✨ automatically generate azure.json

Tiltfile

@@ -270,7 +270,6 @@ def deploy_worker_templates(flavor, substitutions):
         "AZURE_CONTROL_PLANE_MACHINE_TYPE": "Standard_D2s_v3",
         "WORKER_MACHINE_COUNT": "2",
         "AZURE_NODE_MACHINE_TYPE": "Standard_D2s_v3",
-        "AZURE_JSON_B64": base64_encode(azure_json(flavor, substitutions)),
     }
 
     for substitution in substitutions:
@@ -288,35 +287,6 @@ def deploy_worker_templates(flavor, substitutions):
     )
 
 
-def azure_json(flavor, substitutions):
-    azure_settings = {
-        "cloud": substitutions.get("AZURE_ENVIRONMENT"),
-        "tenantId": substitutions.get("AZURE_TENANT_ID"),
-        "subscriptionId": substitutions.get("AZURE_SUBSCRIPTION_ID"),
-        "resourceGroup": substitutions.get("CLUSTER_NAME"),
-        "securityGroupName": "{}-node-nsg".format(substitutions.get("CLUSTER_NAME")),
-        "location": substitutions.get("AZURE_LOCATION"),
-        "vmType": "vmss",
-        "vnetName": "{}-vnet".format(substitutions.get("CLUSTER_NAME")),
-        "vnetResourceGroup": substitutions.get("CLUSTER_NAME"),
-        "subnetName": "{}-node-subnet".format(substitutions.get("CLUSTER_NAME")),
-        "routeTableName": "{}-node-routetable".format(substitutions.get("CLUSTER_NAME")),
-        "loadBalancerSku": "standard",
-        "maximumLoadBalancerRuleCount": 250,
-        "useManagedIdentityExtension": False,
-        "useInstanceMetadata": True
-    }
-
-    if flavor not in ["system-assigned-identity", "user-assigned-identity"]:
-        azure_settings["aadClientId"] = substitutions.get("AZURE_CLIENT_ID}")
-        azure_settings["aadClientSecret"] = substitutions.get("AZURE_CLIENT_SECRET}")
-
-    if flavor == "user-assigned-identity":
-        azure_settings["userAssignedIdentityID"] = substitutions.get("AZURE_USER_ASSIGNED_ID")
-
-    return str(encode_json(azure_settings))
-
-
 def base64_encode(to_encode):
     encode_blob = local("echo '{}' | tr -d '\n' | base64 - | tr -d '\n'".format(to_encode), quiet=True)
     return str(encode_blob)

cloud/interfaces.go

@@ -55,6 +55,10 @@ type CredentialGetter interface {
 // Authorizer is an interface which can get the subscription ID, base URI, and authorizer for an Azure service.
 type Authorizer interface {
 	SubscriptionID() string
+	ClientID() string
+	ClientSecret() string
+	CloudEnvironment() string
+	TenantID() string
 	BaseURI() string
 	Authorizer() autorest.Authorizer
 }

cloud/scope/clients.go

@@ -17,11 +17,12 @@ limitations under the License.
 package scope
 
 import (
-	"os"
+	"fmt"
+	"strings"
 
 	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
 	"github.com/Azure/go-autorest/autorest/azure/auth"
-	"github.com/pkg/errors"
 )
 
 const (
@@ -37,40 +38,73 @@ const (
 
 // AzureClients contains all the Azure clients used by the scopes.
 type AzureClients struct {
-	SubscriptionID             string
+	Authorizer                 autorest.Authorizer
+	environment                string
 	ResourceManagerEndpoint    string
 	ResourceManagerVMDNSSuffix string
-	Authorizer                 autorest.Authorizer
+	subscriptionID             string
+	tenantID                   string
+	clientID                   string
+	clientSecret               string
+}
+
+// CloudEnvironment returns the Azure environment the controller runs in.
+func (c *AzureClients) CloudEnvironment() string {
+	return c.environment
+}
+
+// SubscriptionID returns the Azure subscription id from the controller environment
+func (c *AzureClients) SubscriptionID() string {
+	return c.subscriptionID
+}
+
+// TenantID returns the Azure tenant id the controller runs in.
+func (c *AzureClients) TenantID() string {
+	return c.tenantID
+}
+
+// ClientID returns the Azure client id from the controller environment
+func (c *AzureClients) ClientID() string {
+	return c.clientID
+}
+
+// ClientSecret returns the Azure client secret from the controller environment
+func (c *AzureClients) ClientSecret() string {
+	return c.clientSecret
 }
 
