зеркало из https://github.com/Azure/ARO-RP.git
Add additional tenants
This commit is contained in:
Nicolas Ontiveros
Родитель
d50809453f
Коммит
5d6dea5057
|
|
@ -149,7 +149,7 @@ func New(ctx context.Context, log *logrus.Entry, _env env.Interface, db database
|
|||
return nil, err
|
||||
}
|
||||
|
||||
localFPAuthorizer, err := _env.FPAuthorizer(_env.TenantID(), _env.Environment().ResourceManagerScope)
|
||||
localFPAuthorizer, err := _env.FPAuthorizer(_env.TenantID(), nil, _env.Environment().ResourceManagerScope)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -160,7 +160,7 @@ func New(ctx context.Context, log *logrus.Entry, _env env.Interface, db database
|
|||
return nil, err
|
||||
}
|
||||
|
||||
fpCredClusterTenant, err := _env.FPNewClientCertificateCredential(subscriptionDoc.Subscription.Properties.TenantID)
|
||||
fpCredClusterTenant, err := _env.FPNewClientCertificateCredential(subscriptionDoc.Subscription.Properties.TenantID, nil)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -175,7 +175,7 @@ func New(ctx context.Context, log *logrus.Entry, _env env.Interface, db database
|
|||
}
|
||||
fpspID := tokenClaims.ObjectId
|
||||
|
||||
fpCredRPTenant, err := _env.FPNewClientCertificateCredential(_env.TenantID())
|
||||
fpCredRPTenant, err := _env.FPNewClientCertificateCredential(_env.TenantID(), nil)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -79,7 +79,7 @@ func newARMHelper(ctx context.Context, log *logrus.Entry, env Interface) (ARMHel
|
|||
return nil, err
|
||||
}
|
||||
|
||||
options := env.Environment().ClientCertificateCredentialOptions()
|
||||
options := env.Environment().ClientCertificateCredentialOptions(nil)
|
||||
armHelperTokenCredential, err := azidentity.NewClientCertificateCredential(env.TenantID(), os.Getenv("AZURE_ARM_CLIENT_ID"), certs, key, options)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -89,7 +89,7 @@ func newARMHelper(ctx context.Context, log *logrus.Entry, env Interface) (ARMHel
|
|||
armHelperAuthorizer := azidext.NewTokenCredentialAdapter(armHelperTokenCredential, scopes)
|
||||
|
||||
// Graph service client uses the first party service principal.
|
||||
fpTokenCredential, err := env.FPNewClientCertificateCredential(env.TenantID())
|
||||
fpTokenCredential, err := env.FPNewClientCertificateCredential(env.TenantID(), nil)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -81,8 +81,8 @@ func (d *dev) Listen() (net.Listener, error) {
|
|||
}
|
||||
|
||||
// TODO: Delete FPAuthorizer once the replace from track1 to track2 is done.
|
||||
func (d *dev) FPAuthorizer(tenantID string, scopes ...string) (autorest.Authorizer, error) {
|
||||
fpTokenCredential, err := d.FPNewClientCertificateCredential(tenantID)
|
||||
func (d *dev) FPAuthorizer(tenantID string, additionalTenants []string, scopes ...string) (autorest.Authorizer, error) {
|
||||
fpTokenCredential, err := d.FPNewClientCertificateCredential(tenantID, additionalTenants)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -90,10 +90,10 @@ func (d *dev) FPAuthorizer(tenantID string, scopes ...string) (autorest.Authoriz
|
|||
return azidext.NewTokenCredentialAdapter(fpTokenCredential, scopes), nil
|
||||
}
|
||||
|
||||
func (d *dev) FPNewClientCertificateCredential(tenantID string) (*azidentity.ClientCertificateCredential, error) {
|
||||
func (d *dev) FPNewClientCertificateCredential(tenantID string, additionalTenants []string) (*azidentity.ClientCertificateCredential, error) {
|
||||
fpPrivateKey, fpCertificates := d.fpCertificateRefresher.GetCertificates()
|
||||
|
||||
options := d.Environment().ClientCertificateCredentialOptions()
|
||||
options := d.Environment().ClientCertificateCredentialOptions(additionalTenants)
|
||||
credential, err := azidentity.NewClientCertificateCredential(tenantID, d.fpClientID, fpCertificates, fpPrivateKey, options)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
|
|||
|
|
@ -89,8 +89,8 @@ type Interface interface {
|
|||
Domain() string
|
||||
FeatureIsSet(Feature) bool
|
||||
// TODO: Delete FPAuthorizer once the replace from track1 to track2 is done.
