Blame SOURCES/bz2010652-fence_azure_arm-fix-sovereign-cloud-msi-support.patch

3012c9
From e339f304d4423a0e661d915f72ba88553b21d74a Mon Sep 17 00:00:00 2001
3012c9
From: MSSedusch <sedusch@microsoft.com>
3012c9
Date: Tue, 28 Sep 2021 12:23:37 +0000
3012c9
Subject: [PATCH 1/2] add support for sovereign clouds and MSI
3012c9
3012c9
---
3012c9
 lib/azure_fence.py.py | 14 ++++++++------
3012c9
 1 file changed, 8 insertions(+), 6 deletions(-)
3012c9
3012c9
diff --git a/lib/azure_fence.py.py b/lib/azure_fence.py.py
3012c9
index 1f38bd4ea..75b63fdad 100644
3012c9
--- a/lib/azure_fence.py.py
3012c9
+++ b/lib/azure_fence.py.py
3012c9
@@ -286,11 +286,11 @@ def get_azure_credentials(config):
3012c9
     credentials = None
3012c9
     cloud_environment = get_azure_cloud_environment(config)
3012c9
     if config.UseMSI and cloud_environment:
3012c9
-        from msrestazure.azure_active_directory import MSIAuthentication
3012c9
-        credentials = MSIAuthentication(cloud_environment=cloud_environment)
3012c9
+        from azure.identity import ManagedIdentityCredential
3012c9
+        credentials = ManagedIdentityCredential(cloud_environment=cloud_environment)
3012c9
     elif config.UseMSI:
3012c9
-        from msrestazure.azure_active_directory import MSIAuthentication
3012c9
-        credentials = MSIAuthentication()
3012c9
+        from azure.identity import ManagedIdentityCredential
3012c9
+        credentials = ManagedIdentityCredential()
3012c9
     elif cloud_environment:
3012c9
         try:
3012c9
             # try to use new libraries ClientSecretCredential (azure.identity, based on azure.core)
3012c9
@@ -340,7 +340,8 @@ def get_azure_compute_client(config):
3012c9
         compute_client = ComputeManagementClient(
3012c9
             credentials,
3012c9
             config.SubscriptionId,
3012c9
-            base_url=cloud_environment.endpoints.resource_manager
3012c9
+            base_url=cloud_environment.endpoints.resource_manager,
3012c9
+            credential_scopes=[cloud_environment.endpoints.resource_manager + "/.default"]
3012c9
         )
3012c9
     else:
3012c9
         compute_client = ComputeManagementClient(
3012c9
@@ -359,7 +360,8 @@ def get_azure_network_client(config):
3012c9
         network_client = NetworkManagementClient(
3012c9
             credentials,
3012c9
             config.SubscriptionId,
3012c9
-            base_url=cloud_environment.endpoints.resource_manager
3012c9
+            base_url=cloud_environment.endpoints.resource_manager,
3012c9
+            credential_scopes=[cloud_environment.endpoints.resource_manager + "/.default"]
3012c9
         )
3012c9
     else:
3012c9
         network_client = NetworkManagementClient(
3012c9
3012c9
From f08f02a7561e78dd9c95c66ccdcf6246c5ee7d6a Mon Sep 17 00:00:00 2001
3012c9
From: MSSedusch <sedusch@microsoft.com>
3012c9
Date: Fri, 1 Oct 2021 15:28:39 +0000
3012c9
Subject: [PATCH 2/2] compatiblity fix
3012c9
3012c9
---
3012c9
 lib/azure_fence.py.py | 54 ++++++++++++++++++++++++++++++-------------
3012c9
 1 file changed, 38 insertions(+), 16 deletions(-)
3012c9
3012c9
diff --git a/lib/azure_fence.py.py b/lib/azure_fence.py.py
3012c9
index 75b63fdad..5ca71eb42 100644
3012c9
--- a/lib/azure_fence.py.py
3012c9
+++ b/lib/azure_fence.py.py
3012c9
@@ -286,11 +286,19 @@ def get_azure_credentials(config):
3012c9
     credentials = None
3012c9
     cloud_environment = get_azure_cloud_environment(config)
3012c9
     if config.UseMSI and cloud_environment:
3012c9
-        from azure.identity import ManagedIdentityCredential
3012c9
-        credentials = ManagedIdentityCredential(cloud_environment=cloud_environment)
3012c9
+        try:
3012c9
+            from azure.identity import ManagedIdentityCredential
3012c9
+            credentials = ManagedIdentityCredential(cloud_environment=cloud_environment)
3012c9
+        except ImportError:
3012c9
+            from msrestazure.azure_active_directory import MSIAuthentication
3012c9
+            credentials = MSIAuthentication(cloud_environment=cloud_environment)
3012c9
     elif config.UseMSI:
3012c9
-        from azure.identity import ManagedIdentityCredential
3012c9
-        credentials = ManagedIdentityCredential()
3012c9
+        try:
3012c9
+            from azure.identity import ManagedIdentityCredential
3012c9
+            credentials = ManagedIdentityCredential()
3012c9
+        except ImportError:
3012c9
+            from msrestazure.azure_active_directory import MSIAuthentication
3012c9
+            credentials = MSIAuthentication()
3012c9
     elif cloud_environment:
3012c9
         try:
3012c9
             # try to use new libraries ClientSecretCredential (azure.identity, based on azure.core)
3012c9
@@ -337,12 +345,19 @@ def get_azure_compute_client(config):
3012c9
     credentials = get_azure_credentials(config)
3012c9
 
