-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
auxiliary tenant IDs in the authentication process #610
base: main
Are you sure you want to change the base?
Conversation
…c test for auxtenant.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
PR Overview
This PR adds support for auxiliary tenant IDs to enhance the authentication process and updates the provider configuration accordingly.
- Added a function to extract list string values from configuration and environment variables.
- Updated authentication methods to pass auxiliary tenant IDs to underlying credential providers.
- Enhanced provider schema and configuration to incorporate auxiliary tenant IDs.
Reviewed Changes
File | Description |
---|---|
internal/helpers/config.go | Added GetListStringValues function for extracting list values from config or env vars. |
internal/api/client_test.go | Introduced a new unit test to verify auxiliary tenant IDs configuration. |
internal/api/auth.go | Updated authentication methods to include auxiliary tenant IDs in credential options. |
internal/provider/provider.go | Added "auxiliary_tenant_ids" to the provider schema and adjusted configuration for MSI. |
internal/constants/constants.go | Introduced new environment variable constants for auxiliary tenant IDs. |
internal/config/config.go | Extended configuration structs with the auxiliary tenant IDs field. |
internal/services/environment/resource_environment.go | Removed an extra empty line. |
Copilot reviewed 8 out of 8 changed files in this pull request and generated no comments.
Comments suppressed due to low confidence (2)
internal/helpers/config.go:51
- [nitpick] Avoid shadowing the 'value' parameter by renaming the local variable (e.g., 'envVal') to improve clarity.
if value, ok := os.LookupEnv(k); ok && value != "" {
internal/provider/provider.go:312
- [nitpick] Consider refactoring the conversion of types.List to []string for clarity and efficiency; using a dedicated helper or built-in conversion (if available) might improve maintainability.
// TODO there has to be a better way than starting with the slice and converting it..
Would love reviewer input on the types.List-to-[]string debacle, as well as whether I can set up any more robust tests with our current test tenant resources. |
@@ -45,6 +45,35 @@ func TestUnitApiClient_GetConfig(t *testing.T) { | |||
} | |||
} | |||
|
|||
func TestUnitApiClient_AuxTenants_GetConfig(t *testing.T) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't understand what you're testing for.
You are missing changie record |
// Convert the slice to an array | ||
// TODO there has to be a better way than starting with the slice and converting it.. | ||
auxiliaryTenantIDsList := make([]string, len(auxiliaryTenantIDs.Elements())) | ||
for i, v := range auxiliaryTenantIDs.Elements() { | ||
auxiliaryTenantIDsList[i] = v.String() | ||
} | ||
p.Config.AuxiliaryTenantIDs = auxiliaryTenantIDsList |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does this work?
var tenantIDs []string
diags := auxiliaryTenantIDs.ValueAs(ctx, &tenantIDs)
if diags.HasError() {
// handle conversion errors appropriately
}
This pull request focuses on adding support for auxiliary tenant IDs in the authentication process and updating related configurations. The most important changes include modifications to authentication methods, configuration structures, and provider setup.
Resolves #566
Authentication Enhancements:
AuthenticateClientCertificate
,AuthenticateClientSecret
,AuthenticateUsingCli
,AuthenticateOIDC
, andAuthenticateAzDOWorkloadIdentityFederation
methods to includeAdditionallyAllowedTenants
fromclient.config.AuxiliaryTenantIDs
. (internal/api/auth.go
) [1] [2] [3] [4] [5]Configuration Updates:
AuxiliaryTenantIDs
field toProviderConfig
andProviderConfigModel
structs. (internal/config/config.go
) [1] [2]ENV_VAR_POWER_PLATFORM_AUXILIARY_TENANT_IDS
andENV_VAR_ARM_AUXILIARY_TENANT_IDS
. (internal/constants/constants.go
) [1] [2]Provider Configuration:
auxiliary_tenant_ids
in the provider schema and configuration setup. (internal/provider/provider.go
) [1] [2] [3] [4]Helper Functions:
GetListStringValues
function to handle list values from configuration or environment variables. (internal/helpers/config.go
)Testing:
TestUnitApiClient_AuxTenants_GetConfig
to verify the auxiliary tenant IDs configuration. (internal/api/client_test.go
)