Merge pull request #3961 from Azure/tsatam/hotfix-clustermsi-followup

Follow-up fixes for #3957
2024-11-18 12:04:31 -08:00 · 2024-11-18 12:04:31 -08:00 · 8a03424fab
--- a/pkg/frontend/adminactions/azureactions.go
+++ b/pkg/frontend/adminactions/azureactions.go
@ -64,7 +64,7 @@ func NewAzureActions(log *logrus.Entry, env env.Interface, oc *api.OpenShiftClus
 		return nil, err
 	}

-	credential, err := env.FPNewClientCertificateCredential(subscriptionDoc.Subscription.Properties.TenantID)
+	credential, err := env.FPNewClientCertificateCredential(subscriptionDoc.Subscription.Properties.TenantID, nil)
 	if err != nil {
 		return nil, err
 	}
--- a/pkg/frontend/adminactions/resources_list_test.go
+++ b/pkg/frontend/adminactions/resources_list_test.go
@ -20,6 +20,7 @@ import (

 	"github.com/Azure/ARO-RP/pkg/api"
 	"github.com/Azure/ARO-RP/pkg/util/azureclient"
+	"github.com/Azure/ARO-RP/pkg/util/cmp"
 	mock_armnetwork "github.com/Azure/ARO-RP/pkg/util/mocks/azureclient/azuresdk/armnetwork"
 	mock_compute "github.com/Azure/ARO-RP/pkg/util/mocks/azureclient/mgmt/compute"
 	mock_features "github.com/Azure/ARO-RP/pkg/util/mocks/azureclient/mgmt/features"
@ -114,7 +115,7 @@ func TestResourcesList(t *testing.T) {
 			mocks: func(virtualNetworks *mock_armnetwork.MockVirtualNetworksClient, routeTables *mock_armnetwork.MockRouteTablesClient, diskEncryptionSets *mock_compute.MockDiskEncryptionSetsClient) {
 				validVirtualNetworksMock(virtualNetworks, routeTables, mockSubID)
 			},
-			wantResponse: []byte(`[{"ExtendedLocation":null,"ID":"/subscriptions/id","Properties":{"AddressSpace":null,"BgpCommunities":null,"DdosProtectionPlan":null,"DhcpOptions":{"DNSServers":[]},"EnableDdosProtection":null,"EnableVMProtection":null,"Encryption":null,"FlowTimeoutInMinutes":null,"IPAllocations":null,"Subnets":[{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test-cluster/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/master","Name":null,"Properties":{"AddressPrefix":null,"AddressPrefixes":null,"ApplicationGatewayIPConfigurations":null,"Delegations":null,"IPAllocations":null,"NatGateway":null,"NetworkSecurityGroup":null,"PrivateEndpointNetworkPolicies":null,"PrivateLinkServiceNetworkPolicies":null,"RouteTable":{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mockrg/providers/Microsoft.Network/routeTables/routetable1","Location":null,"Properties":null,"Tags":null,"Etag":null,"Name":null,"Type":null},"ServiceEndpointPolicies":null,"ServiceEndpoints":null,"IPConfigurationProfiles":null,"IPConfigurations":null,"PrivateEndpoints":null,"ProvisioningState":null,"Purpose":null,"ResourceNavigationLinks":null,"ServiceAssociationLinks":null},"Type":null,"Etag":null}],"VirtualNetworkPeerings":null,"FlowLogs":null,"ProvisioningState":null,"ResourceGUID":null},"Etag":null,"type":"Microsoft.Network/virtualNetworks"},{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mockrg/providers/Microsoft.Network/routeTables/routetable1","Properties":null,"Etag":null,"name":"routetable1"},{"properties":{"provisioningState":"Succeeded"},"id":"/subscriptions/id","type":"Microsoft.Compute/virtualMachines"},{"id":"/subscriptions/id","name":"storage","type":"Microsoft.Storage/storageAccounts","location":"eastus"}]`),
+			wantResponse: []byte(`[{"ExtendedLocation":null,"ID":"/subscriptions/id","Properties":{"AddressSpace":null,"BgpCommunities":null,"DdosProtectionPlan":null,"DhcpOptions":{"DNSServers":[]},"EnableDdosProtection":null,"EnableVMProtection":null,"Encryption":null,"FlowTimeoutInMinutes":null,"IPAllocations":null,"Subnets":[{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test-cluster/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/master","Name":null,"Properties":{"AddressPrefix":null,"AddressPrefixes":null,"ApplicationGatewayIPConfigurations":null,"Delegations":null,"IPAllocations":null,"NatGateway":null,"NetworkSecurityGroup":null,"PrivateEndpointNetworkPolicies":null,"PrivateLinkServiceNetworkPolicies":null,"RouteTable":{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mockrg/providers/Microsoft.Network/routeTables/routetable1","Location":null,"Properties":null,"Tags":null,"Etag":null,"Name":null,"Type":null},"ServiceEndpointPolicies":null,"ServiceEndpoints":null,"IPConfigurationProfiles":null,"IPConfigurations":null,"PrivateEndpoints":null,"ProvisioningState":null,"Purpose":null,"ResourceNavigationLinks":null,"ServiceAssociationLinks":null},"Type":null,"Etag":null}],"VirtualNetworkPeerings":null,"FlowLogs":null,"ProvisioningState":null,"ResourceGUID":null},"type":"Microsoft.Network/virtualNetworks"},{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mockrg/providers/Microsoft.Network/routeTables/routetable1","Properties":null,"name":"routetable1"},{"properties":{"provisioningState":"Succeeded"},"id":"/subscriptions/id","type":"Microsoft.Compute/virtualMachines"},{"id":"/subscriptions/id","name":"storage","type":"Microsoft.Storage/storageAccounts","location":"eastus"}]`),