3012c9
     if cloud_environment:
3012c9
-        compute_client = ComputeManagementClient(
3012c9
-            credentials,
3012c9
-            config.SubscriptionId,
3012c9
-            base_url=cloud_environment.endpoints.resource_manager,
3012c9
-            credential_scopes=[cloud_environment.endpoints.resource_manager + "/.default"]
3012c9
-        )
3012c9
+        try:
3012c9
+            compute_client = ComputeManagementClient(
3012c9
+                credentials,
3012c9
+                config.SubscriptionId,
3012c9
+                base_url=cloud_environment.endpoints.resource_manager,
3012c9
+                credential_scopes=[cloud_environment.endpoints.resource_manager + "/.default"]
3012c9
+            )
3012c9
+        except TypeError:
3012c9
+            compute_client = ComputeManagementClient(
3012c9
+                credentials,
3012c9
+                config.SubscriptionId,
3012c9
+                base_url=cloud_environment.endpoints.resource_manager
3012c9
+            )
3012c9
     else:
3012c9
         compute_client = ComputeManagementClient(
3012c9
             credentials,
3012c9
@@ -357,12 +372,19 @@ def get_azure_network_client(config):
3012c9
     credentials = get_azure_credentials(config)
3012c9
 
3012c9
     if cloud_environment:
3012c9
-        network_client = NetworkManagementClient(
3012c9
-            credentials,
3012c9
-            config.SubscriptionId,
3012c9
-            base_url=cloud_environment.endpoints.resource_manager,
3012c9
-            credential_scopes=[cloud_environment.endpoints.resource_manager + "/.default"]
3012c9
-        )
3012c9
+        try:
3012c9
+            network_client = NetworkManagementClient(
3012c9
+                credentials,
3012c9
+                config.SubscriptionId,
3012c9
+                base_url=cloud_environment.endpoints.resource_manager,
3012c9
+                credential_scopes=[cloud_environment.endpoints.resource_manager + "/.default"]
3012c9
+            )
3012c9
+        except TypeError:
3012c9
+            network_client = NetworkManagementClient(
3012c9
+                credentials,
3012c9
+                config.SubscriptionId,
3012c9
+                base_url=cloud_environment.endpoints.resource_manager
3012c9
+            )
3012c9
     else:
3012c9
         network_client = NetworkManagementClient(
3012c9
             credentials,