kubernetes · k8s-github-robot · Sep 2, 2018 · Jul 20, 2018
diff --git a/pkg/credentialprovider/azure/azure_credentials.go b/pkg/credentialprovider/azure/azure_credentials.go
@@ -36,6 +36,8 @@ var flagConfigFile = pflag.String("azure-container-registry-config", "",
 
 const dummyRegistryEmail = "name@contoso.com"
 
+var containerRegistryUrls = []string{"*.azurecr.io", "*.azurecr.cn", "*.azurecr.de", "*.azurecr.us"}
+
 // init registers the various means by which credentials may
 // be resolved on Azure.
 func init() {
@@ -111,31 +113,35 @@ func (a *acrProvider) Enabled() bool {
 func (a *acrProvider) Provide() credentialprovider.DockerConfig {
 	cfg := credentialprovider.DockerConfig{}
 
-	glog.V(4).Infof("listing registries")
-	res, err := a.registryClient.List()
-	if err != nil {
-		glog.Errorf("Failed to list registries: %v", err)
-		return cfg
-	}
+	if a.config.UseManagedIdentityExtension {
+		glog.V(4).Infof("listing registries")
+		res, err := a.registryClient.List()
+		if err != nil {
+			glog.Errorf("Failed to list registries: %v", err)
+			return cfg
+		}
 
-	for ix := range *res.Value {
-		loginServer := getLoginServer((*res.Value)[ix])
-		var cred *credentialprovider.DockerConfigEntry
+		for ix := range *res.Value {
+			loginServer := getLoginServer((*res.Value)[ix])
+			glog.V(2).Infof("loginServer: %s", loginServer)
+			var cred *credentialprovider.DockerConfigEntry
 
-		if a.config.UseManagedIdentityExtension {
-			cred, err = getACRDockerEntryFromARMToken(a, loginServer)
+			cred, err := getACRDockerEntryFromARMToken(a, loginServer)
 			if err != nil {
 				continue
 			}
-		} else {
-			cred = &credentialprovider.DockerConfigEntry{
+			cfg[loginServer] = *cred
+		}
+	} else {
+		// Add our entry for each of the supported container registry URLs
+		for _, url := range containerRegistryUrls {
+			cred := &credentialprovider.DockerConfigEntry{
 				Username: a.config.AADClientID,
 				Password: a.config.AADClientSecret,
 				Email:    dummyRegistryEmail,
 			}
+			cfg[url] = *cred
 		}
-
-		cfg[loginServer] = *cred
 	}
 	return cfg
 }

diff --git a/pkg/credentialprovider/azure/azure_credentials_test.go b/pkg/credentialprovider/azure/azure_credentials_test.go
@@ -43,19 +43,25 @@ func Test(t *testing.T) {
 			{
 				Name: to.StringPtr("foo"),
 				RegistryProperties: &containerregistry.RegistryProperties{
-					LoginServer: to.StringPtr("foo-microsoft.azurecr.io"),
+					LoginServer: to.StringPtr("*.azurecr.io"),
 				},
 			},
 			{
 				Name: to.StringPtr("bar"),
 				RegistryProperties: &containerregistry.RegistryProperties{
-					LoginServer: to.StringPtr("bar-microsoft.azurecr.io"),
+					LoginServer: to.StringPtr("*.azurecr.cn"),
 				},
 			},
 			{
 				Name: to.StringPtr("baz"),
 				RegistryProperties: &containerregistry.RegistryProperties{
-					LoginServer: to.StringPtr("baz-microsoft.azurecr.io"),
+					LoginServer: to.StringPtr("*.azurecr.de"),
+				},
+			},
+			{
+				Name: to.StringPtr("bus"),
+				RegistryProperties: &containerregistry.RegistryProperties{
+					LoginServer: to.StringPtr("*.azurecr.us"),
 				},
 			},
 		},