From 471d00c92982127ab6bb674c08adbebef93a6c70 Mon Sep 17 00:00:00 2001 From: Pengfei Ni Date: Tue, 24 Apr 2018 14:33:49 +0800 Subject: [PATCH] Use new clients in Azure credential provider --- pkg/credentialprovider/azure/BUILD | 4 +- .../azure/azure_credentials.go | 57 +++++++++++++++---- .../azure/azure_credentials_test.go | 45 +++++++-------- 3 files changed, 71 insertions(+), 35 deletions(-) diff --git a/pkg/credentialprovider/azure/BUILD b/pkg/credentialprovider/azure/BUILD index a52c99dbc82..5d1c3800d7f 100644 --- a/pkg/credentialprovider/azure/BUILD +++ b/pkg/credentialprovider/azure/BUILD @@ -16,7 +16,7 @@ go_library( deps = [ "//pkg/cloudprovider/providers/azure/auth:go_default_library", "//pkg/credentialprovider:go_default_library", - "//vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry:go_default_library", + "//vendor/github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2017-10-01/containerregistry:go_default_library", "//vendor/github.com/Azure/go-autorest/autorest:go_default_library", "//vendor/github.com/Azure/go-autorest/autorest/adal:go_default_library", "//vendor/github.com/Azure/go-autorest/autorest/azure:go_default_library", @@ -32,7 +32,7 @@ go_test( srcs = ["azure_credentials_test.go"], embed = [":go_default_library"], deps = [ - "//vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry:go_default_library", + "//vendor/github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2017-10-01/containerregistry:go_default_library", "//vendor/github.com/Azure/go-autorest/autorest/to:go_default_library", ], ) diff --git a/pkg/credentialprovider/azure/azure_credentials.go b/pkg/credentialprovider/azure/azure_credentials.go index 486128dc0eb..7f698beacd0 100644 --- a/pkg/credentialprovider/azure/azure_credentials.go +++ b/pkg/credentialprovider/azure/azure_credentials.go @@ -17,18 +17,20 @@ limitations under the License. package azure import ( + "context" "io" "io/ioutil" "os" "time" - "github.com/Azure/azure-sdk-for-go/arm/containerregistry" + "github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2017-10-01/containerregistry" "github.com/Azure/go-autorest/autorest" "github.com/Azure/go-autorest/autorest/adal" "github.com/Azure/go-autorest/autorest/azure" "github.com/ghodss/yaml" "github.com/golang/glog" "github.com/spf13/pflag" + "k8s.io/kubernetes/pkg/cloudprovider/providers/azure/auth" "k8s.io/kubernetes/pkg/credentialprovider" ) @@ -48,9 +50,46 @@ func init() { }) } +func getContextWithCancel() (context.Context, context.CancelFunc) { + return context.WithCancel(context.Background()) +} + // RegistriesClient is a testable interface for the ACR client List operation. type RegistriesClient interface { - List() (containerregistry.RegistryListResult, error) + List(ctx context.Context) ([]containerregistry.Registry, error) +} + +// azRegistriesClient implements RegistriesClient. +type azRegistriesClient struct { + client containerregistry.RegistriesClient +} + +func newAzRegistriesClient(subscriptionID, endpoint string, token *adal.ServicePrincipalToken) *azRegistriesClient { + registryClient := containerregistry.NewRegistriesClient(subscriptionID) + registryClient.BaseURI = endpoint + registryClient.Authorizer = autorest.NewBearerAuthorizer(token) + + return &azRegistriesClient{ + client: registryClient, + } +} + +func (az *azRegistriesClient) List(ctx context.Context) ([]containerregistry.Registry, error) { + iterator, err := az.client.ListComplete(ctx) + if err != nil { + return nil, err + } + + result := make([]containerregistry.Registry, 0) + for ; iterator.NotDone(); err = iterator.Next() { + if err != nil { + return nil, err + } + + result = append(result, iterator.Value()) + } + + return result, nil } // NewACRProvider parses the specified configFile and returns a DockerConfigProvider @@ -128,26 +167,24 @@ func (a *acrProvider) Enabled() bool { return false } - registryClient := containerregistry.NewRegistriesClient(a.config.SubscriptionID) - registryClient.BaseURI = a.environment.ResourceManagerEndpoint - registryClient.Authorizer = autorest.NewBearerAuthorizer(a.servicePrincipalToken) - a.registryClient = registryClient - + a.registryClient = newAzRegistriesClient(a.config.SubscriptionID, a.environment.ResourceManagerEndpoint, a.servicePrincipalToken) return true } func (a *acrProvider) Provide() credentialprovider.DockerConfig { cfg := credentialprovider.DockerConfig{} + ctx, cancel := getContextWithCancel() + defer cancel() glog.V(4).Infof("listing registries") - res, err := a.registryClient.List() + result, err := a.registryClient.List(ctx) if err != nil { glog.Errorf("Failed to list registries: %v", err) return cfg } - for ix := range *res.Value { - loginServer := getLoginServer((*res.Value)[ix]) + for ix := range result { + loginServer := getLoginServer(result[ix]) var cred *credentialprovider.DockerConfigEntry if a.config.UseManagedIdentityExtension { diff --git a/pkg/credentialprovider/azure/azure_credentials_test.go b/pkg/credentialprovider/azure/azure_credentials_test.go index 9d966fe6be5..4465e89c9f1 100644 --- a/pkg/credentialprovider/azure/azure_credentials_test.go +++ b/pkg/credentialprovider/azure/azure_credentials_test.go @@ -18,17 +18,18 @@ package azure import ( "bytes" + "context" "testing" - "github.com/Azure/azure-sdk-for-go/arm/containerregistry" + "github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2017-10-01/containerregistry" "github.com/Azure/go-autorest/autorest/to" ) type fakeClient struct { - results containerregistry.RegistryListResult + results []containerregistry.Registry } -func (f *fakeClient) List() (containerregistry.RegistryListResult, error) { +func (f *fakeClient) List(ctx context.Context) ([]containerregistry.Registry, error) { return f.results, nil } @@ -38,25 +39,23 @@ func Test(t *testing.T) { "aadClientId": "foo", "aadClientSecret": "bar" }` - result := containerregistry.RegistryListResult{ - Value: &[]containerregistry.Registry{ - { - Name: to.StringPtr("foo"), - RegistryProperties: &containerregistry.RegistryProperties{ - LoginServer: to.StringPtr("foo-microsoft.azurecr.io"), - }, + result := []containerregistry.Registry{ + { + Name: to.StringPtr("foo"), + RegistryProperties: &containerregistry.RegistryProperties{ + LoginServer: to.StringPtr("foo-microsoft.azurecr.io"), }, - { - Name: to.StringPtr("bar"), - RegistryProperties: &containerregistry.RegistryProperties{ - LoginServer: to.StringPtr("bar-microsoft.azurecr.io"), - }, + }, + { + Name: to.StringPtr("bar"), + RegistryProperties: &containerregistry.RegistryProperties{ + LoginServer: to.StringPtr("bar-microsoft.azurecr.io"), }, - { - Name: to.StringPtr("baz"), - RegistryProperties: &containerregistry.RegistryProperties{ - LoginServer: to.StringPtr("baz-microsoft.azurecr.io"), - }, + }, + { + Name: to.StringPtr("baz"), + RegistryProperties: &containerregistry.RegistryProperties{ + LoginServer: to.StringPtr("baz-microsoft.azurecr.io"), }, }, } @@ -71,8 +70,8 @@ func Test(t *testing.T) { creds := provider.Provide() - if len(creds) != len(*result.Value) { - t.Errorf("Unexpected list: %v, expected length %d", creds, len(*result.Value)) + if len(creds) != len(result) { + t.Errorf("Unexpected list: %v, expected length %d", creds, len(result)) } for _, cred := range creds { if cred.Username != "foo" { @@ -82,7 +81,7 @@ func Test(t *testing.T) { t.Errorf("expected 'bar' for password, saw: %v", cred.Username) } } - for _, val := range *result.Value { + for _, val := range result { registryName := getLoginServer(val) if _, found := creds[registryName]; !found { t.Errorf("Missing expected registry: %s", registryName)