Merge pull request #1169 from MartinForReal/shafan/token

Refactor: migrate blobclient to track2 sdk and fix ut cases

Author: k8s-ci-robot

go.mod

@@ -6,18 +6,24 @@ toolchain go1.21.4
 
 require (
 	github.com/Azure/azure-sdk-for-go v68.0.0+incompatible
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1
 	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0
+	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/keyvault/armkeyvault v1.4.0
+	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v1.2.0
+	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.5.0
+	github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.1.0
 	github.com/Azure/go-autorest/autorest v0.11.29
 	github.com/Azure/go-autorest/autorest/adal v0.9.23
-	github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect
 	github.com/container-storage-interface/spec v1.8.0
 	github.com/gofrs/uuid v4.4.0+incompatible // indirect
 	github.com/golang/protobuf v1.5.3
-	github.com/imdario/mergo v0.3.9 // indirect
 	github.com/kubernetes-csi/csi-lib-utils v0.16.0
+	github.com/onsi/ginkgo/v2 v2.14.0
 	github.com/onsi/gomega v1.30.0
 	github.com/pborman/uuid v1.2.1
 	github.com/pelletier/go-toml v1.9.5
+	github.com/pkg/errors v0.9.1
+	github.com/satori/go.uuid v1.2.0
 	github.com/stretchr/testify v1.8.4
 	go.uber.org/mock v0.4.0
 	golang.org/x/net v0.20.0
@@ -37,20 +43,16 @@ require (
 )
 
 require (
-	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1
 	github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.4.0 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerregistry/armcontainerregistry v1.2.0 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v4 v4.6.0 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/keyvault/armkeyvault v1.4.0
 	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4 v4.3.0 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns v1.2.0 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v1.2.0
-	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.5.0 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.1.0
 	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
 	github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
 	github.com/Azure/go-autorest/autorest/mocks v0.4.2 // indirect
+	github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect
 	github.com/Azure/go-autorest/autorest/validation v0.3.1 // indirect
 	github.com/Azure/go-autorest/logger v0.2.1 // indirect
 	github.com/Azure/go-autorest/tracing v0.6.0 // indirect
@@ -88,6 +90,7 @@ require (
 	github.com/google/uuid v1.5.0 // indirect
 	github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect
 	github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 // indirect
+	github.com/imdario/mergo v0.3.9 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
@@ -99,17 +102,14 @@ require (
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
-	github.com/onsi/ginkgo/v2 v2.14.0
 	github.com/opencontainers/go-digest v1.0.0 // indirect
 	github.com/opencontainers/selinux v1.11.0 // indirect
 	github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect
-	github.com/pkg/errors v0.9.1
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/prometheus/client_golang v1.16.0 // indirect
 	github.com/prometheus/client_model v0.4.0 // indirect
 	github.com/prometheus/common v0.44.0 // indirect
 	github.com/prometheus/procfs v0.10.1 // indirect
-	github.com/satori/go.uuid v1.2.0
 	github.com/spf13/cobra v1.8.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/stoewer/go-strcase v1.2.0 // indirect

pkg/blob/blob.go

@@ -27,7 +27,7 @@ import (
 	"sync"
 	"time"
 
-	"github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2021-09-01/storage"
+	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
 	azstorage "github.com/Azure/azure-sdk-for-go/storage"
 	az "github.com/Azure/go-autorest/autorest/azure"
 	"github.com/container-storage-interface/spec/lib/go/csi"
@@ -44,6 +44,7 @@ import (
 
 	csicommon "sigs.k8s.io/blob-csi-driver/pkg/csi-common"
 	"sigs.k8s.io/blob-csi-driver/pkg/util"
+	"sigs.k8s.io/cloud-provider-azure/pkg/azclient"
 	azcache "sigs.k8s.io/cloud-provider-azure/pkg/cache"
 	"sigs.k8s.io/cloud-provider-azure/pkg/provider"
 	azure "sigs.k8s.io/cloud-provider-azure/pkg/provider"
@@ -203,6 +204,8 @@ type Driver struct {
 	csicommon.CSIDriver
 
