-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Main repository azure managed identity support #12559
Main repository azure managed identity support #12559
Conversation
❌ Gradle check result for 9d0d565: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
❌ Gradle check result for a330e99: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
Compatibility status:Checks if related components are compatible with change 3cb3c7e Incompatible componentsSkipped componentsCompatible componentsCompatible components: [https://github.com/opensearch-project/custom-codecs.git, https://github.com/opensearch-project/asynchronous-search.git, https://github.com/opensearch-project/anomaly-detection.git, https://github.com/opensearch-project/cross-cluster-replication.git, https://github.com/opensearch-project/flow-framework.git, https://github.com/opensearch-project/job-scheduler.git, https://github.com/opensearch-project/reporting.git, https://github.com/opensearch-project/geospatial.git, https://github.com/opensearch-project/opensearch-oci-object-storage.git, https://github.com/opensearch-project/common-utils.git, https://github.com/opensearch-project/k-nn.git, https://github.com/opensearch-project/alerting.git, https://github.com/opensearch-project/neural-search.git, https://github.com/opensearch-project/security-analytics.git, https://github.com/opensearch-project/performance-analyzer-rca.git, https://github.com/opensearch-project/notifications.git, https://github.com/opensearch-project/ml-commons.git, https://github.com/opensearch-project/security.git, https://github.com/opensearch-project/index-management.git, https://github.com/opensearch-project/observability.git, https://github.com/opensearch-project/performance-analyzer.git, https://github.com/opensearch-project/sql.git] |
This PR is expected to fail the From my understanding, the
Note: For simplicity, I have not listed all the nested dependencies, as it would make the tree too large for demonstration purposes. I believe to pass the Therefore, I have the following questions, and I would greatly appreciate it if anyone could provide answers:
|
…buildSrc/version.properties Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com>
Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com>
Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com>
Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com>
…tead of new uri, and added a few comments for clarity Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com>
Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com>
Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com>
Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com>
Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com>
Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com>
Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com>
…led time Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com>
Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com>
Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com>
Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com>
… (since it is not applicable to managed identity configuration) Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
…hudownNow() and Thread.currentThread().interrupt() Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com>
3f4e213
to
280dd0a
Compare
* Added support for Azure Managed Identity in repository-azure Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * Refactor tokenCredentialType as an enum when constructing AzureStorageSetting Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * fixed indentation Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * fixed syntax Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * removed unused imports Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * applied changes after running :plugins:repository-azure:spotlessApply Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * added transitive dependencies Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * changed getStorageBlobEndpoint to private and using asm version from buildSrc/version.properties Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * run spotlessApply Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * update shas for asm 9.7 Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * use version.jna for jna-platform Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * change string 'core.windows.net' to be a constant, use uri.create instead of new uri, and added a few comments for clarity Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * added one more comment line Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * refactor TokenCredentialType to not have NOT_APPLICABLE Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * refactored code based on recommended changes from Andriy Redko Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * added a jvm security policy for reactor-core jar Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * fixed failing forbidden api fix Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * removed the jvm security policy for reactor-core which was added Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * refactored code, such that storage endpoint is not evaluated at compiled time Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * refactored token credential types checks Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * changed clientlogger in azurestoragesetting to 'AzureStorageService' Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * added a nullable argument to getStorageEndpoint Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * Fix IdentityClient security permissions, get rid of connection string (since it is not applicable to managed identity configuration) Signed-off-by: Andriy Redko <andriy.redko@aiven.io> * Responded to feedback from Andrew Ross, fixed typo, spelling, added shudownNow() and Thread.currentThread().interrupt() Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> --------- Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> Signed-off-by: Andriy Redko <andriy.redko@aiven.io> Co-authored-by: Andriy Redko <andriy.redko@aiven.io> (cherry picked from commit a03db0d) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
* Added support for Azure Managed Identity in repository-azure Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * Refactor tokenCredentialType as an enum when constructing AzureStorageSetting Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * fixed indentation Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * fixed syntax Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * removed unused imports Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * applied changes after running :plugins:repository-azure:spotlessApply Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * added transitive dependencies Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * changed getStorageBlobEndpoint to private and using asm version from buildSrc/version.properties Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * run spotlessApply Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * update shas for asm 9.7 Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * use version.jna for jna-platform Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * change string 'core.windows.net' to be a constant, use uri.create instead of new uri, and added a few comments for clarity Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * added one more comment line Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * refactor TokenCredentialType to not have NOT_APPLICABLE Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * refactored code based on recommended changes from Andriy Redko Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * added a jvm security policy for reactor-core jar Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * fixed failing forbidden api fix Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * removed the jvm security policy for reactor-core which was added Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * refactored code, such that storage endpoint is not evaluated at compiled time Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * refactored token credential types checks Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * changed clientlogger in azurestoragesetting to 'AzureStorageService' Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * added a nullable argument to getStorageEndpoint Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * Fix IdentityClient security permissions, get rid of connection string (since it is not applicable to managed identity configuration) Signed-off-by: Andriy Redko <andriy.redko@aiven.io> * Responded to feedback from Andrew Ross, fixed typo, spelling, added shudownNow() and Thread.currentThread().interrupt() Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> --------- Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> Signed-off-by: Andriy Redko <andriy.redko@aiven.io> Co-authored-by: Andriy Redko <andriy.redko@aiven.io> (cherry picked from commit a03db0d) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