 		},
 		{
 			name: "vnet get error", //Get resources should continue on error from virtualNetworks.Get()
@ -131,7 +132,7 @@ func TestResourcesList(t *testing.T) {
 				validDiskEncryptionSetsMock(diskEncryptionSets)
 			},
 			diskEncryptionSetId: fmt.Sprintf("/subscriptions/%s/resourceGroups/test-cluster/providers/Microsoft.Compute/diskEncryptionSets/test-cluster-des", mockSubID),
-			wantResponse:        []byte(`[{"ExtendedLocation":null,"ID":"/subscriptions/id","Properties":{"AddressSpace":null,"BgpCommunities":null,"DdosProtectionPlan":null,"DhcpOptions":{"DNSServers":[]},"EnableDdosProtection":null,"EnableVMProtection":null,"Encryption":null,"FlowTimeoutInMinutes":null,"IPAllocations":null,"Subnets":[{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test-cluster/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/master","Name":null,"Properties":{"AddressPrefix":null,"AddressPrefixes":null,"ApplicationGatewayIPConfigurations":null,"Delegations":null,"IPAllocations":null,"NatGateway":null,"NetworkSecurityGroup":null,"PrivateEndpointNetworkPolicies":null,"PrivateLinkServiceNetworkPolicies":null,"RouteTable":{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mockrg/providers/Microsoft.Network/routeTables/routetable1","Location":null,"Properties":null,"Tags":null,"Etag":null,"Name":null,"Type":null},"ServiceEndpointPolicies":null,"ServiceEndpoints":null,"IPConfigurationProfiles":null,"IPConfigurations":null,"PrivateEndpoints":null,"ProvisioningState":null,"Purpose":null,"ResourceNavigationLinks":null,"ServiceAssociationLinks":null},"Type":null,"Etag":null}],"VirtualNetworkPeerings":null,"FlowLogs":null,"ProvisioningState":null,"ResourceGUID":null},"Etag":null,"type":"Microsoft.Network/virtualNetworks"},{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mockrg/providers/Microsoft.Network/routeTables/routetable1","Properties":null,"Etag":null,"name":"routetable1"},{"id":"/subscriptions/id","type":"Microsoft.Compute/diskEncryptionSets"},{"properties":{"provisioningState":"Succeeded"},"id":"/subscriptions/id","type":"Microsoft.Compute/virtualMachines"},{"id":"/subscriptions/id","name":"storage","type":"Microsoft.Storage/storageAccounts","location":"eastus"}]`),
+			wantResponse:        []byte(`[{"ExtendedLocation":null,"ID":"/subscriptions/id","Properties":{"AddressSpace":null,"BgpCommunities":null,"DdosProtectionPlan":null,"DhcpOptions":{"DNSServers":[]},"EnableDdosProtection":null,"EnableVMProtection":null,"Encryption":null,"FlowTimeoutInMinutes":null,"IPAllocations":null,"Subnets":[{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test-cluster/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/master","Name":null,"Properties":{"AddressPrefix":null,"AddressPrefixes":null,"ApplicationGatewayIPConfigurations":null,"Delegations":null,"IPAllocations":null,"NatGateway":null,"NetworkSecurityGroup":null,"PrivateEndpointNetworkPolicies":null,"PrivateLinkServiceNetworkPolicies":null,"RouteTable":{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mockrg/providers/Microsoft.Network/routeTables/routetable1","Location":null,"Properties":null,"Tags":null,"Etag":null,"Name":null,"Type":null},"ServiceEndpointPolicies":null,"ServiceEndpoints":null,"IPConfigurationProfiles":null,"IPConfigurations":null,"PrivateEndpoints":null,"ProvisioningState":null,"Purpose":null,"ResourceNavigationLinks":null,"ServiceAssociationLinks":null},"Type":null,"Etag":null}],"VirtualNetworkPeerings":null,"FlowLogs":null,"ProvisioningState":null,"ResourceGUID":null},"type":"Microsoft.Network/virtualNetworks"},{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mockrg/providers/Microsoft.Network/routeTables/routetable1","Properties":null,"name":"routetable1"},{"id":"/subscriptions/id","type":"Microsoft.Compute/diskEncryptionSets"},{"properties":{"provisioningState":"Succeeded"},"id":"/subscriptions/id","type":"Microsoft.Compute/virtualMachines"},{"id":"/subscriptions/id","name":"storage","type":"Microsoft.Storage/storageAccounts","location":"eastus"}]`),
