From 4c3b06b0bedd194c12e3bbc025adc20592503723 Mon Sep 17 00:00:00 2001 From: Christian Bianchi Date: Thu, 25 Mar 2021 18:26:00 +0100 Subject: [PATCH] make azure config json file generation use identity settings for worker nodes as well --- controllers/azurejson_machinepool_controller.go | 2 +- controllers/helpers.go | 9 +++++++++ controllers/helpers_test.go | 11 ++++++++--- 3 files changed, 18 insertions(+), 4 deletions(-) diff --git a/controllers/azurejson_machinepool_controller.go b/controllers/azurejson_machinepool_controller.go index 3544167fd21..47638ea8926 100644 --- a/controllers/azurejson_machinepool_controller.go +++ b/controllers/azurejson_machinepool_controller.go @@ -148,7 +148,7 @@ func (r *AzureJSONMachinePoolReconciler) Reconcile(req ctrl.Request) (_ ctrl.Res azureMachinePool.Namespace, azureMachinePool.Name, owner, - infrav1.VMIdentityNone, + azureMachinePool.Spec.Identity, "", ) diff --git a/controllers/helpers.go b/controllers/helpers.go index 599876e9b7d..89c64591b18 100644 --- a/controllers/helpers.go +++ b/controllers/helpers.go @@ -198,6 +198,9 @@ func systemAssignedIdentityCloudProviderConfig(d azure.ClusterScoper) (*CloudPro controlPlaneConfig.AadClientID = "" controlPlaneConfig.AadClientSecret = "" controlPlaneConfig.UseManagedIdentityExtension = true + workerConfig.AadClientID = "" + workerConfig.AadClientSecret = "" + workerConfig.UseManagedIdentityExtension = true return controlPlaneConfig, workerConfig } @@ -207,6 +210,10 @@ func userAssignedIdentityCloudProviderConfig(d azure.ClusterScoper, identityID s controlPlaneConfig.AadClientSecret = "" controlPlaneConfig.UseManagedIdentityExtension = true controlPlaneConfig.UserAssignedIdentityID = identityID + workerConfig.AadClientID = "" + workerConfig.AadClientSecret = "" + workerConfig.UseManagedIdentityExtension = true + workerConfig.UserAssignedIdentityID = identityID return controlPlaneConfig, workerConfig } @@ -233,6 +240,8 @@ func newCloudProviderConfig(d azure.ClusterScoper) (controlPlaneConfig *CloudPro }, &CloudProviderConfig{ Cloud: d.CloudEnvironment(), + AadClientID: d.ClientID(), + AadClientSecret: d.ClientSecret(), TenantID: d.TenantID(), SubscriptionID: d.SubscriptionID(), ResourceGroup: d.ResourceGroup(), diff --git a/controllers/helpers_test.go b/controllers/helpers_test.go index 1e59a9a70a3..3e15e5ef8a6 100644 --- a/controllers/helpers_test.go +++ b/controllers/helpers_test.go @@ -353,6 +353,8 @@ const ( "cloud": "AzurePublicCloud", "tenantId": "fooTenant", "subscriptionId": "baz", + "aadClientId": "fooClient", + "aadClientSecret": "fooSecret", "resourceGroup": "bar", "securityGroupName": "foo-node-nsg", "securityGroupResourceGroup": "bar", @@ -401,7 +403,7 @@ const ( "routeTableName": "foo-node-routetable", "loadBalancerSku": "Standard", "maximumLoadBalancerRuleCount": 250, - "useManagedIdentityExtension": false, + "useManagedIdentityExtension": true, "useInstanceMetadata": true }` @@ -439,8 +441,9 @@ const ( "routeTableName": "foo-node-routetable", "loadBalancerSku": "Standard", "maximumLoadBalancerRuleCount": 250, - "useManagedIdentityExtension": false, - "useInstanceMetadata": true + "useManagedIdentityExtension": true, + "useInstanceMetadata": true, + "userAssignedIdentityId": "foobar" }` spCustomVnetControlPlaneCloudConfig = `{ "cloud": "AzurePublicCloud", @@ -466,6 +469,8 @@ const ( "cloud": "AzurePublicCloud", "tenantId": "fooTenant", "subscriptionId": "baz", + "aadClientId": "fooClient", + "aadClientSecret": "fooSecret", "resourceGroup": "bar", "securityGroupName": "foo-node-nsg", "securityGroupResourceGroup": "custom-vnet-resource-group",