 	cloud                 *azure.Cloud
+	clientFactory         azclient.ClientFactory
+	networkClientFactory  azclient.ClientFactory
 	KubeClient            kubernetes.Interface
 	blobfuseProxyEndpoint string
 	// enableBlobMockMount is only for testing, DO NOT set as true in non-testing scenario
@@ -266,6 +269,10 @@ func NewDriver(options *DriverOptions, kubeClient kubernetes.Interface, cloud *p
 	d.Name = options.DriverName
 	d.Version = driverVersion
 	d.NodeID = options.NodeID
+	if d.cloud != nil {
+		d.clientFactory = d.cloud.ComputeClientFactory
+		d.networkClientFactory = d.cloud.NetworkClientFactory
+	}
 
 	var err error
 	getter := func(key string) (interface{}, error) { return nil, nil }
@@ -761,7 +768,7 @@ func isSupportedAccessTier(accessTier string) bool {
 	if accessTier == "" {
 		return true
 	}
-	for _, tier := range storage.PossibleAccessTierValues() {
+	for _, tier := range armstorage.PossibleAccessTierValues() {
 		if accessTier == string(tier) {
 			return true
 		}
@@ -899,11 +906,11 @@ func (d *Driver) GetStorageAccesskey(ctx context.Context, accountOptions *azure.
 // GetInfoFromSecret get info from k8s secret
 // return <accountName, accountKey, accountSasToken, msiSecret, spnClientSecret, spnClientID, spnTenantID, error>
 func (d *Driver) GetInfoFromSecret(ctx context.Context, secretName, secretNamespace string) (string, string, string, string, string, string, string, error) {
-	if d.cloud.KubeClient == nil {
+	if d.KubeClient == nil {
 		return "", "", "", "", "", "", "", fmt.Errorf("could not get account key from secret(%s): KubeClient is nil", secretName)
 	}
 
-	secret, err := d.cloud.KubeClient.CoreV1().Secrets(secretNamespace).Get(ctx, secretName, metav1.GetOptions{})
+	secret, err := d.KubeClient.CoreV1().Secrets(secretNamespace).Get(ctx, secretName, metav1.GetOptions{})
 	if err != nil {
 		return "", "", "", "", "", "", "", fmt.Errorf("could not get secret(%v): %w", secretName, err)
 	}

