provisioner-azure: Make it mandatory to provide client_id

Regardless of what authentication provisioner uses (be it service principal based or az cli based), the CAA still needs client id, so make it mandatory to provide client id. Fixes confidential-containers#974 Signed-off-by: Suraj Deshmukh <suraj.deshmukh@microsoft.com>
wainersm · Jul 19, 2023 · 525519c · 525519c
1 parent 49ed5c7
commit 525519c
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/test/provisioner/provision_azure_initializer.go b/test/provisioner/provision_azure_initializer.go
@@ -89,7 +89,11 @@ func initAzureProperties(properties map[string]string) error {
 	if AzureProps.SubscriptionID == "" {
 		return errors.New("AZURE_SUBSCRIPTION_ID was not set.")
 	}
-	if AzureProps.ClientID == "" && !AzureProps.IsAzCliAuth {
+
+	// TODO: Right now AZURE_CLIENT_ID can be used by the provisioner
+	// application and the same value is passed on to the CAA app inside the
+	// daemonset. Figure out a way to separate these two.
+	if AzureProps.ClientID == "" {
 		return errors.New("AZURE_CLIENT_ID was not set.")
 	}
 	if AzureProps.ClientSecret == "" && !AzureProps.IsAzCliAuth {