Squashed commit of the following:

commit e423f17 Merge: 0434a17 de80029 Author: weizhichen <weizhichen@microsoft.com> Date: Fri Dec 23 15:04:04 2022 +0000 Merge branch 'master' of github.com:kubernetes-sigs/cloud-provider-azure into support-privateendpoint commit 0434a17 Author: weizhichen <weizhichen@microsoft.com> Date: Fri Dec 23 06:22:22 2022 +0000 fix commit d77bb95 Author: weizhichen <weizhichen@microsoft.com> Date: Thu Dec 22 14:17:38 2022 +0000 fix ut commit ebb7580 Author: weizhichen <weizhichen@microsoft.com> Date: Thu Dec 22 13:17:34 2022 +0000 support privateendpoint for blob csi driver
kubernetes-sigs · Dec 23, 2022 · 5cd191a · 5cd191a
1 parent de80029
commit 5cd191a
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 3 deletions.
diff --git a/pkg/provider/azure_storageaccount.go b/pkg/provider/azure_storageaccount.go
@@ -37,7 +37,15 @@ import (
 const SkipMatchingTag = "skip-matching"
 const LocationGlobal = "global"
 const GroupIDFile = "file"
-const privateDNSZoneNameFmt = "privatelink.file.%s"
+const GroupIDBlob = "blob"
+const privateDNSZoneNameFmt = "privatelink.%s.%s"
+
+type StorageType string
+
+const (
+	StorageTypeBlob StorageType = "blob"
+	StorageTypeFile StorageType = "file"
+)
 
 // AccountOptions contains the fields which are used to create storage account.
 type AccountOptions struct {
@@ -48,6 +56,7 @@ type AccountOptions struct {
 	CreateAccount                           bool
 	EnableLargeFileShare                    bool
 	CreatePrivateEndpoint                   bool
+	StorageType                             StorageType
 	StorageEndpointSuffix                   string
 	DisableFileServiceDeleteRetentionPolicy bool
 	IsHnsEnabled                            *bool
@@ -163,10 +172,15 @@ func (az *Cloud) EnsureStorageAccount(ctx context.Context, accountOptions *Accou
 
 	var privateDNSZoneName string
 	if accountOptions.CreatePrivateEndpoint {
+		if accountOptions.StorageType == "" {
+			klog.V(2).Info("set StorageType as file when not specified")
+			accountOptions.StorageType = StorageTypeFile
+		}
+
 		if len(accountOptions.StorageEndpointSuffix) == 0 {
 			accountOptions.StorageEndpointSuffix = az.cloud.Environment.StorageEndpointSuffix
 		}
-		privateDNSZoneName = fmt.Sprintf(privateDNSZoneNameFmt, accountOptions.StorageEndpointSuffix)
+		privateDNSZoneName = fmt.Sprintf(privateDNSZoneNameFmt, accountOptions.StorageType, accountOptions.StorageEndpointSuffix)
 	}
 
 	if len(accountOptions.Tags) == 0 {
@@ -413,7 +427,7 @@ func (az *Cloud) createPrivateEndpoint(ctx context.Context, accountName string,
 	privateLinkServiceConnection := network.PrivateLinkServiceConnection{
 		Name: &privateLinkServiceConnectionName,
 		PrivateLinkServiceConnectionProperties: &network.PrivateLinkServiceConnectionProperties{
-			GroupIds:             &[]string{GroupIDFile},
+			GroupIds:             &[]string{GroupIDFile, GroupIDBlob},
 			PrivateLinkServiceID: accountID,
 		},
 	}

diff --git a/pkg/provider/azure_storageaccount_test.go b/pkg/provider/azure_storageaccount_test.go
@@ -377,6 +377,7 @@ func TestEnsureStorageAccount(t *testing.T) {
 		mockStorageAccountsClient       bool
 		setAccountOptions               bool
 		accessTier                      string
+		storageType                     StorageType
 		requireInfrastructureEncryption *bool
 		keyVaultURL                     *string
 		accountName                     string
@@ -390,6 +391,7 @@ func TestEnsureStorageAccount(t *testing.T) {
 			createPrivateEndpoint:           true,
 			mockStorageAccountsClient:       true,
 			setAccountOptions:               true,
+			storageType:                     StorageTypeFile,
 			requireInfrastructureEncryption: to.BoolPtr(true),
 			keyVaultURL:                     to.StringPtr("keyVaultURL"),
 			resourceGroup:                   "rg",
@@ -404,6 +406,7 @@ func TestEnsureStorageAccount(t *testing.T) {
 			SubnetPropertiesFormatNil: true,
 			mockStorageAccountsClient: true,
 			setAccountOptions:         true,
+			storageType:               StorageTypeFile,
 			resourceGroup:             "rg",
 			accountName:               "accountname",
 			expectedErr:               "could not get storage key for storage account",
@@ -485,6 +488,7 @@ func TestEnsureStorageAccount(t *testing.T) {
 				CreateAccount:         test.createAccount,
 				SubscriptionID:        test.subscriptionID,
 				AccessTier:            test.accessTier,
+				StorageType:           test.storageType,
 			}
 		}