OCPBUGS-74495: Fix Azure Stack Hub compatibility with dual SDK approach#1287
OCPBUGS-74495: Fix Azure Stack Hub compatibility with dual SDK approach#1287bryan-cox wants to merge 6 commits intoopenshift:mainfrom
Conversation
|
/retitle OCPBUGS-74495: Fix Azure Stack Hub compatibility with dual SDK approach |
openshift-ci
bot
changed the title
openshift-ci-robot
added
jira/valid-reference
|
@bryan-cox: This pull request references Jira Issue OCPBUGS-74495, which is valid. The bug has been moved to the POST state. 3 validation(s) were run on this bug
Requesting review from QA contact: The bug has been updated to refer to the pull request using the external bug tracker. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
openshift-ci
bot
requested review from
flavianmissi,
ricardomaraschini and
xiuwang
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: bryan-cox The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
bryan-cox
force-pushed
the
fix-azure-stack-hub-compatibility
branch
from
ccd403f to
fcb0c01
Compare
|
/test hypershift-e2e-aks |
|
/retest |
|
/payload-job periodic-ci-openshift-openshift-tests-private-release-4.22-amd64-nightly-azure-stack-ipi-f28 |
|
@xiuwang: trigger 1 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/ff511880-1450-11f1-9a91-3f10728ffb24-0 |
Add github.com/Azure/azure-sdk-for-go v55.6.0+incompatible to support the Track 1 SDK with API version 2019-06-01, which is required for Azure Stack Hub compatibility. The new Track 2 SDK (armstorage) hardcodes API version 2023-05-01, which is not supported by Azure Stack Hub. Using v55.6.0 instead of v68.0.0 because v68.0.0 added a deprecated annotation to the Track 1 SDK packages, which causes golangci-lint SA1019 warnings in CI. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Vendor the Track 1 Azure SDK packages required for Azure Stack Hub: - github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2019-06-01/storage - github.com/Azure/go-autorest/autorest/validation These packages provide the 2019-06-01 API version that Azure Stack Hub supports, as the Track 2 SDK only supports 2023-05-01+. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implement interface-based abstraction for storage account operations to support both Azure public cloud and Azure Stack Hub: - storage_interface.go: Defines StorageAccountClient interface and factory function that routes based on cloud type - storage_track2.go: Track 2 SDK implementation for Azure public cloud using armstorage (API version 2023-05-01) - storage_legacy.go: Track 1 SDK implementation for Azure Stack Hub using the old SDK (API version 2019-06-01) The factory function NewStorageAccountClient() automatically selects the appropriate implementation based on IsAzureStackCloud(). Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Update the Azure storage driver to use the new StorageAccountClient interface instead of direct method calls on azureclient.Client: - azure.go: Updated accountExists, createStorageAccount, and getAccountPrimaryKey to accept StorageAccountClient. Added storageClient creation via factory in assureStorageAccount, removeStorageContainerViaTrack2SDK, and RemoveStorage methods. - azureclient.go: Removed storage account methods that were moved to the new interface implementations (CheckStorageAccountNameAvailability, CreateStorageAccount, DeleteStorageAccount, GetPrimaryStorageAccountKey, ListStorageAccountKeys). Kept IsAzureStackCloud and StorageAccountCreateOptions. - cached_key.go: Updated KeyFetcher interface to use GetPrimaryKey method name to match StorageAccountClient interface. - cached_key_test.go: Updated mock to implement new interface. This enables Azure Stack Hub support by automatically routing to the Track 1 SDK (API 2019-06-01) when IsAzureStackCloud returns true. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The yaml-patch tool from build-machinery-go segfaults when running under Rosetta 2 on ARM64 macOS. Add a conditional override to skip the verify-profile-manifests-manifests target on this platform. This is a pre-existing infrastructure issue unrelated to the Azure Stack Hub compatibility changes. The CI runs on Linux where these tools work correctly. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
bryan-cox
force-pushed
the
fix-azure-stack-hub-compatibility
branch
from
abeed32 to
e61917f
Compare
The legacy Track 1 SDK was using ResourceManagerEndpoint as the OAuth token resource, but for Azure Stack Hub this is the ARM API URL (e.g., https://management.mtcazs.wwtatc.com) which is not registered as a resource principal in Azure AD, causing AADSTS500011 errors. Use TokenAudience instead, which contains the correct audience for token requests. This matches how the Track 2 SDK already handles it. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
/payload-job periodic-ci-openshift-openshift-tests-private-release-4.22-amd64-nightly-azure-stack-ipi-f28 |
|
@bryan-cox: trigger 1 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/f6cdcbe0-172f-11f1-8c76-694f3be78f35-0 |
|
@bryan-cox: The following tests failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
4 participants
Summary
Fixes Azure Stack Hub compatibility broken by the SDK migration in PR #1281. The new Azure ARM SDK (armstorage) hardcodes API version
2023-05-01, but Azure Stack Hub only supports up to2019-06-01.This PR implements an interface-based dual SDK approach:
Changes
StorageAccountClientinterface abstracting storage account operationsNewStorageAccountClient()automatically selects implementation based onIsAzureStackCloud()storage_track2.gofor Azure public cloudstorage_legacy.gofor Azure Stack HubArchitecture
Test plan
go test ./pkg/storage/azure/...go build ./...🤖 Generated with Claude Code