Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Storage Credentials #1004

Merged
merged 34 commits into from
May 1, 2020
Merged

Storage Credentials #1004

merged 34 commits into from
May 1, 2020

Conversation

WilliamMortlMicrosoft
Copy link
Contributor

closes #913

Describe the bug
We currently do not store credentials for the storage account. We should store those in a secret, and remove the StorageOutput struct, which is not being used either.

type StorageOutput struct {
	StorageAccountName string `json:"storageAccountName,omitempty"`
	Key1               string `json:"key1,omitempty"`
	Key2               string `json:"key2,omitempty"`
	ConnectionString1  string `json:"connectionString1,omitempty"`
	ConnectionString2  string `json:"connectionString2,omitempty"`
}

To Reproduce
Steps to reproduce the behavior:
Create SA, no secret is created

Expected behavior
When creating a storage account, a secret should be created with credentials for connecting to the storage account, with the following fields:

	StorageAccountName string `json:"storageAccountName,omitempty"`
	Key1               string `json:"key1,omitempty"`
	Key2               string `json:"key2,omitempty"`
	ConnectionString1  string `json:"connectionString1,omitempty"`
	ConnectionString2  string `json:"connectionString2,omitempty"`

Completion Criteria

  • Secret is created with credentials
  • StorageOutput struct is removed from types.go
  • Docs are updated with secret information

WilliamMortlMicrosoft and others added 20 commits April 3, 2020 09:14
@WilliamMortlMicrosoft
Merge pull request #18 from Azure/master
0ed2519 
pr
@WilliamMortlMicrosoft
Merge pull request #19 from Azure/master
71a5ccc 
pr
@WilliamMortlMicrosoft
Merge pull request #20 from Azure/master
26aff09 
CosmosDB test region workaround (#896)
@WilliamMortlMicrosoft
Merge pull request #21 from Azure/master
4869809 
pr
@WilliamMortlMicrosoft
Merge pull request #22 from Azure/master
48d9e77 
pr
@WilliamMortlMicrosoft
Merge pull request #23 from Azure/master
17b4a4a 
reset failed provisioning in case the outcome changes
@WilliamMortlMicrosoft
Merge pull request #24 from Azure/master
c9d6227 
pr
@WilliamMortlMicrosoft
Merge pull request #25 from Azure/master
e1a1e4a 
pr
@WilliamMortlMicrosoft
Merge pull request #26 from Azure/master
0fa4980 
pr
@WilliamMortlMicrosoft
Merge pull request #27 from Azure/master
afdab93 
pr
@WilliamMortlMicrosoft
Merge pull request #28 from Azure/master
5fe07e6 
pr
@WilliamMortlMicrosoft
Merge pull request #29 from Azure/master
ffae6f5 
pr
@WilliamMortlMicrosoft
Merge pull request #30 from Azure/master
0cd7941 
pr
@WilliamMortlMicrosoft
Merge pull request #31 from Azure/master
0d671f5 
pr
@WilliamMortlMicrosoft
Merge pull request #32 from Azure/master
3166ecd 
pr
@WilliamMortlMicrosoft
Merge pull request #33 from Azure/master
81d67f9 
pr
@WilliamMortlMicrosoft
Merge pull request #34 from Azure/master
4619ee6 
pr
@WilliamMortlMicrosoft
Merge pull request #35 from Azure/master
d6a8761 
Removes non string helper functions out of stringhelpers.go (IsBeingD…
first
93d690f
works
64ebc38
@WilliamMortlMicrosoft WilliamMortlMicrosoft self-assigned this Apr 27, 2020
@WilliamMortlMicrosoft
Copy link
Contributor Author

secret:

