This ensures the Managed Identity authentication works with multiple
identities assigned to a single node.
Signed-off-by: Hidde Beydals <hello@hidde.co>
- `authorityHost` and `clientCertificateSendChain` can now be set where
applicable.
- AZ CLI fields have been removed.
- Fallback to `ChainedTokenCredential` with `EnvironmentCredential` and
`ManagedIdentityCredential` with defaults if no Secret is given.
Signed-off-by: Hidde Beydals <hello@hidde.co>
Based on recommendations from Microsoft, change the order valid
authentication options are taken into account. Mainly to ensure it works
as expected when multiple Managed Identities are bound on the same VM
node.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This commit allows for a Secret to be configured with `tenantId`,
`clientId` and `clientCertificate` data fields (with optionally
`clientCertificatePassword`) to authenticate using TLS.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This commit introduces an Azure Blob BucketProvider implementation,
capable of fetching from objects from public and private "container"
buckets.
The supported credential types are:
- ManagedIdentity with a `resourceId` Secret data field.
- ManagedIdentity with a `clientId` Secret data field.
- ClientSecret with `tenantId`, `clientId` and `clientSecret` Secret
data fields.
- SharedKey with `accountKey` Secret data field, the Account Name is
extracted from the endpoint URL specified on the object.
If no Secret is provided, the Bucket is assumed to be public.
Co-authored-by: Zhongcheng Lao <Zhongcheng.Lao@microsoft.com>
Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals