Skip to content

Commit 27c26e1

Browse files
cadenmarchesecadenmarchese
authored
Update cosmosdb auth used by update_role_sets.go (Azure#3931)
1 parent b18cd2c commit 27c26e1

File tree

1 file changed

+4
-26
lines changed

1 file changed

+4
-26
lines changed

cmd/aro/update_role_sets.go

Lines changed: 4 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -8,14 +8,12 @@ import (
88
"fmt"
99
"os"
1010

11-
"github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/policy"
1211
"github.com/sirupsen/logrus"
1312

1413
"github.com/Azure/ARO-RP/pkg/api"
1514
"github.com/Azure/ARO-RP/pkg/database"
1615
"github.com/Azure/ARO-RP/pkg/env"
1716
"github.com/Azure/ARO-RP/pkg/metrics/statsd"
18-
"github.com/Azure/ARO-RP/pkg/util/encryption"
1917
)
2018

2119
func getRoleSetsFromEnv() ([]api.PlatformWorkloadIdentityRoleSetProperties, error) {
@@ -32,44 +30,24 @@ func getPlatformWorkloadIdentityRoleSetDatabase(ctx context.Context, log *logrus
3230
return nil, err
3331
}
3432

35-
msiToken, err := _env.NewMSITokenCredential()
36-
if err != nil {
37-
return nil, fmt.Errorf("MSI Authorizer failed with: %s", err.Error())
38-
}
39-
4033
m := statsd.New(ctx, log.WithField("component", "update-role-sets"), _env, os.Getenv("MDM_ACCOUNT"), os.Getenv("MDM_NAMESPACE"), os.Getenv("MDM_STATSD_SOCKET"))
4134

42-
aead, err := encryption.NewAEADWithCore(ctx, _env, env.EncryptionSecretV2Name, env.EncryptionSecretName)
35+
dbc, err := database.NewDatabaseClientFromEnv(ctx, _env, log, m, nil)
4336
if err != nil {
44-
return nil, err
37+
return nil, fmt.Errorf("failed creating database client: %w", err)
4538
}
4639

4740
dbName, err := env.DBName(_env)
4841
if err != nil {
4942
return nil, err
5043
}
5144

52-
dbAccountName, err := env.DBAccountName()
53-
if err != nil {
54-
return nil, err
55-
}
56-
57-
clientOptions := &policy.ClientOptions{
58-
ClientOptions: _env.Environment().ManagedIdentityCredentialOptions().ClientOptions,
59-
}
60-
61-
logrusEntry := log.WithField("component", "database")
62-
dbAuthorizer, err := database.NewMasterKeyAuthorizer(ctx, logrusEntry, msiToken, clientOptions, _env.SubscriptionID(), _env.ResourceGroup(), dbAccountName)
63-
if err != nil {
64-
return nil, err
65-
}
66-
67-
dbc, err := database.NewDatabaseClient(log.WithField("component", "database"), _env, dbAuthorizer, m, aead, dbAccountName)
45+
dbPlatformWorkloadIdentityRoleSets, err := database.NewPlatformWorkloadIdentityRoleSets(ctx, dbc, dbName)
6846
if err != nil {
6947
return nil, err
7048
}
7149

72-
return database.NewPlatformWorkloadIdentityRoleSets(ctx, dbc, dbName)
50+
return dbPlatformWorkloadIdentityRoleSets, nil
7351
}
7452

7553
func updatePlatformWorkloadIdentityRoleSetsInCosmosDB(ctx context.Context, dbPlatformWorkloadIdentityRoleSets database.PlatformWorkloadIdentityRoleSets, log *logrus.Entry) error {

0 commit comments

Comments
 (0)