f4ebbfc7a3
* Read ACS Credentials for Azure Authentication Supprt a new environment variable: ACS_CREDENTIAL_LOCATION Expect the value to be the ACS credential filepath, which is the /etc/kubernetes/azure.json file generated on the ACS nodes. If the ACS_CREDENTIAL_LOCATION is specified and loaded, create the Azure Authentication class from its values. If the AZURE_AUTHENTICATION_LOCATION is specified and loaded, its values will overwrite the value above. Refactor the ACI provider and ACI client to be able to override the SPN by environment variable
38 lines
1016 B
Go
38 lines
1016 B
Go
package azure
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
"io/ioutil"
|
|
"log"
|
|
)
|
|
|
|
// AcsCredential represents the credential file for ACS
|
|
type AcsCredential struct {
|
|
Cloud string `json:"cloud"`
|
|
TenantID string `json:"tenantId"`
|
|
SubscriptionID string `json:"subscriptionId"`
|
|
ClientID string `json:"aadClientId"`
|
|
ClientSecret string `json:"aadClientSecret"`
|
|
ResourceGroup string `json:"resourceGroup"`
|
|
Region string `json:"location"`
|
|
}
|
|
|
|
// NewAcsCredential returns an AcsCredential struct from file path
|
|
func NewAcsCredential(filepath string) (*AcsCredential, error) {
|
|
log.Printf("Reading ACS credential file %q", filepath)
|
|
|
|
b, err := ioutil.ReadFile(filepath)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("Reading ACS credential file %q failed: %v", filepath, err)
|
|
}
|
|
|
|
// Unmarshal the authentication file.
|
|
var cred AcsCredential
|
|
if err := json.Unmarshal(b, &cred); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
log.Printf("Load ACS credential file %q successfully", filepath)
|
|
return &cred, nil
|
|
} |