Plumb through log analytics values (#274)

* plumb through log analytics values

* add option to specify a log analytics file as well

* use secret for log analytics

providers/azure/aci.go

@@ -44,6 +44,7 @@ type ACIProvider struct {
 	pods               string
 	internalIP         string
 	daemonEndpointPort int32
+	diagnostics        *aci.ContainerGroupDiagnostics
 }
 
 // AuthConfig is the secret returned from an ImageRegistryCredential
@@ -155,6 +156,25 @@ func NewACIProvider(config string, rm *manager.ResourceManager, nodeName, operat
 		return nil, err
 	}
 
+	// If the log analytics file has been specified, load workspace credentials from the file
+	if logAnalyticsAuthFile := os.Getenv("LOG_ANALYTICS_AUTH_LOCATION"); logAnalyticsAuthFile != "" {
+		p.diagnostics, err = aci.NewContainerGroupDiagnosticsFromFile(logAnalyticsAuthFile)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	// If we have both the log analytics workspace id and key, add them to the provider
+	// Environment variables overwrite the values provided in the file
+	if logAnalyticsID := os.Getenv("LOG_ANALYTICS_ID"); logAnalyticsID != "" {
+		if logAnalyticsKey := os.Getenv("LOG_ANALYTICS_KEY"); logAnalyticsKey != "" {
+			p.diagnostics, err = aci.NewContainerGroupDiagnostics(logAnalyticsID, logAnalyticsKey)
+			if err != nil {
+				return nil, err
+			}
+		}
+	}
+
 	if rg := os.Getenv("ACI_RESOURCE_GROUP"); rg != "" {
 		p.resourceGroup = rg
 	}
@@ -227,6 +247,7 @@ func (p *ACIProvider) CreatePod(pod *v1.Pod) error {
 	containerGroup.ContainerGroupProperties.Containers = containers
 	containerGroup.ContainerGroupProperties.Volumes = volumes
 	containerGroup.ContainerGroupProperties.ImageRegistryCredentials = creds
+	containerGroup.ContainerGroupProperties.Diagnostics = p.diagnostics
 
 	filterServiceAccountSecretVolume(p.operatingSystem, &containerGroup)
 

providers/azure/client/README.md

@@ -38,3 +38,29 @@ The file looks like this, in case you want to create it yourself:
     "managementEndpointUrl": "https://management.core.windows.net/"
 }
 ```
+
+
+## Log Analytics support
+
+Log Analytics is supported through environment variables:
+- `LOG_ANALYTICS_KEY`
+- `LOG_ANALYTICS_ID`
+
+You can also specify a file with these values and specify the path to it in the `LOG_ANALYTICS_AUTH_LOCATION`:
+
+``` bash
+export LOG_ANALYTICS_AUTH_LOCATION=/secure/location/loganalytics.json
+```
+
+``` powershell
+$env:LOG_ANALYTICS_AUTH_LOCATION= "/secure/location/loganalytics.json"
+```
+
+The file should look like this:
+
+``` json
+{
+    "workspaceID": "<YOUR_LOG_ANALYTICS_WORKSPACE_ID>",
+    "workspaceKey": "<YOUR_LOG_ANALYTICS_WORKSPACE_KEY>"
+}
+```

providers/azure/client/aci/analytics.go

@@ -0,0 +1,39 @@
+package aci
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io/ioutil"
+)
+
+func NewContainerGroupDiagnostics(logAnalyticsID, logAnalyticsKey string) (*ContainerGroupDiagnostics, error) {
+
+	if logAnalyticsID == "" || logAnalyticsKey == "" {
+		return nil, errors.New("Log Analytics configuration requires both the workspace ID and Key")
+	}
+
+	return &ContainerGroupDiagnostics{
+		LogAnalytics: &LogAnalyticsWorkspace{
+			WorkspaceID:  logAnalyticsID,
+			WorkspaceKey: logAnalyticsKey,
+		},
+	}, nil
+}
+
+func NewContainerGroupDiagnosticsFromFile(filepath string) (*ContainerGroupDiagnostics, error) {
+
+	analyticsdata, err := ioutil.ReadFile(filepath)
+	if err != nil {
+		return nil, fmt.Errorf("Reading Log Analytics Auth file %q failed: %v", filepath, err)
+	}
+	// Unmarshal the log analytics file.
+	var law LogAnalyticsWorkspace
+	if err := json.Unmarshal(analyticsdata, &law); err != nil {
+		return nil, err
+	}
+
+	return &ContainerGroupDiagnostics{
+		LogAnalytics: &law,
+	}, nil
+}

providers/azure/client/aci/analytics_test.go

@@ -0,0 +1,38 @@
+package aci
+
+import (
+	"io/ioutil"
+	"os"
+	"testing"
+)
+
+func TestLogAnalyticsFileParsingSuccess(t *testing.T) {
+	diagnostics, err := NewContainerGroupDiagnosticsFromFile("../../../../loganalytics.json")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if diagnostics == nil || diagnostics.LogAnalytics == nil {
+		t.Fatalf("Unexpected nil diagnostics. Log Analytics file not parsed correctly")
+	}
+
+	if diagnostics.LogAnalytics.WorkspaceID == "" || diagnostics.LogAnalytics.WorkspaceKey == "" {
+		t.Fatalf("Unexpected empty analytics authentication credentials. Log Analytics file not parsed correctly")
+	}
+}
+
+func TestLogAnalyticsFileParsingFailure(t *testing.T) {
+	tempFile, err := ioutil.TempFile("", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	_, err = NewContainerGroupDiagnosticsFromFile(tempFile.Name())
+
+	// Cleaup
+	tempFile.Close()
+	os.Remove(tempFile.Name())
+
+	if err == nil {
+		t.Fatalf("Expected parsing an empty Log Analytics auth file to fail, but there were no errors")
+	}
+}

providers/azure/client/aci/client_test.go

@@ -1,9 +1,6 @@
 package aci
 
 import (
-	"encoding/json"
-	"fmt"
-	"io/ioutil"
 	"log"
 	"os"
 	"strings"
@@ -363,21 +360,8 @@ func TestCreateContainerGroupWithReadinessProbe(t *testing.T) {
 	}
 }
 
-func logAnalyticsWorkspaceFromFile(filepath string) (*LogAnalyticsWorkspace, error) {
-	analyticsdata, err := ioutil.ReadFile(filepath)
-	if err != nil {
-		return nil, fmt.Errorf("Reading LogAnalyticsWorkspace file %q failed: %v", filepath, err)
-	}
-	// Unmarshal the log analytics file.
-	var law LogAnalyticsWorkspace
-	if err := json.Unmarshal(analyticsdata, &law); err != nil {
-		return nil, err
-	}
-	return &law, nil
-}
-
 func TestCreateContainerGroupWithLogAnalytics(t *testing.T) {
-	law, err := logAnalyticsWorkspaceFromFile("../../../../loganalytics.json")
+	diagnostics, err := NewContainerGroupDiagnosticsFromFile("../../../../loganalytics.json")
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -411,9 +395,7 @@ func TestCreateContainerGroupWithLogAnalytics(t *testing.T) {
 					},
 				},
 			},
-			Diagnostics: &ContainerGroupDiagnostics{
-				LogAnalytics: law,
-			},
+			Diagnostics: diagnostics,
 		},
 	})
 	if err != nil {