|
||||
FPAuthorizer(string, ...string) (autorest.Authorizer, error)
|
||||
FPNewClientCertificateCredential(string) (*azidentity.ClientCertificateCredential, error)
|
||||
FPAuthorizer(string, []string, ...string) (autorest.Authorizer, error)
|
||||
FPNewClientCertificateCredential(string, []string) (*azidentity.ClientCertificateCredential, error)
|
||||
FPClientID() string
|
||||
Listen() (net.Listener, error)
|
||||
GatewayDomains() []string
|
||||
|
|
|
|||
|
|
@ -160,7 +160,7 @@ func newProd(ctx context.Context, log *logrus.Entry, component ServiceComponent)
|
|||
return nil, err
|
||||
}
|
||||
|
||||
localFPKVAuthorizer, err := p.FPAuthorizer(p.TenantID(), p.Environment().KeyVaultScope)
|
||||
localFPKVAuthorizer, err := p.FPAuthorizer(p.TenantID(), nil, p.Environment().KeyVaultScope)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -338,8 +338,8 @@ func (p *prod) FeatureIsSet(f Feature) bool {
|
|||
}
|
||||
|
||||
// TODO: Delete FPAuthorizer once the replace from track1 to track2 is done.
|
||||
func (p *prod) FPAuthorizer(tenantID string, scopes ...string) (autorest.Authorizer, error) {
|
||||
fpTokenCredential, err := p.FPNewClientCertificateCredential(tenantID)
|
||||
func (p *prod) FPAuthorizer(tenantID string, additionalTenants []string, scopes ...string) (autorest.Authorizer, error) {
|
||||
fpTokenCredential, err := p.FPNewClientCertificateCredential(tenantID, additionalTenants)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -383,10 +383,10 @@ func (p *prod) LiveConfig() liveconfig.Manager {
|
|||
return p.liveConfig
|
||||
}
|
||||
|
||||
func (p *prod) FPNewClientCertificateCredential(tenantID string) (*azidentity.ClientCertificateCredential, error) {
|
||||
func (p *prod) FPNewClientCertificateCredential(tenantID string, additionalTenants []string) (*azidentity.ClientCertificateCredential, error) {
|
||||
fpPrivateKey, fpCertificates := p.fpCertificateRefresher.GetCertificates()
|
||||
|
||||
options := p.Environment().ClientCertificateCredentialOptions()
|
||||
options := p.Environment().ClientCertificateCredentialOptions(additionalTenants)
|
||||
credential, err := azidentity.NewClientCertificateCredential(tenantID, p.fpClientID, fpCertificates, fpPrivateKey, options)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ type appLensActions struct {
|
|||
|
||||
func NewAppLensActions(log *logrus.Entry, env env.Interface, oc *api.OpenShiftCluster,
|
||||
subscriptionDoc *api.SubscriptionDocument) (AppLensActions, error) {
|
||||
fpClientCertCred, err := env.FPNewClientCertificateCredential(env.Environment().AppLensTenantID)
|
||||
fpClientCertCred, err := env.FPNewClientCertificateCredential(env.Environment().AppLensTenantID, nil)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@ type azureActions struct {
|
|||
// NewAzureActions returns an azureActions
|
||||
func NewAzureActions(log *logrus.Entry, env env.Interface, oc *api.OpenShiftCluster,
|
||||
subscriptionDoc *api.SubscriptionDocument) (AzureActions, error) {
|
||||
fpAuth, err := env.FPAuthorizer(subscriptionDoc.Subscription.Properties.TenantID,
|
||||
fpAuth, err := env.FPAuthorizer(subscriptionDoc.Subscription.Properties.TenantID, nil,
|
||||
env.Environment().ResourceManagerScope)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ var requiredResourceProviders = []string{
|
|||
}
|
||||
|
||||
func (p providersValidator) ValidateProviders(ctx context.Context, azEnv *azureclient.AROEnvironment, environment env.Interface, subscriptionID, tenantID string) error {
|
||||
fpAuthorizer, err := environment.FPAuthorizer(tenantID, environment.Environment().ResourceManagerScope)
|
||||
fpAuthorizer, err := environment.FPAuthorizer(tenantID, nil, environment.Environment().ResourceManagerScope)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ func addRequiredResources(requiredResources map[string]int, vmSize api.VMSize, c
|
|||
// creation
|
||||
// It is a method on struct so we can make use of interfaces.