pkg/blob/blob_test.go

@@ -957,7 +957,7 @@ func TestGetContainerReference(t *testing.T) {
 
 	d := NewFakeDriver()
 	d.cloud = azure.GetTestCloud(gomock.NewController(t))
-	d.cloud.KubeClient = fake.NewSimpleClientset()
+	d.KubeClient = fake.NewSimpleClientset()
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
@@ -1076,8 +1076,7 @@ func TestGetStorageAccesskey(t *testing.T) {
 		},
 	}
 	d := NewFakeDriver()
-	d.cloud = &azure.Cloud{}
-	d.cloud.KubeClient = fake.NewSimpleClientset()
+	d.KubeClient = fake.NewSimpleClientset()
 	secret := &v1api.Secret{
 		ObjectMeta: metav1.ObjectMeta{
 			Namespace: secretNamespace,
@@ -1090,7 +1089,7 @@ func TestGetStorageAccesskey(t *testing.T) {
 		Type: "Opaque",
 	}
 	secret.Namespace = secretNamespace
-	_, secretCreateErr := d.cloud.KubeClient.CoreV1().Secrets(secretNamespace).Create(context.TODO(), secret, metav1.CreateOptions{})
+	_, secretCreateErr := d.KubeClient.CoreV1().Secrets(secretNamespace).Create(context.TODO(), secret, metav1.CreateOptions{})
 	if secretCreateErr != nil {
 		t.Error("failed to create secret")
 	}
@@ -1120,7 +1119,7 @@ func TestGetInfoFromSecret(t *testing.T) {
 			testFunc: func(t *testing.T) {
 				d := NewFakeDriver()
 				d.cloud = &azure.Cloud{}
-				d.cloud.KubeClient = nil
+				d.KubeClient = nil
 				secretName := "foo"
 				secretNamespace := "bar"
 				_, _, _, _, _, _, _, err := d.GetInfoFromSecret(context.TODO(), secretName, secretNamespace)
@@ -1134,8 +1133,7 @@ func TestGetInfoFromSecret(t *testing.T) {
 			name: "Could not get secret",
 			testFunc: func(t *testing.T) {
 				d := NewFakeDriver()
-				d.cloud = &azure.Cloud{}
-				d.cloud.KubeClient = fakeClient
+				d.KubeClient = fakeClient
 				secretName := ""
 				secretNamespace := ""
 				_, _, _, _, _, _, _, err := d.GetInfoFromSecret(context.TODO(), secretName, secretNamespace)
@@ -1150,8 +1148,7 @@ func TestGetInfoFromSecret(t *testing.T) {
 			name: "get account name from secret",
 			testFunc: func(t *testing.T) {
 				d := NewFakeDriver()
-				d.cloud = &azure.Cloud{}
-				d.cloud.KubeClient = fakeClient
+				d.KubeClient = fakeClient
 				secretName := "store_account_name_key"
 				secretNamespace := "namespace"
 				accountName := "bar"
@@ -1167,7 +1164,7 @@ func TestGetInfoFromSecret(t *testing.T) {
 					},
 					Type: "Opaque",
 				}
-				_, secretCreateErr := d.cloud.KubeClient.CoreV1().Secrets(secretNamespace).Create(context.TODO(), secret, metav1.CreateOptions{})
+				_, secretCreateErr := d.KubeClient.CoreV1().Secrets(secretNamespace).Create(context.TODO(), secret, metav1.CreateOptions{})
 				if secretCreateErr != nil {
 					t.Error("failed to create secret")
 				}
@@ -1187,7 +1184,7 @@ func TestGetInfoFromSecret(t *testing.T) {
 			testFunc: func(t *testing.T) {
 				d := NewFakeDriver()
 				d.cloud = &azure.Cloud{}
-				d.cloud.KubeClient = fakeClient
+				d.KubeClient = fakeClient
 				secretName := "store_other_info"
 				secretNamespace := "namespace"
 				accountName := "bar"
@@ -1211,7 +1208,7 @@ func TestGetInfoFromSecret(t *testing.T) {
 					},
 					Type: "Opaque",
 				}
-				_, secretCreateErr := d.cloud.KubeClient.CoreV1().Secrets(secretNamespace).Create(context.TODO(), secret, metav1.CreateOptions{})
+				_, secretCreateErr := d.KubeClient.CoreV1().Secrets(secretNamespace).Create(context.TODO(), secret, metav1.CreateOptions{})
 				if secretCreateErr != nil {
 					t.Error("failed to create secret")
 				}

pkg/blob/controllerserver.go

@@ -30,6 +30,7 @@ import (
 	"google.golang.org/grpc/status"
 
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
+	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
 	"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob"
 	"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/sas"
 	"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/service"
@@ -42,6 +43,7 @@ import (
 	"k8s.io/utils/pointer"
 
 	"sigs.k8s.io/blob-csi-driver/pkg/util"
+	"sigs.k8s.io/cloud-provider-azure/pkg/azclient/blobcontainerclient"
 	azcache "sigs.k8s.io/cloud-provider-azure/pkg/cache"
 	"sigs.k8s.io/cloud-provider-azure/pkg/metrics"
 	"sigs.k8s.io/cloud-provider-azure/pkg/provider"
@@ -261,7 +263,7 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
 		return nil, status.Errorf(codes.InvalidArgument, "protocol(%s) is not supported, supported protocol list: %v", protocol, supportedProtocolList)
 	}
 	if !isSupportedAccessTier(accessTier) {
-		return nil, status.Errorf(codes.InvalidArgument, "accessTier(%s) is not supported, supported AccessTier list: %v", accessTier, storage.PossibleAccessTierValues())
+		return nil, status.Errorf(codes.InvalidArgument, "accessTier(%s) is not supported, supported AccessTier list: %v", accessTier, armstorage.PossibleAccessTierValues())
 	}
 
 	if containerName != "" && containerNamePrefix != "" {
@@ -275,7 +277,7 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
 	if strings.EqualFold(networkEndpointType, privateEndpoint) {
 		createPrivateEndpoint = pointer.BoolPtr(true)
 	}
-	accountKind := string(storage.KindStorageV2)
+	accountKind := string(armstorage.KindStorageV2)
 	if isNFSProtocol(protocol) {
 		isHnsEnabled = pointer.Bool(true)
 		enableNfsV3 = pointer.Bool(true)
@@ -293,11 +295,11 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
 	}
 