 		},
 		{
 			name: "error getting diskencryptionsets",
@ -142,7 +143,7 @@ func TestResourcesList(t *testing.T) {
 				diskEncryptionSets.EXPECT().Get(gomock.Any(), "test-cluster", "test-cluster-des").Return(mgmtcompute.DiskEncryptionSet{}, fmt.Errorf("Any error during Get, expecting a permissions error"))
 			},
 			diskEncryptionSetId: fmt.Sprintf("/subscriptions/%s/resourceGroups/test-cluster/providers/Microsoft.Compute/diskEncryptionSets/test-cluster-des", mockSubID),
-			wantResponse:        []byte(`[{"ExtendedLocation":null,"ID":"/subscriptions/id","Properties":{"AddressSpace":null,"BgpCommunities":null,"DdosProtectionPlan":null,"DhcpOptions":{"DNSServers":[]},"EnableDdosProtection":null,"EnableVMProtection":null,"Encryption":null,"FlowTimeoutInMinutes":null,"IPAllocations":null,"Subnets":[{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test-cluster/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/master","Name":null,"Properties":{"AddressPrefix":null,"AddressPrefixes":null,"ApplicationGatewayIPConfigurations":null,"Delegations":null,"IPAllocations":null,"NatGateway":null,"NetworkSecurityGroup":null,"PrivateEndpointNetworkPolicies":null,"PrivateLinkServiceNetworkPolicies":null,"RouteTable":{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mockrg/providers/Microsoft.Network/routeTables/routetable1","Location":null,"Properties":null,"Tags":null,"Etag":null,"Name":null,"Type":null},"ServiceEndpointPolicies":null,"ServiceEndpoints":null,"IPConfigurationProfiles":null,"IPConfigurations":null,"PrivateEndpoints":null,"ProvisioningState":null,"Purpose":null,"ResourceNavigationLinks":null,"ServiceAssociationLinks":null},"Type":null,"Etag":null}],"VirtualNetworkPeerings":null,"FlowLogs":null,"ProvisioningState":null,"ResourceGUID":null},"Etag":null,"type":"Microsoft.Network/virtualNetworks"},{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mockrg/providers/Microsoft.Network/routeTables/routetable1","Properties":null,"Etag":null,"name":"routetable1"},{"properties":{"provisioningState":"Succeeded"},"id":"/subscriptions/id","type":"Microsoft.Compute/virtualMachines"},{"id":"/subscriptions/id","name":"storage","type":"Microsoft.Storage/storageAccounts","location":"eastus"}]`),
+			wantResponse:        []byte(`[{"ExtendedLocation":null,"ID":"/subscriptions/id","Properties":{"AddressSpace":null,"BgpCommunities":null,"DdosProtectionPlan":null,"DhcpOptions":{"DNSServers":[]},"EnableDdosProtection":null,"EnableVMProtection":null,"Encryption":null,"FlowTimeoutInMinutes":null,"IPAllocations":null,"Subnets":[{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test-cluster/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/master","Name":null,"Properties":{"AddressPrefix":null,"AddressPrefixes":null,"ApplicationGatewayIPConfigurations":null,"Delegations":null,"IPAllocations":null,"NatGateway":null,"NetworkSecurityGroup":null,"PrivateEndpointNetworkPolicies":null,"PrivateLinkServiceNetworkPolicies":null,"RouteTable":{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mockrg/providers/Microsoft.Network/routeTables/routetable1","Location":null,"Properties":null,"Tags":null,"Etag":null,"Name":null,"Type":null},"ServiceEndpointPolicies":null,"ServiceEndpoints":null,"IPConfigurationProfiles":null,"IPConfigurations":null,"PrivateEndpoints":null,"ProvisioningState":null,"Purpose":null,"ResourceNavigationLinks":null,"ServiceAssociationLinks":null},"Type":null,"Etag":null}],"VirtualNetworkPeerings":null,"FlowLogs":null,"ProvisioningState":null,"ResourceGUID":null},"type":"Microsoft.Network/virtualNetworks"},{"ID":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mockrg/providers/Microsoft.Network/routeTables/routetable1","Properties":null,"name":"routetable1"},{"properties":{"provisioningState":"Succeeded"},"id":"/subscriptions/id","type":"Microsoft.Compute/virtualMachines"},{"id":"/subscriptions/id","name":"storage","type":"Microsoft.Storage/storageAccounts","location":"eastus"}]`),
 		},
 	} {
 		t.Run(tt.name, func(t *testing.T) {
@ -192,7 +193,7 @@ func TestResourcesList(t *testing.T) {
 			if tt.wantError == "" {
 				if tt.wantResponse != nil {
 					if !bytes.Equal(b, tt.wantResponse) {
-						t.Errorf("wanted %s got %s", string(tt.wantResponse), string(b))
+						t.Errorf("got unexpected response, diff: %s", cmp.Diff(string(b), string(tt.wantResponse)))
 					}
 				}
 			} else {