|
||||
func (q quotaValidator) ValidateQuota(ctx context.Context, azEnv *azureclient.AROEnvironment, environment env.Interface, subscriptionID, tenantID string, oc *api.OpenShiftCluster) error {
|
||||
fpAuthorizer, err := environment.FPAuthorizer(tenantID, environment.Environment().ResourceManagerScope)
|
||||
fpAuthorizer, err := environment.FPAuthorizer(tenantID, nil, environment.Environment().ResourceManagerScope)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ type SkuValidator interface {
|
|||
type skuValidator struct{}
|
||||
|
||||
func (s skuValidator) ValidateVMSku(ctx context.Context, azEnv *azureclient.AROEnvironment, environment env.Interface, subscriptionID, tenantID string, oc *api.OpenShiftCluster) error {
|
||||
fpAuthorizer, err := environment.FPAuthorizer(tenantID, environment.Environment().ResourceManagerScope)
|
||||
fpAuthorizer, err := environment.FPAuthorizer(tenantID, nil, environment.Environment().ResourceManagerScope)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -68,7 +68,7 @@ func NewMonitor(log *logrus.Entry, oc *api.OpenShiftCluster, e env.Interface, su
|
|||
return &monitoring.NoOpMonitor{Wg: wg}
|
||||
}
|
||||
|
||||
token, err := e.FPNewClientCertificateCredential(tenantID)
|
||||
token, err := e.FPNewClientCertificateCredential(tenantID, nil)
|
||||
if err != nil {
|
||||
log.Error("Unable to create FP Authorizer for NSG monitoring.", err)
|
||||
emitter.EmitGauge(MetricFailedNSGMonitorCreation, int64(1), dims)
|
||||
|
|
|
|||
|
|
@ -121,8 +121,9 @@ func (e *AROEnvironment) ArmClientOptions() *arm.ClientOptions {
|
|||
}
|
||||
}
|
||||
|
||||
func (e *AROEnvironment) ClientCertificateCredentialOptions() *azidentity.ClientCertificateCredentialOptions {
|
||||
func (e *AROEnvironment) ClientCertificateCredentialOptions(additionalTenants []string) *azidentity.ClientCertificateCredentialOptions {
|
||||
return &azidentity.ClientCertificateCredentialOptions{
|
||||
AdditionallyAllowedTenants: additionalTenants,
|
||||
ClientOptions: azcore.ClientOptions{
|
||||
Cloud: e.Cloud,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -1,10 +1,5 @@
|
|||
// Code generated by MockGen. DO NOT EDIT.
|
||||
// Source: env.go
|
||||
//
|
||||
// Generated by this command:
|
||||
//
|
||||
// mockgen -destination=../util/mocks/env/env.go -source env.go -aux_files github.com/Azure/ARO-RP/pkg/env=core.go,github.com/Azure/ARO-RP/pkg/env=armhelper.go
|
||||
//
|
||||
|
||||
// Package mock_env is a generated GoMock package.
|
||||
package mock_env
|
||||
|
|
@ -16,20 +11,19 @@ import (
|
|||
net "net"
|
||||
reflect "reflect"
|
||||
|
||||
env "github.com/Azure/ARO-RP/pkg/env"
|
||||
azureclient "github.com/Azure/ARO-RP/pkg/util/azureclient"
|
||||
clientauthorizer "github.com/Azure/ARO-RP/pkg/util/clientauthorizer"
|
||||
keyvault "github.com/Azure/ARO-RP/pkg/util/keyvault"
|
||||
liveconfig "github.com/Azure/ARO-RP/pkg/util/liveconfig"
|
||||
azcore "github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
arm "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm"
|
||||
policy "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
azidentity "github.com/Azure/azure-sdk-for-go/sdk/azidentity"
|
||||
compute "github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2020-06-01/compute"
|
||||
autorest "github.com/Azure/go-autorest/autorest"
|
||||
gomock "github.com/golang/mock/gomock"
|
||||
logrus "github.com/sirupsen/logrus"
|
||||
gomock "go.uber.org/mock/gomock"
|
||||
|
||||
env "github.com/Azure/ARO-RP/pkg/env"
|
||||
azureclient "github.com/Azure/ARO-RP/pkg/util/azureclient"
|
||||
clientauthorizer "github.com/Azure/ARO-RP/pkg/util/clientauthorizer"
|
||||
keyvault "github.com/Azure/ARO-RP/pkg/util/keyvault"
|
||||
liveconfig "github.com/Azure/ARO-RP/pkg/util/liveconfig"
|
||||
)
|
||||
|
||||
// MockInterface is a mock of Interface interface.
