Add support for azureauth when batch api is enabled (open-telemetry#40886)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

Azure auth was only enabled when batch api was set to false. This issue
fixes that.

<!-- Issue number (e.g. open-telemetry#1234) or full URL to issue, if applicable. -->
#### Link to tracking issue
Fixes open-telemetry#40872.

<!--Describe what testing was performed and which tests were added.-->
#### Testing

Unit test was added.

<!--Describe the documentation added.-->
#### Documentation

README updated with a note on versions.

<!--Please delete paragraphs that you did not use before submitting.-->

---------

Co-authored-by: Braydon Kains <[email protected]>

Author: constanca-m

.chloggen/add-azureauth-to-batch.yaml

@@ -0,0 +1,27 @@
+# Use this changelog template to create an entry for release notes.
+
+# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix'
+change_type: enhancement
+
+# The name of the component, or a single word describing the area of concern, (e.g. filelogreceiver)
+component: azuremonitorreceiver
+
+# A brief description of the change.  Surround your text with quotes ("") if it needs to start with a backtick (`).
+note: Add support for azureauth when batch api is enabled.
+
+# Mandatory: One or more tracking issues related to the change. You can use the PR number here if no issue exists.
+issues: [40872]
+
+# (Optional) One or more lines of additional information to render under the primary note.
+# These lines will be padded with 2 spaces and then inserted directly into the document.
+# Use pipe (|) for multiline entries.
+subtext:
+
+# If your change doesn't affect end users or the exported elements of any package,
+# you should instead start your pull request title with [chore] or use the "Skip Changelog" label.
+# Optional: The change log or logs in which this entry should be included.
+# e.g. '[user]' or '[user, api]'
+# Include 'user' if the change is relevant to end users.
+# Include 'api' if there is a change to a library API.
+# Default: '[user]'
+change_logs: []

receiver/azuremonitorreceiver/README.md

@@ -25,7 +25,7 @@ The following settings are required:
 The following settings are optional:
 
 - `auth.authenticator`: Specifies the component ID to use to authenticate requests to Azure API. Use [azureauth extension](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/extension/azureauthextension).
-- `credentials` (Deprecated [v0.126.0]: use `auth` instead)(default = service_principal): Specifies the used authentication method. Supported values are `service_principal`, `workload_identity`, `managed_identity`, `default_credentials`.
+- `credentials` (Deprecated since [v0.129.0]: use `auth` instead)(default = service_principal): Specifies the used authentication method. Supported values are `service_principal`, `workload_identity`, `managed_identity`, `default_credentials`.
 - `resource_groups` (default = none): Filter metrics for specific resource groups, not setting a value will scrape metrics for all resources in the subscription.
 - `services` (default = none): Filter metrics for specific services, not setting a value will scrape metrics for all services integrated with Azure Monitor.
 - `metrics` (default = none): Filter metrics by name and aggregations. Not setting a value will scrape all metrics and their aggregations.

receiver/azuremonitorreceiver/config.go

@@ -263,7 +263,7 @@ type Config struct {
 	// useless.
 	Authentication *AuthConfig `mapstructure:"auth"`
 
-	// Credentials is deprecated.
+	// Deprecated: Credentials is deprecated.
 	Credentials        string `mapstructure:"credentials"`
 	ClientID           string `mapstructure:"client_id"`
 	ClientSecret       string `mapstructure:"client_secret"`

receiver/azuremonitorreceiver/credentials.go

@@ -0,0 +1,72 @@
+// Copyright The OpenTelemetry Authors
+// SPDX-License-Identifier: Apache-2.0
+
+package azuremonitorreceiver // import "github.com/open-telemetry/opentelemetry-collector-contrib/receiver/azuremonitorreceiver"
+
+import (
+	"fmt"
+
+	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
+	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
+	"go.opentelemetry.io/collector/component"
+	"go.uber.org/zap"
+)
+
+func loadTokenProvider(host component.Host, idAuth component.ID) (azcore.TokenCredential, error) {
+	authExtension, ok := host.GetExtensions()[idAuth]
+	if !ok {
+		return nil, fmt.Errorf("unknown azureauth extension %q", idAuth.String())
+	}
+	credential, ok := authExtension.(azcore.TokenCredential)
+	if !ok {
+		return nil, fmt.Errorf("extension %q does not implement azcore.TokenCredential", idAuth.String())
+	}
+	return credential, nil
+}
+
+func loadCredentials(logger *zap.Logger, cfg *Config, host component.Host) (azcore.TokenCredential, error) {
+	var cred azcore.TokenCredential
+	var err error
+
+	if cfg.Authentication != nil {
+		logger.Info("'auth.authenticator' will be used to get the token credential")
+		if cred, err = loadTokenProvider(host, cfg.Authentication.AuthenticatorID); err != nil {
+			return nil, err
+		}
+		return cred, nil
+	}
+
+	logger.Warn("'credentials' is deprecated, use 'auth.authenticator' instead")
+	switch cfg.Credentials {
+	case defaultCredentials:
+		if cred, err = azidentity.NewDefaultAzureCredential(nil); err != nil {
+			return nil, err
+		}
+	case servicePrincipal:
+		if cred, err = azidentity.NewClientSecretCredential(cfg.TenantID, cfg.ClientID, cfg.ClientSecret, nil); err != nil {
+			return nil, err
+		}
+	case workloadIdentity:
+		options := &azidentity.WorkloadIdentityCredentialOptions{
+			ClientID:      cfg.ClientID,
+			TokenFilePath: cfg.FederatedTokenFile,
+			TenantID:      cfg.TenantID,
+		}
+		if cred, err = azidentity.NewWorkloadIdentityCredential(options); err != nil {
+			return nil, err
+		}
+	case managedIdentity:
+		var options *azidentity.ManagedIdentityCredentialOptions
+		if cfg.ClientID != "" {
+			options = &azidentity.ManagedIdentityCredentialOptions{
+				ID: azidentity.ClientID(cfg.ClientID),
+			}
+		}
+		if cred, err = azidentity.NewManagedIdentityCredential(options); err != nil {
+			return nil, err
+		}
+	default:
+		return nil, fmt.Errorf("unknown credentials %v", cfg.Credentials)
+	}
+	return cred, nil
+}

