Skip to content

Commit

Permalink
support workload identity
Browse files Browse the repository at this point in the history
  • Loading branch information
@cvvz
cvvz committed Feb 16, 2023
1 parent b06461d commit 0ef4233
Show file tree
Hide file tree
Showing 8 changed files with 42 additions and 3 deletions.
3 changes: 3 additions & 0 deletions charts/latest/azurefile-csi-driver/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,9 @@ helm.sh/chart: {{ template "azurefile.chart" . }}
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels }}
{{- end }}
{{- if .Values.workloadIdentity.enabled }}
azure.workload.identity/use: "true"
{{- end }}
{{- end -}}


Expand Down
4 changes: 4 additions & 0 deletions charts/latest/azurefile-csi-driver/templates/serviceaccount-csi-azurefile-node.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,8 @@ metadata:
namespace: {{ .Release.Namespace }}
labels:
{{- include "azurefile.labels" . | nindent 4 }}
{{- if .Values.workloadIdentity.enabled }}
annotations:
azure.workload.identity/client-id: {{ .Values.workloadIdentity.clientID }}
{{- end }}
{{- end -}}
6 changes: 6 additions & 0 deletions charts/latest/azurefile-csi-driver/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -252,3 +252,9 @@ windows:
operator: NotIn
values:
- virtual-kubelet

workloadIdentity:
enabled: false
# if using Azure AD Application: APPLICATION_CLIENT_ID="$(az ad sp list --display-name "${APPLICATION_NAME}" --query '[0].appId' -otsv)"
# if using user-assigned managed identity: export USER_ASSIGNED_IDENTITY_CLIENT_ID="$(az identity show --name "${USER_ASSIGNED_IDENTITY_NAME}" --resource-group "${RESOURCE_GROUP}" --query 'clientId' -otsv)"
clientID: ""
1 change: 1 addition & 0 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,4 +165,5 @@ replace (
k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.26.0
k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.26.0
k8s.io/sample-controller => k8s.io/sample-controller v0.26.0
sigs.k8s.io/cloud-provider-azure => ../cloud-provider-azure
)
2 changes: 0 additions & 2 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -883,8 +883,6 @@ rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.35 h1:+xBL5uTc+BkPBwmMi3vYfUJjq+N3K+H6PXeETwf5cPI=
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.35/go.mod h1:WxjusMwXlKzfAs4p9km6XJRndVt2FROgMVCE4cdohFo=
sigs.k8s.io/cloud-provider-azure v1.26.1-0.20230215105432-915c704f695f h1:eVwmOctQH0o2P8aocUaHkXcMn1YnvNk3mDep8NY3P2I=
sigs.k8s.io/cloud-provider-azure v1.26.1-0.20230215105432-915c704f695f/go.mod h1:YOiX5KwLuvmV+WiF/5fPva7uiDJmrMoZJTcTnYMWEvI=
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k=
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE=
Expand Down
3 changes: 2 additions & 1 deletion vendor/modules.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1229,7 +1229,7 @@ sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/client
sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/client/metrics
sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/common/metrics
sigs.k8s.io/apiserver-network-proxy/konnectivity-client/proto/client
# sigs.k8s.io/cloud-provider-azure v1.26.1-0.20230215105432-915c704f695f
# sigs.k8s.io/cloud-provider-azure v1.26.1-0.20230215105432-915c704f695f => ../cloud-provider-azure
## explicit; go 1.19
sigs.k8s.io/cloud-provider-azure/pkg/azureclients
sigs.k8s.io/cloud-provider-azure/pkg/azureclients/armclient
Expand Down Expand Up @@ -1327,3 +1327,4 @@ sigs.k8s.io/yaml
# k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.26.0
# k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.26.0
# k8s.io/sample-controller => k8s.io/sample-controller v0.26.0
# sigs.k8s.io/cloud-provider-azure => ../cloud-provider-azure
9 changes: 9 additions & 0 deletions vendor/sigs.k8s.io/cloud-provider-azure/pkg/provider/azure.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

17 changes: 17 additions & 0 deletions vendor/sigs.k8s.io/cloud-provider-azure/pkg/provider/config/azure_auth.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 0ef4233

Please sign in to comment.