|
||||
|
|
@ -248,7 +242,7 @@ func (m *MockInterface) DialContext(ctx context.Context, network, address string
|
|||
}
|
||||
|
||||
// DialContext indicates an expected call of DialContext.
|
||||
func (mr *MockInterfaceMockRecorder) DialContext(ctx, network, address any) *gomock.Call {
|
||||
func (mr *MockInterfaceMockRecorder) DialContext(ctx, network, address interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DialContext", reflect.TypeOf((*MockInterface)(nil).DialContext), ctx, network, address)
|
||||
}
|
||||
|
|
@ -276,7 +270,7 @@ func (m *MockInterface) EnsureARMResourceGroupRoleAssignment(arg0 context.Contex
|
|||
}
|
||||
|
||||
// EnsureARMResourceGroupRoleAssignment indicates an expected call of EnsureARMResourceGroupRoleAssignment.
|
||||
func (mr *MockInterfaceMockRecorder) EnsureARMResourceGroupRoleAssignment(arg0, arg1 any) *gomock.Call {
|
||||
func (mr *MockInterfaceMockRecorder) EnsureARMResourceGroupRoleAssignment(arg0, arg1 interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "EnsureARMResourceGroupRoleAssignment", reflect.TypeOf((*MockInterface)(nil).EnsureARMResourceGroupRoleAssignment), arg0, arg1)
|
||||
}
|
||||
|
|
@ -296,10 +290,10 @@ func (mr *MockInterfaceMockRecorder) Environment() *gomock.Call {
|
|||
}
|
||||
|
||||
// FPAuthorizer mocks base method.
|
||||
func (m *MockInterface) FPAuthorizer(arg0 string, arg1 ...string) (autorest.Authorizer, error) {
|
||||
func (m *MockInterface) FPAuthorizer(arg0 string, arg1 []string, arg2 ...string) (autorest.Authorizer, error) {
|
||||
m.ctrl.T.Helper()
|
||||
varargs := []any{arg0}
|
||||
for _, a := range arg1 {
|
||||
varargs := []interface{}{arg0, arg1}
|
||||
for _, a := range arg2 {
|
||||
varargs = append(varargs, a)
|
||||
}
|
||||
ret := m.ctrl.Call(m, "FPAuthorizer", varargs...)
|
||||
|
|
@ -309,9 +303,9 @@ func (m *MockInterface) FPAuthorizer(arg0 string, arg1 ...string) (autorest.Auth
|
|||
}
|
||||
|
||||
// FPAuthorizer indicates an expected call of FPAuthorizer.
|
||||
func (mr *MockInterfaceMockRecorder) FPAuthorizer(arg0 any, arg1 ...any) *gomock.Call {
|
||||
func (mr *MockInterfaceMockRecorder) FPAuthorizer(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
varargs := append([]any{arg0}, arg1...)
|
||||
varargs := append([]interface{}{arg0, arg1}, arg2...)
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "FPAuthorizer", reflect.TypeOf((*MockInterface)(nil).FPAuthorizer), varargs...)
|
||||
}
|
||||
|
||||
|
|
@ -330,18 +324,18 @@ func (mr *MockInterfaceMockRecorder) FPClientID() *gomock.Call {
|
|||
}
|
||||
|
||||
// FPNewClientCertificateCredential mocks base method.
|
||||
func (m *MockInterface) FPNewClientCertificateCredential(arg0 string) (*azidentity.ClientCertificateCredential, error) {
|
||||
func (m *MockInterface) FPNewClientCertificateCredential(arg0 string, arg1 []string) (*azidentity.ClientCertificateCredential, error) {
|
||||
m.ctrl.T.Helper()
|
||||
ret := m.ctrl.Call(m, "FPNewClientCertificateCredential", arg0)
|
||||
ret := m.ctrl.Call(m, "FPNewClientCertificateCredential", arg0, arg1)
|
||||
ret0, _ := ret[0].(*azidentity.ClientCertificateCredential)
|
||||
ret1, _ := ret[1].(error)
|
||||
return ret0, ret1
|
||||
}
|
||||
|
||||
// FPNewClientCertificateCredential indicates an expected call of FPNewClientCertificateCredential.
