud environment operated in China
+	//Ref: https://github.com/Azure/azure-sdk-for-go/blob/sdk/storage/azblob/v0.4.0/eng/common/TestResources/clouds/AzureChinaCloud.json
+	ChinaCloud = Environment{
+		Name:                    "AzureChinaCloud",
+		ResourceManagerEndpoint: "https://management.chinacloudapi.cn/",
+		ActiveDirectoryEndpoint: "https://login.chinacloudapi.cn/",
+		StorageEndpointSuffix:   "core.chinacloudapi.cn",
+		Configuration:           cloud.AzureChina,
+	}
+
+	// GermanCloud is the cloud environment operated in Germany has been deprecated
+	// Ref: https://learn.microsoft.com/en-us/previous-versions/azure/germany/germany-welcome
+	GermanCloud = Environment{
+		Name:                    "AzureGermanCloud",
+		ResourceManagerEndpoint: NotAvailable,
+		ActiveDirectoryEndpoint: NotAvailable,
+		StorageEndpointSuffix:   NotAvailable,
+		Configuration:           cloud.Configuration{},
+	}
+)
+
+// EnvironmentFromName returns an Environment based on the common name specified.
+func EnvironmentFromName(name string) (Environment, error) {
+
+	name = strings.ToUpper(name)
+	env, ok := environments[name]
+	if !ok {
+		return env, fmt.Errorf("environment/azure: There is no cloud environment matching the name %q", name)
+	}
+
+	return env, nil
+}
diff --git a/pkg/kopia/command/storage/secret_utils.go b/pkg/kopia/command/storage/secret_utils.go
@@ -16,11 +16,10 @@ package storage
 
 import (
 	"context"
-	"time"
-
-	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/kanisterio/kanister/pkg/blockstorage/azure"
 	"github.com/pkg/errors"
 	v1 "k8s.io/api/core/v1"
+	"time"
 
 	"github.com/kanisterio/kanister/pkg/apis/cr/v1alpha1"
 	"github.com/kanisterio/kanister/pkg/aws"