receiver/azuremonitorreceiver/credentials_test.go

@@ -0,0 +1,90 @@
+// Copyright The OpenTelemetry Authors
+// SPDX-License-Identifier: Apache-2.0
+
+package azuremonitorreceiver
+
+import (
+	"testing"
+
+	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
+	"github.com/stretchr/testify/require"
+	"go.opentelemetry.io/collector/component"
+	"go.opentelemetry.io/collector/component/componenttest"
+	"go.uber.org/zap"
+)
+
+func TestLoadCredentials(t *testing.T) {
+	tests := []struct {
+		name     string
+		testFunc func(*testing.T)
+	}{
+		{
+			name: "default_credentials",
+			testFunc: func(t *testing.T) {
+				cfg := &Config{
+					Credentials: defaultCredentials,
+				}
+				cred, err := loadCredentials(zap.NewNop(), cfg, componenttest.NewNopHost())
+				require.NoError(t, err)
+				require.NotNil(t, cred)
+				require.IsType(t, &azidentity.DefaultAzureCredential{}, cred)
+			},
+		},
+		{
+			name: "service_principal",
+			testFunc: func(t *testing.T) {
+				cfg := &Config{
+					Credentials:  servicePrincipal,
+					TenantID:     "test",
+					ClientID:     "test",
+					ClientSecret: "test",
+				}
+				cred, err := loadCredentials(zap.NewNop(), cfg, componenttest.NewNopHost())
+				require.NoError(t, err)
+				require.NotNil(t, cred)
+				require.IsType(t, &azidentity.ClientSecretCredential{}, cred)
+			},
+		},
+		{
+			name: "workload_identity",
+			testFunc: func(t *testing.T) {
+				cfg := &Config{
+					Credentials:        workloadIdentity,
+					ClientID:           "test",
+					FederatedTokenFile: "test",
+					TenantID:           "test",
+				}
+				cred, err := loadCredentials(zap.NewNop(), cfg, componenttest.NewNopHost())
+				require.NoError(t, err)
+				require.NotNil(t, cred)
+				require.IsType(t, &azidentity.WorkloadIdentityCredential{}, cred)
+			},
+		},
+		{
+			name: "managed_identity",
+			testFunc: func(t *testing.T) {
+				cfg := &Config{
+					Credentials: managedIdentity,
+					ClientID:    "test",
+				}
+				cred, err := loadCredentials(zap.NewNop(), cfg, componenttest.NewNopHost())
+				require.NoError(t, err)
+				require.NotNil(t, cred)
+				require.IsType(t, &azidentity.ManagedIdentityCredential{}, cred)
+			},
+		},
+		{
+			name: "auth",
+			testFunc: func(t *testing.T) {
+				cfg := &Config{
+					Authentication: &AuthConfig{AuthenticatorID: component.MustNewID("test")},
+				}
+				_, err := loadCredentials(zap.NewNop(), cfg, componenttest.NewNopHost())
+				require.ErrorContains(t, err, `unknown azureauth extension "test"`)
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, tt.testFunc)
+	}
+}

receiver/azuremonitorreceiver/scraper.go

@@ -14,7 +14,6 @@ import (
 
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
-	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
 	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/monitor/armmonitor"
 	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources/v2"
 	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armsubscriptions"
@@ -100,16 +99,12 @@ func (*timeWrapper) Now() time.Time {
 
