mirror of
https://github.com/ceph/ceph-csi.git
synced 2025-06-14 18:53:35 +00:00
Fresh dep ensure
This commit is contained in:
Mike Cronce
4
vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/BUILD
generated
vendored
4
vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/BUILD
generated
vendored
@ -21,9 +21,9 @@ go_library(
|
||||
"//vendor/github.com/Azure/go-autorest/autorest/adal:go_default_library",
|
||||
"//vendor/github.com/Azure/go-autorest/autorest/azure:go_default_library",
|
||||
"//vendor/github.com/dgrijalva/jwt-go:go_default_library",
|
||||
"//vendor/github.com/ghodss/yaml:go_default_library",
|
||||
"//vendor/github.com/golang/glog:go_default_library",
|
||||
"//vendor/github.com/spf13/pflag:go_default_library",
|
||||
"//vendor/k8s.io/klog:go_default_library",
|
||||
"//vendor/sigs.k8s.io/yaml:go_default_library",
|
||||
],
|
||||
)
|
||||
|
||||
|
||||
60
vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/azure_credentials.go
generated
vendored
60
vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/azure_credentials.go
generated
vendored
@ -27,9 +27,9 @@ import (
|
||||
"github.com/Azure/go-autorest/autorest"
|
||||
"github.com/Azure/go-autorest/autorest/adal"
|
||||
"github.com/Azure/go-autorest/autorest/azure"
|
||||
"github.com/ghodss/yaml"
|
||||
"github.com/golang/glog"
|
||||
"github.com/spf13/pflag"
|
||||
"k8s.io/klog"
|
||||
"sigs.k8s.io/yaml"
|
||||
|
||||
"k8s.io/kubernetes/pkg/cloudprovider/providers/azure/auth"
|
||||
"k8s.io/kubernetes/pkg/credentialprovider"
|
||||
@ -40,6 +40,8 @@ var flagConfigFile = pflag.String("azure-container-registry-config", "",
|
||||
|
||||
const dummyRegistryEmail = "name@contoso.com"
|
||||
|
||||
var containerRegistryUrls = []string{"*.azurecr.io", "*.azurecr.cn", "*.azurecr.de", "*.azurecr.us"}
|
||||
|
||||
// init registers the various means by which credentials may
|
||||
// be resolved on Azure.
|
||||
func init() {
|
||||
@ -131,7 +133,7 @@ func (a *acrProvider) loadConfig(rdr io.Reader) error {
|
||||
var err error
|
||||
a.config, err = parseConfig(rdr)
|
||||
if err != nil {
|
||||
glog.Errorf("Failed to load azure credential file: %v", err)
|
||||
klog.Errorf("Failed to load azure credential file: %v", err)
|
||||
}
|
||||
|
||||
a.environment, err = auth.ParseAzureEnvironment(a.config.Cloud)
|
||||
@ -144,26 +146,26 @@ func (a *acrProvider) loadConfig(rdr io.Reader) error {
|
||||
|
||||
func (a *acrProvider) Enabled() bool {
|
||||
if a.file == nil || len(*a.file) == 0 {
|
||||
glog.V(5).Infof("Azure config unspecified, disabling")
|
||||
klog.V(5).Infof("Azure config unspecified, disabling")
|
||||
return false
|
||||
}
|
||||
|
||||
f, err := os.Open(*a.file)
|
||||
if err != nil {
|
||||
glog.Errorf("Failed to load config from file: %s", *a.file)
|
||||
klog.Errorf("Failed to load config from file: %s", *a.file)
|
||||
return false
|
||||
}
|
||||
defer f.Close()
|
||||
|
||||
err = a.loadConfig(f)
|
||||
if err != nil {
|
||||
glog.Errorf("Failed to load config from file: %s", *a.file)
|
||||
klog.Errorf("Failed to load config from file: %s", *a.file)
|
||||
return false
|
||||
}
|
||||
|
||||
a.servicePrincipalToken, err = auth.GetServicePrincipalToken(a.config, a.environment)
|
||||
if err != nil {
|
||||
glog.Errorf("Failed to create service principal token: %v", err)
|
||||
klog.Errorf("Failed to create service principal token: %v", err)
|
||||
return false
|
||||
}
|
||||
|
||||
@ -176,31 +178,33 @@ func (a *acrProvider) Provide() credentialprovider.DockerConfig {
|
||||
ctx, cancel := getContextWithCancel()
|
||||
defer cancel()
|
||||
|
||||
glog.V(4).Infof("listing registries")
|
||||
result, err := a.registryClient.List(ctx)
|
||||
if err != nil {
|
||||
glog.Errorf("Failed to list registries: %v", err)
|
||||
return cfg
|
||||
}
|
||||
if a.config.UseManagedIdentityExtension {
|
||||
