azwi can not authenticate with GKE clusters

[moolen]

Describe the bug
azwi can not authenticate with GKE clusters. I suspect that other authentication providers are affected as well (oidc, openstack..)

Steps To Reproduce
I ran this step from the docs:

azwi serviceaccount create phase sa \
  --aad-application-name "${APPLICATION_NAME}" \
  --service-account-namespace "${SERVICE_ACCOUNT_NAMESPACE}" \
  --service-account-name "${SERVICE_ACCOUNT_NAME}"

Expected behavior
Service Account should be created just like it's documented.

Logs

INFO[0000] No subscription provided, using selected subscription from Azure CLI: xxxxxxxxxxxxxxx
panic: no Auth Provider found for name "gcp"

goroutine 1 [running]:
k8s.io/client-go/kubernetes/typed/admissionregistration/v1.NewForConfigOrDie(...)
        /home/moritz/go/pkg/mod/k8s.io/[email protected]/kubernetes/typed/admissionregistration/v1/admissionregistration_client.go:64
k8s.io/client-go/kubernetes.NewForConfigOrDie(0x59d6f60)
        /home/moritz/go/pkg/mod/k8s.io/[email protected]/kubernetes/clientset.go:588 +0xdb1
github.com/Azure/azure-workload-identity/pkg/kuberneteshelper.GetKubeClient()
        /home/moritz/dev/azure-workload-identity/pkg/kuberneteshelper/serviceaccount.go:30 +0x37
github.com/Azure/azure-workload-identity/pkg/cmd/serviceaccount.(*createData).KubeClient(0x0)
        /home/moritz/dev/azure-workload-identity/pkg/cmd/serviceaccount/create.go:218 +0x17
github.com/Azure/azure-workload-identity/pkg/cmd/serviceaccount/phases/create.(*serviceAccountPhase).prerun(0xc0006966a0, {0x59d6f60, 0xc00047eb60})
        /home/moritz/dev/azure-workload-identity/pkg/cmd/serviceaccount/phases/create/serviceaccount.go:67 +0xc4
github.com/Azure/azure-workload-identity/pkg/cmd/serviceaccount/phases/workflow.(*runner).Run(0xc00069ce70, {0x59d6f60, 0xc00047eb60})
        /home/moritz/dev/azure-workload-identity/pkg/cmd/serviceaccount/phases/workflow/runner.go:118 +0x274
github.com/Azure/azure-workload-identity/pkg/cmd/serviceaccount/phases/workflow.(*runner).BindToCommand.func1(0xc0004bd900, {0xc0006ad380, 0x0, 0x6})
        /home/moritz/dev/azure-workload-identity/pkg/cmd/serviceaccount/phases/workflow/runner.go:90 +0xd0
github.com/spf13/cobra.(*Command).execute(0xc0004bd900, {0xc0006ad320, 0x6, 0x6})
        /home/moritz/go/pkg/mod/github.com/spf13/[email protected]/command.go:852 +0x60e
github.com/spf13/cobra.(*Command).ExecuteC(0xc0004bca00)
        /home/moritz/go/pkg/mod/github.com/spf13/[email protected]/command.go:960 +0x3ad
github.com/spf13/cobra.(*Command).Execute(...)
        /home/moritz/go/pkg/mod/github.com/spf13/[email protected]/command.go:897
main.main()
        /home/moritz/dev/azure-workload-identity/cmd/azwi/main.go:15 +0x6f

Environment

• tested both azwi versions 0.7.0 and main (ef6bd8a)
• Kubernetes version (use kubectl version): 1.23.1
• Cloud provider or hardware configuration: GKE
• OS (e.g: cat /etc/os-release): Arch Linux
• Kernel (e.g. uname -a): 5.16.3-arch1-1 x86_64
• Install tools: GKE Managed
• Network plugin and version (if this is a network-related bug): -
• Others: -

Additional context
This issue is documented with a fix here: kubernetes/client-go#242

Fix
I implemented above fix and tested it with a GKE cluster. It works now.

From 19e5ef39d5f49aa7751fb0af385bf2cf7989fdfa Mon Sep 17 00:00:00 2001
From: Moritz Johner <[email protected]>
Date: Fri, 4 Feb 2022 11:17:21 +0100
Subject: [PATCH] fix: enable auth with GKE clusters

Signed-off-by: Moritz Johner <[email protected]>
---
 go.mod          | 1 +
 go.sum          | 1 +
 pkg/cmd/root.go | 3 +++
 3 files changed, 5 insertions(+)

diff --git a/go.mod b/go.mod
index 3befbd8..54f1818 100644
--- a/go.mod
+++ b/go.mod
@@ -38,6 +38,7 @@ require (
 )
 
 require (
+	cloud.google.com/go v0.81.0 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/azcore v0.21.0 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/internal v0.8.3 // indirect
 	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
diff --git a/go.sum b/go.sum
index 7e901a1..12c3b50 100644
--- a/go.sum
+++ b/go.sum
@@ -19,6 +19,7 @@ cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKP
 cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk=
 cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg=
 cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8=
+cloud.google.com/go v0.81.0 h1:at8Tk2zUz63cLPR0JPWm5vp77pEZmzxEQBEfRKn1VV8=
 cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0=
 cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o=
 cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE=
diff --git a/pkg/cmd/root.go b/pkg/cmd/root.go
index 24d144d..8bd3041 100644
--- a/pkg/cmd/root.go
+++ b/pkg/cmd/root.go
@@ -5,6 +5,9 @@ import (
 	"github.com/Azure/azure-workload-identity/pkg/cmd/serviceaccount"
 	"github.com/Azure/azure-workload-identity/pkg/cmd/version"
 
+	// import auth plugins
+	_ "k8s.io/client-go/plugin/pkg/client/auth"
+
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 )
-- 
2.35.1

May i open a PR with the attached patch?

[chewong]

Feel free to open a PR 😄