Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add azure ad workload identity support #425

Closed
wants to merge 2 commits into from
Closed

feat: add azure ad workload identity support #425

wants to merge 2 commits into from

Conversation

jeffpuckett
Copy link

Description

Add support for Azure AD Workload Identity. https://learn.microsoft.com/en-us/azure/aks/workload-identity-overview

Fixes: <! -- link to issue -->

Checklist

Please make sure that your PR fulfills the following requirements:

  • Reviewed the guidelines for contributing to this repository
  • The commit message follows the Conventional Commits Guidelines.
  • Tests for the changes have been updated
  • Are you adding dependencies? If so, please run go mod tidy -compat=1.17 to ensure only the minimum is pulled in.
  • Docs have been added / updated
  • Optional. My organization is added to USERS.md.

Type of Change

  • Bugfix
  • Feature
  • Code style update (formatting, local variables)
  • Refactoring (no functional changes, no api changes)
  • New tests
  • Build/CI related changes
  • Documentation content changes
  • Other (please describe)

Other information

First time writing Golang, but I'm gonna figure it out.

A couple of things to note

  • I don't often code and I wouldn't know how to test an authentication callback so that is not implemented. Any advice would be appreciated.
  • Further work will be needed as the current sdk being used is unsupported as of march of 2023. For now, having the functionality work at all is very helpful.
  • I haven't figured out how to pass environment variables from config.go to a callback in another file, and I figure the callback should be in another file. Comments welcome, but for now I am getting the environment variables in the authentication callback. Of note the environment variables are added to any pod configured to work with workload identity.

@CLAassistant
Copy link

CLAassistant commented Nov 11, 2022
edited
Loading

CLA assistant check
All committers have signed the CLA.

@YvesZelros YvesZelros mentioned this pull request Sep 1, 2023
Merged
14 tasks
@YvesZelros
Copy link
Contributor

YvesZelros commented Sep 1, 2023
edited
Loading

I write a new PR on the same subject but that use azidentity.NewDefaultAzureCredential that support natively follow Azure auth methods

The following credential types if enabled will be tried, in order:

@werne2j
Copy link
Member

werne2j commented Nov 5, 2023

Closing in favor of #548

@werne2j werne2j closed this Nov 5, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@werne2j werne2j Awaiting requested review from werne2j werne2j is a code owner

@jkayani jkayani Awaiting requested review from jkayani jkayani is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@jeffpuckett @CLAassistant @YvesZelros @werne2j @jpuckettgomeyra