Williams-MacBook-Pro:samples wmortl$ kubectl get secret storageaccount-resourcegroup-azure-operators-wmm-storageaccountsamplewmm1 -o yaml
apiVersion: v1
data:
  StorageAccountName: c3RvcmFnZWFjY291bnRzYW1wbGV3bW0x
  connectionString0: RGVmYXVsdEVuZHBvaW50c1Byb3RvY29sPWh0dHBzO0FjY291bnROYW1lPXN0b3JhZ2VhY2NvdW50c2FtcGxld21tMTtBY2NvdW50S2V5PTlUWnZOZHdUNEhMSlY5NlZrVm1hbW5iUnhRVUJGNW1iVmlHdVRMTENKd3hhUVFpS1FjN1VxaHpFWVRwUUZRQk94OWVIemNpZDE2Qk9sbkp6a3FlajJRPT07RW5kcG9pbnRTdWZmaXg9Y29yZS53aW5kb3dzLm5ldA==
  connectionString1: RGVmYXVsdEVuZHBvaW50c1Byb3RvY29sPWh0dHBzO0FjY291bnROYW1lPXN0b3JhZ2VhY2NvdW50c2FtcGxld21tMTtBY2NvdW50S2V5PXZ5dXVRRm85UXhmdWYxYTBVSWRaUzBqVzBlRVo1NWhrcHFpTm4xRkh5c09WQ1p4NkxPT1JLcFh4RzRoUmRDQUljVnBiR1lkK1NYOW1OOVdRb25zWlhnPT07RW5kcG9pbnRTdWZmaXg9Y29yZS53aW5kb3dzLm5ldA==
  key0: OVRadk5kd1Q0SExKVjk2VmtWbWFtbmJSeFFVQkY1bWJWaUd1VExMQ0p3eGFRUWlLUWM3VXFoekVZVHBRRlFCT3g5ZUh6Y2lkMTZCT2xuSnprcWVqMlE9PQ==
  key1: dnl1dVFGbzlReGZ1ZjFhMFVJZFpTMGpXMGVFWjU1aGtwcWlObjFGSHlzT1ZDWng2TE9PUktwWHhHNGhSZENBSWNWcGJHWWQrU1g5bU45V1FvbnNaWGc9PQ==
kind: Secret
metadata:
  creationTimestamp: "2020-04-27T21:05:42Z"
  name: storageaccount-resourcegroup-azure-operators-wmm-storageaccountsamplewmm1
  namespace: default
  ownerReferences:
  - apiVersion: azure.microsoft.com/v1alpha1
    blockOwnerDeletion: true
    controller: true
    kind: StorageAccount
    name: storageaccountsamplewmm1
    uid: 1077cc0e-4fe3-4ff7-8b40-3028aab78181
  resourceVersion: "4654"
  selfLink: /api/v1/namespaces/default/secrets/storageaccount-resourcegroup-azure-operators-wmm-storageaccountsamplewmm1
  uid: 09a9fefd-35c9-4ee7-83b5-8aa1575a2c02
type: Opaque

@WilliamMortlMicrosoft WilliamMortlMicrosoft changed the title WIP: New Storage Credentials Storage Credentials Apr 27, 2020
jananivMS
jananivMS reviewed Apr 29, 2020
View reviewed changes
Copy link
Contributor

@jananivMS jananivMS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Functionality looks good but it looks like the PR might need to be updated with master. I can re-review and approve then

@WilliamMortlMicrosoft
Copy link
Contributor Author

/azp run

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@jananivMS jananivMS self-requested a review April 30, 2020 19:36
jananivMS
jananivMS suggested changes Apr 30, 2020
View reviewed changes
Copy link
Contributor

@jananivMS jananivMS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested and functionality looks good. A couple of comments that needs addressing and this should be good to go.

@jananivMS jananivMS self-requested a review April 30, 2020 21:33
jananivMS
jananivMS approved these changes Apr 30, 2020
View reviewed changes
Copy link
Contributor

@jananivMS jananivMS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested and looks good

@WilliamMortlMicrosoft WilliamMortlMicrosoft merged commit 5fbf15f into Azure:master May 1, 2020
@WilliamMortlMicrosoft WilliamMortlMicrosoft deleted the newCredentials branch May 1, 2020 03:10
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@jananivMS jananivMS jananivMS approved these changes

Assignees

@WilliamMortlMicrosoft WilliamMortlMicrosoft

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Bug: StorageAccount is not storing credentials as a secret
3 participants
@WilliamMortlMicrosoft @jananivMS @frodopwns