 	if strings.HasPrefix(strings.ToLower(storageAccountType), "premium") {
-		accountKind = string(storage.KindBlockBlobStorage)
+		accountKind = string(armstorage.KindBlockBlobStorage)
 	}
 	if IsAzureStackCloud(d.cloud) {
-		accountKind = string(storage.KindStorage)
-		if storageAccountType != "" && storageAccountType != string(storage.SkuNameStandardLRS) && storageAccountType != string(storage.SkuNamePremiumLRS) {
+		accountKind = string(armstorage.KindStorage)
+		if storageAccountType != "" && storageAccountType != string(armstorage.SKUNameStandardLRS) && storageAccountType != string(armstorage.SKUNamePremiumLRS) {
 			return nil, status.Errorf(codes.InvalidArgument, fmt.Sprintf("Invalid skuName value: %s, as Azure Stack only supports %s and %s Storage Account types.", storageAccountType, storage.SkuNamePremiumLRS, storage.SkuNameStandardLRS))
 		}
 	}
@@ -449,7 +451,7 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
 			}
 		}
 
-		secretName, err := setAzureCredentials(ctx, d.cloud.KubeClient, accountName, accountKey, secretNamespace)
+		secretName, err := setAzureCredentials(ctx, d.KubeClient, accountName, accountKey, secretNamespace)
 		if err != nil {
 			return nil, status.Errorf(codes.Internal, "failed to store storage account key: %v", err)
 		}
@@ -569,8 +571,12 @@ func (d *Driver) ValidateVolumeCapabilities(ctx context.Context, req *csi.Valida
 		if resourceGroupName == "" {
 			resourceGroupName = d.cloud.ResourceGroup
 		}
-		blobContainer, retryErr := d.cloud.BlobClient.GetContainer(ctx, subsID, resourceGroupName, accountName, containerName)
-		err = retryErr.Error()
+		blobClient, err := d.clientFactory.GetBlobContainerClientForSub(subsID)
+		if err != nil {
+			return nil, status.Error(codes.Internal, err.Error())
+		}
+
+		blobContainer, err := blobClient.Get(ctx, resourceGroupName, accountName, containerName)
 		if err != nil {
 			return nil, status.Error(codes.Internal, err.Error())
 		}
@@ -678,12 +684,17 @@ func (d *Driver) CreateBlobContainer(ctx context.Context, subsID, resourceGroupN
 			}
 			_, err = container.CreateIfNotExists(&azstorage.CreateContainerOptions{Access: azstorage.ContainerAccessTypePrivate})
 		} else {
-			blobContainer := storage.BlobContainer{
-				ContainerProperties: &storage.ContainerProperties{
-					PublicAccess: storage.PublicAccessNone,
+			blobContainer := armstorage.BlobContainer{
+				ContainerProperties: &armstorage.ContainerProperties{
+					PublicAccess: to.Ptr(armstorage.PublicAccessNone),
 				},
 			}
-			err = d.cloud.BlobClient.CreateContainer(ctx, subsID, resourceGroupName, accountName, containerName, blobContainer).Error()
+			var blobClient blobcontainerclient.Interface
+			blobClient, err = d.clientFactory.GetBlobContainerClientForSub(subsID)
+			if err != nil {
+				return true, err
+			}
+			_, err = blobClient.CreateContainer(ctx, resourceGroupName, accountName, containerName, blobContainer)
 		}
 		if err != nil {
 			if strings.Contains(err.Error(), containerBeingDeletedDataplaneAPIError) ||
@@ -710,7 +721,12 @@ func (d *Driver) DeleteBlobContainer(ctx context.Context, subsID, resourceGroupN
 			}
 			_, err = container.DeleteIfExists(nil)
 		} else {
-			err = d.cloud.BlobClient.DeleteContainer(ctx, subsID, resourceGroupName, accountName, containerName).Error()
+			var blobClient blobcontainerclient.Interface
+			blobClient, err = d.clientFactory.GetBlobContainerClientForSub(subsID)
+			if err != nil {
+				return true, err
+			}
+			err = blobClient.DeleteContainer(ctx, resourceGroupName, accountName, containerName)
 		}
 		if err != nil {
 			if strings.Contains(err.Error(), containerBeingDeletedDataplaneAPIError) ||