Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Azure identity support #456

Merged
merged 5 commits into from
Oct 4, 2023
Merged

Azure identity support #456

merged 5 commits into from
Oct 4, 2023

Conversation

jepio
Copy link
Member

@jepio jepio commented Sep 27, 2023

Support using a managed identity for authentication on Azure. This allows running kola/ore without passing credentials, from a VM in Azure. This is similar to existing service-auth support on GCP. The identity needs contributor access at the subscription level.

Test case:

./bin/kola spawn
  --azure-location eastus
  --azure-publisher kinvolk
  --azure-offer flatcar-container-linux-free
  --azure-sku alpha-gen2
  --azure-version latest
  --azure-hyper-v-generation V2
  --azure-size Standard_D2s_v5
  --platform azure
  --verbose
  --azure-identity

@jepio
kola: azure: Switch default publisher/offer to Flatcar
b28a38d 
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
@jepio jepio requested a review from a team September 27, 2023 13:50
@jepio jepio mentioned this pull request Sep 27, 2023
Merged
tormath1
tormath1 reviewed Oct 2, 2023
View reviewed changes
platform/api/azure/api.go Outdated Show resolved Hide resolved
platform/api/azure/instance.go Outdated Show resolved Hide resolved
platform/api/azure/api.go Outdated Show resolved Hide resolved
platform/api/azure/api.go Outdated Show resolved Hide resolved
@jepio
Copy link
Member Author

jepio commented Oct 2, 2023

I've pushed some fixups for review - will rebase after review is done

tormath1
tormath1 reviewed Oct 4, 2023
View reviewed changes
Copy link
Contributor

@tormath1 tormath1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM - you can rebase.

@jepio
kola: azure: Implement support for managed identities
c891de8 
Add support for using a managed identity to authenticate with Azure. This
normally requires passing a subscription id through the environment but
if the identity only has access to a single subscription we can perform
a lookup automatically.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
@jepio
vendor: Update after adding new imports to azure platform
e885cd3 
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
@jepio
ore: azure: Support managed identities
518d199 
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
@jepio
platform/azure: Support "latest" image version
dbdf00c 
This is only used when running kola spawn with marketplace images. This
matches what azure-cli does.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
@jepio jepio merged commit d00dfd5 into flatcar-master Oct 4, 2023
2 checks passed
@jepio jepio deleted the azure-identity-support branch October 4, 2023 13:46
@github-actions github-actions bot mentioned this pull request Nov 9, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tormath1 tormath1 tormath1 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@jepio @tormath1