-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GH-40028: [C++][FS][Azure] Add AzureFileSystem support to FileSystemFromUri() #40325
Merged
Merged
Changes from all commits
Commits
Show all changes
9 commits
Select commit
Hold shift + click to select a range
704b69e
GH-40028: [C++][FS][Azure] Add AzureFileSystem support to FileSystemF…
kou 9e7d75e
Update example URIs
kou 81076bc
Add the document URI for abfs:// and abfss://
kou fb692de
Remove needless empty container check
kou 376017f
Remove needless options_map
kou b8e6b83
Implement discussed spec
kou 5927be8
Escape special characters
kou 0a76645
Fix lint error
kou 58d948f
Fix lint error
kou File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
credential_kind_
should be inferred from what you find on the URI without the user having to set both the credential kind and the credentials.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does it mean that we should use
ConfigureClientSecretCredential()
iftenant_id
,client_id
andclient_secret
are specified butcredential_kind=client_secret
isn't specified?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
credential_kind
should never be specified and we should validate the URI to keep the invariant that it doesn't configure two different auth methods. And when nothing is provided, we use the default auth chain provided by the SDK.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, how can we distinguish
ConfigureAnonymousCredential()
,ConfigureWorkloadIdentityCredential()
andConfigureDefaultCredential()
? All of them don't require additional information.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The parameter-less auth methods can have dedicated query params for each. These being the valid configurations regarding auth:
?anonymous
?use_workload_identity
?account_key=<ACCOUNT_KEY>
?tenant_id=<TENANT_ID>&client_id=<CLIENT_ID>&client_secret=<CLIENT_SECRET>
?client_id=<CLIENT_ID>
(client_id alone means managed identity credential)There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
?anonymous
and?use_workaround_identity
are conflicted parameters. (We can't specify both of them at once.) I think that it's better that we use the same parameter name for the type (XXX={anonymous,workload_identity}
). If we use it, users can't specify both of them at once. (I know that URI spec acceptsXXX=anonymous&XXX=workload_identity
.)How about accepting only (
default
, )anonymous
anduse_workload_identity
as validcredential_kind
parameter??credential_kind=default
?anonymous
->?credential_kind=anonymous
?use_workload_identity
->?credential_kind=workload_identity
?account_key=<ACCOUNT_KEY>
-> not changed (?credential_kind=storage_shared_key
is invalid)?tenant_id=<TENANT_ID>&client_id=<CLIENT_ID>&client_secret=<CLIENT_SECRET>
-> not changed (?credential_kind=client_secret
is invalid)?client_id=<CLIENT_ID>
(client_id alone means managed identity credential) -> not changed (?credential_kind=managed_identity
is invalid)There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, we don't need
?account_key=<ACCOUNT_KEY>
because we can get it from the URI's password part.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure. That looks good.