* Added support for Azure Managed Identity in repository-azure * Refactor tokenCredentialType as an enum when constructing AzureStorageSetting * fixed indentation * fixed syntax * removed unused imports * applied changes after running :plugins:repository-azure:spotlessApply * added transitive dependencies * changed getStorageBlobEndpoint to private and using asm version from buildSrc/version.properties * run spotlessApply * update shas for asm 9.7 * use version.jna for jna-platform * change string 'core.windows.net' to be a constant, use uri.create instead of new uri, and added a few comments for clarity * added one more comment line * refactor TokenCredentialType to not have NOT_APPLICABLE * refactored code based on recommended changes from Andriy Redko * added a jvm security policy for reactor-core jar * fixed failing forbidden api fix * removed the jvm security policy for reactor-core which was added * refactored code, such that storage endpoint is not evaluated at compiled time * refactored token credential types checks * changed clientlogger in azurestoragesetting to 'AzureStorageService' * added a nullable argument to getStorageEndpoint * Fix IdentityClient security permissions, get rid of connection string (since it is not applicable to managed identity configuration) * Responded to feedback from Andrew Ross, fixed typo, spelling, added shudownNow() and Thread.currentThread().interrupt() --------- (cherry picked from commit a03db0d) Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> Signed-off-by: Andriy Redko <andriy.redko@aiven.io> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Andriy Redko <andriy.redko@aiven.io>
) * Added support for Azure Managed Identity in repository-azure Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * Refactor tokenCredentialType as an enum when constructing AzureStorageSetting Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * fixed indentation Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * fixed syntax Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * removed unused imports Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * applied changes after running :plugins:repository-azure:spotlessApply Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * added transitive dependencies Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * changed getStorageBlobEndpoint to private and using asm version from buildSrc/version.properties Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * run spotlessApply Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * update shas for asm 9.7 Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * use version.jna for jna-platform Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * change string 'core.windows.net' to be a constant, use uri.create instead of new uri, and added a few comments for clarity Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * added one more comment line Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * refactor TokenCredentialType to not have NOT_APPLICABLE Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * refactored code based on recommended changes from Andriy Redko Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * added a jvm security policy for reactor-core jar Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * fixed failing forbidden api fix Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * removed the jvm security policy for reactor-core which was added Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * refactored code, such that storage endpoint is not evaluated at compiled time Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * refactored token credential types checks Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * changed clientlogger in azurestoragesetting to 'AzureStorageService' Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * added a nullable argument to getStorageEndpoint Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * Fix IdentityClient security permissions, get rid of connection string (since it is not applicable to managed identity configuration) Signed-off-by: Andriy Redko <andriy.redko@aiven.io> * Responded to feedback from Andrew Ross, fixed typo, spelling, added shudownNow() and Thread.currentThread().interrupt() Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> --------- Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> Signed-off-by: Andriy Redko <andriy.redko@aiven.io> Co-authored-by: Andriy Redko <andriy.redko@aiven.io>
) * Added support for Azure Managed Identity in repository-azure Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * Refactor tokenCredentialType as an enum when constructing AzureStorageSetting Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * fixed indentation Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * fixed syntax Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * removed unused imports Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * applied changes after running :plugins:repository-azure:spotlessApply Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * added transitive dependencies Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * changed getStorageBlobEndpoint to private and using asm version from buildSrc/version.properties Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * run spotlessApply Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * update shas for asm 9.7 Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * use version.jna for jna-platform Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * change string 'core.windows.net' to be a constant, use uri.create instead of new uri, and added a few comments for clarity Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * added one more comment line Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * refactor TokenCredentialType to not have NOT_APPLICABLE Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * refactored code based on recommended changes from Andriy Redko Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * added a jvm security policy for reactor-core jar Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * fixed failing forbidden api fix Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * removed the jvm security policy for reactor-core which was added Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * refactored code, such that storage endpoint is not evaluated at compiled time Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * refactored token credential types checks Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * changed clientlogger in azurestoragesetting to 'AzureStorageService' Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * added a nullable argument to getStorageEndpoint Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> * Fix IdentityClient security permissions, get rid of connection string (since it is not applicable to managed identity configuration) Signed-off-by: Andriy Redko <andriy.redko@aiven.io> * Responded to feedback from Andrew Ross, fixed typo, spelling, added shudownNow() and Thread.currentThread().interrupt() Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> --------- Signed-off-by: Chengwu Shi <chengwu.shi@netapp.com> Signed-off-by: Andriy Redko <andriy.redko@aiven.io> Co-authored-by: Andriy Redko <andriy.redko@aiven.io>
Description
This PR added supported for managed identity in the
repository-azure
plugin.Related Issues
Resolves #12423
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.