klog.V(4).Infof("listing registries")
|
||||
result, err := a.registryClient.List(ctx)
|
||||
if err != nil {
|
||||
klog.Errorf("Failed to list registries: %v", err)
|
||||
return cfg
|
||||
}
|
||||
|
||||
for ix := range result {
|
||||
loginServer := getLoginServer(result[ix])
|
||||
var cred *credentialprovider.DockerConfigEntry
|
||||
|
||||
if a.config.UseManagedIdentityExtension {
|
||||
cred, err = getACRDockerEntryFromARMToken(a, loginServer)
|
||||
for ix := range result {
|
||||
loginServer := getLoginServer(result[ix])
|
||||
klog.V(2).Infof("loginServer: %s", loginServer)
|
||||
cred, err := getACRDockerEntryFromARMToken(a, loginServer)
|
||||
if err != nil {
|
||||
continue
|
||||
}
|
||||
} else {
|
||||
cred = &credentialprovider.DockerConfigEntry{
|
||||
cfg[loginServer] = *cred
|
||||
}
|
||||
} else {
|
||||
// Add our entry for each of the supported container registry URLs
|
||||
for _, url := range containerRegistryUrls {
|
||||
cred := &credentialprovider.DockerConfigEntry{
|
||||
Username: a.config.AADClientID,
|
||||
Password: a.config.AADClientSecret,
|
||||
Email: dummyRegistryEmail,
|
||||
}
|
||||
cfg[url] = *cred
|
||||
}
|
||||
|
||||
cfg[loginServer] = *cred
|
||||
}
|
||||
return cfg
|
||||
}
|
||||
@ -212,22 +216,22 @@ func getLoginServer(registry containerregistry.Registry) string {
|
||||
func getACRDockerEntryFromARMToken(a *acrProvider, loginServer string) (*credentialprovider.DockerConfigEntry, error) {
|
||||
armAccessToken := a.servicePrincipalToken.OAuthToken()
|
||||
|
||||
glog.V(4).Infof("discovering auth redirects for: %s", loginServer)
|
||||
klog.V(4).Infof("discovering auth redirects for: %s", loginServer)
|
||||
directive, err := receiveChallengeFromLoginServer(loginServer)
|
||||
if err != nil {
|
||||
glog.Errorf("failed to receive challenge: %s", err)
|
||||
klog.Errorf("failed to receive challenge: %s", err)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
glog.V(4).Infof("exchanging an acr refresh_token")
|
||||
klog.V(4).Infof("exchanging an acr refresh_token")
|
||||
registryRefreshToken, err := performTokenExchange(
|
||||
loginServer, directive, a.config.TenantID, armAccessToken)
|
||||
if err != nil {
|
||||
glog.Errorf("failed to perform token exchange: %s", err)
|
||||
klog.Errorf("failed to perform token exchange: %s", err)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
glog.V(4).Infof("adding ACR docker config entry for: %s", loginServer)
|
||||
klog.V(4).Infof("adding ACR docker config entry for: %s", loginServer)
|
||||
return &credentialprovider.DockerConfigEntry{
|
||||
Username: dockerTokenLoginUsernameGUID,
|
||||
Password: registryRefreshToken,
|
||||
|
||||
12
vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/azure_credentials_test.go
generated
vendored
12
vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/azure_credentials_test.go
generated
vendored
@ -43,19 +43,25 @@ func Test(t *testing.T) {
|
||||
{
|
||||
Name: to.StringPtr("foo"),
|
||||
RegistryProperties: &containerregistry.RegistryProperties{
|
||||
LoginServer: to.StringPtr("foo-microsoft.azurecr.io"),
|
||||
LoginServer: to.StringPtr("*.azurecr.io"),
|
||||
},
|
||||
},
|
||||
{
|
||||
Name: to.StringPtr("bar"),
|
||||
RegistryProperties: &containerregistry.RegistryProperties{
|
||||
LoginServer: to.StringPtr("bar-microsoft.azurecr.io"),
|
||||
LoginServer: to.StringPtr("*.azurecr.cn"),
|
||||
},
|
||||
},
|
||||
{
|
||||
Name: to.StringPtr("baz"),
|
||||
RegistryProperties: &containerregistry.RegistryProperties{
|
||||
LoginServer: to.StringPtr("baz-microsoft.azurecr.io"),
|
||||
LoginServer: to.StringPtr("*.azurecr.de"),
|
||||
},
|
||||
},
|
||||
{
|
||||
Name: to.StringPtr("bus"),
|
||||
RegistryProperties: &containerregistry.RegistryProperties{
|
||||
LoginServer: to.StringPtr("*.azurecr.us"),
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user