diff --git a/go.mod b/go.mod index 59d20782b4..0e3fc5a829 100644 --- a/go.mod +++ b/go.mod @@ -39,7 +39,7 @@ require ( k8s.io/mount-utils v0.29.4 k8s.io/pod-security-admission v0.30.3 k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 - sigs.k8s.io/cloud-provider-azure v1.27.1-0.20240801140416-3942a9757a9e + sigs.k8s.io/cloud-provider-azure v1.27.1-0.20240805152051-72936abe6812 sigs.k8s.io/cloud-provider-azure/pkg/azclient v0.0.33 sigs.k8s.io/cloud-provider-azure/pkg/azclient/configloader v0.0.18 sigs.k8s.io/yaml v1.4.0 diff --git a/go.sum b/go.sum index cf72c3d29f..d71858207c 100644 --- a/go.sum +++ b/go.sum @@ -754,8 +754,8 @@ k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 h1:/U5vjBbQn3RChhv7P11uhYvCSm5G2GaIi5AIGBS6r4c= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0/go.mod h1:z7+wmGM2dfIiLRfrC6jb5kV2Mq/sK1ZP303cxzkV5Y4= -sigs.k8s.io/cloud-provider-azure v1.27.1-0.20240801140416-3942a9757a9e h1:SP+/SugnBxy8kfeolQ0lIE7B/TATsYOhrHCLK8Q6V84= -sigs.k8s.io/cloud-provider-azure v1.27.1-0.20240801140416-3942a9757a9e/go.mod h1:lQvP3CccouEXTBu56sCNxPOPyeNwM8PlfL4+ms2C4sE= +sigs.k8s.io/cloud-provider-azure v1.27.1-0.20240805152051-72936abe6812 h1:/wecScN9etwdtLeibmyMjSrT6WwjZxmaltAUppmcj60= +sigs.k8s.io/cloud-provider-azure v1.27.1-0.20240805152051-72936abe6812/go.mod h1:lQvP3CccouEXTBu56sCNxPOPyeNwM8PlfL4+ms2C4sE= sigs.k8s.io/cloud-provider-azure/pkg/azclient v0.0.33 h1:tCVZx6xMGJWXyqVtR9UE5y8O3BAOBYNrpsojcN17Wrw= sigs.k8s.io/cloud-provider-azure/pkg/azclient v0.0.33/go.mod h1:Fih1ZXhUc/ZeBjDTukeQMXpaXmaVhtiQstsPYWGrdVE= sigs.k8s.io/cloud-provider-azure/pkg/azclient/configloader v0.0.18 h1:PhXbmp06mdagpcavRWc/bAF7aNAEknuuzioI+NJgE3E= diff --git a/vendor/modules.txt b/vendor/modules.txt index 9eb41fc405..a8bda6ea21 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1609,7 +1609,7 @@ sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/client sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/client/metrics sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/common/metrics sigs.k8s.io/apiserver-network-proxy/konnectivity-client/proto/client -# sigs.k8s.io/cloud-provider-azure v1.27.1-0.20240801140416-3942a9757a9e +# sigs.k8s.io/cloud-provider-azure v1.27.1-0.20240805152051-72936abe6812 ## explicit; go 1.22.5 sigs.k8s.io/cloud-provider-azure/pkg/azureclients sigs.k8s.io/cloud-provider-azure/pkg/azureclients/armauth diff --git a/vendor/sigs.k8s.io/cloud-provider-azure/pkg/provider/azure_storageaccount.go b/vendor/sigs.k8s.io/cloud-provider-azure/pkg/provider/azure_storageaccount.go index fa75f00a6b..3c716b3c7e 100644 --- a/vendor/sigs.k8s.io/cloud-provider-azure/pkg/provider/azure_storageaccount.go +++ b/vendor/sigs.k8s.io/cloud-provider-azure/pkg/provider/azure_storageaccount.go @@ -109,7 +109,6 @@ func (az *Cloud) getStorageAccounts(ctx context.Context, accountOptions *Account if !(isStorageTypeEqual(acct, accountOptions) && isAccountKindEqual(acct, accountOptions) && isLocationEqual(acct, accountOptions) && - AreVNetRulesEqual(acct, accountOptions) && isLargeFileSharesPropertyEqual(acct, accountOptions) && isTagsEqual(acct, accountOptions) && isTaggedWithSkip(acct) && @@ -120,6 +119,7 @@ func (az *Cloud) getStorageAccounts(ctx context.Context, accountOptions *Account isRequireInfrastructureEncryptionEqual(acct, accountOptions) && isAllowSharedKeyAccessEqual(acct, accountOptions) && isAccessTierEqual(acct, accountOptions) && + AreVNetRulesEqual(acct, accountOptions) && isPrivateEndpointAsExpected(acct, accountOptions)) { continue } @@ -842,18 +842,19 @@ func AreVNetRulesEqual(account storage.Account, accountOptions *AccountOptions) return false } - found := false for _, subnetID := range accountOptions.VirtualNetworkResourceIDs { + found := false for _, rule := range *account.AccountProperties.NetworkRuleSet.VirtualNetworkRules { if strings.EqualFold(ptr.Deref(rule.VirtualNetworkResourceID, ""), subnetID) && rule.Action == storage.ActionAllow { found = true break } } + if !found { + return false + } } - if !found { - return false - } + klog.V(2).Infof("found all vnet rules(%v) in account %s", accountOptions.VirtualNetworkResourceIDs, ptr.Deref(account.Name, "")) } return true } @@ -872,7 +873,7 @@ func isTaggedWithSkip(account storage.Account) bool { if account.Tags != nil { // skip account with SkipMatchingTag tag if _, ok := account.Tags[SkipMatchingTag]; ok { - klog.V(2).Infof("found %s tag for account %s, skip matching", SkipMatchingTag, *account.Name) + klog.V(2).Infof("found %s tag for account %s, skip matching", SkipMatchingTag, ptr.Deref(account.Name, "")) return false } } @@ -963,7 +964,7 @@ func (az *Cloud) isMultichannelEnabledEqual(ctx context.Context, account storage return false, nil } - prop, err := az.getFileServicePropertiesCache(ctx, accountOptions.SubscriptionID, accountOptions.ResourceGroup, *account.Name) + prop, err := az.getFileServicePropertiesCache(ctx, accountOptions.SubscriptionID, accountOptions.ResourceGroup, ptr.Deref(account.Name, "")) if err != nil { return false, err } @@ -988,7 +989,7 @@ func (az *Cloud) isDisableFileServiceDeleteRetentionPolicyEqual(ctx context.Cont return false, nil } - prop, err := az.FileClient.WithSubscriptionID(accountOptions.SubscriptionID).GetServiceProperties(ctx, accountOptions.ResourceGroup, *account.Name) + prop, err := az.FileClient.WithSubscriptionID(accountOptions.SubscriptionID).GetServiceProperties(ctx, accountOptions.ResourceGroup, ptr.Deref(account.Name, "")) if err != nil { return false, err } @@ -1010,7 +1011,7 @@ func (az *Cloud) isEnableBlobDataProtectionEqual(ctx context.Context, account st return true, nil } - property, err := az.BlobClient.GetServiceProperties(ctx, accountOptions.SubscriptionID, accountOptions.ResourceGroup, *account.Name) + property, err := az.BlobClient.GetServiceProperties(ctx, accountOptions.SubscriptionID, accountOptions.ResourceGroup, ptr.Deref(account.Name, "")) if err != nil { return false, err }