 func (c *AzureClients) setCredentials(subscriptionID string) error {
-	subID, err := getSubscriptionID(subscriptionID)
-	if err != nil {
-		return err
-	}
-	c.SubscriptionID = subID
 	settings, err := auth.GetSettingsFromEnvironment()
 	if err != nil {
 		return err
 	}
+
+	if subscriptionID == "" {
+		subscriptionID = settings.GetSubscriptionID()
+		if subscriptionID == "" {
+			return fmt.Errorf("error creating azure services. subscriptionID is not set in cluster or AZURE_SUBSCRIPTION_ID env var")
+		}
+	}
+
+	c.subscriptionID = subscriptionID
+	c.tenantID = strings.TrimSuffix(settings.Values[auth.TenantID], "\n")
+	c.clientID = strings.TrimSuffix(settings.Values[auth.ClientID], "\n")
+	c.clientSecret = strings.TrimSuffix(settings.Values[auth.ClientSecret], "\n")
+
+	c.environment = settings.Values[auth.EnvironmentName]
+	if c.environment == "" {
+		c.environment = azure.PublicCloud.Name
+	}
+
 	c.ResourceManagerEndpoint = settings.Environment.ResourceManagerEndpoint
 	c.ResourceManagerVMDNSSuffix = GetAzureDNSZoneForEnvironment(settings.Environment.Name)
 	settings.Values[auth.SubscriptionID] = subscriptionID
+	settings.Values[auth.TenantID] = c.tenantID
+
 	c.Authorizer, err = settings.GetAuthorizer()
 	return err
 }
 
-func getSubscriptionID(subscriptionID string) (string, error) {
-	if subscriptionID != "" {
-		return subscriptionID, nil
-	}
-	subscriptionID = os.Getenv("AZURE_SUBSCRIPTION_ID")
-	if subscriptionID == "" {
-		return "", errors.New("error creating azure services. Environment variable AZURE_SUBSCRIPTION_ID is not set")
-	}
-	return subscriptionID, nil
-}
-
 // GetAzureDNSZoneForEnvironment returnes the DNSZone to be used with the
 // cloud environment, the default is the public cloud
 func GetAzureDNSZoneForEnvironment(environmentName string) string {

cloud/scope/cluster.go

@@ -66,7 +66,7 @@ func NewClusterScope(params ClusterScopeParams) (*ClusterScope, error) {
 
 	return &ClusterScope{
 		Logger:       params.Logger,
-		client:       params.Client,
+		Client:       params.Client,
 		AzureClients: params.AzureClients,
 		Cluster:      params.Cluster,
 		AzureCluster: params.AzureCluster,
@@ -77,7 +77,7 @@ func NewClusterScope(params ClusterScopeParams) (*ClusterScope, error) {
 // ClusterScope defines the basic context for an actuator to operate upon.
 type ClusterScope struct {
 	logr.Logger
-	client      client.Client
+	Client      client.Client
 	patchHelper *patch.Helper
 
 	AzureClients
@@ -87,7 +87,7 @@ type ClusterScope struct {
 
 // SubscriptionID returns the Azure client Subscription ID.
 func (s *ClusterScope) SubscriptionID() string {
-	return s.AzureClients.SubscriptionID
+	return s.AzureClients.SubscriptionID()
 }
 
 // BaseURI returns the Azure ResourceManagerEndpoint.

cloud/scope/managedcontrolplane.go

@@ -18,6 +18,7 @@ package scope
 
 import (
 	"context"
+
 	"github.com/Azure/go-autorest/autorest"
 	"github.com/go-logr/logr"
 	"github.com/pkg/errors"
@@ -96,7 +97,7 @@ type ManagedControlPlaneScope struct {
 
 // SubscriptionID returns the Azure client Subscription ID.
 func (s *ManagedControlPlaneScope) SubscriptionID() string {
-	return s.AzureClients.SubscriptionID
+	return s.AzureClients.SubscriptionID()
 }
 
 // BaseURI returns the Azure ResourceManagerEndpoint.