 func newScraper(conf *Config, settings receiver.Settings) *azureScraper {
 	return &azureScraper{
-		cfg:                      conf,
-		settings:                 settings.TelemetrySettings,
-		mb:                       metadata.NewMetricsBuilder(conf.MetricsBuilderConfig, settings),
-		azDefaultCredentialsFunc: azidentity.NewDefaultAzureCredential,
-		azIDCredentialsFunc:      azidentity.NewClientSecretCredential,
-		azIDWorkloadFunc:         azidentity.NewWorkloadIdentityCredential,
-		azManagedIdentityFunc:    azidentity.NewManagedIdentityCredential,
-		mutex:                    &sync.Mutex{},
-		time:                     &timeWrapper{},
-		clientOptionsResolver:    newClientOptionsResolver(conf.Cloud),
+		cfg:                   conf,
+		settings:              settings.TelemetrySettings,
+		mb:                    metadata.NewMetricsBuilder(conf.MetricsBuilderConfig, settings),
+		mutex:                 &sync.Mutex{},
+		time:                  &timeWrapper{},
+		clientOptionsResolver: newClientOptionsResolver(conf.Cloud),
 	}
 }
 
@@ -121,21 +116,17 @@ type azureScraper struct {
 	// resources on which we'll collect metrics. Stored by resource id and subscription id.
 	resources map[string]map[string]*azureResource
 	// subscriptions on which we'll look up resources. Stored by subscription id.
-	subscriptions            map[string]*azureSubscription
-	subscriptionsUpdated     time.Time
-	mb                       *metadata.MetricsBuilder
-	azDefaultCredentialsFunc func(options *azidentity.DefaultAzureCredentialOptions) (*azidentity.DefaultAzureCredential, error)
-	azIDCredentialsFunc      func(string, string, string, *azidentity.ClientSecretCredentialOptions) (*azidentity.ClientSecretCredential, error)
-	azIDWorkloadFunc         func(options *azidentity.WorkloadIdentityCredentialOptions) (*azidentity.WorkloadIdentityCredential, error)
-	azManagedIdentityFunc    func(options *azidentity.ManagedIdentityCredentialOptions) (*azidentity.ManagedIdentityCredential, error)
+	subscriptions        map[string]*azureSubscription
+	subscriptionsUpdated time.Time
+	mb                   *metadata.MetricsBuilder
 
 	mutex                 *sync.Mutex
 	time                  timeNowIface
 	clientOptionsResolver ClientOptionsResolver
 }
 
 func (s *azureScraper) start(_ context.Context, host component.Host) (err error) {
-	if err = s.loadCredentials(host); err != nil {
+	if s.cred, err = loadCredentials(s.settings.Logger, s.cfg, host); err != nil {
 		return err
 	}
 
@@ -158,57 +149,6 @@ func (s *azureScraper) unloadSubscription(id string) {
 	delete(s.subscriptions, id)
 }
 
-func loadTokenProvider(host component.Host, idAuth component.ID) (azcore.TokenCredential, error) {
-	authExtension, ok := host.GetExtensions()[idAuth]
-	if !ok {
-		return nil, fmt.Errorf("unknown azureauth extension %q", idAuth.String())
-	}
-	credential, ok := authExtension.(azcore.TokenCredential)
-	if !ok {
-		return nil, fmt.Errorf("extension %q does not implement azcore.TokenCredential", idAuth.String())
-	}
-	return credential, nil
-}
-
-func (s *azureScraper) loadCredentials(host component.Host) (err error) {
-	if s.cfg.Authentication != nil {
-		s.settings.Logger.Info("'auth.authenticator' will be used to get the token credential")
-		if s.cred, err = loadTokenProvider(host, s.cfg.Authentication.AuthenticatorID); err != nil {
-			return err
-		}
-		return nil
-	}
-
-	s.settings.Logger.Warn("'credentials' is deprecated, use 'auth.authenticator' instead")
-	switch s.cfg.Credentials {
-	case defaultCredentials:
-		if s.cred, err = s.azDefaultCredentialsFunc(nil); err != nil {
-			return err
-		}
-	case servicePrincipal:
-		if s.cred, err = s.azIDCredentialsFunc(s.cfg.TenantID, s.cfg.ClientID, s.cfg.ClientSecret, nil); err != nil {
-			return err
-		}
-	case workloadIdentity:
-		if s.cred, err = s.azIDWorkloadFunc(nil); err != nil {
-			return err
-		}
-	case managedIdentity:
-		var options *azidentity.ManagedIdentityCredentialOptions
-		if s.cfg.ClientID != "" {
-			options = &azidentity.ManagedIdentityCredentialOptions{
-				ID: azidentity.ClientID(s.cfg.ClientID),
-			}
-		}
-		if s.cred, err = s.azManagedIdentityFunc(options); err != nil {
-			return err
-		}
-	default:
-		return fmt.Errorf("unknown credentials %v", s.cfg.Credentials)
-	}
-	return nil
-}
-
 func (s *azureScraper) scrape(ctx context.Context) (pmetric.Metrics, error) {
 	s.getSubscriptions(ctx)