|
||||
func (mr *MockInterfaceMockRecorder) FPNewClientCertificateCredential(arg0 any) *gomock.Call {
|
||||
func (mr *MockInterfaceMockRecorder) FPNewClientCertificateCredential(arg0, arg1 interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "FPNewClientCertificateCredential", reflect.TypeOf((*MockInterface)(nil).FPNewClientCertificateCredential), arg0)
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "FPNewClientCertificateCredential", reflect.TypeOf((*MockInterface)(nil).FPNewClientCertificateCredential), arg0, arg1)
|
||||
}
|
||||
|
||||
// FeatureIsSet mocks base method.
|
||||
|
|
@ -353,7 +347,7 @@ func (m *MockInterface) FeatureIsSet(arg0 env.Feature) bool {
|
|||
}
|
||||
|
||||
// FeatureIsSet indicates an expected call of FeatureIsSet.
|
||||
func (mr *MockInterfaceMockRecorder) FeatureIsSet(arg0 any) *gomock.Call {
|
||||
func (mr *MockInterfaceMockRecorder) FeatureIsSet(arg0 interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "FeatureIsSet", reflect.TypeOf((*MockInterface)(nil).FeatureIsSet), arg0)
|
||||
}
|
||||
|
|
@ -509,7 +503,7 @@ func (m *MockInterface) MsiDataplaneClientOptions(msiResourceId *arm.ResourceID)
|
|||
}
|
||||
|
||||
// MsiDataplaneClientOptions indicates an expected call of MsiDataplaneClientOptions.
|
||||
func (mr *MockInterfaceMockRecorder) MsiDataplaneClientOptions(msiResourceId any) *gomock.Call {
|
||||
func (mr *MockInterfaceMockRecorder) MsiDataplaneClientOptions(msiResourceId interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "MsiDataplaneClientOptions", reflect.TypeOf((*MockInterface)(nil).MsiDataplaneClientOptions), msiResourceId)
|
||||
}
|
||||
|
|
@ -538,7 +532,7 @@ func (m *MockInterface) NewLiveConfigManager(arg0 context.Context) (liveconfig.M
|
|||
}
|
||||
|
||||
// NewLiveConfigManager indicates an expected call of NewLiveConfigManager.
|
||||
func (mr *MockInterfaceMockRecorder) NewLiveConfigManager(arg0 any) *gomock.Call {
|
||||
func (mr *MockInterfaceMockRecorder) NewLiveConfigManager(arg0 interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "NewLiveConfigManager", reflect.TypeOf((*MockInterface)(nil).NewLiveConfigManager), arg0)
|
||||
}
|
||||
|
|
@ -553,7 +547,7 @@ func (m *MockInterface) NewMSIAuthorizer(scope string) (autorest.Authorizer, err
|
|||
}
|
||||
|
||||
// NewMSIAuthorizer indicates an expected call of NewMSIAuthorizer.
|
||||
func (mr *MockInterfaceMockRecorder) NewMSIAuthorizer(scope any) *gomock.Call {
|
||||
func (mr *MockInterfaceMockRecorder) NewMSIAuthorizer(scope interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "NewMSIAuthorizer", reflect.TypeOf((*MockInterface)(nil).NewMSIAuthorizer), scope)
|
||||
}
|
||||
|
|
@ -681,7 +675,7 @@ func (m *MockInterface) VMSku(vmSize string) (*compute.ResourceSku, error) {
|
|||
}
|
||||
|
||||
// VMSku indicates an expected call of VMSku.
|
||||
func (mr *MockInterfaceMockRecorder) VMSku(vmSize any) *gomock.Call {
|
||||
func (mr *MockInterfaceMockRecorder) VMSku(vmSize interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "VMSku", reflect.TypeOf((*MockInterface)(nil).VMSku), vmSize)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ type authorizer struct {
|
|||
}
|
||||
|
||||
func (a *authorizer) Rebuild() error {
|
||||
auth, err := a.env.FPAuthorizer(a.tenantID, a.env.Environment().ResourceManagerScope)
|
||||
auth, err := a.env.FPAuthorizer(a.tenantID, nil, a.env.Environment().ResourceManagerScope)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -122,7 +122,7 @@ func (dv *openShiftClusterDynamicValidator) Dynamic(ctx context.Context) error {
|
|||
}
|
||||
|
||||
tenantID := dv.subscriptionDoc.Subscription.Properties.TenantID
|
||||
fpClientCred, err := dv.env.FPNewClientCertificateCredential(tenantID)
|
||||
fpClientCred, err := dv.env.FPNewClientCertificateCredential(tenantID, nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче