Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add config parameter to Azure storage backend to allow specifying the ARM endpoint #7567

Merged
merged 1 commit into from
Oct 8, 2019
+46 −17
Merged

Add config parameter to Azure storage backend to allow specifying the ARM endpoint #7567

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 23 additions & 5 deletions physical/azure/azure.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,11 +74,29 @@ func NewAzureBackend(conf map[string]string, logger log.Logger) (physical.Backen
environmentName = "AzurePublicCloud"
}
}
environment, err := azure.EnvironmentFromName(environmentName)
if err != nil {
errorMsg := fmt.Sprintf("failed to look up Azure environment descriptor for name %q: {{err}}",
environmentName)
return nil, errwrap.Wrapf(errorMsg, err)

environmentUrl := os.Getenv("AZURE_ARM_ENDPOINT")
if environmentUrl == "" {
environmentUrl = conf["arm_endpoint"]
}

var environment azure.Environment
var err error

if environmentUrl != "" {
environment, err = azure.EnvironmentFromURL(environmentUrl)
if err != nil {
errorMsg := fmt.Sprintf("failed to look up Azure environment descriptor for URL %q: {{err}}",
environmentUrl)
return nil, errwrap.Wrapf(errorMsg, err)
}
} else {
environment, err = azure.EnvironmentFromName(environmentName)
if err != nil {
errorMsg := fmt.Sprintf("failed to look up Azure environment descriptor for name %q: {{err}}",
environmentName)
return nil, errwrap.Wrapf(errorMsg, err)
}
}

client, err := storage.NewBasicClientOnSovereignCloud(accountName, accountKey, environment)
Expand Down
31 changes: 19 additions & 12 deletions physical/azure/azure_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,12 @@ import (
"github.com/hashicorp/vault/sdk/physical"
)

func environmentForCleanupClient(name string) (azure.Environment, error) {
func environmentForCleanupClient(name string, armUrl string) (azure.Environment, error) {
if armUrl != "" {
kalafut marked this conversation as resolved.
Show resolved Hide resolved
return azure.EnvironmentFromURL(armUrl)
}
if name == "" {
return azure.EnvironmentFromName("AzurePublicCloud")
name = "AzurePublicCloud"
}
return azure.EnvironmentFromName(name)
}
Expand All @@ -32,11 +35,12 @@ func TestAzureBackend(t *testing.T) {
accountName := os.Getenv("AZURE_ACCOUNT_NAME")
accountKey := os.Getenv("AZURE_ACCOUNT_KEY")
environmentName := os.Getenv("AZURE_ENVIRONMENT")
environmentUrl := os.Getenv("AZURE_ARM_ENDPOINT")

ts := time.Now().UnixNano()
name := fmt.Sprintf("vault-test-%d", ts)

cleanupEnvironment, err := environmentForCleanupClient(environmentName)
cleanupEnvironment, err := environmentForCleanupClient(environmentName, environmentUrl)
if err != nil {
t.Fatalf("err: %s", err)
}
Expand All @@ -46,10 +50,11 @@ func TestAzureBackend(t *testing.T) {
logger := logging.NewVaultLogger(log.Debug)

backend, err := NewAzureBackend(map[string]string{
"container": name,
"accountName": accountName,
"accountKey": accountKey,
"environment": environmentName,
"container": name,
"accountName": accountName,
"accountKey": accountKey,
"environment": environmentName,
"arm_endpoint": environmentUrl,
}, logger)

defer func() {
Expand All @@ -75,11 +80,12 @@ func TestAzureBackend_ListPaging(t *testing.T) {
accountName := os.Getenv("AZURE_ACCOUNT_NAME")
accountKey := os.Getenv("AZURE_ACCOUNT_KEY")
environmentName := os.Getenv("AZURE_ENVIRONMENT")
environmentUrl := os.Getenv("AZURE_ARM_ENDPOINT")

ts := time.Now().UnixNano()
name := fmt.Sprintf("vault-test-%d", ts)

cleanupEnvironment, err := environmentForCleanupClient(environmentName)
cleanupEnvironment, err := environmentForCleanupClient(environmentName, environmentUrl)
if err != nil {
t.Fatalf("err: %s", err)
}
Expand All @@ -89,10 +95,11 @@ func TestAzureBackend_ListPaging(t *testing.T) {
logger := logging.NewVaultLogger(log.Debug)

backend, err := NewAzureBackend(map[string]string{
"container": name,
"accountName": accountName,
"accountKey": accountKey,
"environment": environmentName,
"container": name,
"accountName": accountName,
"accountKey": accountKey,
"environment": environmentName,
"arm_endpoint": environmentUrl,
}, logger)

defer func() {
Expand Down
4 changes: 4 additions & 0 deletions website/source/docs/configuration/storage/azure.html.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,10 @@ The current implementation is limited to a maximum of 4 megabytes per blob.
environment the storage account belongs to by way of the case-insensitive
name defined in the [Azure Go SDK][azure-environment].

- `arm_endpoint` `(string: "")` - Specifies the cloud environment
the storage account belongs to by way of the Azure Resource Manager endpoint
URL.

- `max_parallel` `(string: "128")` – Specifies The maximum number of concurrent
requests to Azure.

Expand Down